Upstream
/
ansible-role-k3s
mirror of https://github.com/PyratLabs/ansible-role-k3s.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

add uninstall state

This commit is contained in:
Devin Buhl 2020-02-25 12:29:39 -05:00
parent c4547306ce
commit 9bbf5fd746
14 changed files with 296 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
README.md
View File

@ -43,44 +43,43 @@ my spare time so I cannot promise a speedy fix delivery.
Below are variables that are set against all of the play hosts for environment Below are variables that are set against all of the play hosts for environment
consistency. consistency.
| Variable | Description | Default Value | | Variable | Description | Default Value |
|----------------------------------|--------------------------------------------------------------------------|-----------------------------------------| |----------------------------------|-------------------------------------------------------------------------------------|-----------------------------------------|
| `k3s_cluster_state` | State of cluster: installed, started, stopped, restarted, downloaded. | installed | | `k3s_cluster_state` | State of cluster: installed, started, stopped, restarted, downloaded, uninstall. | installed |
| `k3s_release_version` | Use a specific version of k3s, eg. `v0.2.0`. Specify `false` for latest. | `false` | | `k3s_release_version` | Use a specific version of k3s, eg. `v0.2.0`. Specify `false` for latest. | `false` |
| `k3s_github_url` | Set the GitHub URL to install k3s from. | https://github.com/rancher/k3s | | `k3s_github_url` | Set the GitHub URL to install k3s from. | https://github.com/rancher/k3s |
| `k3s_install_dir` | Installation directory for k3s. | `/usr/local/bin` | | `k3s_install_dir` | Installation directory for k3s. | `/usr/local/bin` |
| `k3s_server_manifests_dir` | Path for place the `k3s_server_manifests_templates`. | `/var/lib/rancher/k3s/server/manifests` | | `k3s_server_manifests_dir` | Path for place the `k3s_server_manifests_templates`. | `/var/lib/rancher/k3s/server/manifests` |
| `k3s_server_manifests_templates` | A list of Auto-Deploying Manifests Templates. | [] | | `k3s_server_manifests_templates` | A list of Auto-Deploying Manifests Templates. | [] |
| `k3s_use_experimental` | Allow the use of experimental features in k3s. | `false` | | `k3s_use_experimental` | Allow the use of experimental features in k3s. | `false` |
| `k3s_non_root` | Install k3s as non-root user. See notes below. | `false` | | `k3s_non_root` | Install k3s as non-root user. See notes below. | `false` |
| `k3s_control_workers` | Are control hosts also workers? | `true` | | `k3s_control_workers` | Are control hosts also workers? | `true` |
| `k3s_cluster_cidr` | Network CIDR to use for pod IPs | 10.42.0.0/16 | | `k3s_cluster_cidr` | Network CIDR to use for pod IPs | 10.42.0.0/16 |
| `k3s_service_cidr` | Network CIDR to use for service IPs | 10.43.0.0/16 | | `k3s_service_cidr` | Network CIDR to use for service IPs | 10.43.0.0/16 |
| `k3s_control_node_address` | Use a specific control node address. IP or FQDN. | _NULL_ | | `k3s_control_node_address` | Use a specific control node address. IP or FQDN. | _NULL_ |
| `k3s_control_token` | Use a specific control token, please read notes below. | _NULL_ | | `k3s_control_token` | Use a specific control token, please read notes below. | _NULL_ |
| `k3s_https_port` | HTTPS port listening port. | 6443 | | `k3s_https_port` | HTTPS port listening port. | 6443 |
| `k3s_use_docker` | Use Docker rather than Containerd? | `false` | | `k3s_use_docker` | Use Docker rather than Containerd? | `false` |
| `k3s_no_flannel` | Do not use Flannel | `false` | | `k3s_no_flannel` | Do not use Flannel | `false` |
| `k3s_flannel_backend` | Flannel backend ('none', 'vxlan', 'ipsec', 'host-gw' or 'wireguard') | vxlan | | `k3s_flannel_backend` | Flannel backend ('none', 'vxlan', 'ipsec', 'host-gw' or 'wireguard') | vxlan |
| `k3s_no_coredns` | Do not use CoreDNS | `false` | | `k3s_no_coredns` | Do not use CoreDNS | `false` |
| `k3s_cluster_dns` | Cluster IP for CoreDNS service. Should be in your service-cidr range. | _NULL_ | | `k3s_cluster_dns` | Cluster IP for CoreDNS service. Should be in your service-cidr range. | _NULL_ |
| `k3s_cluster_domain` | Cluster Domain. | cluster.local | | `k3s_cluster_domain` | Cluster Domain. | cluster.local |
| `k3s_resolv_conf` | Kubelet resolv.conf file | _NULL_ | | `k3s_resolv_conf` | Kubelet resolv.conf file | _NULL_ |
| `k3s_no_traefik` | Do not use Traefik | `false` | | `k3s_no_traefik` | Do not use Traefik | `false` |
| `k3s_no_servicelb` | Do not use ServiceLB, necessary for using something like MetalLB. | `false` | | `k3s_no_servicelb` | Do not use ServiceLB, necessary for using something like MetalLB. | `false` |
| `k3s_no_local_storage` | Do not use Local Storage | `false` | | `k3s_no_local_storage` | Do not use Local Storage | `false` |
| `k3s_default_local_storage_path` | Set Local Storage Path. Specify `false` for default. | | `k3s_default_local_storage_path` | Set Local Storage Path. Specify `false` for default. | `false` |
`false` | | `k3s_no_metrics_server` | Do not deploy metrics server | `false` |
| `k3s_no_metrics_server` | Do not deploy metrics server | `false` | | `k3s_disable_scheduler` | Disable Kubernetes default scheduler | `false` |
| `k3s_disable_scheduler` | Disable Kubernetes default scheduler | `false` | | `k3s_disable_cloud_controller` | Disable k3s default cloud controller manager. | `false` |
| `k3s_disable_cloud_controller` | Disable k3s default cloud controller manager. | `false` | | `k3s_disable_network_policy` | Disable k3s default network policy controller. | `false` |
| `k3s_disable_network_policy` | Disable k3s default network policy controller. | `false` | | `k3s_write_kubeconfig_mode` | Define the file mode from the generated KubeConfig, eg. `644` | _NULL_ |
| `k3s_write_kubeconfig_mode` | Define the file mode from the generated KubeConfig, eg. `644` | _NULL_ | | `k3s_datastore_endpoint` | Define the database or etcd cluster endpoint for HA. | _NULL_ |
| `k3s_datastore_endpoint` | Define the database or etcd cluster endpoint for HA. | _NULL_ | | `k3s_datastore_cafile` | Define the database TLS CA file. | _NULL_ |
| `k3s_datastore_cafile` | Define the database TLS CA file. | _NULL_ | | `k3s_datastore_certfile` | Define the database TLS Cert file. | _NULL_ |
| `k3s_datastore_certfile` | Define the database TLS Cert file. | _NULL_ | | `k3s_datastore_keyfile` | Define the database TLS Key file. | _NULL_ |
| `k3s_datastore_keyfile` | Define the database TLS Key file. | _NULL_ | | `k3s_dqlite_datastore` | Use DQLite as the database backend for HA. (EXPERIMENTAL) | `false` |
| `k3s_dqlite_datastore` | Use DQLite as the database backend for HA. (EXPERIMENTAL) | `false` |
#### Important note about `k3s_release_version` #### Important note about `k3s_release_version`

