2016-12-07 16:36:24 +00:00
|
|
|
---
|
|
|
|
- name: reset | stop services
|
2017-02-17 21:22:34 +00:00
|
|
|
service:
|
|
|
|
name: "{{ item }}"
|
|
|
|
state: stopped
|
2016-12-07 16:36:24 +00:00
|
|
|
with_items:
|
|
|
|
- kubelet
|
|
|
|
failed_when: false
|
2017-10-05 07:43:04 +00:00
|
|
|
tags:
|
|
|
|
- services
|
2016-12-07 16:36:24 +00:00
|
|
|
|
|
|
|
- name: reset | remove services
|
2016-12-09 15:33:10 +00:00
|
|
|
file:
|
2021-01-05 15:09:59 +00:00
|
|
|
path: "/etc/systemd/system/{{ item }}"
|
2016-12-09 15:33:10 +00:00
|
|
|
state: absent
|
2016-12-07 16:36:24 +00:00
|
|
|
with_items:
|
2021-01-05 15:09:59 +00:00
|
|
|
- kubelet.service
|
|
|
|
- calico-node.service
|
|
|
|
- containerd.service.d/http-proxy.conf
|
|
|
|
- crio.service.d/http-proxy.conf
|
2021-03-22 18:22:48 +00:00
|
|
|
- k8s-certs-renew.service
|
|
|
|
- k8s-certs-renew.timer
|
2016-12-07 16:36:24 +00:00
|
|
|
register: services_removed
|
2017-10-05 07:43:04 +00:00
|
|
|
tags:
|
|
|
|
- services
|
2021-01-05 15:09:59 +00:00
|
|
|
- containerd
|
|
|
|
- crio
|
2016-12-07 16:36:24 +00:00
|
|
|
|
2016-12-21 16:18:11 +00:00
|
|
|
- name: reset | remove docker dropins
|
|
|
|
file:
|
|
|
|
path: "/etc/systemd/system/docker.service.d/{{ item }}"
|
|
|
|
state: absent
|
|
|
|
with_items:
|
|
|
|
- docker-dns.conf
|
|
|
|
- docker-options.conf
|
2018-03-08 15:16:02 +00:00
|
|
|
- http-proxy.conf
|
2021-01-05 15:09:59 +00:00
|
|
|
- docker-orphan-cleanup.conf
|
2016-12-21 16:18:11 +00:00
|
|
|
register: docker_dropins_removed
|
2017-10-05 07:43:04 +00:00
|
|
|
tags:
|
|
|
|
- docker
|
2016-12-21 16:18:11 +00:00
|
|
|
|
2020-07-27 13:24:17 +00:00
|
|
|
- name: reset | systemctl daemon-reload # noqa 503
|
2019-04-24 05:18:00 +00:00
|
|
|
systemd:
|
|
|
|
daemon_reload: true
|
2016-12-21 16:18:11 +00:00
|
|
|
when: services_removed.changed or docker_dropins_removed.changed
|
2016-12-07 16:36:24 +00:00
|
|
|
|
2020-08-28 08:20:53 +00:00
|
|
|
- name: reset | remove all containers
|
|
|
|
shell: "set -o pipefail && {{ docker_bin_dir }}/docker ps -aq | xargs -r docker rm -fv"
|
|
|
|
args:
|
|
|
|
executable: /bin/bash
|
2017-09-06 11:23:16 +00:00
|
|
|
register: remove_all_containers
|
|
|
|
retries: 4
|
|
|
|
until: remove_all_containers.rc == 0
|
|
|
|
delay: 5
|
2019-06-29 21:09:20 +00:00
|
|
|
when: container_manager == "docker"
|
2017-10-05 07:43:04 +00:00
|
|
|
tags:
|
|
|
|
- docker
|
2016-12-07 16:36:24 +00:00
|
|
|
|
2020-07-27 13:24:17 +00:00
|
|
|
- name: reset | restart docker if needed # noqa 503
|
2017-02-17 21:22:34 +00:00
|
|
|
service:
|
|
|
|
name: docker
|
|
|
|
state: restarted
|
2019-06-29 21:09:20 +00:00
