diff --git a/LICENSE b/LICENSE deleted file mode 100644 index 03dc591..0000000 --- a/LICENSE +++ /dev/null @@ -1,26 +0,0 @@ -Copyright 2019 Xan Manning - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - -1. Redistributions of source code must retain the above copyright notice, this -list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright notice, -this list of conditions and the following disclaimer in the documentation -and/or other materials provided with the distribution. - -3. Neither the name of the copyright holder nor the names of its contributors -may be used to endorse or promote products derived from this software without -specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/README.md b/README.md index 85956a4..facbd1a 100644 --- a/README.md +++ b/README.md @@ -43,7 +43,7 @@ my spare time so I cannot promise a speedy fix delivery. Below are variables that are set against all of the play hosts for environment consistency. -| Variable | Description | Default Value | +| Variable | Description | Default Value | |----------------------------------|-------------------------------------------------------------------------------------|-----------------------------------------| | `k3s_cluster_state` | State of cluster: installed, started, stopped, restarted, downloaded, uninstalled. | installed | | `k3s_release_version` | Use a specific version of k3s, eg. `v0.2.0`. Specify `false` for latest. | `false` | diff --git a/molecule/default/playbook-uninstall-cluster.yml b/molecule/default/playbook-uninstall-cluster.yml new file mode 100644 index 0000000..0e42556 --- /dev/null +++ b/molecule/default/playbook-uninstall-cluster.yml @@ -0,0 +1,10 @@ +--- +- name: Converge + hosts: all + become: true + vars: + molecule_is_test: true + k3s_cluster_state: uninstalled + k3s_use_docker: true + roles: + - role: xanmanning.k3s diff --git a/tasks/build/install-docker-opensuse-leap.yml b/tasks/build/install-docker-opensuse-leap.yml index 536c338..5135bd2 100644 --- a/tasks/build/install-docker-opensuse-leap.yml +++ b/tasks/build/install-docker-opensuse-leap.yml @@ -4,6 +4,10 @@ zypper: name: docker state: present + register: ensure_docker_prerequisites_installed + until: ensure_docker_prerequisites_installed is succeeded + retries: 3 + delay: 10 notify: - restart docker diff --git a/tasks/build/install-docker-prerequisites-debian.yml b/tasks/build/install-docker-prerequisites-debian.yml index 1f755de..379755b 100644 --- a/tasks/build/install-docker-prerequisites-debian.yml +++ b/tasks/build/install-docker-prerequisites-debian.yml @@ -2,18 +2,17 @@ - name: Ensure Docker prerequisites are installed apt: - name: "{{ item }}" + name: + - apt-transport-https + - ca-certificates + - curl + - "{{ 'gnupg2' if ansible_distribution == 'Debian' else 'gnupg-agent' }}" + - software-properties-common state: present register: ensure_docker_prerequisites_installed until: ensure_docker_prerequisites_installed is succeeded retries: 3 delay: 10 - loop: - - apt-transport-https - - ca-certificates - - curl - - "{{ 'gnupg2' if ansible_distribution == 'Debian' else 'gnupg-agent' }}" - - software-properties-common - name: Ensure Docker APT key is present apt_key: diff --git a/tasks/build/install-docker-suse.yml b/tasks/build/install-docker-suse.yml index 536c338..5135bd2 100644 --- a/tasks/build/install-docker-suse.yml +++ b/tasks/build/install-docker-suse.yml @@ -4,6 +4,10 @@ zypper: name: docker state: present + register: ensure_docker_prerequisites_installed + until: ensure_docker_prerequisites_installed is succeeded + retries: 3 + delay: 10 notify: - restart docker diff --git a/tasks/build/install-k3s.yml b/tasks/build/install-k3s.yml index 61ba82f..1951d31 100644 --- a/tasks/build/install-k3s.yml +++ b/tasks/build/install-k3s.yml @@ -23,11 +23,13 @@ template: src: k3s-killall.sh.j2 dest: "/usr/local/bin/k3s-killall.sh" + mode: 0700 - name: Ensure k3s uninstall script is present on all nodes template: src: k3s-uninstall.sh.j2 dest: "/usr/local/bin/k3s-uninstall.sh" + mode: 0700 - name: Ensure k3s is symlinked into the installation destinations file: diff --git a/tasks/state-uninstalled.yml b/tasks/state-uninstalled.yml index 6289e4c..a75fcfa 100644 --- a/tasks/state-uninstalled.yml +++ b/tasks/state-uninstalled.yml @@ -1,10 +1,6 @@ --- -- include_tasks: teardown/uninstall-docker-prerequisites-{{ ansible_os_family | lower }}.yml - when: k3s_use_docker - and ((k3s_control_workers) - or (not k3s_control_workers and not k3s_control_node)) - and (k3s_non_root is not defined or not k3s_non_root) +- import_tasks: teardown/uninstall-k3s.yml - import_tasks: teardown/uninstall-docker.yml when: k3s_use_docker @@ -20,4 +16,10 @@ and ansible_distribution | replace(" ", "-") | lower in ['amazon', 'suse', 'opensuse-leap'] and (k3s_non_root is not defined or not k3s_non_root) -- import_tasks: teardown/uninstall-k3s.yml +- include_tasks: teardown/uninstall-docker-prerequisites-{{ ansible_os_family | lower }}.yml + when: k3s_use_docker + and ((k3s_control_workers) + or (not k3s_control_workers and not k3s_control_node)) + and (k3s_non_root is not defined or not k3s_non_root) + +- import_tasks: validate/check-uninstalled.yml diff --git a/tasks/teardown/uninstall-docker-opensuse-leap.yml b/tasks/teardown/uninstall-docker-opensuse-leap.yml index 6ee00c5..115f965 100644 --- a/tasks/teardown/uninstall-docker-opensuse-leap.yml +++ b/tasks/teardown/uninstall-docker-opensuse-leap.yml @@ -4,3 +4,7 @@ zypper: name: docker state: absent + register: ensure_docker_uninstalled + until: ensure_docker_uninstalled is succeeded + retries: 3 + delay: 10 diff --git a/tasks/teardown/uninstall-docker-prerequisites-debian.yml b/tasks/teardown/uninstall-docker-prerequisites-debian.yml index ca79667..ba76a6e 100644 --- a/tasks/teardown/uninstall-docker-prerequisites-debian.yml +++ b/tasks/teardown/uninstall-docker-prerequisites-debian.yml @@ -11,18 +11,3 @@ apt_key: url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg state: absent - -- name: Ensure Docker prerequisites are uninstalled - apt: - name: "{{ item }}" - state: absent - register: ensure_docker_prerequisites_uninstalled - until: ensure_docker_prerequisites_uninstalled is succeeded - retries: 3 - delay: 10 - loop: - - apt-transport-https - - ca-certificates - - curl - - "{{ 'gnupg2' if ansible_distribution == 'Debian' else 'gnupg-agent' }}" - - software-properties-common diff --git a/tasks/teardown/uninstall-docker-prerequisites-redhat.yml b/tasks/teardown/uninstall-docker-prerequisites-redhat.yml index 1af7fd8..f25a88b 100644 --- a/tasks/teardown/uninstall-docker-prerequisites-redhat.yml +++ b/tasks/teardown/uninstall-docker-prerequisites-redhat.yml @@ -6,33 +6,7 @@ description: Docker CE Repository baseurl: https://download.docker.com/linux/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version }}/$basearch/stable gpgkey: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg - enabled: true + enabled: false gpgcheck: true state: