Preface
Starting from v2.5, Rancher supports the installation of Rancher HA on any standard K8s distribution certified by CNCF. This cluster can use upstream Kubernetes, or one of Rancher's Kubernetes distributions, or it can be provided by Amazon EKS, etc. A managed Kubernetes cluster of a provider. Regardless of the type of cluster installed, Rancher recommends using an independent K8S/K3S cluster as the local cluster of Rancher HA, so that Rancher HA will not affect each other with the business cluster.
If you uninstall Rancher HA on an independent Local cluster, the general approach is to delete the Local cluster to achieve the purpose of uninstalling Rancher HA. The advantage of this is that it is simpler and data cleaning is more thorough.
However, some users install Rancher HA on certain business or production clusters. In this case, they cannot uninstall Rancher HA by removing the Local cluster. We need to find a way to uninstall Rancher HA without affecting the operation of the Local cluster.
Rancher provides a tool to uninstall Rancher HA: system-tools. We can use system-tools to remove the namespace and other resources generated by Rancher HA. Executing the remove command will remove the following resources:
- The namespace deployed by Rancher, the default name is cattle-system.
- Rancher's serviceAccount, marked by the tag of cattle.io/creator:norman,
clusterRoles and clusterRoleBindings. - All resources and resources created using Rancher v2.1.0 or later will be tagged with cattle.io/creator:norman.
- Labels、annotations、finalizers。
- Rancher Deployment。
- CRDs related to clusters, projects, and users.
- All resources created in the management.cattle.io API Group.
All CRDs created with Rancher v2.x.
However, system-tools has been in disrepair for a long time (the last update was on April 11, 2019), and some new namespace and other resources added for subsequent Rancher versions have not been removed, so we don’t have a way to uninstall it on the local cluster. Drop Rancher HA.
Uninstall Rancher HA
In order to completely uninstall Rancher HA on the Local cluster, we can first filter out which namesaces are created by Rancher HA, and then delete the corresponding system-tools remove --kubeconfig <$KUBECONFIG> --namespace <NAMESPACE> 160ef030094479 The namespace and related resources. After testing, it is found that after the namespace is removed through system-tools, the status of the namespace is always Terminating, and it is necessary to manually remove the .spec.finalizers and .metadata.finalizers before the namespace can be completely deleted.
To this end, the author prepared a shell script to complete the above deletion process:
note:
- This script is only tested on Rancher v2.5.8, and theoretically all v2.5.x series versions are supported. Other versions (for example: 2.4.x) need to modify the corresponding NS parameter in step 4 to set the namespace to be deleted
- This script has been verified on the local clusters k3s and rke clusters. If the local cluster is other K8s clusters, you need to confirm the corresponding NS parameters in step 4 to set the namespace to be deleted
- Rancher HA will create namespaces starting with c-, p-, and user-, which do not require user attention. When cattle-system is removed through system-tools, these namespaces will be removed automatically
1. Download the script
root@ip-172-31-22-79:~# wget https://raw.githubusercontent.com/kingsd041/some_script/master/remove-rancher-ha/remove_r_ha.sh2. Install kubectl, jq, system-tools on the host, and create a kubeconfig file.
3. Edit the script and set the KUBE_CONFIG directory
KUBE_CONFIG='/root/.kube/config'4. Edit the script to confirm whether the namespace set by the NS variable is the namespace to be deleted, so as to avoid deleting the namespace by mistake.
NS="cattle-system|*fleet*|rancher-operator-system|cattle-global-nt|cattle-global-data"5. Execute the script to uninstall Rancher HA
root@ip-172-31-22-79:~# ./remove_r_ha.sh
cattle-system
cattle-global-data
cattle-global-nt
rancher-operator-system
fleet-clusters-system
fleet-local
cluster-fleet-local-local-1a3d67d0a899
fleet-system
fleet-default
cluster-fleet-default-c-9zwzq-dd029f17f988
Are you sure to remove the above namespace? [y/n] y
INFO[0000] Removing Rancher management plane in namespace: [cattle-system]
INFO[0000] Getting connection configuration
INFO[0000] Removing Cattle deployment
INFO[0000] Removed Cattle deployment succuessfully
INFO[0000] Removing ClusterRoleBindings
...
...In about 5 minutes, the script execution is complete. At this point, you can use kubectl get ns to confirm whether Rancher HA is uninstalled:
root@ip-172-31-22-79:~# kubectl get ns
NAME STATUS AGE
kube-public Active 65m
default Active 65m
kube-node-lease Active 65m
kube-system Active 65mpostscript
Although Rancher v2.5 can install Rancher HA on any CNCF-certified K8s cluster, it is still recommended that you install Rancher HA on a separate Local cluster in the production environment, so as to prevent Rancher HA and business clusters from interacting with each other. influences. If you install Rancher HA on the business K8s cluster, you can use the method in this article to uninstall Rancher HA perfectly, without any impact on the original cluster.
Thanks
Thanks to IT old boy's blog post: Forcibly delete the namespace in Terminating state
(Original link: https://www.xtplayer.cn/kubernetes/forces-delete-terminated-namespace/)
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。