Administrator / spring-boot-microservices-onlineshooping-fullstack · Files

#!/bin/bash
echo "🔧 强制删除并重新创建 microservices-nlb（无需 jq）..."

# 1. 强制删除现有服务
echo "强制删除 microservices-nlb..."
kubectl delete svc microservices-nlb -n ecommerce --force --grace-period=0

# 2. 检查是否卡在删除状态
echo "检查删除状态..."
sleep 10
if kubectl get svc microservices-nlb -n ecommerce &>/dev/null; then
    echo "服务仍然存在，移除 finalizers..."
    # 使用 kubectl patch 移除 finalizers
    kubectl patch svc microservices-nlb -n ecommerce -p '{"metadata":{"finalizers":[]}}' --type=merge
    sleep 10
fi

# 3. 再次尝试删除
kubectl delete svc microservices-nlb -n ecommerce --force --grace-period=0 &>/dev/null || true

# 4. 等待完全删除
echo "等待删除完成..."
sleep 30

# 5. 检查 NLB 状态
echo "检查 NLB 状态..."
NLB_INFO=$(aws elbv2 describe-load-balancers --region us-east-1 --query 'LoadBalancers[?contains(LoadBalancerName, `k8s-ecommerc-microser`)]' --output text)

if [ -n "$NLB_INFO" ]; then
    echo "找到 NLB，提取 ARN..."
    # 从输出中提取 ARN
    NLB_ARN=$(echo "$NLB_INFO" | grep -o 'arn:aws:elasticloadbalancing:[^ ]*')
    echo "手动删除 NLB: $NLB_ARN"
    aws elbv2 delete-load-balancer --load-balancer-arn "$NLB_ARN" --region us-east-1
    echo "等待 NLB 删除..."
    sleep 30
else
    echo "✅ NLB 已自动删除"
fi

# 6. 重新创建服务
echo "重新创建 microservices-nlb..."
kubectl apply -f - <<EOF
apiVersion: v1
kind: Service
metadata:
  name: microservices-nlb
  namespace: ecommerce
  labels:
    app: microservices
    service: nlb-internal
  annotations:
    # 固定 NLB 名称
    service.beta.kubernetes.io/aws-load-balancer-name: "ecommerce-microservices-nlb"
    
    # NLB 配置
    service.beta.kubernetes.io/aws-load-balancer-type: "external"
    service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: "ip"
    service.beta.kubernetes.io/aws-load-balancer-scheme: "internal"
    service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
    
    # SSL 配置
    service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "arn:aws:acm:us-east-1:319998871902:certificate/fc39f8cd-dede-4f92-bbae-b154c7aff2b7"
    service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443"
    service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "http"
    service.beta.kubernetes.io/aws-load-balancer-ssl-negotiation-policy: "ELBSecurityPolicy-TLS13-1-2-2021-06"
    
    # 健康检查
    service.beta.kubernetes.io/aws-load-balancer-healthcheck-protocol: "HTTPS"
    service.beta.kubernetes.io/aws-load-balancer-healthcheck-port: "443"
    service.beta.kubernetes.io/aws-load-balancer-healthcheck-path: "/actuator/health"
    service.beta.kubernetes.io/aws-load-balancer-healthcheck-interval: "30"
    service.beta.kubernetes.io/aws-load-balancer-healthcheck-timeout: "10"
    service.beta.kubernetes.io/aws-load-balancer-healthcheck-healthy-threshold: "2"
    service.beta.kubernetes.io/aws-load-balancer-healthcheck-unhealthy-threshold: "2"
    
    # 连接设置
    service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "120"
spec:
  type: LoadBalancer
  selector:
    app.kubernetes.io/part-of: ecommerce
  ports:
    - name: https
      port: 443
      targetPort: 8080
      protocol: TCP
    - name: http
      port: 80
      targetPort: 8080
      protocol: TCP
EOF

# 7. 等待创建完成
echo "等待 NLB 创建..."
sleep 45

# 8. 验证结果
echo "验证创建结果..."
echo "=== Service 状态 ==="
kubectl get svc microservices-nlb -n ecommerce -o wide

echo ""
echo "=== NLB 名称验证 ==="
aws elbv2 describe-load-balancers --region us-east-1 --query 'LoadBalancers[?contains(DNSName, `ecommerce-microservices`)].{Name:LoadBalancerName,DNS:DNSName}' --output table

echo ""
echo "=== 如果名称不是 ecommerce-microservices-nlb，请检查 AWS Load Balancer Controller 日志 ==="
kubectl logs -n kube-system -l app.kubernetes.io/name=aws-load-balancer-controller --tail=10