本文永久链接: https://www.xtplayer.cn/rke2/rke2-restore-or-update-the-rancher2-connection-info-json-file/

对于以下场景,我们需要进行 /var/lib/rancher/agent/rancher2_connection_info.json 文件更新或者恢复。

  • 当 rancher url 对应的 CA 文件修改后,rancher-system-agent 服务会因为无法通过 CA 校验而无法连接 Rancher API。
  • 某些情况下导致 /var/lib/rancher/agent/rancher2_connection_info.json 文件丢失,需要进行配置文件恢复。

保存以下脚本内容到需要更新或者恢复 rancher2_connection_info.json 文件的节点,比如设置脚本名称为 retrieve_connection_info.sh。修改脚本中的 CATTLE_SERVER_URL CATTLE_TOKEN,其中 CATTLE_TOKEN 需要进入集群管理,点击目标集群,点击节点注册,在节点注册命令中获取此 token,如果设置用户 API KEY 会报 500 错误。最后执行 bash retrieve_connection_info.sh

#!/bin/bash
set -e  # 遇到错误立即退出

CATTLE_SERVER_URL=https://10.201.170.123:8443
# 注意: 需要进入集群管理,点击目标集群,点击节点注册,在节点注册命令中获取此 token。获取用户 API KEY 会报 500 错误。
CATTLE_TOKEN=hlqb8jsw4xdx6pfxxxxxxxxxxxxxx
CATTLE_AGENT_VAR_DIR=/var/lib/rancher/agent
# 如果启用 debug, 添加 v 参数
CURL_LOG="-sS"

# 创建目录
mkdir -p ${CATTLE_AGENT_VAR_DIR}

# 备份现有配置
if [ -f ${CATTLE_AGENT_VAR_DIR}/rancher2_connection_info.json ]; then
    BACKUP_FILE="${CATTLE_AGENT_VAR_DIR}/rancher2_connection_info-$(date +%Y%m%d_%H%M%S).json"
    cp ${CATTLE_AGENT_VAR_DIR}/rancher2_connection_info.json ${BACKUP_FILE}
    echo "Backup created: ${BACKUP_FILE}"
fi

# 获取新的连接信息
if [ -f "/etc/rancher/agent/cattle-id" ]; then
    CATTLE_ID=$(cat /etc/rancher/agent/cattle-id)
    echo "Using cattle-id: ${CATTLE_ID}"

    HTTP_CODE=$(curl -kL --connect-timeout 60 --max-time 60 --write-out "%{http_code}\n" ${CURL_LOG} \
        -H "Authorization: Bearer ${CATTLE_TOKEN}" \
        -H "X-Cattle-Id: ${CATTLE_ID}" \
        "${CATTLE_SERVER_URL}/v3/connect/agent" \
        -o ${CATTLE_AGENT_VAR_DIR}/rancher2_connection_info.json.tmp)

    if [ "$HTTP_CODE" = "200" ] || [ "$HTTP_CODE" = "201" ] || [ "$HTTP_CODE" = "204" ]; then
        # 检查文件是否为空
        if [ -s ${CATTLE_AGENT_VAR_DIR}/rancher2_connection_info.json.tmp ]; then
            mv ${CATTLE_AGENT_VAR_DIR}/rancher2_connection_info.json.tmp ${CATTLE_AGENT_VAR_DIR}/rancher2_connection_info.json
            chmod 600 ${CATTLE_AGENT_VAR_DIR}/rancher2_connection_info.json
            echo "Connection info updated successfully"
            # 重启 rancher-system-agent 服务
            echo "Restarting rancher-system-agent service..."
            systemctl restart rancher-system-agent
            journalctl -xef -u rancher-system-agent.service
        else
            echo "Warning: Failed to update connection info, downloaded file is empty" >&2
            exit 1
        fi
    else
        echo "Failed to update connection info, HTTP code: ${HTTP_CODE}" >&2
        exit 1
    fi
else
    echo "Warning: /etc/rancher/agent/cattle-id not found" >&2
fi