10
tasks/build/install-k3s.yml
View File

@ -19,6 +19,16 @@
- meta: flush_handlers - meta: flush_handlers
- name: Ensure k3s killall script is present on all nodes
template:
src: k3s-killall.sh.j2
dest: "/usr/local/bin/k3s-killall.sh"
- name: Ensure k3s uninstall script is present on all nodes
template:
src: k3s-uninstall.sh.j2
dest: "/usr/local/bin/k3s-uninstall.sh"
- name: Ensure k3s is symlinked into the installation destinations - name: Ensure k3s is symlinked into the installation destinations
file: file:
src: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}" src: "{{ k3s_install_dir }}/k3s-{{ k3s_release_version }}"

2
tasks/main.yml
View File

@ -3,7 +3,7 @@
- name: Check to see if k3s_cluster_state is a supported value - name: Check to see if k3s_cluster_state is a supported value
assert: assert:
that: that:
- k3s_cluster_state in ['installed', 'started', 'stopped', 'restarted', 'downloaded'] - k3s_cluster_state in ['installed', 'started', 'stopped', 'restarted', 'downloaded', 'uninstall']
fail_msg: "k3s_cluster_state not valid. Check README.md for details." fail_msg: "k3s_cluster_state not valid. Check README.md for details."
success_msg: "k3s_cluster_state is valid." success_msg: "k3s_cluster_state is valid."
when: k3s_cluster_state is defined when: k3s_cluster_state is defined

