Remove an OpenStack service

OpenStack Controller (Rockoon)

Since MOSK 25.1, the OpenStack Controller has been open-sourced under the name Rockoon and is maintained as an independent open-source project going forward.

As part of this transition, all openstack-controller pods are named rockoon pods across the MOSK documentation and deployments. This change does not affect functionality, but this is the reminder for the users to utilize the new naming for pods and other related artifacts accordingly.

This section instructs you on how to remove an OpenStack service deployed on top of Kubernetes. A service is typically removed by deleting a corresponding entry in the spec.features.services section of the openstackdeployments.lcm.mirantis.com (OsDpl) CR.

Caution

You cannot remove the default services built into the preset section.

Remove a service

1. Verify that the spec.features.services section is present in the OsDpl object:

   kubectl -n openstack get osdpl osh-dev -o jsonpath='{.spec.features.services}'
   

   Example of system output:

   [instance-ha object-storage]
   

2. Obtain the user name of the service database that will be required during Clean up OpenStack database leftovers after the service removal to substitute SERVICE-DB-NAME:

   Note

   For example, the <SERVICE-NAME> for the instance-ha service type is masakari.

   kubectl -n osh-system exec -t <ROCKOON-POD-NAME> -- helm3 -n openstack get values openstack-<SERVICE-NAME> -o json | jq -r .endpoints.oslo_db.auth.<SERVICE-NAME>.username
   

3. Delete the service from the spec.features.services section of the OsDpl CR:

   kubectl -n openstack edit osdpl osh-dev
   

   The deletion may take a certain amount of time.

4. Verify that all related objects have been deleted and no objects are present in the output of the following command:

   for i in $(kubectl api-resources --namespaced -o name | grep -v event); do kubectl -n openstack get $i 2>/dev/null | grep <SERVICE-NAME>; done
   

Clean up OpenStack API leftovers after the service removal

1. Log in to the Keystone client pod shell:

   kubectl -n openstack exec -it <KEYSTONE-CLIENT-POD-NAME> -- bash
   

2. Remove service endpoints from the Keystone catalog:

   for i in $(openstack endpoint list --service <SERVICE-NAME> -f value -c ID); do openstack endpoint delete $i; done
   

3. Remove the service user from the Keystone catalog:

   openstack user list --project service | grep <SERVICE-NAME>
   openstack user delete <SERVICE-USER-ID>
   

4. Remove the service from the catalog:

   openstack service list | grep <SERVICE-NAME>
   openstack service delete <SERVICE-ID>
   

Clean up OpenStack database leftovers after the service removal

Caution

The procedure below will permanently destroy the data of the removed service.

1. Log in to the mariadb-server pod shell:

   kubectl -n openstack exec -it mariadb-server-0 -- bash
   

2. Remove the service database user and its permissions:

   Note

   Use the user name for the service database obtained during the Remove a service procedure to substitute SERVICE-DB-NAME:

   mysql -u root -p${MYSQL_DBADMIN_PASSWORD} -e "REVOKE ALL PRIVILEGES, GRANT OPTION FROM '<SERVICE-DB-USERNAME>'@'%';"
   mysql -u root -p${MYSQL_DBADMIN_PASSWORD} -e "DROP USER '<SERVICE-DB-USERNAME>'@'%';"
   

3. Remove the service database:

   mysql -u root -p${MYSQL_DBADMIN_PASSWORD} -e "DROP DATABASE <SERVICE-NAME>;"