|
|
|
when: docker_dropins_removed.changed and container_manager == "docker"
|
2017-10-05 07:43:04 +00:00
|
|
|
tags:
|
|
|
|
- docker
|
2016-12-21 16:18:11 +00:00
|
|
|
|
2021-01-05 15:09:59 +00:00
|
|
|
- name: reset | check if crictl is present
|
|
|
|
stat:
|
|
|
|
path: "{{ bin_dir }}/crictl"
|
2021-02-10 13:36:59 +00:00
|
|
|
get_attributes: no
|
|
|
|
get_checksum: no
|
|
|
|
get_mime: no
|
2021-01-05 15:09:59 +00:00
|
|
|
register: crictl
|
|
|
|
|
2020-08-28 08:20:53 +00:00
|
|
|
- name: reset | stop all cri containers
|
2021-01-05 15:09:59 +00:00
|
|
|
shell: "set -o pipefail && {{ bin_dir }}/crictl ps -q | xargs -r {{ bin_dir }}/crictl -t 60s stop"
|
2020-08-28 08:20:53 +00:00
|
|
|
args:
|
|
|
|
executable: /bin/bash
|
2019-06-29 21:09:20 +00:00
|
|
|
register: remove_all_cri_containers
|
|
|
|
retries: 5
|
|
|
|
until: remove_all_cri_containers.rc == 0
|
2018-12-12 09:59:55 +00:00
|
|
|
delay: 5
|
|
|
|
tags:
|
|
|
|
- crio
|
2019-06-29 21:09:20 +00:00
|
|
|
- containerd
|
2021-01-05 15:09:59 +00:00
|
|
|
when:
|
|
|
|
- crictl.stat.exists
|
|
|
|
- container_manager in ["crio", "containerd"]
|
|
|
|
ignore_errors: true
|
2018-12-12 09:59:55 +00:00
|
|
|
|
2021-01-05 15:09:59 +00:00
|
|
|
- name: reset | force remove all cri containers
|
|
|
|
command: "{{ bin_dir }}/crictl rm -a -f"
|
2019-06-29 21:09:20 +00:00
|
|
|
register: remove_all_cri_containers
|
|
|
|
retries: 5
|
|
|
|
until: remove_all_cri_containers.rc == 0
|
2018-08-08 04:50:15 +00:00
|
|
|
delay: 5
|
|
|
|
tags:
|
|
|
|
- crio
|
2019-06-29 21:09:20 +00:00
|
|
|
- containerd
|
2021-01-05 15:09:59 +00:00
|
|
|
when:
|
|
|
|
- crictl.stat.exists
|
|
|
|
- container_manager in ["crio", "containerd"]
|
|
|
|
- deploy_container_engine|default(true)
|
2018-08-08 04:50:15 +00:00
|
|
|
|
2020-10-12 22:47:22 +00:00
|
|
|
- name: reset | stop and disable crio service
|
|
|
|
service:
|
|
|
|
name: crio
|
|
|
|
state: stopped
|
|
|
|
enabled: false
|
|
|
|
failed_when: false
|
|
|
|
tags: [ crio ]
|
|
|
|
when: container_manager == "crio"
|
|
|
|
|
|
|
|
- name: reset | forcefully wipe CRI-O's container and image storage
|
|
|
|
command: "crio wipe -f"
|
|
|
|
failed_when: false
|
|
|
|
tags: [ crio ]
|
|
|
|
when: container_manager == "crio"
|
|
|
|
|
2020-08-28 08:20:53 +00:00
|
|
|
- name: reset | stop all cri pods
|
2020-11-28 16:30:47 +00:00
|
|
|
shell: "set -o pipefail && {{ bin_dir }}/crictl pods -q | xargs -r {{ bin_dir }}/crictl -t 60s stopp"
|
2020-08-28 08:20:53 +00:00
|
|
|
args:
|
|
|
|
executable: /bin/bash
|
2019-06-29 21:09:20 +00:00
|
|
|
register: remove_all_cri_containers
|
|
|
|
retries: 5