23
tasks/state-uninstalled.yml Normal file
View File

@ -0,0 +1,23 @@
---
- include_tasks: teardown/uninstall-docker-prerequisites-{{ ansible_os_family | lower }}.yml
when: k3s_use_docker
and ((k3s_control_workers)
or (not k3s_control_workers and not k3s_control_node))
and (k3s_non_root is not defined or not k3s_non_root)
- import_tasks: teardown/uninstall-docker.yml
when: k3s_use_docker
and ((k3s_control_workers)
or (not k3s_control_workers and not k3s_control_node))
and ansible_distribution | replace(" ", "-") | lower not in ['amazon', 'suse', 'opensuse-leap']
and (k3s_non_root is not defined or not k3s_non_root)
- include_tasks: teardown/uninstall-docker-{{ ansible_distribution | replace(" ", "-") | lower }}.yml
when: k3s_use_docker
and ((k3s_control_workers)
or (not k3s_control_workers and not k3s_control_node))
and ansible_distribution | replace(" ", "-") | lower in ['amazon', 'suse', 'opensuse-leap']
and (k3s_non_root is not defined or not k3s_non_root)
- import_tasks: teardown/uninstall-k3s.yml

5
tasks/teardown/uninstall-docker-amazon.yml Normal file
View File

@ -0,0 +1,5 @@
---
- name: Ensure docker is uninstalled using amazon-linux-extras
command: amazon-linux-extras uninstall docker

6
tasks/teardown/uninstall-docker-opensuse-leap.yml Normal file
View File

@ -0,0 +1,6 @@
---
- name: Ensure docker is installed using Zypper
zypper:
name: docker
state: absent

28
tasks/teardown/uninstall-docker-prerequisites-debian.yml Normal file
View File

@ -0,0 +1,28 @@
---
- name: Ensure Docker repository is uninstalled
apt_repository:
filename: docker-ce
repo: "deb https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable"
update_cache: false
state: absent
- name: Ensure Docker APT key is uninstalled
apt_key:
url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
state: absent
- name: Ensure Docker prerequisites are uninstalled
apt:
name: "{{ item }}"
state: absent
register: ensure_docker_prerequisites_uninstalled
until: ensure_docker_prerequisites_uninstalled is succeeded
retries: 3
delay: 10
loop:
- apt-transport-https
- ca-certificates
- curl
- "{{ 'gnupg2' if ansible_distribution == 'Debian' else 'gnupg-agent' }}"
- software-properties-common

38
tasks/teardown/uninstall-docker-prerequisites-redhat.yml Normal file
View File

@ -0,0 +1,38 @@
---
- name: Ensure Docker repository is removed
yum_repository:
name: docker-ce
description: Docker CE Repository
baseurl: https://download.docker.com/linux/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version }}/$basearch/stable
gpgkey: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
enabled: true
gpgcheck: true
state: absent
when: ansible_distribution | lower not in ['amazon']
- name: Ensure Docker repository is removed
command: yum-config-manager disable docker-ce
when: ansible_distribution | lower not in ['amazon']
- name: Ensure Docker prerequisites are uninstalled
yum:
name:
- yum-utils
- device-mapper-persistent-data
- lvm2
state: absent
register: ensure_docker_prerequisites_uninstalled
until: ensure_docker_prerequisites_uninstalled is succeeded
retries: 3
delay: 10
- name: Ensure python-dnf is uninstalled
package:
name: "{{ 'python-dnf' if ansible_python_version is version_compare('3.0.0', '<') else 'python3-dnf' }}"
state: absent
register: ensure_python_dnf_installed
until: ensure_python_dnf_installed is succeeded
retries: 3
delay: 10
when: ansible_pkg_mgr == 'dnf'

1
tasks/teardown/uninstall-docker-prerequisites-suse.yml Normal file
View File

@ -0,0 +1 @@
---

6
tasks/teardown/uninstall-docker-suse.yml Normal file
View File

@ -0,0 +1,6 @@
---
- name: Ensure docker is uninstalled using Zypper
zypper:
name: docker
state: absent

