Remove an OpenStack service

This section instructs you on how to remove an OpenStack service deployed on top of Kubernetes. A service is typically removed by deleting a corresponding entry in the spec.features.services section of the openstackdeployments.lcm.mirantis.com (OsDpl) CR.

Caution

You cannot remove the default services built into the preset section.

Remove a service

  1. Verify that the spec.features.services section is present in the OsDpl object:

    kubectl -n openstack get osdpl osh-dev -o jsonpath='{.spec.features.services}'
    

    Example of system output:

    [instance-ha object-storage]
    
  2. Obtain the user name of the service database that will be required during Clean up OpenStack database leftovers after the service removal to substitute SERVICE-DB-NAME:

    Note

    For example, the <SERVICE-NAME> for the instance-ha service type is masakari.

    kubectl -n osh-system exec -t <OPENSTACK-CONTROLLER-POD-NAME> -- helm3 -n openstack get values openstack-<SERVICE-NAME> -o json | jq -r .endpoints.oslo_db.auth.<SERVICE-NAME>.username
    
  3. Delete the service from the spec.features.services section of the OsDpl CR:

    kubectl -n openstack edit osdpl osh-dev
    

    The deletion may take a certain amount of time.

  4. Verify that all related objects have been deleted and no objects are present in the output of the following command:

    for i in $(kubectl api-resources --namespaced -o name | grep -v event); do kubectl -n openstack get $i 2>/dev/null | grep <SERVICE-NAME>; done
    

Clean up OpenStack API leftovers after the service removal

  1. Log in to the Keystone client pod shell:

    kubectl -n openstack exec -it <KEYSTONE-CLIENT-POD-NAME> -- bash
    
  2. Remove service endpoints from the Keystone catalog:

    for i in $(openstack endpoint list --service <SERVICE-NAME> -f value -c ID); do openstack endpoint delete $i; done
    
  3. Remove the service user from the Keystone catalog:

    openstack user list --project service | grep <SERVICE-NAME>
    openstack user delete <SERVICE-USER-ID>
    
  4. Remove the service from the catalog:

    openstack service list | grep <SERVICE-NAME>
    openstack service delete <SERVICE-ID>
    

Clean up OpenStack database leftovers after the service removal

Caution

The procedure below will permanently destroy the data of the removed service.

  1. Log in to the mariadb-server pod shell:

    kubectl -n openstack exec -it mariadb-server-0 -- bash
    
  2. Remove the service database user and its permissions:

    Note

    Use the user name for the service database obtained during the Remove a service procedure to substitute SERVICE-DB-NAME:

    mysql -u root -p${MYSQL_DBADMIN_PASSWORD} -e "REVOKE ALL PRIVILEGES, GRANT OPTION FROM '<SERVICE-DB-USERNAME>'@'%';"
    mysql -u root -p${MYSQL_DBADMIN_PASSWORD} -e "DROP USER '<SERVICE-DB-USERNAME>'@'%';"
    
  3. Remove the service database:

    mysql -u root -p${MYSQL_DBADMIN_PASSWORD} -e "DROP DATABASE <SERVICE-NAME>;"