|
|
|
|
until: remove_all_cri_containers.rc == 0
|
2018-12-12 09:59:55 +00:00
|
|
|
delay: 5
|
2020-10-12 22:47:22 +00:00
|
|
|
tags: [ containerd ]
|
2021-01-05 15:09:59 +00:00
|
|
|
when:
|
|
|
|
- crictl.stat.exists
|
|
|
|
- container_manager == "containerd"
|
|
|
|
ignore_errors: true
|
2018-12-12 09:59:55 +00:00
|
|
|
|
2021-02-22 20:44:03 +00:00
|
|
|
- block:
|
|
|
|
- name: reset | force remove all cri pods
|
|
|
|
command: "{{ bin_dir }}/crictl rmp -a -f"
|
|
|
|
register: remove_all_cri_containers
|
|
|
|
retries: 5
|
|
|
|
until: remove_all_cri_containers.rc == 0
|
|
|
|
delay: 5
|
|
|
|
tags: [ containerd ]
|
|
|
|
when:
|
|
|
|
- crictl.stat.exists
|
|
|
|
- container_manager == "containerd"
|
|
|
|
|
|
|
|
rescue:
|
|
|
|
- name: reset | force remove all cri pods (rescue)
|
|
|
|
shell: "ip netns list | cut -d' ' -f 1 | xargs -n1 ip netns delete && {{ bin_dir }}/crictl rmp -a -f"
|
2019-06-29 21:09:20 +00:00
|
|
|
|
|
|
|
- name: reset | stop etcd services
|
|
|
|
service:
|
|
|
|
name: "{{ item }}"
|
|
|
|
state: stopped
|
|
|
|
with_items:
|
|
|
|
- etcd
|
|
|
|
- etcd-events
|
|
|
|
failed_when: false
|
|
|
|
tags:
|
|
|
|
- services
|
|
|
|
|
|
|
|
- name: reset | remove etcd services
|
|
|
|
file:
|
|
|
|
path: "/etc/systemd/system/{{ item }}.service"
|
|
|
|
state: absent
|
|
|
|
with_items:
|
|
|
|
- etcd
|
|
|
|
- etcd-events
|
|
|
|
register: services_removed
|
|
|
|
tags:
|
|
|
|
- services
|
|
|
|
|
2020-08-28 08:20:53 +00:00
|
|
|
- name: reset | gather mounted kubelet dirs # noqa 301
|
|
|
|
shell: set -o pipefail && mount | grep /var/lib/kubelet/ | awk '{print $3}' | tac
|
2018-10-16 06:47:04 +00:00
|
|
|
args:
|
2020-08-28 08:20:53 +00:00
|
|
|
executable: /bin/bash
|
2018-10-16 06:47:04 +00:00
|
|
|
warn: false
|
2017-02-06 18:13:21 +00:00
|
|
|
check_mode: no
|
2016-12-07 16:36:24 +00:00
|
|
|
register: mounted_dirs
|
2020-10-05 19:55:21 +00:00
|
|
|
failed_when: false
|
2017-10-05 07:43:04 +00:00
|
|
|
tags:
|
|
|
|
- mounts
|
2016-12-07 16:36:24 +00:00
|
|
|
|
2020-07-27 13:24:17 +00:00
|
|
|
- name: reset | unmount kubelet dirs # noqa 301
|
2019-05-02 21:24:21 +00:00
|
|
|
command: umount -f {{ item }}
|
2020-07-04 09:02:48 +00:00
|
|
|
with_items: "{{ mounted_dirs.stdout_lines }}"
|
2018-02-21 11:41:57 +00:00
|
|
|
register: umount_dir
|
2020-10-05 19:55:21 +00:00
|
|
|
when: mounted_dirs
|
2018-02-21 11:41:57 +00:00
|
|
|
retries: 4
|
|
|
|
until: umount_dir.rc == 0
|
|
|
|
delay: 5
|
2017-10-05 07:43:04 +00:00
|
|
|
tags:
|
|
|
|
- mounts
|
2016-12-07 16:36:24 +00:00
|
|
|
|
2017-03-21 09:13:54 +00:00
|
|
|
- name: flush iptables
|
|
|
|
iptables:
