From dcb810676ce649f9c67267edeef627825c5a3d06 Mon Sep 17 00:00:00 2001 From: Mark Bishop Date: Mon, 17 Sep 2018 15:30:07 -0700 Subject: [PATCH] adding more content about script --- .../admin-settings/removing-rancher/_index.md | 48 ++++++++++++++- .../removing-rancher/user-cluster.sh | 61 +++++++++++++++++++ 2 files changed, 107 insertions(+), 2 deletions(-) create mode 100644 content/rancher/v2.x/en/admin-settings/removing-rancher/user-cluster.sh diff --git a/content/rancher/v2.x/en/admin-settings/removing-rancher/_index.md b/content/rancher/v2.x/en/admin-settings/removing-rancher/_index.md index 99def8d7d57..1994c8ecec9 100644 --- a/content/rancher/v2.x/en/admin-settings/removing-rancher/_index.md +++ b/content/rancher/v2.x/en/admin-settings/removing-rancher/_index.md @@ -14,6 +14,8 @@ draft: true ### Imported Cluster +{{% tabs %}} +{{% tab "By UI / API" %}} After you initiate the removal of an imported cluster using the Rancher UI (or API), the following events occur. 1. Rancher creates a `serviceAccount` that it uses to remove the cluster. This account is assigned the [clusterRole](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole) and [clusterRoleBinding](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#rolebinding-and-clusterrolebinding) permissions, which are required to remove the cluster. @@ -21,10 +23,52 @@ After you initiate the removal of an imported cluster using the Rancher UI (or A 1. Using the `serviceAccount`, Rancher schedules and runs a [job](https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/) that cleans the Rancher and Kubernetes components off of the node. This job also references the `serviceAccount` and its roles as dependencies, so the job deletes them before its completion. This process: - Removes the `cattle-system` namespace from the cluster. - - Cleans up all remaining namespaces in the cluster (i.e., removes finalizers, annotations, and labels) + - Removes the `serviceAccount`, `clusterRole`, and `clusterRole` resources. + - Cleans up all remaining namespaces in the cluster (i.e., removes finalizers, annotations, and labels). >**Using 2.0.7 or Earlier?** > >These versions of Rancher do not automatically delete the `serviceAccount`, `clusterRole`, and `clusterRole` resources after the job runs. You'll have to delete them yourself. -1. Rancher is removed from the cluster nodes. However, the cluster persists, running the native version of Kubernetes. \ No newline at end of file +1. Rancher is removed from the cluster nodes. However, the cluster persists, running the native version of Kubernetes. +{{% /tab %}} +{{% tab "By Script" %}} +Rather than cleaning + +>**Prerequisite:** +> +>Install [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/). + +1. Open a web browser, navigate to [GitHub](https://github.com/rancher/rancher/blob/master/cleanup/user-cluster.sh), and download `user-cluster.sh`. + +1. Open kubectl. + +1. Using kubectl, make the script executable by running the following command from the same directory as `user-cluster.sh`: + + ``` + chmod +x user-cluster.sh + ``` + +1. **Air Gap Users Only:** Open `user-cluster.sh` and replace `yaml_url` with the URL in `user-cluster.yml`. + + If you aren't an air gap user, skip this step. + +1. From the same directory, run the script: + + >**Tip:** + > + >Add the `-dry-run` flag to preview the script's outcome without making changes. + + ``` + ./user-cluster.sh rancher/agent:latest + ``` + + + +{{% /tab %}} + +{{% /tabs %}} + + + +### \ No newline at end of file diff --git a/content/rancher/v2.x/en/admin-settings/removing-rancher/user-cluster.sh b/content/rancher/v2.x/en/admin-settings/removing-rancher/user-cluster.sh new file mode 100644 index 00000000000..2b5bc2e7aac --- /dev/null +++ b/content/rancher/v2.x/en/admin-settings/removing-rancher/user-cluster.sh @@ -0,0 +1,61 @@ +#!/bin/bash +# set -x +set -e + +# Location of the yaml to use to deploy the cleanup job +yaml_url=https://raw.githubusercontent.com/rancher/rancher/master/cleanup/user-cluster.yml + +# 120 is equal to a minute as the sleep is half a second +timeout=120 + +# Agent image to use in the yaml file +agent_image="$1" + +show_usage() { + echo -e "Usage: $0 [AGENT_IMAGE] [FLAGS]" + echo "AGENT_IMAGE is a required argument" + echo "" + echo "Flags:" + echo -e "\t-dry-run Display the resources that would will be updated without making changes" +} + +if [ $# -lt 1 ] +then + show_usage + exit 1 +fi + +if [[ $1 == "-h" ||$1 == "--help" ]] +then + show_usage + exit 0 +fi + +# Pull the yaml and replace the agent_image holder with the passed in image +yaml=$(curl --insecure -sfL $yaml_url | sed -e 's=agent_image='"$agent_image"'=') + +if [ "$2" = "-dry-run" ] +then + # Uncomment the env var for dry-run mode + yaml=$(sed -e 's/# // ' <<< "$yaml") +fi + +echo "$yaml" | kubectl --kubeconfig ~/development/kube_config_cluster.yml apply -f - + +# Get the pod ID to tail the logs +pod_id=$(kubectl --kubeconfig ~/development/kube_config_cluster.yml get pod -l job-name=cattle-cleanup-job -o jsonpath="{.items[0].metadata.name}") + +declare -i count=0 +until kubectl --kubeconfig ~/development/kube_config_cluster.yml logs $pod_id -f +do + if [ $count -gt $timeout ] + then + echo "Timout reached, check the job by running kubectl get jobs" + exit 1 + fi + sleep 0.5 + count+=1 +done + +# Cleanup after it completes successfully +echo "$yaml" | kubectl --kubeconfig ~/development/kube_config_cluster.yml delete -f - \ No newline at end of file