主页
产品
Red Hat OpenShift Service on AWS
4
安装集群
第 10 章删除 Red Hat OpenShift Service on AWS 集群

第 10 章删除 Red Hat OpenShift Service on AWS 集群

如果要删除 Red Hat OpenShift Service on AWS 集群，您可以使用 Red Hat OpenShift Cluster Manager 或 ROSA 命令行界面(CLI) (rosa)。删除集群后，您还可以删除集群使用的 AWS Identity and Access Management (IAM)资源。

10.1. 删除 Red Hat OpenShift Service on AWS 集群和特定于集群的 IAM 资源
复制链接

您可以使用 ROSA CLI 或 Red Hat OpenShift Cluster Manager 删除 Red Hat OpenShift Service on AWS 集群。

删除集群后，您可以使用 ROSA CLI 清理 AWS 帐户中特定于集群的 Identity and Access Management (IAM)资源。特定于集群的资源包括 Operator 角色和 OpenID Connect (OIDC)供应商。

注意

集群删除必须在删除 IAM 资源前完成，因为集群删除和清理过程会用到这些资源。

如果安装了附加组件，集群删除需要更长的时间，因为在删除集群前卸载附加组件。时间量取决于附加组件的数量和大小。

先决条件

您已在 AWS 集群上安装了 Red Hat OpenShift Service。
您已在安装主机上安装和配置了最新的 ROSA CLI。

流程

运行以下命令，获取集群 ID、特定于集群 Operator 角色的 Amazon 资源名称(ARN)和 OIDC 供应商的端点 URL：

rosa describe cluster --cluster=<cluster_name>

$ rosa describe cluster --cluster=<cluster_name>

Copy to Clipboard

Toggle word wrap

输出示例

Name:                       test_cluster
Domain Prefix:              test_cluster
Display Name:               test_cluster
ID:                         <cluster_id> 
External ID:                <external_id>
Control Plane:              ROSA Service Hosted
OpenShift Version:          4.19.0
Channel Group:              stable
DNS:                        test_cluster.l3cn.p3.openshiftapps.com
AWS Account:                <AWS_id>
AWS Billing Account:        <AWS_id>
API URL:                    https://api.test_cluster.l3cn.p3.openshiftapps.com:443
Console URL:
Region:                     us-east-1
Availability:
 - Control Plane:           MultiAZ
 - Data Plane:              SingleAZ

Nodes:
 - Compute (desired):       2
 - Compute (current):       0
Network:
 - Type:                    OVNKubernetes
 - Service CIDR:            172.30.0.0/16
 - Machine CIDR:            10.0.0.0/16
 - Pod CIDR:                10.128.0.0/14
 - Host Prefix:             /23
 - Subnets:                 <subnet_ids>
EC2 Metadata Http Tokens:   optional
Role (STS) ARN:             arn:aws:iam::<AWS_id>:role/test_cluster-HCP-ROSA-Installer-Role
Support Role ARN:           arn:aws:iam::<AWS_id>:role/test_cluster-HCP-ROSA-Support-Role
Instance IAM Roles:
 - Worker:                  arn:aws:iam::<AWS_id>:role/test_cluster-HCP-ROSA-Worker-Role
Operator IAM Roles: 
 - arn:aws:iam::<AWS_id>:role/test_cluster-openshift-cloud-network-config-controller-cloud-crede
 - arn:aws:iam::<AWS_id>:role/test_cluster-openshift-image-registry-installer-cloud-credentials
 - arn:aws:iam::<AWS_id>:role/test_cluster-openshift-ingress-operator-cloud-credentials
 - arn:aws:iam::<AWS_id>:role/test_cluster-kube-system-kube-controller-manager
 - arn:aws:iam::<AWS_id>:role/test_cluster-kube-system-capa-controller-manager
 - arn:aws:iam::<AWS_id>:role/test_cluster-kube-system-control-plane-operator
 - arn:aws:iam::<AWS_id>:role/hcpcluster-kube-system-kms-provider
 - arn:aws:iam::<AWS_id>:role/test_cluster-openshift-cluster-csi-drivers-ebs-cloud-credentials
Managed Policies:           Yes
State:                      ready
Private:                    No
Created:                    Apr 16 2024 20:32:06 UTC
User Workload Monitoring:   Enabled
Details Page:               https://console.redhat.com/openshift/details/s/<cluster_id>
OIDC Endpoint URL:          https://oidc.op1.openshiftapps.com/<cluster_id> (Managed) 
Audit Log Forwarding:       Disabled
External Authentication:    Disabled

Name:                       test_cluster
Domain Prefix:              test_cluster
Display Name:               test_cluster
ID:                         <cluster_id>


External ID:                <external_id>
Control Plane:              ROSA Service Hosted
OpenShift Version:          4.19.0
Channel Group:              stable
DNS:                        test_cluster.l3cn.p3.openshiftapps.com
AWS Account:                <AWS_id>
AWS Billing Account:        <AWS_id>
API URL:                    https://api.test_cluster.l3cn.p3.openshiftapps.com:443
Console URL:
Region:                     us-east-1
Availability:
 - Control Plane:           MultiAZ
 - Data Plane:              SingleAZ