|
2018-01-25 02:22:49 +00:00
|
|
|
table: "{{ item }}"
|
2017-03-21 09:13:54 +00:00
|
|
|
flush: yes
|
2018-01-25 02:22:49 +00:00
|
|
|
with_items:
|
|
|
|
- filter
|
|
|
|
- nat
|
2020-02-26 08:04:26 +00:00
|
|
|
- mangle
|
2021-04-05 08:16:13 +00:00
|
|
|
- raw
|
2017-04-18 14:15:22 +00:00
|
|
|
when: flush_iptables|bool
|
2017-10-05 07:43:04 +00:00
|
|
|
tags:
|
|
|
|
- iptables
|
2017-03-21 09:13:54 +00:00
|
|
|
|
2020-07-28 08:39:08 +00:00
|
|
|
- name: Clear IPVS virtual server table
|
|
|
|
command: "ipvsadm -C"
|
2021-05-07 20:37:04 +00:00
|
|
|
ignore_errors: yes
|
2018-10-16 23:29:43 +00:00
|
|
|
when:
|
2021-04-29 12:20:50 +00:00
|
|
|
- kube_proxy_mode == 'ipvs' and inventory_hostname in groups['k8s_cluster']
|
2018-10-16 23:29:43 +00:00
|
|
|
|
2018-12-05 03:18:50 +00:00
|
|
|
- name: reset | check kube-ipvs0 network device
|
|
|
|
stat:
|
|
|
|
path: /sys/class/net/kube-ipvs0
|
2021-02-10 13:36:59 +00:00
|
|
|
get_attributes: no
|
|
|
|
get_checksum: no
|
|
|
|
get_mime: no
|
2018-12-05 03:18:50 +00:00
|
|
|
register: kube_ipvs0
|
|
|
|
|
2018-12-03 18:38:51 +00:00
|
|
|
- name: reset | Remove kube-ipvs0
|
|
|
|
command: "ip link del kube-ipvs0"
|
|
|
|
when:
|
|
|
|
- kube_proxy_mode == 'ipvs'
|
2018-12-05 03:18:50 +00:00
|
|
|
- kube_ipvs0.stat.exists
|
2018-12-03 18:38:51 +00:00
|
|
|
|
2019-04-08 09:26:25 +00:00
|
|
|
- name: reset | check nodelocaldns network device
|
|
|
|
stat:
|
|
|
|
path: /sys/class/net/nodelocaldns
|
2021-02-10 13:36:59 +00:00
|
|
|
get_attributes: no
|
|
|
|
get_checksum: no
|
|
|
|
get_mime: no
|
2019-04-08 09:26:25 +00:00
|
|
|
register: nodelocaldns_device
|
|
|
|
|
|
|
|
- name: reset | Remove nodelocaldns
|
|
|
|
command: "ip link del nodelocaldns"
|
|
|
|
when:
|
|
|
|
- enable_nodelocaldns|default(false)|bool
|
|
|
|
- nodelocaldns_device.stat.exists
|
|
|
|
|
2016-12-07 16:36:24 +00:00
|
|
|
- name: reset | delete some files and directories
|
2017-02-17 21:22:34 +00:00
|
|
|
file:
|
|
|
|
path: "{{ item }}"
|
|
|
|
state: absent
|
2016-12-07 16:36:24 +00:00
|
|
|
with_items:
|
2019-05-02 21:24:21 +00:00
|
|
|
- "{{ kube_config_dir }}"
|
2016-12-07 16:36:24 +00:00
|
|
|
- /var/lib/kubelet
|
2019-06-06 09:06:11 +00:00
|
|
|
- "{{ ansible_env.HOME | default('/root') }}/.kube"
|
|
|
|
- "{{ ansible_env.HOME | default('/root') }}/.helm"
|
2017-02-24 14:58:54 +00:00
|
|
|
- "{{ etcd_data_dir }}"
|
2020-07-22 06:58:05 +00:00
|
|
|
- "{{ etcd_events_data_dir }}"
|
|
|
|
- "{{ etcd_config_dir }}"
|
2016-12-09 15:33:10 +00:00
|
|
|
- /var/log/calico
|
|
|
|
- /etc/cni
|
2018-10-11 13:33:18 +00:00
|
|
|
- "{{ nginx_config_dir }}"
|
2016-12-09 15:33:10 +00:00
