public/rancher-docs
1
0
Fork 0
mirror of https://github.com/rancher/rancher-docs.git synced 2026-05-28 07:35:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Moving faq node cleaning to admin section

Browse Source
This commit is contained in:
Mark Bishop
2018-09-20 12:42:28 -07:00
parent 15ab2ecded
commit 70792f049e
3 changed files with 127 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files
content/rancher/v2.x/en/admin-settings/removing-rancher/_index.md
+7 -105
View File
@@ -1,112 +1,14 @@
---
title: Removing Rancher from Nodes
weight: 2000
draft: true
title: Removing Rancher
weight: 5000
---
There are two contexts in which you'd remove Rancher from a Kubernetes cluster node.
When you no longer have use for Rancher within a cluster and want to remove the Rancher management plane from your nodes, follow one of the sets of instructions below based on your [cluster type]({{< baseurl >}}/rancher/v2.x/en/cluster-provisioning/#cluster-creation-options). The method you'll use to remove Rancher changes based on the type of cluster.
## Hosted Kubernetes Providers
To remove Rancher from [nodes hosted on a Kubernetes Provider]({{< baseurl >}}/rancher/v2.x/en/cluster-provisioning/#hosted-kubernetes-cluster), simply delete them from Rancher. The cluster will remove Rancher components through the Norman API (Rancher's API framework).
<!-- MB 9/19: I know this is probably BS, but I need to confirm with a dev on how to remove Rancher from a hosted cluster -->
## Nodes Launched by RKE
For cluster nodes launched by RKE (i.e. nodes [hosted by an IaaS]({{< baseurl >}}/rancher/v2.x/en/cluster-provisioning/#node-pools) or [custom nodes]({{< baseurl >}}/rancher/v2.x/en/cluster-provisioning/#custom-nodes)), you can remove the Rancher management plane by downloading and running the [system-tools](https://github.com/rancher/system-tools/releases) for Rancher.
Running system-tools removes the following Rancher components from your nodes:
- The Rancher deployment.
- ClusterRoles and ClusterRoleBindings labeled by Rancher.
- Labels, annotations and finalizers from all resources on the management plane cluster.
- Machines, clusters, projects, and user custom resource definitions (CRDs) and corresponding namespaces.
- All resources created under the `management.cattle.io` API group.
- All CRDs created by Rancher 2.x.
- The Rancher deployment namespace, (i.e `cattle-system`).
### Using the System-Tool
System-tool is a utility that cleans up rancher projects. In this use case, it will help you remove the Rancher management plane from one of your cluster nodes.
#### Usage
>**Warning:** This command will remove data from your nodes. Make sure you have created a backup of files you want to keep before executing the command, as data will be lost.
```
system-tools remove [command options] [arguments...]
```
##### Options
| Option | Description |
| ---------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- |
| `--kubeconfig <$KUBECONFIG>, -c <$KUBECONFIG>` | The cluster's kubeconfig file absolute path (`<$KUBECONFIG>`). |
| `--namespace <NAMESPACE>, -n cattle-system` | Rancher 2.x deployment namespace (`<NAMESPACE>`). If no namespace is defined, the options defaults to `cattle-system`. |
| `--force` | Skips the the interactive removal confirmation and removes the Rancher deployment without prompt. |
## Imported Cluster
{{% tabs %}}
{{% tab "By UI / API" %}}
After you initiate the removal of an [imported cluster]({{< baseurl >}}/rancher/v2.x/en/cluster-provisioning/#import-existing-cluster) using the Rancher UI (or API), the following events occur.
>**Warning:** This process will remove data from your nodes. Make sure you have created a backup of files you want to keep before executing the command, as data will be lost.
1. Rancher creates a `serviceAccount` that it uses to remove the cluster. This account is assigned the [clusterRole](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole) and [clusterRoleBinding](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#rolebinding-and-clusterrolebinding) permissions, which are required to remove the cluster.
1. Using the `serviceAccount`, Rancher schedules and runs a [job](https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/) that cleans the Rancher and Kubernetes components off of the node. This job also references the `serviceAccount` and its roles as dependencies, so the job deletes them before its completion. This process:
- Removes the `cattle-system` namespace from the cluster.
- Removes the `serviceAccount`, `clusterRole`, and `clusterRole` resources.
- Cleans up all remaining namespaces in the cluster (i.e., removes finalizers, annotations, and labels).
>**Using 2.0.7 or Earlier?**
>
>These versions of Rancher do not automatically delete the `serviceAccount`, `clusterRole`, and `clusterRole` resources after the job runs. You'll have to delete them yourself.
1. Rancher is removed from the cluster nodes. However, the cluster persists, running the native version of Kubernetes.
{{% /tab %}}
{{% tab "By Script" %}}
Rather than cleaning
>**Prerequisite:**
>
>Install [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/).
1. Open a web browser, navigate to [GitHub](https://github.com/rancher/rancher/blob/master/cleanup/user-cluster.sh), and download `user-cluster.sh`.
