Clean Up Storage

This guide will walk you through cleaning up the snapshot data of a Rok cluster.

Note

If you have already cleaned up the snapshot data of Rok, you may proceed to the Verify section.

What You’ll Need

Procedure

Choose one of the following options, based on your cloud provider.

  1. Run the following command inside your management environment to delete the S3 buckets containing the snapshot data of your Rok cluster:

    root@rok-tools:~# rok-s3-bucket-purge --bucket-prefix ${AWS_S3_BUCKET_PREFIX?}
  1. Run the following command inside your management environment to delete the storage account that Rok uses:

    root@rok-tools:~# az storage account delete --name ${STORAGE_ACCOUNT_NAME?} --yes

    Troubleshooting

    The command failed with an authorization error

    If the above command fails with an error message similar to the following:

    (AuthorizationFailed) The client '0c799e27-a84f-41a2-a02b-236af002af99' with object id '0c799e27-a84f-41a2-a02b-236af002af99' does not have authorization to perform action 'Microsoft.Storage/storageAccounts/delete' over scope '/subscriptions/3b63afce-113a-4798-a303-f37dada04319/resourceGroups/arrikto/providers/Microsoft.Storage/storageAccounts/roka8eb022arriktoarrikto' or the scope is invalid. If access was recently granted, please refresh your credentials.

    it means that your identity does not have sufficient permissions to delete a storage account.

    To proceed, make sure you have followed the Configure Azure CLI section to configure your Azure CLI with an identity that has Owner permissions. If you only have Reader permissions, contact your administrator to grant Owner permissions to your identity or to delete the storage account for you.

This section is a work in progress.

Verify

Choose one of the following options, based on your cloud provider.

  1. List all S3 buckets with your cluster bucket prefix and verify the command produces no output:

    root@rok-tools:~# aws s3 ls | cut -d " " -f 3 | grep ^${AWS_S3_BUCKET_PREFIX?}
  1. Attempt to retrieve the Rok storage account and verify it does not exist:

    root@rok-tools:~# az storage account show --name ${STORAGE_ACCOUNT_NAME?} Storage account 'roka8eb022arriktoarrikto' not found.

    Troubleshooting

    The command failed with an authorization error

    If the above command fails with an error message similar to the following:

    (AuthorizationFailed) The client '0c799e27-a84f-41a2-a02b-236af002af99' with object id '0c799e27-a84f-41a2-a02b-236af002af99' does not have authorization to perform action 'Microsoft.Storage/storageAccounts/read' over scope '/subscriptions/3b63afce-113a-4798-a303-f37dada04319/resourceGroups/arrikto/providers/Microsoft.Storage/storageAccounts/roka8eb022arriktoarrikto' or the scope is invalid. If access was recently granted, please refresh your credentials.

    it means that your identity does not have sufficient permissions to retrieve a storage account.

    To proceed, make sure you have followed the Configure Azure CLI section to configure your Azure CLI with an identity that has either Owner or Reader permissions. If you do not have the required permissions, contact your administrator to grant them to your identity.

This section is a work in progress.

Summary

You have successfully purged all buckets containing the snapshot data of your Rok cluster.

What’s Next

The next step is to clean up the cloud identity resources of Rok.