新增role: clean，重写99.clean.yml

Author: gjmzj

99.clean.yml

@@ -1,241 +1,17 @@
 # WARNING: This playbook will erase the entire k8s-cluster, include PODs, ETCD data etc.
 # Make sure you know what you are doing.
 
-# to clean 'kube-node' nodes
 - hosts:
   - kube-master
-  - kube-node
-  tasks:
-  - name: stop and disable kube-node service
-    service: name={{ item }} state=stopped enabled=no
-    with_items:
-    - kubelet
-    - kube-proxy
-    ignore_errors: true
-
-  - name: umount kubelet filesystems
-    shell: "mount | grep '/var/lib/kubelet'| awk '{print $3}'|xargs umount || exit 0"
-    args:
-      warn: false
-    ignore_errors: true
-
-  - name: remove files and dirs of 'kube-node' nodes
-    file: name={{ item }} state=absent
-    with_items:
-    - "/var/lib/kubelet/"
-    - "/var/lib/kube-proxy/"
-    - "/etc/systemd/system/kubelet.service"
-    - "/etc/systemd/system/kube-proxy.service"
-    - "/opt/kube/kube-system/"
-
-# to clean 'kube-master' nodes
-- hosts:
-  - kube-master
-  tasks:
-  - name: stop and disable kube-master service
-    service: name={{ item }} state=stopped enabled=no
-    with_items:
-    - kube-apiserver
-    - kube-controller-manager
-    - kube-scheduler
-    ignore_errors: true
-
-  - name: remove files and dirs of 'kube-master' nodes
-    file: name={{ item }} state=absent
-    with_items:
-    - "/var/run/kubernetes"
-    - "/etc/systemd/system/kube-apiserver.service"
-    - "/etc/systemd/system/kube-controller-manager.service"
-    - "/etc/systemd/system/kube-scheduler.service"
-
-# to clean container runtime and networking
-- hosts:
-  - kube-master
-  - kube-node
-  tasks:
-  - block:
-      - name: to check if container 'kubeasz' is running
-        shell: 'docker ps|grep kubeasz || echo "NOT FOUND"'
-        register: install_info
-    
-      - name: fail info
-        fail: msg="you CAN NOT delete dockerd, because container 'kubeasz' is running!" 
-        when: "'kubeasz' in install_info.stdout"
-    
-      - name: stop and disable docker service
-        service: 
-          name: docker
-          state: stopped
-          enabled: no
-        ignore_errors: true
-    
-      # as k8s-network-plugins use host-network, '/var/run/docker/netns/default' must be umounted
-      - name: unmount docker filesystem-1
-        mount: path=/var/run/docker/netns/default state=unmounted
-    
-      - name: unmount docker filesystem-2
-        mount: path=/var/lib/docker/overlay state=unmounted
-    
-      - name: remove files and dirs
-        file: name={{ item }} state=absent
-        with_items:
-        - "/var/lib/docker/"
-        - "/var/run/docker/"
-        - "/etc/systemd/system/docker.service"
-        - "/etc/systemd/system/docker.service.requires/"
-        - "/etc/systemd/system/docker.service.d/"
-        - "/etc/bash_completion.d/docker"
-        - "/usr/bin/docker"
-    when: CONTAINER_RUNTIME == 'docker'
-
-  - block:
-      - name: stop and disable containerd service
-        service: 
-          name: containerd
-          state: stopped
-          enabled: no
-        ignore_errors: true
-
-      - name: umount containerd filesystems
-        shell: "mount | grep 'containerd/io.containerd'| awk '{print $3}'|xargs umount || exit 0"
-        args:
-          warn: false
-        ignore_errors: true
-
-      - name: remove files and dirs
-        file: name={{ item }} state=absent
-        with_items:
-        - "/etc/containerd/"
-        - "/etc/crictl.yaml"
-        - "/etc/systemd/system/containerd.service"
-        - "/opt/containerd/"
-        - "/var/lib/containerd/"