1. Open kubectl.
1. Using kubectl, make the script executable by running the following command from the same directory as `user-cluster.sh`:
```
chmod +x user-cluster.sh
```
1. **Air Gap Users Only:** Open `user-cluster.sh` and replace `yaml_url` with the URL in `user-cluster.yml`.
If you aren't an air gap user, skip this step.
1. From the same directory, run the script:
>**Tip:**
>
>Add the `-dry-run` flag to preview the script's outcome without making changes.
```
./user-cluster.sh rancher/agent:latest
```
{{% /tab %}}
{{% /tabs %}}
- [Removing Rancher from Your Rancher Cluster Nodes]({{< baseurl >}}/rancher/v2.x/en/admin-settings/removing-rancher/rancher-cluster-nodes/)
In this context, you are removing Rancher from the Kubernetes cluster that your configured for your Rancher installation.
- [Removing Rancher from User Cluster Nodes]({{< baseurl >}}/rancher/v2.x/en/admin-settings/removing-rancher/user-cluster-nodes/)
In this context, you are removing Rancher from Kubernetes clusters that you provisioned using Rancher.
content/rancher/v2.x/en/faq/cleaning-cluster-nodes/_index.md → content/rancher/v2.x/en/admin-settings/removing-rancher/rancher-cluster-nodes/_index.md
+16 -15
View File
@@ -1,17 +1,18 @@
---
title: Cleaning cluster nodes
title: Removing Rancher from Your Rancher Cluster Nodes
weight: 375
aliases:
- /rancher/v2.x/en/installation/removing-rancher/cleaning-cluster-nodes/
- /rancher/v2.x/en/installation/removing-rancher/
- /rancher/v2.x/en/faq/cleaning-cluster-nodes
---
When adding a node to a cluster, resources (containers/(virtual) network interfaces) and configuration items (certificates/configuration files) are created. When removing a node from a cluster (if it is in `Active` state), those resources will be automatically cleaned and the only action needed is to restart the node. When a node has become unreachable and the automatic cleanup process cannot be used, we describe the steps that need to be executed before the node can be added to a cluster again.
## Removing a node from a cluster via Rancher UI
## Removing A Node from a Cluster by Rancher UI
When the node is in `Active` state, removing the node from a cluster will trigger a process to clean up the node. Please restart the node after the automatic cleanup process is done to make sure any non-persistent data is properly removed.
* How to restart a node
**To restart a node:**
```
# using reboot
@@ -21,17 +22,17 @@ reboot
shutdown -r now
```
## Cleaning a node manually
## Cleaning a Node Manually
When a node is unreachable and removed from the cluster, the automatic cleaning process can't be triggered because the node is unreachable. Please follow the steps below to manually clean the node.
>**Warning:** The commands listed below will remove data from the node. Make sure you have created a backup of files you want to keep before executing any of the commands as data will be lost.
### Docker containers, images and volumes
### Docker Containers, Images, and Volumes
Based on what role you assigned to the node, Kubernetes components in containers, containers belonging to overlay networking, DNS, ingress controller and Rancher agent. (and pods you created that have been scheduled to this node)
* How to clean all Docker containers, images and volumes:
**To clean all Docker containers, images and volumes:**
```
docker rm -f $(docker ps -qa)
@@ -49,13 +50,13 @@ Mounts |
`/var/lib/kubelet` |
`/var/lib/rancher` |
* How to unmount all mounts:
**To unmount all mounts:**
```
for mount in $(mount | grep tmpfs | grep '/var/lib/kubelet' | awk '{ print $3 }') /var/lib/kubelet /var/lib/rancher; do umount $mount; done
```
### Directories and files
### Directories and Files
The following directories are used when adding a node to a cluster, and should be removed. You can remove a directory using `rm -rf /directory_name`.
@@ -80,7 +81,7 @@ Directories |
`/var/log/pods` |
`/var/run/calico` |
* How to clean the directories:
**To clean the directories:**
```
rm -rf /etc/ceph \
@@ -101,13 +102,13 @@ rm -rf /etc/ceph \
/var/run/calico
```
### Network interfaces and iptables
### Network Interfaces and Iptables
The remaining two components that are changed/configured are (virtual) network interfaces and iptables rules. Both are non-persistent to the node, meaning that they will be cleared after a restart of the node.
This is the recommended method.
* How to restart a node
**To restart a node:**
```
# using reboot
@@ -119,7 +120,7 @@ shutdown -r now
If you want to know more on (virtual) network interfaces or iptables rules, please see the specific subjects below.
### Network interfaces
### Network Interfaces
>**Note:** Depending on the network provider configured for the cluster the node was part of, some of the interfaces will or won't be present on the node.
