Chapter 6. Uninstalling a cluster on AWS

Prerequisites

• You have a copy of the installation program that you used to deploy the cluster.
• You have the files that the installation program generated when you created your cluster.

Prerequisites

• Extract and prepare the ccoctl binary.
• Uninstall an OpenShift Container Platform cluster on AWS that uses short-term credentials.

Procedure

• Delete the AWS resources that ccoctl created by running the following command:

  $ ccoctl aws delete \
    --name=<name> \
  ifdef::aws-sts
  [  --region=<aws_region>]

  Copy to Clipboard Toggle word wrap

  where:

  <name>

  Matches the name that was originally used to create and tag the cloud resources.

  <aws_region>

  is the AWS region in which to delete cloud resources.

  Example output

  2021/04/08 17:50:41 Identity Provider object .well-known/openid-configuration deleted from the bucket <name>-oidc
  2021/04/08 17:50:42 Identity Provider object keys.json deleted from the bucket <name>-oidc
  2021/04/08 17:50:43 Identity Provider bucket <name>-oidc deleted
  2021/04/08 17:51:05 Policy <name>-openshift-cloud-credential-operator-cloud-credential-o associated with IAM Role <name>-openshift-cloud-credential-operator-cloud-credential-o deleted
  2021/04/08 17:51:05 IAM Role <name>-openshift-cloud-credential-operator-cloud-credential-o deleted
  2021/04/08 17:51:07 Policy <name>-openshift-cluster-csi-drivers-ebs-cloud-credentials associated with IAM Role <name>-openshift-cluster-csi-drivers-ebs-cloud-credentials deleted
  2021/04/08 17:51:07 IAM Role <name>-openshift-cluster-csi-drivers-ebs-cloud-credentials deleted
  2021/04/08 17:51:08 Policy <name>-openshift-image-registry-installer-cloud-credentials associated with IAM Role <name>-openshift-image-registry-installer-cloud-credentials deleted
  2021/04/08 17:51:08 IAM Role <name>-openshift-image-registry-installer-cloud-credentials deleted
  2021/04/08 17:51:09 Policy <name>-openshift-ingress-operator-cloud-credentials associated with IAM Role <name>-openshift-ingress-operator-cloud-credentials deleted
  2021/04/08 17:51:10 IAM Role <name>-openshift-ingress-operator-cloud-credentials deleted
  2021/04/08 17:51:11 Policy <name>-openshift-machine-api-aws-cloud-credentials associated with IAM Role <name>-openshift-machine-api-aws-cloud-credentials deleted
  2021/04/08 17:51:11 IAM Role <name>-openshift-machine-api-aws-cloud-credentials deleted
  2021/04/08 17:51:39 Identity Provider with ARN arn:aws:iam::<aws_account_id>:oidc-provider/<name>-oidc.s3.<aws_region>.amazonaws.com deleted

  Copy to Clipboard Toggle word wrap

Verification

• To verify that the resources are deleted, query AWS. For more information, refer to AWS documentation.

Prerequisites

• You know the name of the CloudFormation stacks, <local_zone_stack_name> and <vpc_stack_name>, that were used during the creation of the network. You need the name of the stack to delete the cluster.
• You have access rights to the directory that contains the installation files that were created by the installation program.
• Your account includes a policy that provides you with permissions to delete the CloudFormation stack.

Verification

• Check that you removed the stack resources by issuing the following commands in the AWS CLI. The AWS CLI outputs that no template component exists.

  $ aws cloudformation describe-stacks --stack-name <local_zone_stack_name>

  Copy to Clipboard Toggle word wrap

  $ aws cloudformation describe-stacks --stack-name <vpc_stack_name>

  Copy to Clipboard Toggle word wrap