Remove an OpenStack service¶
This section instructs you on how to remove an OpenStack service deployed on
top of Kubernetes. A service is typically removed by deleting a corresponding
entry in the spec.features.services
section of the
openstackdeployments.lcm.mirantis.com
(OsDpl) CR.
Caution
You cannot remove the default services built into the preset
section.
Remove a service¶
Verify that the
spec.features.services
section is present in the OsDpl object:kubectl -n openstack get osdpl osh-dev -o jsonpath='{.spec.features.services}'
Example of system output:
[instance-ha object-storage]
Obtain the user name of the service database that will be required during Clean up OpenStack database leftovers after the service removal to substitute
SERVICE-DB-NAME
:Note
For example, the
<SERVICE-NAME>
for theinstance-ha
service type ismasakari
.kubectl -n osh-system exec -t <OPENSTACK-CONTROLLER-POD-NAME> -- helm3 -n openstack get values openstack-<SERVICE-NAME> -o json | jq -r .endpoints.oslo_db.auth.<SERVICE-NAME>.username
Delete the service from the
spec.features.services
section of the OsDpl CR:kubectl -n openstack edit osdpl osh-dev
The deletion may take a certain amount of time.
Verify that all related objects have been deleted and no objects are present in the output of the following command:
for i in $(kubectl api-resources --namespaced -o name | grep -v event); do kubectl -n openstack get $i 2>/dev/null | grep <SERVICE-NAME>; done
Clean up OpenStack API leftovers after the service removal¶
Log in to the Keystone client pod shell:
kubectl -n openstack exec -it <KEYSTONE-CLIENT-POD-NAME> -- bash
Remove service endpoints from the Keystone catalog:
for i in $(openstack endpoint list --service <SERVICE-NAME> -f value -c ID); do openstack endpoint delete $i; done
Remove the service user from the Keystone catalog:
openstack user list --project service | grep <SERVICE-NAME> openstack user delete <SERVICE-USER-ID>
Remove the service from the catalog:
openstack service list | grep <SERVICE-NAME> openstack service delete <SERVICE-ID>
Clean up OpenStack database leftovers after the service removal¶
Caution
The procedure below will permanently destroy the data of the removed service.
Log in to the
mariadb-server
pod shell:kubectl -n openstack exec -it mariadb-server-0 -- bash
Remove the service database user and its permissions:
Note
Use the user name for the service database obtained during the Remove a service procedure to substitute
SERVICE-DB-NAME
:mysql -u root -p${MYSQL_DBADMIN_PASSWORD} -e "REVOKE ALL PRIVILEGES, GRANT OPTION FROM '<SERVICE-DB-USERNAME>'@'%';" mysql -u root -p${MYSQL_DBADMIN_PASSWORD} -e "DROP USER '<SERVICE-DB-USERNAME>'@'%';"
Remove the service database:
mysql -u root -p${MYSQL_DBADMIN_PASSWORD} -e "DROP DATABASE <SERVICE-NAME>;"