ZeroDownTime
/
alpine-overlay
3
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Activity
alpine-overlay/kubezero/kubezero/evictLocalNode.sh

53 lines
2.1 KiB
Bash
Raw Blame History

#!/bin/bash
# Get api server and node name for kubelet context
API_SERVER=$(kubectl --kubeconfig /root/.kube/config config view -o json | jq -r '.clusters[].cluster.server')
NODE_NAME=$(kubectl --kubeconfig /root/.kube/config config view -o json | jq -r '.["current-context"]' | sed -e 's/system:node://' -e 's/@.*//')
if [ -z "$API_SERVER" ] || [ -z "$NODE_NAME" ]; then
echo "Could not find kube context. Abort."
exit 1
fi
# Delete all node status as we are not allowed to cordon ourselfs
curl -s --cacert /etc/kubernetes/pki/ca.crt \
--cert /var/lib/kubelet/pki/kubelet-client-current.pem \
-H "Content-Type: application/json-patch+json" -X PATCH \
$API_SERVER/api/v1/nodes/$NODE_NAME/status \
--data '[ { "op": "replace", "path": "/status/conditions", "value": []}]' >/dev/null
# Loop through all local pods
EVICTED=""
while read NAMESPACE NAME; do
# get pod owner
OWNER=$(curl -s --cacert /etc/kubernetes/pki/ca.crt \
--cert /var/lib/kubelet/pki/kubelet-client-current.pem \
-H 'Content-type: application/json' \
"$API_SERVER"/api/v1/namespaces/"$NAMESPACE"/pods/"$NAME" | jq -r '.metadata.ownerReferences[].kind')
[ -n "$OWNER" ] || continue
# skip over DS and static manifests
[[ "$OWNER" =~ (DaemonSet|Node) ]] && continue
JSON='{ "apiVersion": "policy/v1", "kind": "Eviction", "metadata": { "name": "'$NAME'", "namespace": "'$NAMESPACE'" } }'
HTTP_CODE=$(curl -o /dev/null -s -w "%{http_code}\n" --cacert /etc/kubernetes/pki/ca.crt \
--cert /var/lib/kubelet/pki/kubelet-client-current.pem \
-X POST -H 'Content-type: application/json' \
--data-raw "$JSON" \
"$API_SERVER"/api/v1/namespaces/"$NAMESPACE"/pods/"$NAME"/eviction)
if [ "$HTTP_CODE" = "201" ]; then
echo "Evicted $NAMESPACE/$NAME"
EVICTED="$EVICTED $NAME"
else
echo "Error trying to evict $NAMESPACE/$NAME"
fi
done < <(crictl pods -o json | jq -r '.items[].metadata | {name,namespace} | .namespace + " " + .name')
# Stop all successfully evicted pods in parallel and wait till all stopped
for name in $EVICTED; do
crictl stopp $(crictl pods -o json --name $name | jq -r '.items[].id') &
done
wait
Reference in New Issue View Git Blame Copy Permalink