Merge pull request #11 from onedr0p/state-uninstall

Add state-uninstalled
This commit is contained in:
Xan Manning 2020-02-27 07:54:11 +00:00 committed by GitHub
commit 241dc24d59
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
20 changed files with 376 additions and 72 deletions

26
LICENSE
View file

@ -1,26 +0,0 @@
Copyright 2019 Xan Manning
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
3. Neither the name of the copyright holder nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

View file

@ -43,44 +43,43 @@ my spare time so I cannot promise a speedy fix delivery.
Below are variables that are set against all of the play hosts for environment
consistency.
| Variable | Description | Default Value |
|----------------------------------|--------------------------------------------------------------------------|-----------------------------------------|
| `k3s_cluster_state` | State of cluster: installed, started, stopped, restarted, downloaded. | installed |
| `k3s_release_version` | Use a specific version of k3s, eg. `v0.2.0`. Specify `false` for latest. | `false` |
| `k3s_github_url` | Set the GitHub URL to install k3s from. | https://github.com/rancher/k3s |
| `k3s_install_dir` | Installation directory for k3s. | `/usr/local/bin` |
| `k3s_server_manifests_dir` | Path for place the `k3s_server_manifests_templates`. | `/var/lib/rancher/k3s/server/manifests` |
| `k3s_server_manifests_templates` | A list of Auto-Deploying Manifests Templates. | [] |
| `k3s_use_experimental` | Allow the use of experimental features in k3s. | `false` |
| `k3s_non_root` | Install k3s as non-root user. See notes below. | `false` |
| `k3s_control_workers` | Are control hosts also workers? | `true` |
| `k3s_cluster_cidr` | Network CIDR to use for pod IPs | 10.42.0.0/16 |
| `k3s_service_cidr` | Network CIDR to use for service IPs | 10.43.0.0/16 |
| `k3s_control_node_address` | Use a specific control node address. IP or FQDN. | _NULL_ |
| `k3s_control_token` | Use a specific control token, please read notes below. | _NULL_ |
| `k3s_https_port` | HTTPS port listening port. | 6443 |
| `k3s_use_docker` | Use Docker rather than Containerd? | `false` |
| `k3s_no_flannel` | Do not use Flannel | `false` |
| `k3s_flannel_backend` | Flannel backend ('none', 'vxlan', 'ipsec', 'host-gw' or 'wireguard') | vxlan |
| `k3s_no_coredns` | Do not use CoreDNS | `false` |
| `k3s_cluster_dns` | Cluster IP for CoreDNS service. Should be in your service-cidr range. | _NULL_ |
| `k3s_cluster_domain` | Cluster Domain. | cluster.local |
| `k3s_resolv_conf` | Kubelet resolv.conf file | _NULL_ |
| `k3s_no_traefik` | Do not use Traefik | `false` |
| `k3s_no_servicelb` | Do not use ServiceLB, necessary for using something like MetalLB. | `false` |
| `k3s_no_local_storage` | Do not use Local Storage | `false` |
| `k3s_default_local_storage_path` | Set Local Storage Path. Specify `false` for default. |
`false` |
| `k3s_no_metrics_server` | Do not deploy metrics server | `false` |
| `k3s_disable_scheduler` | Disable Kubernetes default scheduler | `false` |
| `k3s_disable_cloud_controller` | Disable k3s default cloud controller manager. | `false` |
| `k3s_disable_network_policy` | Disable k3s default network policy controller. | `false` |
| `k3s_write_kubeconfig_mode` | Define the file mode from the generated KubeConfig, eg. `644` | _NULL_ |
| `k3s_datastore_endpoint` | Define the database or etcd cluster endpoint for HA. | _NULL_ |
| `k3s_datastore_cafile` | Define the database TLS CA file. | _NULL_ |
