Clean Up Kubernetes Cluster¶
This guide will walk you through purging an existing Kubernetes cluster.
Note
If you have already cleaned up your Kubernetes cluster, you may proceed to the Verify section.
Note
By following these instructions you will lose all Rok volumes residing on these nodes. However, you can restore them from the most recent Rok snapshots later on. See the Scale In Kubernetes Cluster section for more information.
Overview
What You’ll Need¶
- A configured management environment.
- An existing Kubernetes cluster.
Procedure¶
Choose one of the following options, based on your cloud provider.
Delete the node groups of your cluster:
root@rok-tools:~# aws cloudformation delete-stack \ > --stack-name ${EKS_NODEGROUP_CF_STACK?}Delete the Kubernetes cluster:
root@rok-tools:~# aws eks delete-cluster --name ${EKS_CLUSTER?}
List the user node pools of your AKS cluster:
root@rok-tools:~# az aks nodepool list --cluster-name ${AKS_CLUSTER?} \ > --resource-group ${AZ_RESOURCE_GROUP?} \ > --query "[?mode=='User'].{name:name}" \ > --output tsv The behavior of this command has been altered by the following extension: aks-preview workersTroubleshooting
The command failed with an authorization error
If the above command fails with an error message similar to the following:
The client '82a19692-1c50-4f24-b3e2-95675ddc5213' with object id '82a19692-1c50-4f24-b3e2-95675ddc5213' does not have authorization to perform action 'Microsoft.ContainerService/managedClusters/agentPools/read' over scope '/subscriptions/a8eb0222-2657-4a68-ae60-f06536139029/resourceGroups/arrikto/providers/Microsoft.ContainerService/managedClusters/arrikto-cluster' or the scope is invalid. If access was recently granted, please refresh your credentials.it means that your identity does not have sufficient permissions to list node pools.
To proceed, make sure you have followed the Configure Azure CLI section to configure your Azure CLI with an identity that has either
Owner
orReader
permissions. If you do not have the required permissions, contact your administrator to grant them to your identity.Delete all node pools in the list above. To do that, repeat the following steps for each one of the node pools in the list.
Pick a node pool from the list:
root@rok-tools:~# export NODEPOOL=<NODEPOOL>Delete the node pool:
root@rok-tools:~# az aks nodepool delete \ > --resource-group ${AZ_RESOURCE_GROUP?} \ > --cluster-name ${AKS_CLUSTER?} \ > --name ${NODEPOOL?}Troubleshooting
The command failed with an authorization error
If the above command fails with an error message similar to the following:
(AuthorizationFailed) The client '0c799e27-a84f-41a2-a02b-236af002af99' with object id '0c799e27-a84f-41a2-a02b-236af002af99' does not have authorization to perform action 'Microsoft.ContainerService/managedClusters/agentPools/delete' over scope '/subscriptions/3b63afce-113a-4798-a303-f37dada04319/resourceGroups/arrikto/providers/Microsoft.ContainerService/managedClusters/arrikto-cluster/agentPools/workers' or the scope is invalid. If access was recently granted, please refresh your credentials.it means that your identity does not have sufficient permissions delete a node pool.
To proceed, make sure you have followed the Configure Azure CLI section to configure your Azure CLI with an identity that has
Owner
permissions. If you only haveReader
permissions, contact your administrator to grantOwner
permissions to your identity or to delete the node pool for you.Go back to step 1, and repeat the steps for the remaining node pools.
Delete the AKS cluster:
root@rok-tools:~# az aks delete --name ${AKS_CLUSTER?} \ > --resource-group ${AZ_RESOURCE_GROUP?} --yesTroubleshooting
The command failed with an authorization error
If the above command fails with an error message similar to the following:
(AuthorizationFailed) The client '0c799e27-a84f-41a2-a02b-236af002af99' with object id '0c799e27-a84f-41a2-a02b-236af002af99' does not have authorization to perform action 'Microsoft.ContainerService/managedClusters/delete' over scope '/subscriptions/3b63afce-113a-4798-a303-f37dada04319/resourceGroups/arrikto/providers/Microsoft.ContainerService/managedClusters/arrikto-cluster' or the scope is invalid. If access was recently granted, please refresh your credentials.it means that your identity does not have sufficient permissions to delete an AKS cluster.
To proceed, make sure you have followed the Configure Azure CLI section to configure your Azure CLI with an identity that has
Owner
permissions. If you only haveReader
permissions, contact your administrator to grantOwner
permissions to your identity or to delete the AKS cluster for you.
Verify¶
Choose one of the following options, based on your cloud provider.
Attempt to retrieve your cluster and verify it does not exist:
root@rok-tools:~# aws eks describe-cluster --name ${EKS_CLUSTER?} An error occurred (ResourceNotFoundException) when calling the DescribeCluster operation: No cluster found for name: arrikto-cluster.
Attempt to retrieve your AKS cluster and verify it does not exist:
root@rok-tools:~# az aks show --resource-group ${AZ_RESOURCE_GROUP?} \ > --name ${AKS_CLUSTER?} The behavior of this command has been altered by the following extension: aks-preview (ResourceNotFound) The Resource 'Microsoft.ContainerService/managedClusters/arrikto-cluster' under resource group 'arrikto' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFixTroubleshooting
The command failed with an authorization error
If the above command fails with an error message similar to the following:
(AuthorizationFailed) The client '0c799e27-a84f-41a2-a02b-236af002af99' with object id '0c799e27-a84f-41a2-a02b-236af002af99' does not have authorization to perform action 'Microsoft.ContainerService/managedClusters/read' over scope '/subscriptions/3b63afce-113a-4798-a303-f37dada04319/resourceGroups/arrikto/providers/Microsoft.ContainerService/managedClusters/arrikto-cluster' or the scope is invalid. If access was recently granted, please refresh your credentials.it means that your identity does not have sufficient permissions to retrieve an AKS cluster.
To proceed, make sure you have followed the Configure Azure CLI section to configure your Azure CLI with an identity that has either
Owner
orReader
permissions. If you do not have the required permissions, contact your administrator to grant them to your identity.
Summary¶
You have successfully deleted your Kubernetes cluster.