mirror of https://github.com/status-im/consul.git
98 lines
4.1 KiB
Plaintext
98 lines
4.1 KiB
Plaintext
---
|
|
layout: docs
|
|
page_title: Uninstall
|
|
description: Uninstall Consul on Kubernetes
|
|
---
|
|
|
|
# Uninstall Consul
|
|
|
|
You can uninstall Consul using Helm commands or the Consul K8s CLI.
|
|
|
|
## Helm commands
|
|
|
|
Run the `helm uninstall` **and** manually remove resources that Helm does not delete.
|
|
|
|
1. First, run `helm uninstall`:
|
|
|
|
```shell-session
|
|
$ helm uninstall hashicorp
|
|
release "hashicorp" uninstalled
|
|
```
|
|
|
|
1. After deleting the Helm release, you need to delete the `PersistentVolumeClaim`'s
|
|
for the persistent volumes that store Consul's data. A [bug](https://github.com/helm/helm/issues/5156) in Helm prevents PVCs from being deleted. Issue the following commands:
|
|
|
|
```shell-session
|
|
$ kubectl get pvc -l chart=consul-helm
|
|
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
|
|
data-default-hashicorp-consul-server-0 Bound pvc-32cb296b-1213-11ea-b6f0-42010a8001db 10Gi RWO standard 17m
|
|
data-default-hashicorp-consul-server-1 Bound pvc-32d79919-1213-11ea-b6f0-42010a8001db 10Gi RWO standard 17m
|
|
data-default-hashicorp-consul-server-2 Bound pvc-331581ea-1213-11ea-b6f0-42010a8001db 10Gi RWO standard 17m
|
|
|
|
$ kubectl delete pvc -l chart=consul-helm
|
|
persistentvolumeclaim "data-default-hashicorp-consul-server-0" deleted
|
|
persistentvolumeclaim "data-default-hashicorp-consul-server-1" deleted
|
|
persistentvolumeclaim "data-default-hashicorp-consul-server-2" deleted
|
|
```
|
|
|
|
~> **NOTE:** This will delete **all** data stored in Consul and it can't be
|
|
recovered unless you've taken other backups.
|
|
|
|
1. If installing with ACLs enabled, you will need to then delete the ACL secrets:
|
|
|
|
```shell-session
|
|
$ kubectl get secret | grep consul | grep Opaque
|
|
consul-acl-replication-acl-token Opaque 1 41m
|
|
consul-bootstrap-acl-token Opaque 1 41m
|
|
consul-client-acl-token Opaque 1 41m
|
|
consul-connect-inject-acl-token Opaque 1 37m
|
|
consul-controller-acl-token Opaque 1 37m
|
|
consul-federation Opaque 4 41m
|
|
consul-mesh-gateway-acl-token Opaque 1 41m
|
|
```
|
|
|
|
1. Ensure that the secrets you're about to delete are all created by Consul and not
|
|
created by another user with the word `consul`.
|
|
|
|
```shell-session
|
|
$ kubectl get secret | grep consul | grep Opaque | awk '{print $1}' | xargs kubectl delete secret
|
|
secret "consul-acl-replication-acl-token" deleted
|
|
secret "consul-bootstrap-acl-token" deleted
|
|
secret "consul-client-acl-token" deleted
|
|
secret "consul-connect-inject-acl-token" deleted
|
|
secret "consul-controller-acl-token" deleted
|
|
secret "consul-federation" deleted
|
|
secret "consul-mesh-gateway-acl-token" deleted
|
|
secret "consul-gossip-encryption-key" deleted
|
|
```
|
|
|
|
1. If installing with `tls.enabled` then, run the following commands to delete the `ServiceAccount` left behind:
|
|
|
|
```shell-session
|
|
$ kubectl get serviceaccount consul-tls-init
|
|
NAME SECRETS AGE
|
|
consul-tls-init 1 47m
|
|
```
|
|
|
|
```shell-session
|
|
$ kubectl delete serviceaccount consul-tls-init
|
|
serviceaccount "consul-tls-init" deleted
|
|
```
|
|
|
|
## Consul K8s CLI
|
|
|
|
Issue the `consul-k8s uninstall` command to remove Consul on Kubernetes. You can specify the installation name, namespace, and data retention behavior using the applicable options. By default, the uninstallation preserves the secrets and PVCs that are provisioned by Consul on Kubernetes.
|
|
|
|
```shell-session
|
|
$ consul-k8s uninstall <OPTIONS>
|
|
```
|
|
|
|
|
|
In the following example, Consul will be uninstalled and the data removed without prompting you to verify the operations:
|
|
|
|
```shell-session
|
|
$ consul-k8s uninstall -auto-approve=true -wipe-data=true
|
|
```
|
|
|
|
Refer to the [Consul K8s CLI reference](/docs/k8s/k8s-cli#uninstall) topic for details.
|