Slightly updated tasks and added validation checks

1. Now does not remove prerequisite packages, lvm2 was included in
these packages (not good when you use LVM2 for real).
  2. Added a bit more idempotency to the shell scripts - only delete if
it exists.
  3. Check that the process isn't running and binaries are gone.

LICENSE

@@ -1,26 +0,0 @@
-Copyright 2019 Xan Manning
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-1. Redistributions of source code must retain the above copyright notice, this
-list of conditions and the following disclaimer.
-
-2. Redistributions in binary form must reproduce the above copyright notice,
-this list of conditions and the following disclaimer in the documentation
-and/or other materials provided with the distribution.
-
-3. Neither the name of the copyright holder nor the names of its contributors
-may be used to endorse or promote products derived from this software without
-specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

README.md

@@ -43,7 +43,7 @@ my spare time so I cannot promise a speedy fix delivery.
 Below are variables that are set against all of the play hosts for environment
 consistency.
 
-| Variable                         | Description                                                              | Default Value                                      |
+| Variable                         | Description                                                                         | Default Value                           |
 |----------------------------------|-------------------------------------------------------------------------------------|-----------------------------------------|
 | `k3s_cluster_state`              | State of cluster: installed, started, stopped, restarted, downloaded, uninstalled.  | installed                               |
 | `k3s_release_version`            | Use a specific version of k3s, eg. `v0.2.0`. Specify `false` for latest.            | `false`                                 |

molecule/default/playbook-uninstall-cluster.yml

@@ -0,0 +1,10 @@
+---
+- name: Converge
+  hosts: all
+  become: true
+  vars:
+    molecule_is_test: true
+    k3s_cluster_state: uninstalled
+    k3s_use_docker: true
+  roles:
+    - role: xanmanning.k3s

tasks/build/install-docker-opensuse-leap.yml

@@ -4,6 +4,10 @@
   zypper:
     name: docker
     state: present
+  register: ensure_docker_prerequisites_installed
+  until: ensure_docker_prerequisites_installed is succeeded
+  retries: 3
+  delay: 10
   notify:
     - restart docker
 

tasks/build/install-docker-prerequisites-debian.yml

@@ -2,18 +2,17 @@
 
 - name: Ensure Docker prerequisites are installed
   apt:
-    name: "{{ item }}"
+    name:
+      - apt-transport-https
+      - ca-certificates
+      - curl
+      - "{{ 'gnupg2' if ansible_distribution == 'Debian' else 'gnupg-agent' }}"
+      - software-properties-common
     state: present
   register: ensure_docker_prerequisites_installed
   until: ensure_docker_prerequisites_installed is succeeded
   retries: 3
   delay: 10
-  loop:
-    - apt-transport-https
-    - ca-certificates
-    - curl
-    - "{{ 'gnupg2' if ansible_distribution == 'Debian' else 'gnupg-agent' }}"
-    - software-properties-common
 
 - name: Ensure Docker APT key is present
   apt_key:

tasks/build/install-docker-suse.yml

@@ -4,6 +4,10 @@
   zypper:
     name: docker
     state: present
+  register: ensure_docker_prerequisites_installed
+  until: ensure_docker_prerequisites_installed is succeeded
+  retries: 3
+  delay: 10
   notify:
     - restart docker
 

tasks/build/install-k3s.yml

@@ -23,11 +23,13 @@
   template:
     src: k3s-killall.sh.j2
     dest: "/usr/local/bin/k3s-killall.sh"
+    mode: 0700
 
 - name: Ensure k3s uninstall script is present on all nodes
   template:
     src: k3s-uninstall.sh.j2
     dest: "/usr/local/bin/k3s-uninstall.sh"
+    mode: 0700
 
 - name: Ensure k3s is symlinked into the installation destinations
   file:

tasks/state-uninstalled.yml

@@ -1,10 +1,6 @@
 ---
 
-- include_tasks: teardown/uninstall-docker-prerequisites-{{ ansible_os_family | lower }}.yml
-  when: k3s_use_docker
-        and ((k3s_control_workers)
-             or (not k3s_control_workers and not k3s_control_node))
-        and (k3s_non_root is not defined or not k3s_non_root)
+- import_tasks: teardown/uninstall-k3s.yml
 
 - import_tasks: teardown/uninstall-docker.yml
   when: k3s_use_docker
@@ -20,4 +16,10 @@
         and ansible_distribution | replace(" ", "-") | lower in ['amazon', 'suse', 'opensuse-leap']
         and (k3s_non_root is not defined or not k3s_non_root)
 