13
tasks/teardown/uninstall-docker.yml Normal file
View File

@ -0,0 +1,13 @@
---
- name: Ensure docker is uninstalled
package:
name:
- docker-ce
- docker-ce-cli
- containerd.io
state: absent
register: ensure_docker_uninstalled
until: ensure_docker_uninstalled is succeeded
retries: 3
delay: 10

13
tasks/teardown/uninstall-k3s.yml Normal file
View File

@ -0,0 +1,13 @@
---
- name: "Run k3s-killall.sh"
command: k3s-killall.sh
- name: "Run k3s-uninstall.sh"
command:
cmd: k3s-uninstall.sh
removes: /usr/local/bin/k3s-uninstall.sh
- name: "Clean up Docker"
command: docker system prune -a --force
when: k3s_use_docker

76
templates/k3s-killall.sh.j2 Normal file
View File

@ -0,0 +1,76 @@
#!/bin/sh
[ $(id -u) -eq 0 ] || exec sudo $0 $@
for bin in /var/lib/rancher/k3s/data/**/bin/; do
[ -d $bin ] && export PATH=$bin:$PATH
done
set -x
for service in /etc/systemd/system/k3s*.service; do
[ -s $service ] && systemctl stop $(basename $service)
done
for service in /etc/init.d/k3s*; do
[ -x $service ] && $service stop
done
pschildren() {
ps -e -o ppid= -o pid= | \
sed -e 's/^\s*//g; s/\s\s*/\t/g;' | \
grep -w "^$1" | \
cut -f2
}
pstree() {
for pid in $@; do
echo $pid
for child in $(pschildren $pid); do
pstree $child
done
done
}
killtree() {
kill -9 $(
{ set +x; } 2>/dev/null;
pstree $@;
set -x;
) 2>/dev/null
}
getshims() {
lsof | sed -e 's/^[^0-9]*//g; s/ */\t/g' | grep -w 'k3s/data/[^/]*/bin/containerd-shim' | cut -f1 | sort -n -u
}
killtree $({ set +x; } 2>/dev/null; getshims; set -x)
do_unmount() {
{ set +x; } 2>/dev/null
MOUNTS=
while read ignore mount ignore; do
MOUNTS="$mount\n$MOUNTS"
done </proc/self/mounts
MOUNTS=$(printf $MOUNTS | grep "^$1" | sort -r)
if [ -n "${MOUNTS}" ]; then
set -x
umount ${MOUNTS}
else
set -x
fi
}
do_unmount '/run/k3s'
do_unmount '/var/lib/rancher/k3s'
do_unmount '/var/lib/kubelet/pods'
do_unmount '/run/netns/cni-'
# Delete network interface(s) that match 'master cni0'
ip link show 2>/dev/null | grep 'master cni0' | while read ignore iface ignore; do
iface=${iface%%@*}
[ -z "$iface" ] || ip link delete $iface
done
ip link delete cni0
ip link delete flannel.1
rm -rf /var/lib/cni/
iptables-save | grep -v KUBE- | grep -v CNI- | iptables-restore

39
templates/k3s-uninstall.sh.j2 Normal file
View File

@ -0,0 +1,39 @@
#!/bin/sh
set -x
[ $(id -u) -eq 0 ] || exec sudo $0 $@
/usr/local/bin/k3s-killall.sh
if which systemctl; then
systemctl disable k3s
systemctl reset-failed k3s
systemctl daemon-reload
fi
if which rc-update; then
rc-update delete k3s default
fi
rm -f /etc/systemd/system/k3s.service
rm -f /etc/systemd/system/k3s.service.env
remove_uninstall() {
rm -f /usr/local/bin/k3s-uninstall.sh
}
trap remove_uninstall EXIT
if (ls /etc/systemd/system/k3s*.service || ls /etc/init.d/k3s*) >/dev/null 2>&1; then
set +x; echo 'Additional k3s services installed, skipping uninstall of k3s'; set -x
exit
fi
for cmd in kubectl crictl ctr; do
if [ -L /usr/local/bin/$cmd ]; then
rm -f /usr/local/bin/$cmd
fi
done
rm -rf /etc/rancher/k3s
rm -rf /var/lib/rancher/k3s
rm -rf /var/lib/kubelet
rm -f /usr/local/bin/k3s
rm -f /usr/local/bin/k3s-killall.sh