diff options
| author | Joel Diaz <jdiaz@redhat.com> | 2017-12-20 01:22:23 +0000 |
|---|---|---|
| committer | Joel Diaz <jdiaz@redhat.com> | 2018-01-22 16:38:12 +0000 |
| commit | a0015f7ead6a89dbb602bc245b51e82cfad66902 (patch) | |
| tree | 663ad43e1d81b2a3b6b5a41914184edeeabc28de /playbooks/aws/openshift-cluster | |
| parent | c933a61030a882e3d33834390e82a9e196e0f654 (diff) | |
| download | openshift-a0015f7ead6a89dbb602bc245b51e82cfad66902.tar.gz openshift-a0015f7ead6a89dbb602bc245b51e82cfad66902.tar.bz2 openshift-a0015f7ead6a89dbb602bc245b51e82cfad66902.tar.xz openshift-a0015f7ead6a89dbb602bc245b51e82cfad66902.zip | |
allow uninstalling AWS objects created by prerequisite playbook
add deprovisioners/uninstallers for objects created via playbooks/aws/openshift-cluster/prerequisites.yml
specifically: security groups, vpcs, and any ssh keys
introduce openshift_aws_enable_uninstall_shared_objects to protect AWS objects that would be shared in the case of multiple clusters co-existing in one AWS account. right now it protects the ssh keys, but it can/should be used to protect against deleting the shared IAM instance profile as well. default this variable to False to be on the safe side when uninstalling/deprovisioning.
add some documentation on using deprovisioning playbooks
Diffstat (limited to 'playbooks/aws/openshift-cluster')
4 files changed, 36 insertions, 0 deletions
diff --git a/playbooks/aws/openshift-cluster/uninstall_prerequisites.yml b/playbooks/aws/openshift-cluster/uninstall_prerequisites.yml new file mode 100644 index 000000000..180c2281a --- /dev/null +++ b/playbooks/aws/openshift-cluster/uninstall_prerequisites.yml @@ -0,0 +1,6 @@ +--- +- import_playbook: uninstall_sec_group.yml + +- import_playbook: uninstall_vpc.yml + +- import_playbook: uninstall_ssh_keypair.yml diff --git a/playbooks/aws/openshift-cluster/uninstall_sec_group.yml b/playbooks/aws/openshift-cluster/uninstall_sec_group.yml new file mode 100644 index 000000000..642e5b169 --- /dev/null +++ b/playbooks/aws/openshift-cluster/uninstall_sec_group.yml @@ -0,0 +1,10 @@ +--- +- hosts: localhost + connection: local + gather_facts: no + tasks: + - name: delete security groups + include_role: + name: openshift_aws + tasks_from: uninstall_security_group.yml + when: openshift_aws_create_security_groups | default(True) | bool diff --git a/playbooks/aws/openshift-cluster/uninstall_ssh_keypair.yml b/playbooks/aws/openshift-cluster/uninstall_ssh_keypair.yml new file mode 100644 index 000000000..ec9caa51b --- /dev/null +++ b/playbooks/aws/openshift-cluster/uninstall_ssh_keypair.yml @@ -0,0 +1,10 @@ +--- +- hosts: localhost + connection: local + gather_facts: no + tasks: + - name: remove ssh keypair(s) + include_role: + name: openshift_aws + tasks_from: uninstall_ssh_keys.yml + when: openshift_aws_users | default([]) | length > 0 diff --git a/playbooks/aws/openshift-cluster/uninstall_vpc.yml b/playbooks/aws/openshift-cluster/uninstall_vpc.yml new file mode 100644 index 000000000..4c988bcc5 --- /dev/null +++ b/playbooks/aws/openshift-cluster/uninstall_vpc.yml @@ -0,0 +1,10 @@ +--- +- hosts: localhost + connection: local + gather_facts: no + tasks: + - name: delete vpc + include_role: + name: openshift_aws + tasks_from: uninstall_vpc.yml + when: openshift_aws_create_vpc | default(True) | bool |