Uninstallation on cloudscale.ch
Steps to remove an OpenShift 4 cluster from cloudscale.ch.
|
Prerequisites
-
docker
-
mc
Minio client (aliased tomc
if necessary) -
jq
Cluster Decommission
-
Export the following vars
export CLOUDSCALE_TOKEN=<cloudscale-api-token> # From https://control.cloudscale.ch/user/api-tokens export CLUSTER_ID=<lieutenant-cluster-id> export TENANT_ID=<lieutenant-tenant-id> export REGION=<region> # rma or lpg (without the zone number) export GITLAB_TOKEN=<gitlab-api-token> # From https://git.vshn.net/profile/personal_access_tokens export GITLAB_CATALOG_PROJECT_ID=<project-id> # GitLab numerical project ID of the catalog repo
-
Setup Terraform
Prepare terraform
# Set terraform image and tag to be used tf_image=$(\ yq r dependencies/openshift4-cloudscale/class/defaults.yml \ parameters.openshift4_cloudscale.images.terraform.image) tf_tag=$(\ yq r dependencies/openshift4-cloudscale/class/defaults.yml \ parameters.openshift4_cloudscale.images.terraform.tag) # Generate the terraform alias alias terraform='docker run -it --rm \ -e CLOUDSCALE_TOKEN="${CLOUDSCALE_TOKEN}" \ -e TF_VAR_ignition_bootstrap="${TF_VAR_ignition_bootstrap}" \ -w /tf \ -v $(pwd):/tf \ -v $CLUSTER_ID:/tf/.terraform \ --ulimit memlock=-1 \ ${tf_image}:${tf_tag} terraform' export GITLAB_STATE_URL="https://git.vshn.net/api/v4/projects/${GITLAB_CATALOG_PROJECT_ID}/terraform/state/cluster" pushd catalog/manifests/openshift4-cloudscale/
Initiate terraform
terraform init \ "-backend-config=address=${GITLAB_STATE_URL}" \ "-backend-config=lock_address=${GITLAB_STATE_URL}/lock" \ "-backend-config=unlock_address=${GITLAB_STATE_URL}/lock" \ "-backend-config=username=$(whoami)" \ "-backend-config=password=${GITLAB_TOKEN}" \ "-backend-config=lock_method=POST" \ "-backend-config=unlock_method=DELETE" \ "-backend-config=retry_wait_min=5"
-
Delete resources from clouscale.ch using Terraform
terraform destroy
-
After all resources are deleted we need to remove the bucket
# Use already exiting bucket user response=$(curl -sH "Authorization: Bearer ${CLOUDSCALE_TOKEN}" \ https://api.cloudscale.ch/v1/objects-users | \ jq -e ".[] | select(.display_name == \"${CLUSTER_ID}\")") # configure minio client to use the bucket mc config host add \ "${CLUSTER_ID}" "https://objects.${REGION}.cloudscale.ch" \ $(echo $response | jq -r '.keys[0].access_key') \ $(echo $response | jq -r '.keys[0].secret_key') # delete bootstrap-ignition object mc rb "${CLUSTER_ID}/${CLUSTER_ID}-bootstrap-ignition" --force # delete image-registry object mc rb "${CLUSTER_ID}/${CLUSTER_ID}-image-registry --force # delete cloudscale.ch user object curl -i -H "Authorization: Bearer ${CLOUDSCALE_TOKEN}" -X DELETE $(echo $response | jq -r '.href')
-
Delete vault entries:
# Vault login export VAULT_ADDR=https://vault-prod.syn.vshn.net vault login -method=ldap username=<your.name> # delete token secret vault kv delete clusters/kv/${TENANT_ID}/${CLUSTER_ID}/cloudscale # delete registry secret vault kv delete clusters/kv/${TENANT_ID}/${CLUSTER_ID}/registry # delete ldap secret vault kv delete clusters/kv/${TENANT_ID}/${CLUSTER_ID}/vshn-ldap
-
Delete cluster from Lieutenant API (via portal)
-
Select the Lieutenant API Endpoint
-
Search cluster name
-
Delete cluster entry using the delete button
-
-
Delete LDAP service (via portal)
-
Search cluster name
-
Delete cluster entry service using the delete button
-
-
Remove IPs from LDAP allowlist
-
Search cluster IPs and remove those lines and any comments related.
-
Create a Merge Request and invite a colleague for a review/approve/merge
-
-
Delete all DNS records related with cluster (zonefiles)
-
Update any related documentation