kubeadm reset

Performs a best effort revert of changes made by kubeadm init or kubeadm join.

Performs a best effort revert of changes made to this host by ‘kubeadm init’ or ‘kubeadm join’

Synopsis

Performs a best effort revert of changes made to this host by ‘kubeadm init’ or ‘kubeadm join’

The “reset” command executes the following phases:

  1. preflight Run reset pre-flight checks
  2. remove-etcd-member Remove a local etcd member.
  3. cleanup-node Run cleanup node.
  1. kubeadm reset [flags]

Options

—cert-dir string     Default: “/etc/kubernetes/pki”

The path to the directory where the certificates are stored. If specified, clean this directory.

—cleanup-tmp-dir

Cleanup the “/etc/kubernetes/tmp” directory

—config string

Path to a kubeadm configuration file.

—cri-socket string

Path to the CRI socket to connect. If empty kubeadm will try to auto-detect this value; use this option only if you have more than one CRI installed or if you have non-standard CRI socket.

—dry-run

Don’t apply any changes; just output what would be done.

-f, —force

Reset the node without prompting for confirmation.

-h, —help

help for reset

—ignore-preflight-errors strings

A list of checks whose errors will be shown as warnings. Example: ‘IsPrivilegedUser,Swap’. Value ‘all’ ignores errors from all checks.

—kubeconfig string     Default: “/etc/kubernetes/admin.conf”

The kubeconfig file to use when talking to the cluster. If the flag is not set, a set of standard locations can be searched for an existing kubeconfig file.

—skip-phases strings

List of phases to be skipped

Options inherited from parent commands

—rootfs string

The path to the ‘real’ host root filesystem. This will cause kubeadm to chroot into the provided path.

Reset workflow

kubeadm reset is responsible for cleaning up a node local file system from files that were created using the kubeadm init or kubeadm join commands. For control-plane nodes reset also removes the local stacked etcd member of this node from the etcd cluster.

kubeadm reset phase can be used to execute the separate phases of the above workflow. To skip a list of phases you can use the --skip-phases flag, which works in a similar way to the kubeadm join and kubeadm init phase runners.

External etcd clean up

kubeadm reset will not delete any etcd data if external etcd is used. This means that if you run kubeadm init again using the same etcd endpoints, you will see state from previous clusters.

To wipe etcd data it is recommended you use a client like etcdctl, such as:

  1. etcdctl del "" --prefix

See the etcd documentation for more information.

Graceful kube-apiserver shutdown

If you have your kube-apiserver configured with the --shutdown-delay-duration flag, you can run the following commands to attempt a graceful shutdown for the running API server Pod, before you run kubeadm reset:

  1. yq eval -i '.spec.containers[0].command = []' /etc/kubernetes/manifests/kube-apiserver.yaml
  2. timeout 60 sh -c 'while pgrep kube-apiserver >/dev/null; do sleep 1; done' || true

What’s next

  • kubeadm init to bootstrap a Kubernetes control-plane node
  • kubeadm join to bootstrap a Kubernetes worker node and join it to the cluster