add uninstall state

This commit is contained in:
Devin Buhl 2020-02-25 12:29:39 -05:00
parent c4547306ce
commit 9bbf5fd746
14 changed files with 296 additions and 39 deletions

View file

@ -43,44 +43,43 @@ my spare time so I cannot promise a speedy fix delivery.
Below are variables that are set against all of the play hosts for environment
consistency.
| Variable | Description | Default Value |
|----------------------------------|--------------------------------------------------------------------------|-----------------------------------------|
| `k3s_cluster_state` | State of cluster: installed, started, stopped, restarted, downloaded. | installed |
| `k3s_release_version` | Use a specific version of k3s, eg. `v0.2.0`. Specify `false` for latest. | `false` |
| `k3s_github_url` | Set the GitHub URL to install k3s from. | https://github.com/rancher/k3s |
| `k3s_install_dir` | Installation directory for k3s. | `/usr/local/bin` |
| `k3s_server_manifests_dir` | Path for place the `k3s_server_manifests_templates`. | `/var/lib/rancher/k3s/server/manifests` |
| `k3s_server_manifests_templates` | A list of Auto-Deploying Manifests Templates. | [] |
| `k3s_use_experimental` | Allow the use of experimental features in k3s. | `false` |
| `k3s_non_root` | Install k3s as non-root user. See notes below. | `false` |
| `k3s_control_workers` | Are control hosts also workers? | `true` |
| `k3s_cluster_cidr` | Network CIDR to use for pod IPs | 10.42.0.0/16 |
| `k3s_service_cidr` | Network CIDR to use for service IPs | 10.43.0.0/16 |
| `k3s_control_node_address` | Use a specific control node address. IP or FQDN. | _NULL_ |
| `k3s_control_token` | Use a specific control token, please read notes below. | _NULL_ |
| `k3s_https_port` | HTTPS port listening port. | 6443 |
| `k3s_use_docker` | Use Docker rather than Containerd? | `false` |
| `k3s_no_flannel` | Do not use Flannel | `false` |
| `k3s_flannel_backend` | Flannel backend ('none', 'vxlan', 'ipsec', 'host-gw' or 'wireguard') | vxlan |
| `k3s_no_coredns` | Do not use CoreDNS | `false` |
| `k3s_cluster_dns` | Cluster IP for CoreDNS service. Should be in your service-cidr range. | _NULL_ |
| `k3s_cluster_domain` | Cluster Domain. | cluster.local |
| `k3s_resolv_conf` | Kubelet resolv.conf file | _NULL_ |
| `k3s_no_traefik` | Do not use Traefik | `false` |
| `k3s_no_servicelb` | Do not use ServiceLB, necessary for using something like MetalLB. | `false` |
| `k3s_no_local_storage` | Do not use Local Storage | `false` |
| `k3s_default_local_storage_path` | Set Local Storage Path. Specify `false` for default. |
`false` |
| `k3s_no_metrics_server` | Do not deploy metrics server | `false` |
| `k3s_disable_scheduler` | Disable Kubernetes default scheduler | `false` |
| `k3s_disable_cloud_controller` | Disable k3s default cloud controller manager. | `false` |
| `k3s_disable_network_policy` | Disable k3s default network policy controller. | `false` |
| `k3s_write_kubeconfig_mode` | Define the file mode from the generated KubeConfig, eg. `644` | _NULL_ |
| `k3s_datastore_endpoint` | Define the database or etcd cluster endpoint for HA. | _NULL_ |
| `k3s_datastore_cafile` | Define the database TLS CA file. | _NULL_ |
| `k3s_datastore_certfile` | Define the database TLS Cert file. | _NULL_ |
