# WARNING: This playbook will erase the entire k8s-cluster, include PODs, ETCD data etc. # Make sure you know what you are doing. # to clean 'kube-node' nodes - hosts: - kube-master - new-master - kube-node - new-node tasks: - name: stop and disable kube-node service service: name={{ item }} state=stopped enabled=no with_items: - kubelet - kube-proxy ignore_errors: true - name: umount kubelet filesystems shell: "mount | grep '/var/lib/kubelet'| awk '{print $3}'|xargs umount" ignore_errors: true - name: remove files and dirs of 'kube-node' nodes file: name={{ item }} state=absent with_items: - "/var/lib/kubelet/" - "/var/lib/kube-proxy/" - "/etc/systemd/system/kubelet.service" - "/etc/systemd/system/kube-proxy.service" - "/opt/kube/kube-system/" # to clean 'kube-master' nodes - hosts: - kube-master - new-master tasks: - name: stop and disable kube-master service service: name={{ item }} state=stopped enabled=no with_items: - kube-apiserver - kube-controller-manager - kube-scheduler ignore_errors: true - name: remove files and dirs of 'kube-master' nodes file: name={{ item }} state=absent with_items: - "/var/run/kubernetes" - "/etc/systemd/system/kube-apiserver.service" - "/etc/systemd/system/kube-controller-manager.service" - "/etc/systemd/system/kube-scheduler.service" # to clean docker service and networking - hosts: - kube-master - new-master - kube-node - new-node tasks: - name: clean 'kube-router' stuff shell: "{{ bin_dir }}/docker run --privileged --net=host cloudnativelabs/kube-router --cleanup-config" ignore_errors: true when: "CLUSTER_NETWORK == 'kube-router'" - name: stop and disable docker service service: name: docker state: stopped enabled: no ignore_errors: true # as k8s-network-plugins use host-network, '/var/run/docker/netns/default' must be umounted - name: unmount docker filesystem-1 mount: path=/var/run/docker/netns/default state=unmounted - name: unmount docker filesystem-2 mount: path=/var/lib/docker/overlay state=unmounted - name: remove files and dirs file: name={{ item }} state=absent with_items: - "/etc/cni/" - "/root/.kube/" - "/run/flannel/" - "/etc/calico/" - "/var/run/calico/" - "/var/lib/calico/" - "/var/log/calico/" - "/etc/cilium/" - "/var/run/cilium/" - "/sys/fs/bpf/tc/" - "/var/lib/cni/" - "/var/lib/docker/" - "/var/lib/kube-router/" - "/var/run/docker/" - "/etc/systemd/system/calico-node.service" - "/etc/systemd/system/docker.service" - "/etc/systemd/system/docker.service.requires/" - "/opt/kube/kube-system/" - "/etc/bash_completion.d/docker" ignore_errors: true - name: cleanup iptables shell: "iptables -F && iptables -X \ && iptables -F -t nat && iptables -X -t nat \ && iptables -F -t raw && iptables -X -t raw \ && iptables -F -t mangle && iptables -X -t mangle" - name: cleanup networks shell: "ip link del docker0; \ ip link del tunl0; \ ip link del flannel.1; \ ip link del cni0; \ ip link del mynet0; \ ip link del kube-bridge; \ ip link del dummy0; \ ip link del kube-ipvs0; \ ip link del cilium_net; \ ip link del cilium_vxlan; \ systemctl restart networking; \ systemctl restart network" ignore_errors: true - name: cleanup 'calico' routes shell: "for rt in `ip route|grep bird|sed 's/blackhole//'|awk '{print $1}'`;do ip route del $rt;done;" when: "CLUSTER_NETWORK == 'calico'" ignore_errors: true # to clean 'etcd' nodes - hosts: etcd tasks: - name: stop and disable etcd service service: name: etcd state: stopped enabled: no ignore_errors: true - name: remove files and dirs file: name={{ item }} state=absent with_items: - "/var/lib/etcd" - "/etc/etcd/" - "/backup/k8s" - "/etc/systemd/system/etcd.service" # to clean 'lb' nodes - hosts: lb tasks: - name: stop keepalived service shell: systemctl disable keepalived && systemctl stop keepalived ignore_errors: true - name: stop haproxy service shell: systemctl disable haproxy && systemctl stop haproxy ignore_errors: true - name: remove files and dirs file: name={{ item }} state=absent with_items: - "/etc/haproxy" - "/etc/keepalived" # to clean ntp, certs and keys, env path - hosts: - kube-master - new-master - kube-node - new-node - deploy - etcd - lb tasks: - name: stop and disable chrony service: name={{ item }} state=stopped enabled=no with_items: - chrony - chronyd ignore_errors: true tags: rm_ntp - name: clean certs and keys file: name={{ item }} state=absent with_items: - "/etc/kubernetes/" - "{{ ca_dir }}" - "/root/.kube/" - "/etc/docker/" - name: clean 'ENV PATH' lineinfile: dest: ~/.bashrc state: absent regexp: '{{ item }}' with_items: - 'kubeasz' - 'helm' - 'kubectl completion'