Clean Up Kubernetes Cluster

This guide will walk you through purging an existing Kubernetes cluster.

Note

If you have already cleaned up your Kubernetes cluster, you may proceed to the Verify section.

Note

By following these instructions you will lose all Rok volumes residing on these nodes. However, you can restore them from the most recent Rok snapshots later on. See the Scale In Kubernetes Cluster section for more information.

What You’ll Need

Procedure

Choose one of the following options, based on your cloud provider.

  1. Delete the node groups of your cluster:

    root@rok-tools:~# aws cloudformation delete-stack \ > --stack-name ${EKS_NODEGROUP_CF_STACK?}
  2. Delete the Kubernetes cluster:

    root@rok-tools:~# aws eks delete-cluster --name ${EKS_CLUSTER?}
  1. List the user node pools of your AKS cluster:

    root@rok-tools:~# az aks nodepool list --cluster-name ${AKS_CLUSTER?} \ > --resource-group ${AZ_RESOURCE_GROUP?} \ > --query "[?mode=='User'].{name:name}" \ > --output tsv The behavior of this command has been altered by the following extension: aks-preview workers

    Troubleshooting

    The command failed with an authorization error

    If the above command fails with an error message similar to the following:

    The client '82a19692-1c50-4f24-b3e2-95675ddc5213' with object id '82a19692-1c50-4f24-b3e2-95675ddc5213' does not have authorization to perform action 'Microsoft.ContainerService/managedClusters/agentPools/read' over scope '/subscriptions/a8eb0222-2657-4a68-ae60-f06536139029/resourceGroups/arrikto/providers/Microsoft.ContainerService/managedClusters/arrikto-cluster' or the scope is invalid. If access was recently granted, please refresh your credentials.

    it means that your identity does not have sufficient permissions to list node pools.

    To proceed, make sure you have followed the Configure Azure CLI section to configure your Azure CLI with an identity that has either Owner or Reader permissions. If you do not have the required permissions, contact your administrator to grant them to your identity.

  2. Delete all node pools in the list above. To do that, repeat the following steps for each one of the node pools in the list.

    1. Pick a node pool from the list:

      root@rok-tools:~# export NODEPOOL=<NODEPOOL>
    2. Delete the node pool:

      root@rok-tools:~# az aks nodepool delete \ > --resource-group ${AZ_RESOURCE_GROUP?} \ > --cluster-name ${AKS_CLUSTER?} \ > --name ${NODEPOOL?}

      Troubleshooting

      The command failed with an authorization error

      If the above command fails with an error message similar to the following:

      (AuthorizationFailed) The client '0c799e27-a84f-41a2-a02b-236af002af99' with object id '0c799e27-a84f-41a2-a02b-236af002af99' does not have authorization to perform action 'Microsoft.ContainerService/managedClusters/agentPools/delete' over scope '/subscriptions/3b63afce-113a-4798-a303-f37dada04319/resourceGroups/arrikto/providers/Microsoft.ContainerService/managedClusters/arrikto-cluster/agentPools/workers' or the scope is invalid. If access was recently granted, please refresh your credentials.

      it means that your identity does not have sufficient permissions delete a node pool.

      To proceed, make sure you have followed the Configure Azure CLI section to configure your Azure CLI with an identity that has Owner permissions. If you only have Reader permissions, contact your administrator to grant Owner permissions to your identity or to delete the node pool for you.

    3. Go back to step 1, and repeat the steps for the remaining node pools.

  3. Delete the AKS cluster:

    root@rok-tools:~# az aks delete --name ${AKS_CLUSTER?} \ > --resource-group ${AZ_RESOURCE_GROUP?} --yes

    Troubleshooting

    The command failed with an authorization error

    If the above command fails with an error message similar to the following:

    (AuthorizationFailed) The client '0c799e27-a84f-41a2-a02b-236af002af99' with object id '0c799e27-a84f-41a2-a02b-236af002af99' does not have authorization to perform action 'Microsoft.ContainerService/managedClusters/delete' over scope '/subscriptions/3b63afce-113a-4798-a303-f37dada04319/resourceGroups/arrikto/providers/Microsoft.ContainerService/managedClusters/arrikto-cluster' or the scope is invalid. If access was recently granted, please refresh your credentials.

    it means that your identity does not have sufficient permissions to delete an AKS cluster.

    To proceed, make sure you have followed the Configure Azure CLI section to configure your Azure CLI with an identity that has Owner permissions. If you only have Reader permissions, contact your administrator to grant Owner permissions to your identity or to delete the AKS cluster for you.

This section is a work in progress.

Verify

Choose one of the following options, based on your cloud provider.

  1. Attempt to retrieve your cluster and verify it does not exist:

    root@rok-tools:~# aws eks describe-cluster --name ${EKS_CLUSTER?} An error occurred (ResourceNotFoundException) when calling the DescribeCluster operation: No cluster found for name: arrikto-cluster.
  1. Attempt to retrieve your AKS cluster and verify it does not exist:

    root@rok-tools:~# az aks show --resource-group ${AZ_RESOURCE_GROUP?} \ > --name ${AKS_CLUSTER?} The behavior of this command has been altered by the following extension: aks-preview (ResourceNotFound) The Resource 'Microsoft.ContainerService/managedClusters/arrikto-cluster' under resource group 'arrikto' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix

    Troubleshooting

    The command failed with an authorization error

    If the above command fails with an error message similar to the following:

    (AuthorizationFailed) The client '0c799e27-a84f-41a2-a02b-236af002af99' with object id '0c799e27-a84f-41a2-a02b-236af002af99' does not have authorization to perform action 'Microsoft.ContainerService/managedClusters/read' over scope '/subscriptions/3b63afce-113a-4798-a303-f37dada04319/resourceGroups/arrikto/providers/Microsoft.ContainerService/managedClusters/arrikto-cluster' or the scope is invalid. If access was recently granted, please refresh your credentials.

    it means that your identity does not have sufficient permissions to retrieve an AKS cluster.

    To proceed, make sure you have followed the Configure Azure CLI section to configure your Azure CLI with an identity that has either Owner or Reader permissions. If you do not have the required permissions, contact your administrator to grant them to your identity.

This section is a work in progress.

Summary

You have successfully deleted your Kubernetes cluster.

What’s Next

You can now perform a new installation of Rok.