| `k3s_datastore_keyfile` | Define the database TLS Key file. | _NULL_ |
| `k3s_dqlite_datastore` | Use DQLite as the database backend for HA. (EXPERIMENTAL) | `false` |
| Variable | Description | Default Value |
|----------------------------------|-------------------------------------------------------------------------------------|-----------------------------------------|
| `k3s_cluster_state` | State of cluster: installed, started, stopped, restarted, downloaded, uninstall. | installed |
| `k3s_release_version` | Use a specific version of k3s, eg. `v0.2.0`. Specify `false` for latest. | `false` |
| `k3s_github_url` | Set the GitHub URL to install k3s from. | https://github.com/rancher/k3s |
| `k3s_install_dir` | Installation directory for k3s. | `/usr/local/bin` |
| `k3s_server_manifests_dir` | Path for place the `k3s_server_manifests_templates`. | `/var/lib/rancher/k3s/server/manifests` |
| `k3s_server_manifests_templates` | A list of Auto-Deploying Manifests Templates. | [] |
| `k3s_use_experimental` | Allow the use of experimental features in k3s. | `false` |
| `k3s_non_root` | Install k3s as non-root user. See notes below. | `false` |
| `k3s_control_workers` | Are control hosts also workers? | `true` |
| `k3s_cluster_cidr` | Network CIDR to use for pod IPs | 10.42.0.0/16 |
| `k3s_service_cidr` | Network CIDR to use for service IPs | 10.43.0.0/16 |
| `k3s_control_node_address` | Use a specific control node address. IP or FQDN. | _NULL_ |
| `k3s_control_token` | Use a specific control token, please read notes below. | _NULL_ |
| `k3s_https_port` | HTTPS port listening port. | 6443 |
| `k3s_use_docker` | Use Docker rather than Containerd? | `false` |
| `k3s_no_flannel` | Do not use Flannel | `false` |
| `k3s_flannel_backend` | Flannel backend ('none', 'vxlan', 'ipsec', 'host-gw' or 'wireguard') | vxlan |
| `k3s_no_coredns` | Do not use CoreDNS | `false` |
| `k3s_cluster_dns` | Cluster IP for CoreDNS service. Should be in your service-cidr range. | _NULL_ |
| `k3s_cluster_domain` | Cluster Domain. | cluster.local |
| `k3s_resolv_conf` | Kubelet resolv.conf file | _NULL_ |
| `k3s_no_traefik` | Do not use Traefik | `false` |
| `k3s_no_servicelb` | Do not use ServiceLB, necessary for using something like MetalLB. | `false` |
| `k3s_no_local_storage` | Do not use Local Storage | `false` |
| `k3s_default_local_storage_path` | Set Local Storage Path. Specify `false` for default. | `false` |
| `k3s_no_metrics_server` | Do not deploy metrics server | `false` |
| `k3s_disable_scheduler` | Disable Kubernetes default scheduler | `false` |
| `k3s_disable_cloud_controller` | Disable k3s default cloud controller manager. | `false` |
| `k3s_disable_network_policy` | Disable k3s default network policy controller. | `false` |
| `k3s_write_kubeconfig_mode` | Define the file mode from the generated KubeConfig, eg. `644` | _NULL_ |
| `k3s_datastore_endpoint` | Define the database or etcd cluster endpoint for HA. | _NULL_ |
| `k3s_datastore_cafile` | Define the database TLS CA file. | _NULL_ |
| `k3s_datastore_certfile` | Define the database TLS Cert file. | _NULL_ |
| `k3s_datastore_keyfile` | Define the database TLS Key file. | _NULL_ |
| `k3s_dqlite_datastore` | Use DQLite as the database backend for HA. (EXPERIMENTAL) | `false` |
#### Important note about `k3s_release_version`