| `k3s_datastore_certfile` | Define the database TLS Cert file. | _NULL_ |
| `k3s_datastore_keyfile` | Define the database TLS Key file. | _NULL_ |
| `k3s_dqlite_datastore` | Use DQLite as the database backend for HA. (EXPERIMENTAL) | `false` |
| Variable | Description | Default Value |
|----------------------------------|-------------------------------------------------------------------------------------|-----------------------------------------|
| `k3s_cluster_state` | State of cluster: installed, started, stopped, restarted, downloaded, uninstalled. | installed |
| `k3s_release_version` | Use a specific version of k3s, eg. `v0.2.0`. Specify `false` for latest. | `false` |
| `k3s_github_url` | Set the GitHub URL to install k3s from. | https://github.com/rancher/k3s |
| `k3s_install_dir` | Installation directory for k3s. | `/usr/local/bin` |
| `k3s_server_manifests_dir` | Path for place the `k3s_server_manifests_templates`. | `/var/lib/rancher/k3s/server/manifests` |
| `k3s_server_manifests_templates` | A list of Auto-Deploying Manifests Templates. | [] |
| `k3s_use_experimental` | Allow the use of experimental features in k3s. | `false` |
| `k3s_non_root` | Install k3s as non-root user. See notes below. | `false` |
| `k3s_control_workers` | Are control hosts also workers? | `true` |
| `k3s_cluster_cidr` | Network CIDR to use for pod IPs | 10.42.0.0/16 |
| `k3s_service_cidr` | Network CIDR to use for service IPs | 10.43.0.0/16 |
| `k3s_control_node_address` | Use a specific control node address. IP or FQDN. | _NULL_ |
| `k3s_control_token` | Use a specific control token, please read notes below. | _NULL_ |
| `k3s_https_port` | HTTPS port listening port. | 6443 |
| `k3s_use_docker` | Use Docker rather than Containerd? | `false` |
| `k3s_no_flannel` | Do not use Flannel | `false` |
| `k3s_flannel_backend` | Flannel backend ('none', 'vxlan', 'ipsec', 'host-gw' or 'wireguard') | vxlan |
| `k3s_no_coredns` | Do not use CoreDNS | `false` |
| `k3s_cluster_dns` | Cluster IP for CoreDNS service. Should be in your service-cidr range. | _NULL_ |
| `k3s_cluster_domain` | Cluster Domain. | cluster.local |
| `k3s_resolv_conf` | Kubelet resolv.conf file | _NULL_ |
| `k3s_no_traefik` | Do not use Traefik | `false` |
| `k3s_no_servicelb` | Do not use ServiceLB, necessary for using something like MetalLB. | `false` |
| `k3s_no_local_storage` | Do not use Local Storage | `false` |
| `k3s_default_local_storage_path` | Set Local Storage Path. Specify `false` for default. | `false` |
| `k3s_no_metrics_server` | Do not deploy metrics server | `false` |
| `k3s_disable_scheduler` | Disable Kubernetes default scheduler | `false` |
| `k3s_disable_cloud_controller` | Disable k3s default cloud controller manager. | `false` |
| `k3s_disable_network_policy` | Disable k3s default network policy controller. | `false` |
| `k3s_write_kubeconfig_mode` | Define the file mode from the generated KubeConfig, eg. `644` | _NULL_ |
| `k3s_datastore_endpoint` | Define the database or etcd cluster endpoint for HA. | _NULL_ |
| `k3s_datastore_cafile` | Define the database TLS CA file. | _NULL_ |
| `k3s_datastore_certfile` | Define the database TLS Cert file. | _NULL_ |
| `k3s_datastore_keyfile` | Define the database TLS Key file. | _NULL_ |
| `k3s_dqlite_datastore` | Use DQLite as the database backend for HA. (EXPERIMENTAL) | `false` |
#### Important note about `k3s_release_version`

View file

@ -0,0 +1,10 @@
---
- name: Converge
hosts: all
become: true
vars:
molecule_is_test: true
k3s_cluster_state: uninstalled
k3s_use_docker: true
roles:
- role: xanmanning.k3s