|
|
|
- /etc/dnsmasq.d
|
2016-12-21 16:18:11 +00:00
|
|
|
- /etc/dnsmasq.conf
|
|
|
|
- /etc/dnsmasq.d-available
|
2016-12-09 15:33:10 +00:00
|
|
|
- /etc/etcd.env
|
|
|
|
- /etc/calico
|
2021-03-03 15:27:20 +00:00
|
|
|
- /etc/NetworkManager/conf.d/calico.conf
|
|
|
|
- /etc/NetworkManager/conf.d/k8s.conf
|
2017-06-29 03:44:52 +00:00
|
|
|
- /etc/weave.env
|
2016-12-09 15:33:10 +00:00
|
|
|
- /opt/cni
|
2016-12-21 16:18:11 +00:00
|
|
|
- /etc/dhcp/dhclient.d/zdnsupdate.sh
|
|
|
|
- /etc/dhcp/dhclient-exit-hooks.d/zdnsupdate
|
2017-06-29 06:45:15 +00:00
|
|
|
- /run/flannel
|
|
|
|
- /etc/flannel
|
|
|
|
- /run/kubernetes
|
|
|
|
- /usr/local/share/ca-certificates/etcd-ca.crt
|
2017-08-30 13:03:22 +00:00
|
|
|
- /usr/local/share/ca-certificates/kube-ca.crt
|
2017-06-29 06:45:15 +00:00
|
|
|
- /etc/ssl/certs/etcd-ca.pem
|
2017-08-30 13:03:22 +00:00
|
|
|
- /etc/ssl/certs/kube-ca.pem
|
|
|
|
- /etc/pki/ca-trust/source/anchors/etcd-ca.crt
|
|
|
|
- /etc/pki/ca-trust/source/anchors/kube-ca.crt
|
2017-06-29 06:45:15 +00:00
|
|
|
- /var/log/pods/
|
2017-06-29 03:44:52 +00:00
|
|
|
- "{{ bin_dir }}/kubelet"
|
|
|
|
- "{{ bin_dir }}/etcd-scripts"
|
|
|
|
- "{{ bin_dir }}/etcd"
|
2018-03-01 08:39:14 +00:00
|
|
|
- "{{ bin_dir }}/etcd-events"
|
2017-06-29 03:44:52 +00:00
|
|
|
- "{{ bin_dir }}/etcdctl"
|
|
|
|
- "{{ bin_dir }}/kubernetes-scripts"
|
|
|
|
- "{{ bin_dir }}/kubectl"
|
2017-09-15 21:28:15 +00:00
|
|
|
- "{{ bin_dir }}/kubeadm"
|
2017-06-29 03:44:52 +00:00
|
|
|
- "{{ bin_dir }}/helm"
|
|
|
|
- "{{ bin_dir }}/calicoctl"
|
2019-07-30 19:02:08 +00:00
|
|
|
- "{{ bin_dir }}/calicoctl.sh"
|
2018-08-23 14:17:18 +00:00
|
|
|
- "{{ bin_dir }}/calico-upgrade"
|
2017-06-29 03:44:52 +00:00
|
|
|
- "{{ bin_dir }}/weave"
|
2019-07-30 19:02:08 +00:00
|
|
|
- "{{ bin_dir }}/crictl"
|
2021-04-26 06:47:01 +00:00
|
|
|
- "{{ bin_dir }}/nerdctl"
|
2019-07-30 19:02:08 +00:00
|
|
|
- "{{ bin_dir }}/netctl"
|
2021-03-22 18:22:48 +00:00
|
|
|
- "{{ bin_dir }}/k8s-certs-renew.sh"
|
2018-09-20 19:36:25 +00:00
|
|
|
- /var/lib/cni
|
2018-09-17 14:45:05 +00:00
|
|
|
- /etc/openvswitch
|
|
|
|
- /run/openvswitch
|
2018-10-16 14:15:05 +00:00
|
|
|
- /var/lib/kube-router
|
2019-07-30 19:02:08 +00:00
|
|
|
- /var/lib/calico
|
|
|
|
- /etc/cilium
|
|
|
|
- /run/calico
|
2021-04-14 18:07:09 +00:00
|
|
|
- /etc/bash_completion.d/kubectl.sh
|
|
|
|
- /etc/bash_completion.d/crictl
|
2021-04-26 06:47:01 +00:00
|
|
|
- /etc/bash_completion.d/nerdctl
|
2021-06-21 12:34:50 +00:00
|
|
|
- /etc/bash_completion.d/krew
|
2021-05-11 00:25:36 +00:00
|
|
|
- "{{ krew_root_dir | default('/usr/local/krew') }}"
|
