Uninstalling a cluster on AWS

You can remove a cluster that you deployed to Amazon Web Services (AWS).

Removing a cluster that uses installer-provisioned infrastructure

You can remove a cluster that uses installer-provisioned infrastructure from your cloud.

Prerequisites

• You have a copy of the installation program that you used to deploy the cluster.

• You have the files that the installation program generated when you created your cluster.

Procedure

1. On the computer that you used to install the cluster, go to the directory that contains the installation program, and run the following command:

   $ ./openshift-install destroy cluster \
   --dir <installation_directory> --log-level info  (1) (2)

   1	For <installation_directory>, specify the path to the directory that you stored the installation files in.
   2	To view different details, specify warn, debug, or error instead of info.

   You must specify the directory that contains the cluster definition files for your cluster. The installation program requires the metadata.json file in this directory to delete the cluster.

2. Optional: Delete the <installation_directory> directory and the OKD installation program.

Deleting AWS resources with the Cloud Credential Operator utility

To clean up resources after uninstalling an OKD cluster with the Cloud Credential Operator (CCO) in manual mode with STS, you can use the CCO utility (ccoctl) to remove the AWS resources that ccoctl created during installation.

Prerequisites

• Extract and prepare the ccoctl binary.

• Install an OKD cluster with the CCO in manual mode with STS.

Procedure

• Delete the AWS resources that ccoctl created:

  $ ccoctl aws delete --name=<name> --region=<aws_region>

  where:

  • <name> matches the name used to originally create and tag the cloud resources.

  • <aws_region> is the AWS region in which cloud resources will be deleted.

    Example output:

    2021/04/08 17:50:41 Identity Provider object .well-known/openid-configuration deleted from the bucket <name>-oidc
    2021/04/08 17:50:42 Identity Provider object keys.json deleted from the bucket <name>-oidc
    2021/04/08 17:50:43 Identity Provider bucket <name>-oidc deleted
    2021/04/08 17:51:05 Policy <name>-openshift-cloud-credential-operator-cloud-credential-o associated with IAM Role <name>-openshift-cloud-credential-operator-cloud-credential-o deleted
    2021/04/08 17:51:05 IAM Role <name>-openshift-cloud-credential-operator-cloud-credential-o deleted
    2021/04/08 17:51:07 Policy <name>-openshift-cluster-csi-drivers-ebs-cloud-credentials associated with IAM Role <name>-openshift-cluster-csi-drivers-ebs-cloud-credentials deleted
    2021/04/08 17:51:07 IAM Role <name>-openshift-cluster-csi-drivers-ebs-cloud-credentials deleted
    2021/04/08 17:51:08 Policy <name>-openshift-image-registry-installer-cloud-credentials associated with IAM Role <name>-openshift-image-registry-installer-cloud-credentials deleted
    2021/04/08 17:51:08 IAM Role <name>-openshift-image-registry-installer-cloud-credentials deleted
    2021/04/08 17:51:09 Policy <name>-openshift-ingress-operator-cloud-credentials associated with IAM Role <name>-openshift-ingress-operator-cloud-credentials deleted
    2021/04/08 17:51:10 IAM Role <name>-openshift-ingress-operator-cloud-credentials deleted
    2021/04/08 17:51:11 Policy <name>-openshift-machine-api-aws-cloud-credentials associated with IAM Role <name>-openshift-machine-api-aws-cloud-credentials deleted
    2021/04/08 17:51:11 IAM Role <name>-openshift-machine-api-aws-cloud-credentials deleted
    2021/04/08 17:51:39 Identity Provider with ARN arn:aws:iam::<aws_account_id>:oidc-provider/<name>-oidc.s3.<aws_region>.amazonaws.com deleted

Verification

• To verify that the resources are deleted, query AWS. For more information, refer to AWS documentation.