我们有一个脚本可以生成群集IP地址,并使用gcloud container cluster create ..等在谷歌云中为测试环境添加dns记录。
然后我们将kubernetes并在代理前添加一个负载均衡器。
此外,还有一个脚本随后会再次删除群集,以及ip和dns记录。
现在我刚刚在本月发布了我的付款是平常的两倍,经过一些研究后我发现我为Network Load Balancing: Forwarding Rule Additional Service Charge付了很多钱。
我去了Networking > Load Balancing > Forwarding rules,在这里我看到大量的转发规则转发到甚至不再存在的集群。但这些转发规则(我从未明确创建,只是通过kubectl间接创建)现在仍在这里。
问题是我还有一些实际上正在使用中,不应该删除。有什么方法我可以过滤悬挂转发规则我试过但我找不到手动方式这样做。
我试过了:
gcloud compute forwarding-rules list gcloud compute forwarding-rules list --filter=dangling #returns nothing gcloud compute target-pools list 答案 0 :(得分:0)
为了确保gcloud不再允许我们为他们忘记删除的内容付费,我创建了一个简单的节点脚本,用于从gcloud的计算部分中删除悬空工件:
我不确定它是否防水,因为我快速转发规则和目标池引用。
此脚本中缺少部分(您必须实现):
const Promise = require('bluebird') lastItem()
cmd.executeDirect() =>承诺中的child_process.execFile()。脚本:
/**
* Remove left over compute items indirectly created by kubernetes but not removed automatically
*/
deleteDanglingComputeItems() {
return this.getComputeInstances()
.then(instances => {
var dict = {};
instances.forEach(x => dict[x.name] = true);
var killPoolsPromise = this.getComputeTargetpools()
.filter(pool => !pool.instances.some(inst => dict[inst.split("/").lastItem()] === true))
.then(pools => {
var poolDict = {};
pools.forEach(x => poolDict[x.name] = true)
return this.getComputeForwardingRules()
.filter(rules => poolDict[rules.target.split('/').lastItem()] === true)
.map(rule => this.deleteComputeForwardingRule(rule.name, rule.region))
.then(() => pools);
})
.map(pool => this.deleteComputeTargetpool(pool.name, pool.region))
var firewallPromise = this.getComputeFirewallRules()
.filter(rule => rule.targetTags && !rule.targetTags.some(target => dict[target] === true))
.then(rules => this.deleteFirewallRules(rules.map(x=> x.name)))
//Todo add firewall
return Promise.all([killPoolsPromise, firewallPromise]);
});
}
getComputeInstances() {
return this._execJson(['compute', 'instances', 'list']);
}
getComputeTargetpools() {
return this._execJson(['compute', 'target-pools', 'list'])
}
getComputeForwardingRules() {
return this._execJson(['compute', 'forwarding-rules', 'list'])
}
getComputeFirewallRules() {
return this._execJson(['compute', 'firewall-rules', 'list'])
}
deleteComputeTargetpool(pool, region) {
return this._execJson(['compute', 'target-pools', 'delete', pool, '--region', region])
}
deleteComputeTargetpools(pools = []) {
if (pools.length === 0)
return Promise.resolve();
return this._execJson(['compute', 'target-pools', 'delete', ...pools])
}
deleteComputeForwardingRule(rule, region) {
return this._execJson(['compute', 'forwarding-rules', 'delete', rule, '--region', region])
}
deleteFirewallRules(rules = []) {
if (rules.length === 0)
return Promise.resolve();
return this._execJson(['compute', 'firewall-rules', 'delete', ...rules])
}
/**
* @param {string[]} parameters
* @param {ExecFileOptions} options
*/
_exec(parameters, options) {
return cmd.get('gcloud', parameters, options);
}
/**
* @returns {Promise} with result data.
*/
_execJson(parameters, optionFlags = {}, cmdOptions) {
return this._exec(parameters.concat(this._generateFlags(optionFlags)), cmdOptions)
.promise
.tap(c => { log.debug(c.stderr); log.debug(c.stdout); })
.then(x => JSON.parse(x.stdout));
}