View file

@ -19,6 +19,16 @@
- meta: flush_handlers
- name: Ensure k3s killall script is present on all nodes
template:
src: k3s-killall.sh.j2
dest: "/usr/local/bin/k3s-killall.sh"
- name: Ensure k3s uninstall script is present on all nodes
template:
src: k3s-uninstall.sh.j2
dest: "/usr/local/bin/k3s-uninstall.sh"
- name: Ensure k3s is symlinked into the installation destinations
file:
src: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}"

View file

@ -3,7 +3,7 @@
- name: Check to see if k3s_cluster_state is a supported value
assert:
that:
- k3s_cluster_state in ['installed', 'started', 'stopped', 'restarted', 'downloaded']
- k3s_cluster_state in ['installed', 'started', 'stopped', 'restarted', 'downloaded', 'uninstall']
fail_msg: "k3s_cluster_state not valid. Check README.md for details."
success_msg: "k3s_cluster_state is valid."
when: k3s_cluster_state is defined

View file

@ -0,0 +1,23 @@
---
- include_tasks: teardown/uninstall-docker-prerequisites-{{ ansible_os_family | lower }}.yml
when: k3s_use_docker
and ((k3s_control_workers)
or (not k3s_control_workers and not k3s_control_node))
and (k3s_non_root is not defined or not k3s_non_root)
- import_tasks: teardown/uninstall-docker.yml
when: k3s_use_docker
and ((k3s_control_workers)
or (not k3s_control_workers and not k3s_control_node))
and ansible_distribution | replace(" ", "-") | lower not in ['amazon', 'suse', 'opensuse-leap']
and (k3s_non_root is not defined or not k3s_non_root)
- include_tasks: teardown/uninstall-docker-{{ ansible_distribution | replace(" ", "-") | lower }}.yml
when: k3s_use_docker
and ((k3s_control_workers)
or (not k3s_control_workers and not k3s_control_node))
and ansible_distribution | replace(" ", "-") | lower in ['amazon', 'suse', 'opensuse-leap']
and (k3s_non_root is not defined or not k3s_non_root)
- import_tasks: teardown/uninstall-k3s.yml

View file

@ -0,0 +1,5 @@
---
- name: Ensure docker is uninstalled using amazon-linux-extras
command: amazon-linux-extras uninstall docker

View file

@ -0,0 +1,6 @@
---
- name: Ensure docker is installed using Zypper
zypper:
name: docker
state: absent

View file

@ -0,0 +1,28 @@
---
- name: Ensure Docker repository is uninstalled
apt_repository:
filename: docker-ce
repo: "deb https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable"
update_cache: false
state: absent
- name: Ensure Docker APT key is uninstalled
apt_key:
url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
state: absent
- name: Ensure Docker prerequisites are uninstalled
apt:
name: "{{ item }}"
state: absent
register: ensure_docker_prerequisites_uninstalled
until: ensure_docker_prerequisites_uninstalled is succeeded
retries: 3
delay: 10
loop:
- apt-transport-https
- ca-certificates
- curl
- "{{ 'gnupg2' if ansible_distribution == 'Debian' else 'gnupg-agent' }}"
- software-properties-common

View file

@ -0,0 +1,38 @@
---
- name: Ensure Docker repository is removed
yum_repository:
name: docker-ce
description: Docker CE Repository
baseurl: https://download.docker.com/linux/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version }}/$basearch/stable
gpgkey: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
enabled: true
gpgcheck: true
state: absent
when: ansible_distribution | lower not in ['amazon']
- name: Ensure Docker repository is removed
command: yum-config-manager disable docker-ce
when: ansible_distribution | lower not in ['amazon']
- name: Ensure Docker prerequisites are uninstalled
yum:
name:
- yum-utils
- device-mapper-persistent-data
- lvm2
state: absent
register: ensure_docker_prerequisites_uninstalled
until: ensure_docker_prerequisites_uninstalled is succeeded
retries: 3
delay: 10
- name: Ensure python-dnf is uninstalled
package:
name: "{{ 'python-dnf' if ansible_python_version is version_compare('3.0.0', '<') else 'python3-dnf' }}"
state: absent
register: ensure_python_dnf_installed
until: ensure_python_dnf_installed is succeeded
retries: 3
delay: 10
when: ansible_pkg_mgr == 'dnf'

View file

@ -0,0 +1 @@
---

View file

@ -0,0 +1,6 @@
---
- name: Ensure docker is uninstalled using Zypper
zypper:
name: docker
state: absent