View file

@ -4,6 +4,10 @@
zypper:
name: docker
state: present
register: ensure_docker_prerequisites_installed
until: ensure_docker_prerequisites_installed is succeeded
retries: 3
delay: 10
notify:
- restart docker

View file

@ -2,18 +2,17 @@
- name: Ensure Docker prerequisites are installed
apt:
name: "{{ item }}"
name:
- apt-transport-https
- ca-certificates
- curl
- "{{ 'gnupg2' if ansible_distribution == 'Debian' else 'gnupg-agent' }}"
- software-properties-common
state: present
register: ensure_docker_prerequisites_installed
until: ensure_docker_prerequisites_installed is succeeded
retries: 3
delay: 10
loop:
- apt-transport-https
- ca-certificates
- curl
- "{{ 'gnupg2' if ansible_distribution == 'Debian' else 'gnupg-agent' }}"
- software-properties-common
- name: Ensure Docker APT key is present
apt_key:

View file

@ -4,6 +4,10 @@
zypper:
name: docker
state: present
register: ensure_docker_prerequisites_installed
until: ensure_docker_prerequisites_installed is succeeded
retries: 3
delay: 10
notify:
- restart docker

View file

@ -19,6 +19,18 @@
- meta: flush_handlers
- name: Ensure k3s killall script is present on all nodes
template:
src: k3s-killall.sh.j2
dest: "/usr/local/bin/k3s-killall.sh"
mode: 0700
- name: Ensure k3s uninstall script is present on all nodes
template:
src: k3s-uninstall.sh.j2
dest: "/usr/local/bin/k3s-uninstall.sh"
mode: 0700
- name: Ensure k3s is symlinked into the installation destinations
file:
src: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}"

View file

@ -3,7 +3,7 @@
- name: Check to see if k3s_cluster_state is a supported value
assert:
that:
- k3s_cluster_state in ['installed', 'started', 'stopped', 'restarted', 'downloaded']
- k3s_cluster_state in ['installed', 'started', 'stopped', 'restarted', 'downloaded', 'uninstalled']
fail_msg: "k3s_cluster_state not valid. Check README.md for details."
success_msg: "k3s_cluster_state is valid."
when: k3s_cluster_state is defined

View file

@ -0,0 +1,25 @@
---
- import_tasks: teardown/uninstall-k3s.yml
- import_tasks: teardown/uninstall-docker.yml
when: k3s_use_docker
and ((k3s_control_workers)
or (not k3s_control_workers and not k3s_control_node))
and ansible_distribution | replace(" ", "-") | lower not in ['amazon', 'suse', 'opensuse-leap']
and (k3s_non_root is not defined or not k3s_non_root)
- include_tasks: teardown/uninstall-docker-{{ ansible_distribution | replace(" ", "-") | lower }}.yml
when: k3s_use_docker
and ((k3s_control_workers)
or (not k3s_control_workers and not k3s_control_node))
and ansible_distribution | replace(" ", "-") | lower in ['amazon', 'suse', 'opensuse-leap']
and (k3s_non_root is not defined or not k3s_non_root)
- include_tasks: teardown/uninstall-docker-prerequisites-{{ ansible_os_family | lower }}.yml
when: k3s_use_docker
and ((k3s_control_workers)
or (not k3s_control_workers and not k3s_control_node))
and (k3s_non_root is not defined or not k3s_non_root)
- import_tasks: validate/check-uninstalled.yml

View file

@ -0,0 +1,6 @@
---
- name: Ensure docker is uninstalled using amazon-linux-extras
command: amazon-linux-extras uninstall docker
register: uninstall_docker_from_amazon_linux
changed_when: uninstall_docker_from_amazon_linux.rc == 0

View file

@ -0,0 +1,10 @@
---
- name: Ensure docker is installed using Zypper
zypper:
name: docker
state: absent
register: ensure_docker_uninstalled
until: ensure_docker_uninstalled is succeeded
retries: 3
delay: 10