2021-06-25 07:32:45 +00:00
|
|
|
- /etc/modules-load.d/kube_proxy-ipvs.conf
|
|
|
|
- /etc/modules-load.d/kubespray-br_netfilter.conf
|
2017-12-11 12:49:21 +00:00
|
|
|
ignore_errors: yes
|
2017-10-05 07:43:04 +00:00
|
|
|
tags:
|
|
|
|
- files
|
2017-04-18 14:15:22 +00:00
|
|
|
|
2016-12-21 16:18:11 +00:00
|
|
|
- name: reset | remove dns settings from dhclient.conf
|
|
|
|
blockinfile:
|
2018-10-30 12:56:58 +00:00
|
|
|
path: "{{ item }}"
|
2016-12-21 16:18:11 +00:00
|
|
|
state: absent
|
|
|
|
marker: "# Ansible entries {mark}"
|
|
|
|
failed_when: false
|
|
|
|
with_items:
|
|
|
|
- /etc/dhclient.conf
|
|
|
|
- /etc/dhcp/dhclient.conf
|
2017-10-05 07:43:04 +00:00
|
|
|
tags:
|
|
|
|
- files
|
|
|
|
- dns
|
2016-12-21 16:18:11 +00:00
|
|
|
|
|
|
|
- name: reset | remove host entries from /etc/hosts
|
|
|
|
blockinfile:
|
2018-10-30 12:56:58 +00:00
|
|
|
path: "/etc/hosts"
|
2016-12-21 16:18:11 +00:00
|
|
|
state: absent
|
|
|
|
marker: "# Ansible inventory hosts {mark}"
|
2017-10-05 07:43:04 +00:00
|
|
|
tags:
|
|
|
|
- files
|
|
|
|
- dns
|
2016-12-21 16:18:11 +00:00
|
|
|
|
2018-08-16 15:34:33 +00:00
|
|
|
- name: reset | include file with reset tasks specific to the network_plugin if exists
|
|
|
|
include_tasks: "{{ (role_path + '/../network_plugin/' + kube_network_plugin + '/tasks/reset.yml') | realpath }}"
|
2018-08-17 14:37:33 +00:00
|
|
|
when:
|
2020-11-30 14:48:50 +00:00
|
|
|
- kube_network_plugin in ['flannel', 'cilium', 'kube-router', 'calico']
|
2017-12-06 14:15:40 +00:00
|
|
|
tags:
|
2018-08-16 15:34:33 +00:00
|
|
|
- network
|
2017-12-06 14:15:40 +00:00
|
|
|
|
2016-12-21 16:18:11 +00:00
|
|
|
- name: reset | Restart network
|
|
|
|
service:
|
|
|
|
name: >-
|
|
|
|
{% if ansible_os_family == "RedHat" -%}
|
2021-02-09 14:35:04 +00:00
|
|
|
{%- if ansible_distribution_major_version|int == 8 or is_fedora_coreos -%}
|
2019-12-09 09:37:10 +00:00
|
|
|
NetworkManager
|
|
|
|
{%- else -%}
|
2016-12-21 16:18:11 +00:00
|
|
|
network
|
2019-12-09 09:37:10 +00:00
|
|
|
{%- endif -%}
|
2020-07-04 09:02:48 +00:00
|
|
|
{%- elif ansible_distribution == "Ubuntu" and ansible_distribution_release in ["bionic", "focal"] -%}
|
2018-10-02 10:10:52 +00:00
|
|
|
systemd-networkd
|
2016-12-21 16:18:11 +00:00
|
|
|
{%- elif ansible_os_family == "Debian" -%}
|
|
|
|
networking
|
|
|
|
{%- endif %}
|
|
|
|
state: restarted
|
2018-10-11 07:45:00 +00:00
|
|
|
when:
|
2020-08-28 09:28:53 +00:00
|
|
|
- ansible_os_family not in ["Flatcar Container Linux by Kinvolk"]
|
2018-10-11 07:45:00 +00:00
|
|
|
- reset_restart_network
|
2017-10-05 07:43:04 +00:00
|
|
|
tags:
|
|
|
|
- services
|
|
|
|
- network
|