absent when: ansible_distribution | lower not in ['amazon'] - -- name: Ensure Docker repository is removed - command: yum-config-manager disable docker-ce - when: ansible_distribution | lower not in ['amazon'] - -- name: Ensure Docker prerequisites are uninstalled - yum: - name: - - yum-utils - - device-mapper-persistent-data - - lvm2 - state: absent - register: ensure_docker_prerequisites_uninstalled - until: ensure_docker_prerequisites_uninstalled is succeeded - retries: 3 - delay: 10 - -- name: Ensure python-dnf is uninstalled - package: - name: "{{ 'python-dnf' if ansible_python_version is version_compare('3.0.0', '<') else 'python3-dnf' }}" - state: absent - register: ensure_python_dnf_installed - until: ensure_python_dnf_installed is succeeded - retries: 3 - delay: 10 - when: ansible_pkg_mgr == 'dnf' diff --git a/tasks/teardown/uninstall-docker-suse.yml b/tasks/teardown/uninstall-docker-suse.yml index 85c727e..ed66b9b 100644 --- a/tasks/teardown/uninstall-docker-suse.yml +++ b/tasks/teardown/uninstall-docker-suse.yml @@ -4,3 +4,7 @@ zypper: name: docker state: absent + register: ensure_docker_uninstalled + until: ensure_docker_uninstalled is succeeded + retries: 3 + delay: 10 diff --git a/tasks/teardown/uninstall-k3s.yml b/tasks/teardown/uninstall-k3s.yml index eb84364..120a3a7 100644 --- a/tasks/teardown/uninstall-k3s.yml +++ b/tasks/teardown/uninstall-k3s.yml @@ -1,17 +1,35 @@ --- -- name: "Run k3s-killall.sh" - command: k3s-killall.sh +- name: Check to see if k3s-killall.sh exits + stat: + path: /usr/local/bin/k3s-killall.sh + register: check_k3s_killall_script + +- name: Check to see if k3s-uninstall.sh exits + stat: + path: /usr/local/bin/k3s-uninstall.sh + register: check_k3s_uninstall_script + +- name: Check to see if docker is present + command: which docker + failed_when: false + changed_when: false + register: check_k3s_docker_path + +- name: Run k3s-killall.sh + command: /usr/local/bin/k3s-killall.sh register: k3s_killall changed_when: k3s_killall.rc == 0 + when: check_k3s_killall_script.stat.exists -- name: "Run k3s-uninstall.sh" - command: - cmd: k3s-uninstall.sh +- name: Run k3s-uninstall.sh + command: /usr/local/bin/k3s-uninstall.sh + args: removes: /usr/local/bin/k3s-uninstall.sh register: k3s_uninstall changed_when: k3s_uninstall.rc == 0 + when: check_k3s_uninstall_script.stat.exists -- name: "Clean up Docker" +- name: Clean up Docker command: docker system prune -a --force - when: k3s_use_docker + when: k3s_use_docker and check_k3s_docker_path.rc == 0 diff --git a/tasks/validate/check-uninstalled.yml b/tasks/validate/check-uninstalled.yml new file mode 100644 index 0000000..f5c3e0a --- /dev/null +++ b/tasks/validate/check-uninstalled.yml @@ -0,0 +1,55 @@ +--- + +- name: Check that k3s is not running + command: pgrep k3s + ignore_errors: true + changed_when: false + register: check_k3s_process + +- name: Fail if k3s is still running + fail: + msg: k3s is still running, uninstall script failed. Please investigate. + when: check_k3s_process.rc == 0 + +- name: Check that docker is not running + command: pgrep docker + ignore_errors: true + changed_when: false + register: check_k3s_docker_process + when: k3s_use_docker is defined and k3s_use_docker + +- name: Fail if docker is still running + fail: + msg: docker is still running, uninstall script failed. Please investigate. + when: k3s_use_docker is defined and k3s_use_docker and check_k3s_docker_process.rc == 0 + +- name: Fail if k3s binaries have not