summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKenny Woodson <kwoodson@redhat.com>2018-02-05 09:42:38 -0500
committerGitHub <noreply@github.com>2018-02-05 09:42:38 -0500
commit2c3803772e0ca31443c8e8deb215c0b771df7ee0 (patch)
treed45a01eb6fb0186e1345fd9c58185a01dc5d7bc6
parent26caf813c55a090279260436ec315d8331bcc2e4 (diff)
parentf6afef5ca361340e31807919eeef255df75b17d3 (diff)
downloadopenshift-2c3803772e0ca31443c8e8deb215c0b771df7ee0.tar.gz
openshift-2c3803772e0ca31443c8e8deb215c0b771df7ee0.tar.bz2
openshift-2c3803772e0ca31443c8e8deb215c0b771df7ee0.tar.xz
openshift-2c3803772e0ca31443c8e8deb215c0b771df7ee0.zip
Merge pull request #6985 from joelddiaz/deprovision_s3_buckets
add S3 bucket cleanup
-rw-r--r--playbooks/aws/README.md10
-rw-r--r--playbooks/aws/openshift-cluster/uninstall_s3.yml10
-rw-r--r--roles/openshift_aws/defaults/main.yml5
-rw-r--r--roles/openshift_aws/tasks/uninstall_s3.yml26
4 files changed, 48 insertions, 3 deletions
diff --git a/playbooks/aws/README.md b/playbooks/aws/README.md
index bdc98d1e0..cf811ca84 100644
--- a/playbooks/aws/README.md
+++ b/playbooks/aws/README.md
@@ -201,9 +201,7 @@ There are more enhancements that are arriving for provisioning. These will incl
## Uninstall / Deprovisioning
-At this time, only deprovisioning of the output of the prerequisites step is provided. You can/must manually remove things like ELBs and scale groups before attempting to undo the work by the preprovisiong step.
-
-To undo the work done by the prerequisites playbook, simply call the uninstall_prerequisites.yml playbook. You should use the same inventory file and provisioning_vars.yml file that was used during provisioning.
+To undo the work done by the prerequisites playbook, simply call the uninstall_prerequisites.yml playbook. You will have needed to remove any of the other objects (ie ELBs, instances, etc) before attempting. You should use the same inventory file and provisioning_vars.yml file that was used during provisioning.
```
ansible-playbook -i <previous inventory file> -e @<previous provisioning_vars file> uninstall_prerequisites.yml
@@ -211,4 +209,10 @@ ansible-playbook -i <previous inventory file> -e @<previous provisioning_vars fi
This should result in removal of the security groups and VPC that were created.
+Cleaning up the S3 bucket contents can be accomplished with:
+
+```
+ansible-playbook -i <previous inventory file> -e @<previous provisioning_vars file> uninstall_s3.yml
+```
+
NOTE: If you want to also remove the ssh keys that were uploaded (**these ssh keys would be shared if you are running multiple clusters in the same AWS account** so we don't remove these by default) then you should add 'openshift_aws_enable_uninstall_shared_objects: True' to your provisioning_vars.yml file.
diff --git a/playbooks/aws/openshift-cluster/uninstall_s3.yml b/playbooks/aws/openshift-cluster/uninstall_s3.yml
new file mode 100644
index 000000000..448b47aee
--- /dev/null
+++ b/playbooks/aws/openshift-cluster/uninstall_s3.yml
@@ -0,0 +1,10 @@
+---
+- name: Empty/delete s3 bucket
+ hosts: localhost
+ connection: local
+ tasks:
+ - name: empty/delete s3 bucket
+ include_role:
+ name: openshift_aws
+ tasks_from: uninstall_s3.yml
+ when: openshift_aws_create_s3 | default(true) | bool
diff --git a/roles/openshift_aws/defaults/main.yml b/roles/openshift_aws/defaults/main.yml
index c8d385db5..1696c2751 100644
--- a/roles/openshift_aws/defaults/main.yml
+++ b/roles/openshift_aws/defaults/main.yml
@@ -322,3 +322,8 @@ openshift_aws_masters_groups: masters,etcd,nodes
# By default, don't delete things like the shared IAM instance
# profile and uploaded ssh keys
openshift_aws_enable_uninstall_shared_objects: False
+# S3 bucket names are global by default and can take minutes/hours for the
+# name to become available for re-use (assuming someone doesn't take the
+# name in the meantime). Default to just emptying the contents of the S3
+# bucket if we've been asked to create the bucket during provisioning.
+openshift_aws_really_delete_s3_bucket: False
diff --git a/roles/openshift_aws/tasks/uninstall_s3.yml b/roles/openshift_aws/tasks/uninstall_s3.yml
new file mode 100644
index 000000000..0b08cbeed
--- /dev/null
+++ b/roles/openshift_aws/tasks/uninstall_s3.yml
@@ -0,0 +1,26 @@
+---
+- name: empty S3 bucket
+ block:
+ - name: get S3 object list
+ aws_s3:
+ bucket: "{{ openshift_aws_s3_bucket_name }}"
+ mode: list
+ region: "{{ openshift_aws_region }}"
+ register: s3_out
+
+ - name: delete S3 objects
+ aws_s3:
+ bucket: "{{ openshift_aws_s3_bucket_name }}"
+ mode: delobj
+ object: "{{ item }}"
+ with_items: "{{ s3_out.s3_keys }}"
+ when: openshift_aws_create_s3 | bool
+
+- name: delete S3 bucket
+ aws_s3:
+ bucket: "{{ openshift_aws_s3_bucket_name }}"
+ mode: delete
+ region: "{{ openshift_aws_region }}"
+ when:
+ - openshift_aws_create_s3 | bool
+ - openshift_aws_really_delete_s3_bucket | bool