Upstream
/
ansible-role-k3s
mirror of https://github.com/PyratLabs/ansible-role-k3s.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Slightly updated tasks and added validation checks 

1. Now does not remove prerequisite packages, lvm2 was included in
these packages (not good when you use LVM2 for real).
  2. Added a bit more idempotency to the shell scripts - only delete if
it exists.
  3. Check that the process isn't running and binaries are gone.
This commit is contained in:
Xan Manning 2020-02-26 20:05:38 +00:00
parent 5f7ff27f17
commit 75fd17aac8
16 changed files with 146 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
LICENSE
View File

@ -1,26 +0,0 @@
Copyright 2019 Xan Manning
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
3. Neither the name of the copyright holder nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

2
README.md
View File

@ -43,7 +43,7 @@ my spare time so I cannot promise a speedy fix delivery.
Below are variables that are set against all of the play hosts for environment Below are variables that are set against all of the play hosts for environment
consistency. consistency.
| Variable | Description | Default Value | | Variable | Description | Default Value |
|----------------------------------|-------------------------------------------------------------------------------------|-----------------------------------------| |----------------------------------|-------------------------------------------------------------------------------------|-----------------------------------------|
| `k3s_cluster_state` | State of cluster: installed, started, stopped, restarted, downloaded, uninstalled. | installed | | `k3s_cluster_state` | State of cluster: installed, started, stopped, restarted, downloaded, uninstalled. | installed |
| `k3s_release_version` | Use a specific version of k3s, eg. `v0.2.0`. Specify `false` for latest. | `false` | | `k3s_release_version` | Use a specific version of k3s, eg. `v0.2.0`. Specify `false` for latest. | `false` |

10
molecule/default/playbook-uninstall-cluster.yml Normal file
View File

@ -0,0 +1,10 @@
---
- name: Converge
hosts: all
become: true
vars:
molecule_is_test: true
k3s_cluster_state: uninstalled
k3s_use_docker: true
roles:
- role: xanmanning.k3s

4
tasks/build/install-docker-opensuse-leap.yml
View File

@ -4,6 +4,10 @@
zypper: zypper:
name: docker name: docker
state: present state: present
register: ensure_docker_prerequisites_installed
until: ensure_docker_prerequisites_installed is succeeded
retries: 3
delay: 10
notify: notify:
- restart docker - restart docker

13
tasks/build/install-docker-prerequisites-debian.yml
View File

@ -2,18 +2,17 @@
- name: Ensure Docker prerequisites are installed - name: Ensure Docker prerequisites are installed
apt: apt:
name: "{{ item }}" name:
- apt-transport-https
- ca-certificates
- curl
- "{{ 'gnupg2' if ansible_distribution == 'Debian' else 'gnupg-agent' }}"
- software-properties-common
state: present state: present
register: ensure_docker_prerequisites_installed register: ensure_docker_prerequisites_installed
until: ensure_docker_prerequisites_installed is succeeded until: ensure_docker_prerequisites_installed is succeeded
retries: 3 retries: 3
delay: 10 delay: 10
loop:
- apt-transport-https
- ca-certificates
- curl
- "{{ 'gnupg2' if ansible_distribution == 'Debian' else 'gnupg-agent' }}"
- software-properties-common
- name: Ensure Docker APT key is present - name: Ensure Docker APT key is present
apt_key: apt_key:

4
tasks/build/install-docker-suse.yml
View File

@ -4,6 +4,10 @@
zypper: zypper:
name: docker name: docker
state: present state: present
register: ensure_docker_prerequisites_installed
until: ensure_docker_prerequisites_installed is succeeded
retries: 3
delay: 10
notify: notify:
- restart docker - restart docker