been removed + stat: + path: "{{ k3s_install_dir }}/{{ item }}" + register: check_k3s_binaries_removed + failed_when: check_k3s_binaries_removed.stat.exists + loop: + - k3s + - kubectl + - crictl + - ctr + +- name: Check k3s-killall.sh is removed + stat: + path: /usr/local/bin/k3s-killall.sh + register: check_k3s_killall + +- name: Fail if k3s-killall.sh script still exists + fail: + msg: k3s-killall.sh is still running, uninstall script failed. Please investigate. + when: check_k3s_killall.stat.exists + +- name: Check k3s-uninstall.sh is removed + stat: + path: /usr/local/bin/k3s-uninstall.sh + register: check_k3s_uninstall + +- name: Fail if k3s-uninstall.sh script still exists + fail: + msg: k3s-uninstall.sh is still running, uninstall script failed. Please investigate. + when: check_k3s_uninstall.stat.exists diff --git a/templates/k3s-killall.sh.j2 b/templates/k3s-killall.sh.j2 index 49a9f82..534eb8e 100644 --- a/templates/k3s-killall.sh.j2 +++ b/templates/k3s-killall.sh.j2 @@ -1,18 +1,19 @@ #!/bin/sh + [ $(id -u) -eq 0 ] || exec sudo $0 $@ for bin in /var/lib/rancher/k3s/data/**/bin/; do - [ -d $bin ] && export PATH=$bin:$PATH + [ -d "$bin" ] && export PATH=$bin:$PATH done set -x for service in /etc/systemd/system/k3s*.service; do - [ -s $service ] && systemctl stop $(basename $service) + [ -s "$service" ] && systemctl stop "$(basename $service)" done for service in /etc/init.d/k3s*; do - [ -x $service ] && $service stop + [ -x "$service" ] && "$service" stop done pschildren() { @@ -70,7 +71,8 @@ ip link show 2>/dev/null | grep 'master cni0' | while read ignore iface ignore; iface=${iface%%@*} [ -z "$iface" ] || ip link delete $iface done + ip link delete cni0 ip link delete flannel.1 -rm -rf /var/lib/cni/ -iptables-save | grep -v KUBE- | grep -v CNI- | iptables-restore \ No newline at end of file +[ -d /var/lib/cni ] && rm -rf /var/lib/cni/ +iptables-save | grep -v KUBE- | grep -v CNI- | iptables-restore diff --git a/templates/k3s-uninstall.sh.j2 b/templates/k3s-uninstall.sh.j2 index f47d45d..b65f301 100644 --- a/templates/k3s-uninstall.sh.j2 +++ b/templates/k3s-uninstall.sh.j2 @@ -1,4 +1,5 @@ #!/bin/sh + set -x [ $(id -u) -eq 0 ] || exec sudo $0 $@ @@ -9,15 +10,17 @@ if which systemctl; then systemctl reset-failed k3s systemctl daemon-reload fi + if which rc-update; then rc-update delete k3s default fi -rm -f /etc/systemd/system/k3s.service -rm -f /etc/systemd/system/k3s.service.env +for unit in /etc/systemd/system/k3s*.service; do + [ -f "$unit" ] && rm -f "$unit" +done remove_uninstall() { - rm -f /usr/local/bin/k3s-uninstall.sh + [ -f /usr/local/sbin/k3s-uninstall.sh ] && rm -f /usr/local/sbin/k3s-uninstall.sh } trap remove_uninstall EXIT @@ -27,13 +30,15 @@ if (ls /etc/systemd/system/k3s*.service || ls /etc/init.d/k3s*) >/dev/null 2>&1; fi for cmd in kubectl crictl ctr; do - if [ -L /usr/local/bin/$cmd ]; then - rm -f /usr/local/bin/$cmd + if [ -L "{{ k3s_install_dir }}/$cmd" ]; then + rm -f "{{ k3s_install_dir }}/$cmd" fi done -rm -rf /etc/rancher/k3s -rm -rf /var/lib/rancher/k3s -rm -rf /var/lib/kubelet -rm -f /usr/local/bin/k3s -rm -f /usr/local/bin/k3s-killall.sh \ No newline at end of file +[ -d /etc/rancher/k3s ] && rm -rf /etc/rancher/k3s +[ -d /var/lib/rancher/k3s ] && rm -rf /var/lib/rancher/k3s +[ -d /var/lib/kubelet ] && rm -rf /var/lib/kubelet +for bin in {{ k3s_install_dir }}/k3s*; do + [ -f "$bin" ] && rm -f "$bin" +done +[ -f /usr/local/sbin/k3s-killall.sh ] && rm -f /usr/local/sbin/k3s-killall.sh