-- import_tasks: teardown/uninstall-k3s.yml
+- include_tasks: teardown/uninstall-docker-prerequisites-{{ ansible_os_family | lower }}.yml
+  when: k3s_use_docker
+        and ((k3s_control_workers)
+             or (not k3s_control_workers and not k3s_control_node))
+        and (k3s_non_root is not defined or not k3s_non_root)
+
+- import_tasks: validate/check-uninstalled.yml

tasks/teardown/uninstall-docker-opensuse-leap.yml

@@ -4,3 +4,7 @@
   zypper:
     name: docker
     state: absent
+  register: ensure_docker_uninstalled
+  until: ensure_docker_uninstalled is succeeded
+  retries: 3
+  delay: 10

tasks/teardown/uninstall-docker-prerequisites-debian.yml

@@ -11,18 +11,3 @@
   apt_key:
     url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
     state: absent
-
-- name: Ensure Docker prerequisites are uninstalled
-  apt:
-    name: "{{ item }}"
-    state: absent
-  register: ensure_docker_prerequisites_uninstalled
-  until: ensure_docker_prerequisites_uninstalled is succeeded
-  retries: 3
-  delay: 10
-  loop:
-    - apt-transport-https
-    - ca-certificates
-    - curl
-    - "{{ 'gnupg2' if ansible_distribution == 'Debian' else 'gnupg-agent' }}"
-    - software-properties-common

tasks/teardown/uninstall-docker-prerequisites-redhat.yml

@@ -6,33 +6,7 @@
     description: Docker CE Repository
     baseurl: https://download.docker.com/linux/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version }}/$basearch/stable
     gpgkey: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
-    enabled: true
+    enabled: false
     gpgcheck: true
     state: absent
   when: ansible_distribution | lower not in ['amazon']
-
-- name: Ensure Docker repository is removed
-  command: yum-config-manager disable docker-ce
-  when: ansible_distribution | lower not in ['amazon']
-
-- name: Ensure Docker prerequisites are uninstalled
-  yum:
-    name:
-      - yum-utils
-      - device-mapper-persistent-data
-      - lvm2
-    state: absent
-  register: ensure_docker_prerequisites_uninstalled
-  until: ensure_docker_prerequisites_uninstalled is succeeded
-  retries: 3
-  delay: 10
-
-- name: Ensure python-dnf is uninstalled
-  package:
-    name: "{{ 'python-dnf' if ansible_python_version is version_compare('3.0.0', '<') else 'python3-dnf' }}"
-    state: absent
-  register: ensure_python_dnf_installed
-  until: ensure_python_dnf_installed is succeeded
-  retries: 3
-  delay: 10
-  when: ansible_pkg_mgr == 'dnf'

tasks/teardown/uninstall-docker-suse.yml

@@ -4,3 +4,7 @@
   zypper:
     name: docker
     state: absent
+  register: ensure_docker_uninstalled
+  until: ensure_docker_uninstalled is succeeded
+  retries: 3
+  delay: 10

tasks/teardown/uninstall-k3s.yml

@@ -1,17 +1,35 @@
 ---
 
-- name: "Run k3s-killall.sh"
-  command: k3s-killall.sh
+- name: Check to see if k3s-killall.sh exits
+  stat:
+    path: /usr/local/bin/k3s-killall.sh
+  register: check_k3s_killall_script
+
+- name: Check to see if k3s-uninstall.sh exits
+  stat:
+    path: /usr/local/bin/k3s-uninstall.sh
+  register: check_k3s_uninstall_script
+
+- name: Check to see if docker is present
+  command: which docker
+  failed_when: false
+  changed_when: false
+  register: check_k3s_docker_path
+
+- name: Run k3s-killall.sh
+  command: /usr/local/bin/k3s-killall.sh
   register: k3s_killall
   changed_when: k3s_killall.rc == 0
+  when: check_k3s_killall_script.stat.exists
 
-- name: "Run k3s-uninstall.sh"
-  command:
-    cmd: k3s-uninstall.sh
+- name: Run k3s-uninstall.sh
+  command: /usr/local/bin/k3s-uninstall.sh
+  args:
     removes: /usr/local/bin/k3s-uninstall.sh
   register: k3s_uninstall
   changed_when: k3s_uninstall.rc == 0
+  when: check_k3s_uninstall_script.stat.exists
 
-- name: "Clean up Docker"
+- name: Clean up Docker
   command: docker system prune -a --force
-  when: k3s_use_docker
+  when: k3s_use_docker and check_k3s_docker_path.rc == 0

