From 0c91cc8333b4785406729df32e8323fc64c2e817 Mon Sep 17 00:00:00 2001 From: Viktor Barzin Date: Sun, 21 Jan 2024 03:36:10 +0000 Subject: [PATCH] add helper scripts to upgrade all clusters and renew node certs [ci skip] --- renew_worker_certs.sh | 9 +++++++++ update_k8s_worker.sh | 24 ++++++++++++++++++++++++ 2 files changed, 33 insertions(+) create mode 100755 renew_worker_certs.sh create mode 100755 update_k8s_worker.sh diff --git a/renew_worker_certs.sh b/renew_worker_certs.sh new file mode 100755 index 00000000..1568d99a --- /dev/null +++ b/renew_worker_certs.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +echo 'KUBELET_KUBEADM_ARGS="--container-runtime-endpoint=unix:///var/run/containerd/containerd.sock --pod-infra-container-image=k8s.gcr.io/pause:3.7 --rotate-certificates=true --rotate-server-certificates=true"' | sudo tee /var/lib/kubelet/kubeadm-flags.env + +sudo systemctl daemon-reload +sudo systemctl restart kubelet + +# Aprprove all csrs: +# for csr in $(kb get csr | grep Pending | awk '{print $1}'); do echo $csr; kb certificate approve $csr; done diff --git a/update_k8s_worker.sh b/update_k8s_worker.sh new file mode 100755 index 00000000..65eb261c --- /dev/null +++ b/update_k8s_worker.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash + +# run for all nodes using : +# for n in $(kbn | grep 'k8s-node' | awk '{print $1}'); do echo $n; kb drain $n --ignore-daemonsets --delete-emptydir-data; s wizard@$n 'bash -s'