2
tasks/build/install-k3s.yml
View File

@ -23,11 +23,13 @@
template: template:
src: k3s-killall.sh.j2 src: k3s-killall.sh.j2
dest: "/usr/local/bin/k3s-killall.sh" dest: "/usr/local/bin/k3s-killall.sh"
mode: 0700
- name: Ensure k3s uninstall script is present on all nodes - name: Ensure k3s uninstall script is present on all nodes
template: template:
src: k3s-uninstall.sh.j2 src: k3s-uninstall.sh.j2
dest: "/usr/local/bin/k3s-uninstall.sh" dest: "/usr/local/bin/k3s-uninstall.sh"
mode: 0700
- name: Ensure k3s is symlinked into the installation destinations - name: Ensure k3s is symlinked into the installation destinations
file: file:

14
tasks/state-uninstalled.yml
View File

@ -1,10 +1,6 @@
--- ---
- include_tasks: teardown/uninstall-docker-prerequisites-{{ ansible_os_family | lower }}.yml - import_tasks: teardown/uninstall-k3s.yml
when: k3s_use_docker
and ((k3s_control_workers)
or (not k3s_control_workers and not k3s_control_node))
and (k3s_non_root is not defined or not k3s_non_root)
- import_tasks: teardown/uninstall-docker.yml - import_tasks: teardown/uninstall-docker.yml
when: k3s_use_docker when: k3s_use_docker
@ -20,4 +16,10 @@
and ansible_distribution | replace(" ", "-") | lower in ['amazon', 'suse', 'opensuse-leap'] and ansible_distribution | replace(" ", "-") | lower in ['amazon', 'suse', 'opensuse-leap']
and (k3s_non_root is not defined or not k3s_non_root) and (k3s_non_root is not defined or not k3s_non_root)
- import_tasks: teardown/uninstall-k3s.yml - include_tasks: teardown/uninstall-docker-prerequisites-{{ ansible_os_family | lower }}.yml
when: k3s_use_docker
and ((k3s_control_workers)
or (not k3s_control_workers and not k3s_control_node))
and (k3s_non_root is not defined or not k3s_non_root)
- import_tasks: validate/check-uninstalled.yml

4
tasks/teardown/uninstall-docker-opensuse-leap.yml
View File

@ -4,3 +4,7 @@
zypper: zypper:
name: docker name: docker
state: absent state: absent
register: ensure_docker_uninstalled
until: ensure_docker_uninstalled is succeeded
retries: 3
delay: 10

15
tasks/teardown/uninstall-docker-prerequisites-debian.yml
View File

@ -11,18 +11,3 @@
apt_key: apt_key:
url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
state: absent state: absent
- name: Ensure Docker prerequisites are uninstalled
apt:
name: "{{ item }}"
state: absent
register: ensure_docker_prerequisites_uninstalled
until: ensure_docker_prerequisites_uninstalled is succeeded
retries: 3
delay: 10
loop:
- apt-transport-https
- ca-certificates
- curl
- "{{ 'gnupg2' if ansible_distribution == 'Debian' else 'gnupg-agent' }}"
- software-properties-common

28
tasks/teardown/uninstall-docker-prerequisites-redhat.yml
View File

@ -6,33 +6,7 @@
description: Docker CE Repository description: Docker CE Repository
baseurl: https://download.docker.com/linux/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version }}/$basearch/stable baseurl: https://download.docker.com/linux/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version }}/$basearch/stable
gpgkey: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg gpgkey: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
enabled: true enabled: false
gpgcheck: true gpgcheck: true
state: absent state: absent
when: ansible_distribution | lower not in ['amazon'] when: ansible_distribution | lower not in ['amazon']
- name: Ensure Docker repository is removed
command: yum-config-manager disable docker-ce
when: ansible_distribution | lower not in ['amazon']
- name: Ensure Docker prerequisites are uninstalled
yum:
name:
- yum-utils
- device-mapper-persistent-data
- lvm2
state: absent
register: ensure_docker_prerequisites_uninstalled
until: ensure_docker_prerequisites_uninstalled is succeeded
retries: 3
delay: 10
- name: Ensure python-dnf is uninstalled
package:
name: "{{ 'python-dnf' if ansible_python_version is version_compare('3.0.0', '<') else 'python3-dnf' }}"
state: absent
register: ensure_python_dnf_installed
until: ensure_python_dnf_installed is succeeded
retries: 3
delay: 10
when: ansible_pkg_mgr == 'dnf'