@@ -131,7 +132,7 @@ Interfaces |
`caliXXXXXXXXXXX` (random interface names) |
`vethXXXXXXXX` (random interface names) |
* How to list all interfaces:
**To list all interfaces:**
```
# Using ip
@@ -141,7 +142,7 @@ ip address show
ifconfig -a
```
* How to remove an interface:
*To remove an interface:*
```
ip link delete interface_name
@@ -180,7 +181,7 @@ Chains |
`KUBE-SERVICES` |
`KUBE-SVC-XXXXXXXXXXXXXXXX` (random chain names) |
* How to list all iptables rules
**To list all iptables rules:**
```
iptables -L -t nat
content/rancher/v2.x/en/admin-settings/removing-rancher/user-cluster-nodes/_index.md
+104
View File
@@ -0,0 +1,104 @@
---
title: Removing Rancher from User Cluster Nodes
weight: 2000
draft: true
---
When you no longer have use for Rancher in a cluster that you've [provisioned using Rancher]({{< baseurl >}}rancher/v2.x/en/cluster-provisioning/#cluster-creation-in-rancher), and you want to remove Rancher from its nodes, follow one of the sets of instructions below based on your [cluster type]({{< baseurl >}}/rancher/v2.x/en/cluster-provisioning/#cluster-creation-options). The method you'll use to remove Rancher changes based on the type of cluster.
## Hosted Kubernetes Providers
To remove Rancher from , simply delete them from Rancher. The cluster will remove Rancher components through the Norman API (Rancher's API framework).
<!-- MB 9/19: I know this is probably BS, but I need to confirm with a dev on how to remove Rancher from a hosted cluster -->
## Nodes Launched by RKE / Nodes Hosted by a Provider
For clusters nodes provisioned using the following options, you can remove Rancher by downloading and running the Rancher [system-tools](https://github.com/rancher/system-tools/releases):
- [Nodes hosted by an IaaS]({{< baseurl >}}/rancher/v2.x/en/cluster-provisioning/#node-pools)
- [Custom nodes]({{< baseurl >}}/rancher/v2.x/en/cluster-provisioning/#custom-nodes)
- [Nodes hosted by a Kubernetes Provider]({{< baseurl >}}/rancher/v2.x/en/cluster-provisioning/#hosted-kubernetes-cluster)
### Using the System-Tool
System-tool is a utility that cleans up rancher projects. In this use case, it will help you remove the Rancher management plane from your cluster nodes.
#### Usage
>**Warning:** This command will remove data from your nodes. Make sure you have created a backup of files you want to keep before executing the command, as data will be lost.
```
system-tools remove [command options] [arguments...]
```
##### Options
| Option | Description |
| ---------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- |
| `--kubeconfig <$KUBECONFIG>, -c <$KUBECONFIG>` | The cluster's kubeconfig file absolute path (`<$KUBECONFIG>`). |
| `--namespace <NAMESPACE>, -n cattle-system` | Rancher 2.x deployment namespace (`<NAMESPACE>`). If no namespace is defined, the options defaults to `cattle-system`. |
| `--force` | Skips the the interactive removal confirmation and removes the Rancher deployment without prompt. |
## Imported Cluster
{{% tabs %}}
{{% tab "By UI / API" %}}
After you initiate the removal of an [imported cluster]({{< baseurl >}}/rancher/v2.x/en/cluster-provisioning/#import-existing-cluster) using the Rancher UI (or API), the following events occur.
>**Warning:** This process will remove data from your nodes. Make sure you have created a backup of files you want to keep before executing the command, as data will be lost.
1. Rancher creates a `serviceAccount` that it uses to remove the cluster. This account is assigned the [clusterRole](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole) and [clusterRoleBinding](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#rolebinding-and-clusterrolebinding) permissions, which are required to remove the cluster.
1. Using the `serviceAccount`, Rancher schedules and runs a [job](https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/) that cleans the Rancher and Kubernetes components off of the node. This job also references the `serviceAccount` and its roles as dependencies, so the job deletes them before its completion. This process:
- Removes the `cattle-system` namespace from the cluster.
- Removes the `serviceAccount`, `clusterRole`, and `clusterRole` resources.
- Cleans up all remaining namespaces in the cluster (i.e., removes finalizers, annotations, and labels).
>**Using 2.0.7 or Earlier?**
>
>These versions of Rancher do not automatically delete the `serviceAccount`, `clusterRole`, and `clusterRole` resources after the job runs. You'll have to delete them yourself.
1. Rancher is removed from the cluster nodes. However, the cluster persists, running the native version of Kubernetes.
{{% /tab %}}
{{% tab "By Script" %}}
Rather than cleaning
>**Prerequisite:**
>
>Install [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/).
1. Open a web browser, navigate to [GitHub](https://github.com/rancher/rancher/blob/master/cleanup/user-cluster.sh), and download `user-cluster.sh`.
1. Open kubectl.
1. Using kubectl, make the script executable by running the following command from the same directory as `user-cluster.sh`:
```
chmod +x user-cluster.sh
```
1. **Air Gap Users Only:** Open `user-cluster.sh` and replace `yaml_url` with the URL in `user-cluster.yml`.
If you aren't an air gap user, skip this step.
1. From the same directory, run the script:
>**Tip:**
>
>Add the `-dry-run` flag to preview the script's outcome without making changes.
```
./user-cluster.sh rancher/agent:latest
```
{{% /tab %}}
{{% /tabs %}}