Nodes:
 - Compute (desired):       2
 - Compute (current):       0
Network:
 - Type:                    OVNKubernetes
 - Service CIDR:            172.30.0.0/16
 - Machine CIDR:            10.0.0.0/16
 - Pod CIDR:                10.128.0.0/14
 - Host Prefix:             /23
 - Subnets:                 <subnet_ids>
EC2 Metadata Http Tokens:   optional
Role (STS) ARN:             arn:aws:iam::<AWS_id>:role/test_cluster-HCP-ROSA-Installer-Role
Support Role ARN:           arn:aws:iam::<AWS_id>:role/test_cluster-HCP-ROSA-Support-Role
Instance IAM Roles:
 - Worker:                  arn:aws:iam::<AWS_id>:role/test_cluster-HCP-ROSA-Worker-Role
Operator IAM Roles:


 - arn:aws:iam::<AWS_id>:role/test_cluster-openshift-cloud-network-config-controller-cloud-crede
 - arn:aws:iam::<AWS_id>:role/test_cluster-openshift-image-registry-installer-cloud-credentials
 - arn:aws:iam::<AWS_id>:role/test_cluster-openshift-ingress-operator-cloud-credentials
 - arn:aws:iam::<AWS_id>:role/test_cluster-kube-system-kube-controller-manager
 - arn:aws:iam::<AWS_id>:role/test_cluster-kube-system-capa-controller-manager
 - arn:aws:iam::<AWS_id>:role/test_cluster-kube-system-control-plane-operator
 - arn:aws:iam::<AWS_id>:role/hcpcluster-kube-system-kms-provider
 - arn:aws:iam::<AWS_id>:role/test_cluster-openshift-cluster-csi-drivers-ebs-cloud-credentials
Managed Policies:           Yes
State:                      ready
Private:                    No
Created:                    Apr 16 2024 20:32:06 UTC
User Workload Monitoring:   Enabled
Details Page:               https://console.redhat.com/openshift/details/s/<cluster_id>
OIDC Endpoint URL:          https://oidc.op1.openshiftapps.com/<cluster_id> (Managed)


Audit Log Forwarding:       Disabled
External Authentication:    Disabled

Copy to Clipboard

Toggle word wrap

1: 列出集群 ID。
2: 指定特定于集群 Operator 角色的 ARN。例如，在示例输出中，Machine Config Operator 所需的角色的 ARN 是 arn:aws:iam::<aws_account_id>:role/mycluster-x4q9-openshift-machine-api-aws-cloud-credentials。
3: 显示特定于集群的 OIDC 供应商的端点 URL。

重要

删除集群后，您需要集群 ID 来使用 ROSA CLI 删除特定于集群的 STS 资源。

使用 OpenShift Cluster Manager 或 ROSA CLI 删除集群：
- 使用 OpenShift Cluster Manager 删除集群：
  1. 导航到 OpenShift Cluster Manager。
  2. 点击集群旁边的 Options 菜单并选择 Delete cluster。
  3. 在提示符处键入集群名称并点 Delete。
- 使用 ROSA CLI 删除集群：
  1. 运行以下命令，将 &lt ;cluster_name > 替换为集群的名称或 ID：
    
    $ rosa delete cluster --cluster=<cluster_name> --watch
    
    Copy to Clipboard Toggle word wrap
    
    重要
    在删除 Operator 角色和 OIDC 供应商前，您必须等待集群删除完成。

运行以下命令来删除特定于集群的 Operator IAM 角色：

对于没有共享虚拟私有云(VPC)的集群：

rosa delete operator-roles --prefix <operator_role_prefix>

$ rosa delete operator-roles --prefix <operator_role_prefix>

Copy to Clipboard

Toggle word wrap

对于具有共享 VPC 的集群：

rosa delete operator-roles --prefix <operator_role_prefix> --delete-hosted-shared-vpc-policies

$ rosa delete operator-roles --prefix <operator_role_prefix> --delete-hosted-shared-vpc-policies

Copy to Clipboard

Toggle word wrap

运行以下命令来删除 OIDC 供应商：

rosa delete oidc-provider --oidc-config-id <oidc_config_id>

$ rosa delete oidc-provider --oidc-config-id <oidc_config_id>

Copy to Clipboard

Toggle word wrap

故障排除

确保混合云控制台中没有您的集群的附加组件。
确保 Amazon Web 控制台中删除了所有 AWS 资源和依赖项。

返回顶部

第 10 章删除 Red Hat OpenShift Service on AWS 集群

10.1. 删除 Red Hat OpenShift Service on AWS 集群和特定于集群的 IAM 资源
复制链接

学习

尝试、购买和销售

社区

关于红帽文档

让开源更具包容性

關於紅帽

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

第 10 章 删除 Red Hat OpenShift Service on AWS 集群

10.1. 删除 Red Hat OpenShift Service on AWS 集群和特定于集群的 IAM 资源复制链接链接已复制到粘贴板!

学习

尝试、购买和销售

社区

关于红帽文档

让开源更具包容性

關於紅帽

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

第 10 章删除 Red Hat OpenShift Service on AWS 集群

10.1. 删除 Red Hat OpenShift Service on AWS 集群和特定于集群的 IAM 资源
复制链接