4
tasks/teardown/uninstall-docker-suse.yml
View File

@ -4,3 +4,7 @@
zypper: zypper:
name: docker name: docker
state: absent state: absent
register: ensure_docker_uninstalled
until: ensure_docker_uninstalled is succeeded
retries: 3
delay: 10

32
tasks/teardown/uninstall-k3s.yml
View File

@ -1,17 +1,35 @@
--- ---
- name: "Run k3s-killall.sh" - name: Check to see if k3s-killall.sh exits
command: k3s-killall.sh stat:
path: /usr/local/bin/k3s-killall.sh
register: check_k3s_killall_script
- name: Check to see if k3s-uninstall.sh exits
stat:
path: /usr/local/bin/k3s-uninstall.sh
register: check_k3s_uninstall_script
- name: Check to see if docker is present
command: which docker
failed_when: false
changed_when: false
register: check_k3s_docker_path
- name: Run k3s-killall.sh
command: /usr/local/bin/k3s-killall.sh
register: k3s_killall register: k3s_killall
changed_when: k3s_killall.rc == 0 changed_when: k3s_killall.rc == 0
when: check_k3s_killall_script.stat.exists
- name: "Run k3s-uninstall.sh" - name: Run k3s-uninstall.sh
command: command: /usr/local/bin/k3s-uninstall.sh
cmd: k3s-uninstall.sh args:
removes: /usr/local/bin/k3s-uninstall.sh removes: /usr/local/bin/k3s-uninstall.sh
register: k3s_uninstall register: k3s_uninstall
changed_when: k3s_uninstall.rc == 0 changed_when: k3s_uninstall.rc == 0
when: check_k3s_uninstall_script.stat.exists
- name: "Clean up Docker" - name: Clean up Docker
command: docker system prune -a --force command: docker system prune -a --force
when: k3s_use_docker when: k3s_use_docker and check_k3s_docker_path.rc == 0

55
tasks/validate/check-uninstalled.yml Normal file
View File

@ -0,0 +1,55 @@
---
- name: Check that k3s is not running
command: pgrep k3s
ignore_errors: true
changed_when: false
register: check_k3s_process
- name: Fail if k3s is still running
fail:
msg: k3s is still running, uninstall script failed. Please investigate.
when: check_k3s_process.rc == 0
- name: Check that docker is not running
command: pgrep docker
ignore_errors: true
changed_when: false
register: check_k3s_docker_process
when: k3s_use_docker is defined and k3s_use_docker
- name: Fail if docker is still running
fail:
msg: docker is still running, uninstall script failed. Please investigate.
when: k3s_use_docker is defined and k3s_use_docker and check_k3s_docker_process.rc == 0
- name: Fail if k3s binaries have not been removed
stat:
path: "{{ k3s_install_dir }}/{{ item }}"
register: check_k3s_binaries_removed
failed_when: check_k3s_binaries_removed.stat.exists
loop:
- k3s
- kubectl
- crictl
- ctr
- name: Check k3s-killall.sh is removed
stat:
path: /usr/local/bin/k3s-killall.sh
register: check_k3s_killall
- name: Fail if k3s-killall.sh script still exists
fail:
msg: k3s-killall.sh is still running, uninstall script failed. Please investigate.
when: check_k3s_killall.stat.exists
- name: Check k3s-uninstall.sh is removed
stat:
path: /usr/local/bin/k3s-uninstall.sh
register: check_k3s_uninstall
- name: Fail if k3s-uninstall.sh script still exists
fail:
msg: k3s-uninstall.sh is still running, uninstall script failed. Please investigate.
when: check_k3s_uninstall.stat.exists