tasks/validate/check-uninstalled.yml

@@ -0,0 +1,55 @@
+---
+
+- name: Check that k3s is not running
+  command: pgrep k3s
+  ignore_errors: true
+  changed_when: false
+  register: check_k3s_process
+
+- name: Fail if k3s is still running
+  fail:
+    msg: k3s is still running, uninstall script failed. Please investigate.
+  when: check_k3s_process.rc == 0
+
+- name: Check that docker is not running
+  command: pgrep docker
+  ignore_errors: true
+  changed_when: false
+  register: check_k3s_docker_process
+  when: k3s_use_docker is defined and k3s_use_docker
+
+- name: Fail if docker is still running
+  fail:
+    msg: docker is still running, uninstall script failed. Please investigate.
+  when: k3s_use_docker is defined and k3s_use_docker and check_k3s_docker_process.rc == 0
+
+- name: Fail if k3s binaries have not been removed
+  stat:
+    path: "{{ k3s_install_dir }}/{{ item }}"
+  register: check_k3s_binaries_removed
+  failed_when: check_k3s_binaries_removed.stat.exists
+  loop:
+    - k3s
+    - kubectl
+    - crictl
+    - ctr
+
+- name: Check k3s-killall.sh is removed
+  stat:
+    path: /usr/local/bin/k3s-killall.sh
+  register: check_k3s_killall
+
+- name: Fail if k3s-killall.sh script still exists
+  fail:
+    msg: k3s-killall.sh is still running, uninstall script failed. Please investigate.
+  when: check_k3s_killall.stat.exists
+
+- name: Check k3s-uninstall.sh is removed
+  stat:
+    path: /usr/local/bin/k3s-uninstall.sh
+  register: check_k3s_uninstall
+
+- name: Fail if k3s-uninstall.sh script still exists
+  fail:
+    msg: k3s-uninstall.sh is still running, uninstall script failed. Please investigate.
+  when: check_k3s_uninstall.stat.exists

templates/k3s-killall.sh.j2

@@ -1,18 +1,19 @@
 #!/bin/sh
+
 [ $(id -u) -eq 0 ] || exec sudo $0 $@
 
 for bin in /var/lib/rancher/k3s/data/**/bin/; do
-    [ -d $bin ] && export PATH=$bin:$PATH
+    [ -d "$bin" ] && export PATH=$bin:$PATH
 done
 
 set -x
 
 for service in /etc/systemd/system/k3s*.service; do
-    [ -s $service ] && systemctl stop $(basename $service)
+    [ -s "$service" ] && systemctl stop "$(basename $service)"
 done
 
 for service in /etc/init.d/k3s*; do
-    [ -x $service ] && $service stop
+    [ -x "$service" ] && "$service" stop
 done
 
 pschildren() {
@@ -70,7 +71,8 @@ ip link show 2>/dev/null | grep 'master cni0' | while read ignore iface ignore;
     iface=${iface%%@*}
     [ -z "$iface" ] || ip link delete $iface
 done
+
 ip link delete cni0
 ip link delete flannel.1
-rm -rf /var/lib/cni/
-iptables-save | grep -v KUBE- | grep -v CNI- | iptables-restore
+[ -d /var/lib/cni ] && rm -rf /var/lib/cni/
+iptables-save | grep -v KUBE- | grep -v CNI- | iptables-restore

templates/k3s-uninstall.sh.j2

@@ -1,4 +1,5 @@
 #!/bin/sh
+
 set -x
 [ $(id -u) -eq 0 ] || exec sudo $0 $@
 
@@ -9,15 +10,17 @@ if which systemctl; then
     systemctl reset-failed k3s
     systemctl daemon-reload
 fi
+
 if which rc-update; then
     rc-update delete k3s default
 fi
 
-rm -f /etc/systemd/system/k3s.service
-rm -f /etc/systemd/system/k3s.service.env
+for unit in /etc/systemd/system/k3s*.service; do
+    [ -f "$unit" ] && rm -f "$unit"
+done
 
 remove_uninstall() {
-    rm -f /usr/local/bin/k3s-uninstall.sh
+    [ -f /usr/local/sbin/k3s-uninstall.sh ] && rm -f /usr/local/sbin/k3s-uninstall.sh
 }
 trap remove_uninstall EXIT
 
@@ -27,13 +30,15 @@ if (ls /etc/systemd/system/k3s*.service || ls /etc/init.d/k3s*) >/dev/null 2>&1;
 fi
 
 for cmd in kubectl crictl ctr; do
-    if [ -L /usr/local/bin/$cmd ]; then
-        rm -f /usr/local/bin/$cmd
+    if [ -L "{{ k3s_install_dir }}/$cmd" ]; then
+        rm -f "{{ k3s_install_dir }}/$cmd"
     fi
 done
 
-rm -rf /etc/rancher/k3s
-rm -rf /var/lib/rancher/k3s
-rm -rf /var/lib/kubelet
-rm -f /usr/local/bin/k3s
-rm -f /usr/local/bin/k3s-killall.sh
+[ -d /etc/rancher/k3s ] && rm -rf /etc/rancher/k3s
+[ -d /var/lib/rancher/k3s ] && rm -rf /var/lib/rancher/k3s
+[ -d /var/lib/kubelet ] && rm -rf /var/lib/kubelet
+for bin in {{ k3s_install_dir }}/k3s*; do
+    [ -f "$bin" ] && rm -f "$bin"
+done
+[ -f /usr/local/sbin/k3s-killall.sh ] && rm -f /usr/local/sbin/k3s-killall.sh