-        - "/var/run/containerd/"
-    when: CONTAINER_RUNTIME == 'containerd'
-
-  - name: remove files and dirs2
-    file: name={{ item }} state=absent
-    with_items:
-    - "/etc/cni/"
-    - "/run/flannel/"
-    - "/etc/calico/"
-    - "/var/run/calico/"
-    - "/var/lib/calico/"
-    - "/var/log/calico/"
-    - "/etc/cilium/"
-    - "/var/run/cilium/"
-    - "/sys/fs/bpf/tc/"
-    - "/var/lib/cni/"
-    - "/var/lib/kube-router/"
-    - "/opt/kube/kube-system/"
-    - "/var/run/openvswitch/"
-    - "/etc/origin/openvswitch/"
-    - "/etc/openvswitch/"
-    - "/var/log/openvswitch/"
-
-  - name: cleanup iptables
-    shell: "iptables -F && iptables -X \
-	&& iptables -F -t nat && iptables -X -t nat \
-	&& iptables -F -t raw && iptables -X -t raw \
-	&& iptables -F -t mangle && iptables -X -t mangle"
-
-  - name: cleanup networks1
-    shell: "ip link del tunl0; \
-	ip link del flannel.1; \
-	ip link del cni0; \
-        ip link del mynet0; \
-	ip link del kube-bridge; \
-        ip link del dummy0; \
-        ip link del kube-ipvs0; \
-        ip link del cilium_net; \
-        ip link del cilium_vxlan; \
-        ip link del ovn0; \
-        ip link del ovs-system"
-    ignore_errors: true
-
-  - name: cleanup networks2
-    shell: "ip link del docker0; \
-	systemctl restart networking; \
-	systemctl restart network"
-    ignore_errors: true
-
-  - name: cleanup 'calico' routes
-    shell: "for rt in `ip route|grep bird|sed 's/blackhole //'|awk '{print $1}'`;do ip route del $rt;done;"
-    when: "CLUSTER_NETWORK == 'calico'"
-    ignore_errors: true
-
-# to clean 'etcd' nodes
-- hosts: etcd
-  tasks:
-  - name: stop and disable etcd service
-    service:
-      name: etcd
-      state: stopped
-      enabled: no
-    ignore_errors: true
-
-  - name: remove files and dirs
-    file: name={{ item }} state=absent
-    with_items:
-    - "/var/lib/etcd"
-    - "/etc/etcd/"
-    - "/backup/k8s"
-    - "/etc/systemd/system/etcd.service"
-
-# to clean 'lb' nodes
-- hosts:
   - kube-node
   - ex-lb
-  tasks:
-  - name: stop keepalived service
-    shell: systemctl disable keepalived && systemctl stop keepalived
-    ignore_errors: true
-
-  - name: stop haproxy service
-    shell: systemctl disable haproxy && systemctl stop haproxy
-    ignore_errors: true
-
-  - name: remove files and dirs
-    file: name={{ item }} state=absent
-    with_items:
-    - "/etc/haproxy"
-    - "/etc/keepalived"
-
-# to clean ntp, certs and keys, env path
-- hosts:
-  - kube-master
-  - kube-node
   - etcd
-  - ex-lb
-  tasks:
-  - block:
-      - name: stop and disable chrony in Ubuntu
-        service: name=chrony state=stopped enabled=no
-        ignore_errors: true
-        when: 'ansible_distribution in ["Ubuntu","Debian"]'
-
-      - name: stop and disable chronyd in CentOS/RedHat
-        service: name=chronyd state=stopped enabled=no
-        ignore_errors: true
-        when: 'ansible_distribution in ["CentOS","RedHat","Amazon"]'
-    when: "groups['chrony']|length > 0"
-
-  - name: clean certs and keys
-    file: name={{ item }} state=absent
-    with_items:
-    - "/etc/kubernetes/"
-    - "{{ ca_dir }}" 
-    - "/root/.kube/config"
-    - "/etc/docker/"
-
-  - name: clean 'ENV PATH'
-    lineinfile:
-      dest: ~/.bashrc
-      state: absent
-      regexp: '{{ item }}'
-    with_items:
-    - 'kubeasz'
-    - 'helm completion'
-    - 'kubectl completion'
-    - 'crictl completion'
-    - 'HELM_TLS_ENABLE'
+  vars:
+    DEL_MASTER: "yes"
+    DEL_NODE: "yes"
+    DEL_ETCD: "yes"
+    DEL_LB: "yes"
+    DEL_CHRONY: "yes"
+    DEL_ENV: "yes"
+  roles:
+  - clean