12
templates/k3s-killall.sh.j2
View File

@ -1,18 +1,19 @@
#!/bin/sh #!/bin/sh
[ $(id -u) -eq 0 ] || exec sudo $0 $@ [ $(id -u) -eq 0 ] || exec sudo $0 $@
for bin in /var/lib/rancher/k3s/data/**/bin/; do for bin in /var/lib/rancher/k3s/data/**/bin/; do
[ -d $bin ] && export PATH=$bin:$PATH [ -d "$bin" ] && export PATH=$bin:$PATH
done done
set -x set -x
for service in /etc/systemd/system/k3s*.service; do for service in /etc/systemd/system/k3s*.service; do
[ -s $service ] && systemctl stop $(basename $service) [ -s "$service" ] && systemctl stop "$(basename $service)"
done done
for service in /etc/init.d/k3s*; do for service in /etc/init.d/k3s*; do
[ -x $service ] && $service stop [ -x "$service" ] && "$service" stop
done done
pschildren() { pschildren() {
@ -70,7 +71,8 @@ ip link show 2>/dev/null | grep 'master cni0' | while read ignore iface ignore;
iface=${iface%%@*} iface=${iface%%@*}
[ -z "$iface" ] || ip link delete $iface [ -z "$iface" ] || ip link delete $iface
done done
ip link delete cni0 ip link delete cni0
ip link delete flannel.1 ip link delete flannel.1
rm -rf /var/lib/cni/ [ -d /var/lib/cni ] && rm -rf /var/lib/cni/
iptables-save | grep -v KUBE- | grep -v CNI- | iptables-restore iptables-save | grep -v KUBE- | grep -v CNI- | iptables-restore

25
templates/k3s-uninstall.sh.j2
View File

@ -1,4 +1,5 @@
#!/bin/sh #!/bin/sh
set -x set -x
[ $(id -u) -eq 0 ] || exec sudo $0 $@ [ $(id -u) -eq 0 ] || exec sudo $0 $@
@ -9,15 +10,17 @@ if which systemctl; then
systemctl reset-failed k3s systemctl reset-failed k3s
systemctl daemon-reload systemctl daemon-reload
fi fi
if which rc-update; then if which rc-update; then
rc-update delete k3s default rc-update delete k3s default
fi fi
rm -f /etc/systemd/system/k3s.service for unit in /etc/systemd/system/k3s*.service; do
rm -f /etc/systemd/system/k3s.service.env [ -f "$unit" ] && rm -f "$unit"
done
remove_uninstall() { remove_uninstall() {
rm -f /usr/local/bin/k3s-uninstall.sh [ -f /usr/local/sbin/k3s-uninstall.sh ] && rm -f /usr/local/sbin/k3s-uninstall.sh
} }
trap remove_uninstall EXIT trap remove_uninstall EXIT
@ -27,13 +30,15 @@ if (ls /etc/systemd/system/k3s*.service || ls /etc/init.d/k3s*) >/dev/null 2>&1;
fi fi
for cmd in kubectl crictl ctr; do for cmd in kubectl crictl ctr; do
if [ -L /usr/local/bin/$cmd ]; then if [ -L "{{ k3s_install_dir }}/$cmd" ]; then
rm -f /usr/local/bin/$cmd rm -f "{{ k3s_install_dir }}/$cmd"
fi fi
done done
rm -rf /etc/rancher/k3s [ -d /etc/rancher/k3s ] && rm -rf /etc/rancher/k3s
rm -rf /var/lib/rancher/k3s [ -d /var/lib/rancher/k3s ] && rm -rf /var/lib/rancher/k3s
rm -rf /var/lib/kubelet [ -d /var/lib/kubelet ] && rm -rf /var/lib/kubelet
rm -f /usr/local/bin/k3s for bin in {{ k3s_install_dir }}/k3s*; do
rm -f /usr/local/bin/k3s-killall.sh [ -f "$bin" ] && rm -f "$bin"
done
[ -f /usr/local/sbin/k3s-killall.sh ] && rm -f /usr/local/sbin/k3s-killall.sh