View file

@ -0,0 +1,13 @@
---
- name: Ensure Docker repository is uninstalled
apt_repository:
filename: docker-ce
repo: "deb https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable"
update_cache: false
state: absent
- name: Ensure Docker APT key is uninstalled
apt_key:
url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
state: absent

View file

@ -0,0 +1,12 @@
---
- name: Ensure Docker repository is removed
yum_repository:
name: docker-ce
description: Docker CE Repository
baseurl: https://download.docker.com/linux/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version }}/$basearch/stable
gpgkey: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
enabled: false
gpgcheck: true
state: absent
when: ansible_distribution | lower not in ['amazon']

View file

@ -0,0 +1 @@
---

View file

@ -0,0 +1,10 @@
---
- name: Ensure docker is uninstalled using Zypper
zypper:
name: docker
state: absent
register: ensure_docker_uninstalled
until: ensure_docker_uninstalled is succeeded
retries: 3
delay: 10

View file

@ -0,0 +1,13 @@
---
- name: Ensure docker is uninstalled
package:
name:
- docker-ce
- docker-ce-cli
- containerd.io
state: absent
register: ensure_docker_uninstalled
until: ensure_docker_uninstalled is succeeded
retries: 3
delay: 10

View file

@ -0,0 +1,35 @@
---
- name: Check to see if k3s-killall.sh exits
stat:
path: /usr/local/bin/k3s-killall.sh
register: check_k3s_killall_script
- name: Check to see if k3s-uninstall.sh exits
stat:
path: /usr/local/bin/k3s-uninstall.sh
register: check_k3s_uninstall_script
- name: Check to see if docker is present
command: which docker
failed_when: false
changed_when: false
register: check_k3s_docker_path
- name: Run k3s-killall.sh
command: /usr/local/bin/k3s-killall.sh
register: k3s_killall
changed_when: k3s_killall.rc == 0
when: check_k3s_killall_script.stat.exists
- name: Run k3s-uninstall.sh
command: /usr/local/bin/k3s-uninstall.sh
args:
removes: /usr/local/bin/k3s-uninstall.sh
register: k3s_uninstall
changed_when: k3s_uninstall.rc == 0
when: check_k3s_uninstall_script.stat.exists
- name: Clean up Docker
command: docker system prune -a --force
when: k3s_use_docker and check_k3s_docker_path.rc == 0

View file

@ -0,0 +1,55 @@
---
- name: Check that k3s is not running
command: pgrep k3s
ignore_errors: true
changed_when: false
register: check_k3s_process
- name: Fail if k3s is still running
fail:
msg: k3s is still running, uninstall script failed. Please investigate.
when: check_k3s_process.rc == 0
- name: Check that docker is not running
command: pgrep docker
ignore_errors: true
changed_when: false
register: check_k3s_docker_process
when: k3s_use_docker is defined and k3s_use_docker
- name: Fail if docker is still running
fail:
msg: docker is still running, uninstall script failed. Please investigate.
when: k3s_use_docker is defined and k3s_use_docker and check_k3s_docker_process.rc == 0
- name: Fail if k3s binaries have not been removed
stat:
path: "{{ k3s_install_dir }}/{{ item }}"
register: check_k3s_binaries_removed
failed_when: check_k3s_binaries_removed.stat.exists
loop:
- k3s
- kubectl
- crictl
- ctr
- name: Check k3s-killall.sh is removed
stat:
path: /usr/local/bin/k3s-killall.sh
register: check_k3s_killall
- name: Fail if k3s-killall.sh script still exists
fail:
msg: k3s-killall.sh is still running, uninstall script failed. Please investigate.
when: check_k3s_killall.stat.exists
- name: Check k3s-uninstall.sh is removed
stat:
path: /usr/local/bin/k3s-uninstall.sh
register: check_k3s_uninstall
- name: Fail if k3s-uninstall.sh script still exists
fail:
msg: k3s-uninstall.sh is still running, uninstall script failed. Please investigate.
when: check_k3s_uninstall.stat.exists