roles/clean/defaults/main.yml

@@ -0,0 +1,17 @@
+# 是否删除 kube-master 相关服务
+DEL_MASTER: "no"
+
+# 是否删除 kube-node 相关服务
+DEL_NODE: "no"
+
+# 是否删除 etc 相关服务
+DEL_ETCD: "no"
+
+# 是否删除 lb 相关服务
+DEL_LB: "no"
+
+# 是否删除 chrony 相关服务
+DEL_CHRONY: "no"
+
+# 是否删除 kubeasz 环境变量
+DEL_ENV: "no"

roles/clean/tasks/clean_chrony.yml

@@ -0,0 +1,11 @@
+- block:
+    - name: stop and disable chrony in Ubuntu
+      service: name=chrony state=stopped enabled=no
+      ignore_errors: true
+      when: 'ansible_distribution in ["Ubuntu","Debian"]'
+
+    - name: stop and disable chronyd in CentOS/RedHat
+      service: name=chronyd state=stopped enabled=no
+      ignore_errors: true
+      when: 'ansible_distribution in ["CentOS","RedHat","Amazon"]'
+  when: "groups['chrony']|length > 0"

roles/clean/tasks/clean_etcd.yml

@@ -0,0 +1,18 @@
+# to clean 'etcd' nodes
+- block:
+  - name: stop and disable etcd service
+    service:
+      name: etcd
+      state: stopped
+      enabled: no
+    ignore_errors: true
+
+  - name: remove files and dirs
+    file: name={{ item }} state=absent
+    with_items:
+    - "/var/lib/etcd"
+    - "/etc/etcd/"
+    - "/backup/k8s"
+    - "/etc/systemd/system/etcd.service"
+    - "{{ ca_dir }}"
+  when: "inventory_hostname in groups['etcd']"

roles/clean/tasks/clean_lb.yml

@@ -0,0 +1,16 @@
+# to clean 'lb' service
+- block:
+  - name: stop keepalived service
+    shell: systemctl disable keepalived && systemctl stop keepalived
+    ignore_errors: true
+
+  - name: stop haproxy service
+    shell: systemctl disable haproxy && systemctl stop haproxy
+    ignore_errors: true
+
+  - name: remove files and dirs
+    file: name={{ item }} state=absent
+    with_items:
+    - "/etc/haproxy"
+    - "/etc/keepalived"
+  when: "inventory_hostname in groups['kube-node'] or inventory_hostname in groups['ex-lb']"

roles/clean/tasks/clean_master.yml

@@ -0,0 +1,18 @@
+# to clean 'kube-master' nodes
+- name: stop and disable kube-master service
+  service: name={{ item }} state=stopped enabled=no
+  with_items:
+  - kube-apiserver
+  - kube-controller-manager
+  - kube-scheduler
+  ignore_errors: true
+  when: "inventory_hostname in groups['kube-master']"
+
+- name: remove files and dirs of 'kube-master' nodes
+  file: name={{ item }} state=absent
+  with_items:
+  - "/var/run/kubernetes"
+  - "/etc/systemd/system/kube-apiserver.service"
+  - "/etc/systemd/system/kube-controller-manager.service"
+  - "/etc/systemd/system/kube-scheduler.service"
+  when: "inventory_hostname in groups['kube-master']"