View file

@ -0,0 +1,13 @@
---
- name: Ensure docker is uninstalled
package:
name:
- docker-ce
- docker-ce-cli
- containerd.io
state: absent
register: ensure_docker_uninstalled
until: ensure_docker_uninstalled is succeeded
retries: 3
delay: 10

View file

@ -0,0 +1,13 @@
---
- name: "Run k3s-killall.sh"
command: k3s-killall.sh
- name: "Run k3s-uninstall.sh"
command:
cmd: k3s-uninstall.sh
removes: /usr/local/bin/k3s-uninstall.sh
- name: "Clean up Docker"
command: docker system prune -a --force
when: k3s_use_docker

View file

@ -0,0 +1,76 @@
#!/bin/sh
[ $(id -u) -eq 0 ] || exec sudo $0 $@
for bin in /var/lib/rancher/k3s/data/**/bin/; do
[ -d $bin ] && export PATH=$bin:$PATH
done
set -x
for service in /etc/systemd/system/k3s*.service; do
[ -s $service ] && systemctl stop $(basename $service)
done
for service in /etc/init.d/k3s*; do
[ -x $service ] && $service stop
done
pschildren() {
ps -e -o ppid= -o pid= | \
sed -e 's/^\s*//g; s/\s\s*/\t/g;' | \
grep -w "^$1" | \
cut -f2
}
pstree() {
for pid in $@; do
echo $pid
for child in $(pschildren $pid); do
pstree $child
done
done
}
killtree() {
kill -9 $(
{ set +x; } 2>/dev/null;
pstree $@;
set -x;
) 2>/dev/null
}
getshims() {
lsof | sed -e 's/^[^0-9]*//g; s/ */\t/g' | grep -w 'k3s/data/[^/]*/bin/containerd-shim' | cut -f1 | sort -n -u
}
killtree $({ set +x; } 2>/dev/null; getshims; set -x)
do_unmount() {
{ set +x; } 2>/dev/null
MOUNTS=
while read ignore mount ignore; do
MOUNTS="$mount\n$MOUNTS"
done </proc/self/mounts
MOUNTS=$(printf $MOUNTS | grep "^$1" | sort -r)
if [ -n "${MOUNTS}" ]; then
set -x
umount ${MOUNTS}
else
set -x
fi
}
do_unmount '/run/k3s'
do_unmount '/var/lib/rancher/k3s'
do_unmount '/var/lib/kubelet/pods'
do_unmount '/run/netns/cni-'
# Delete network interface(s) that match 'master cni0'
ip link show 2>/dev/null | grep 'master cni0' | while read ignore iface ignore; do
iface=${iface%%@*}
[ -z "$iface" ] || ip link delete $iface
done
ip link delete cni0
ip link delete flannel.1
rm -rf /var/lib/cni/
iptables-save | grep -v KUBE- | grep -v CNI- | iptables-restore

View file

@ -0,0 +1,39 @@
#!/bin/sh
set -x
[ $(id -u) -eq 0 ] || exec sudo $0 $@
/usr/local/bin/k3s-killall.sh
if which systemctl; then
systemctl disable k3s
systemctl reset-failed k3s
systemctl daemon-reload
fi
if which rc-update; then
rc-update delete k3s default
fi
rm -f /etc/systemd/system/k3s.service
rm -f /etc/systemd/system/k3s.service.env
remove_uninstall() {
rm -f /usr/local/bin/k3s-uninstall.sh
}
trap remove_uninstall EXIT
if (ls /etc/systemd/system/k3s*.service || ls /etc/init.d/k3s*) >/dev/null 2>&1; then
set +x; echo 'Additional k3s services installed, skipping uninstall of k3s'; set -x
exit
fi
for cmd in kubectl crictl ctr; do
if [ -L /usr/local/bin/$cmd ]; then
rm -f /usr/local/bin/$cmd
fi
done
rm -rf /etc/rancher/k3s
rm -rf /var/lib/rancher/k3s
rm -rf /var/lib/kubelet
rm -f /usr/local/bin/k3s
rm -f /usr/local/bin/k3s-killall.sh