View file

@ -0,0 +1,78 @@
#!/bin/sh
[ $(id -u) -eq 0 ] || exec sudo $0 $@
for bin in /var/lib/rancher/k3s/data/**/bin/; do
[ -d "$bin" ] && export PATH=$bin:$PATH
done
set -x
for service in /etc/systemd/system/k3s*.service; do
[ -s "$service" ] && systemctl stop "$(basename $service)"
done
for service in /etc/init.d/k3s*; do
[ -x "$service" ] && "$service" stop
done
pschildren() {
ps -e -o ppid= -o pid= | \
sed -e 's/^\s*//g; s/\s\s*/\t/g;' | \
grep -w "^$1" | \
cut -f2
}
pstree() {
for pid in $@; do
echo $pid
for child in $(pschildren $pid); do
pstree $child
done
done
}
killtree() {
kill -9 $(
{ set +x; } 2>/dev/null;
pstree $@;
set -x;
) 2>/dev/null
}
getshims() {
lsof | sed -e 's/^[^0-9]*//g; s/ */\t/g' | grep -w 'k3s/data/[^/]*/bin/containerd-shim' | cut -f1 | sort -n -u
}
killtree $({ set +x; } 2>/dev/null; getshims; set -x)
do_unmount() {
{ set +x; } 2>/dev/null
MOUNTS=
while read ignore mount ignore; do
MOUNTS="$mount\n$MOUNTS"
done </proc/self/mounts
MOUNTS=$(printf $MOUNTS | grep "^$1" | sort -r)
if [ -n "${MOUNTS}" ]; then
set -x
umount ${MOUNTS}
else
set -x
fi
}
do_unmount '/run/k3s'
do_unmount '/var/lib/rancher/k3s'
do_unmount '/var/lib/kubelet/pods'
do_unmount '/run/netns/cni-'
# Delete network interface(s) that match 'master cni0'
ip link show 2>/dev/null | grep 'master cni0' | while read ignore iface ignore; do
iface=${iface%%@*}
[ -z "$iface" ] || ip link delete $iface
done
ip link delete cni0
ip link delete flannel.1
[ -d /var/lib/cni ] && rm -rf /var/lib/cni/
iptables-save | grep -v KUBE- | grep -v CNI- | iptables-restore

View file

@ -0,0 +1,44 @@
#!/bin/sh
set -x
[ $(id -u) -eq 0 ] || exec sudo $0 $@
/usr/local/bin/k3s-killall.sh
if which systemctl; then
systemctl disable k3s
systemctl reset-failed k3s
systemctl daemon-reload
fi
if which rc-update; then
rc-update delete k3s default
fi
for unit in /etc/systemd/system/k3s*.service; do
[ -f "$unit" ] && rm -f "$unit"
done
remove_uninstall() {
[ -f /usr/local/bin/k3s-uninstall.sh ] && rm -f /usr/local/bin/k3s-uninstall.sh
}
trap remove_uninstall EXIT
if (ls /etc/systemd/system/k3s*.service || ls /etc/init.d/k3s*) >/dev/null 2>&1; then
set +x; echo 'Additional k3s services installed, skipping uninstall of k3s'; set -x
exit
fi
for cmd in kubectl crictl ctr; do
if [ -L "{{ k3s_install_dir }}/$cmd" ]; then
rm -f "{{ k3s_install_dir }}/$cmd"
fi
done
[ -d /etc/rancher/k3s ] && rm -rf /etc/rancher/k3s
[ -d /var/lib/rancher/k3s ] && rm -rf /var/lib/rancher/k3s
[ -d /var/lib/kubelet ] && rm -rf /var/lib/kubelet
for bin in {{ k3s_install_dir }}/k3s*; do
[ -f "$bin" ] && rm -f "$bin"
done
[ -f /usr/local/bin/k3s-killall.sh ] && rm -f /usr/local/bin/k3s-killall.sh