kubespray/roles/reset/tasks/main.yml

---

- name: reset | stop services
  service:
    name: "{{ item }}"
    state: stopped
  with_items:
    - kubelet
    - vault
    - etcd
    - etcd-events
  failed_when: false
  tags:
    - services

- name: reset | remove services
  file:
    path: "/etc/systemd/system/{{ item }}.service"
    state: absent
  with_items:
    - kubelet
    - etcd
    - etcd-events
    - vault
    - calico-node
  register: services_removed
  tags:
    - services

- name: reset | remove docker dropins
  file:
    path: "/etc/systemd/system/docker.service.d/{{ item }}"
    state: absent
  with_items:
    - docker-dns.conf
    - docker-options.conf
    - http-proxy.conf
  register: docker_dropins_removed
  tags:
    - docker

- name: reset | systemctl daemon-reload
  command: systemctl daemon-reload
  when: services_removed.changed or docker_dropins_removed.changed

- name: reset | remove all containers
  shell: "{{ docker_bin_dir }}/docker ps -aq | xargs -r docker rm -fv"
  register: remove_all_containers
  retries: 4
  until: remove_all_containers.rc == 0
  delay: 5
  tags:
    - docker

- name: reset | restart docker if needed
  service:
    name: docker
    state: restarted
  when: docker_dropins_removed.changed
  tags:
    - docker

- name: reset | gather mounted kubelet dirs
  shell: mount | grep /var/lib/kubelet | awk '{print $3}' | tac
  check_mode: no
  register: mounted_dirs
  tags:
    - mounts

- name: reset | unmount kubelet dirs
  command: umount {{item}}
  with_items: '{{ mounted_dirs.stdout_lines }}'
  register: umount_dir
  retries: 4
  until: umount_dir.rc == 0
  delay: 5
  tags:
    - mounts

- name: flush iptables
  iptables:
    table: "{{ item }}"
    flush: yes
  with_items:
    - filter
    - nat
  when: flush_iptables|bool
  tags:
    - iptables

- name: reset | delete some files and directories
  file:
    path: "{{ item }}"
    state: absent
  with_items:
    - "{{kube_config_dir}}"
    - /var/lib/kubelet
    - /root/.kube
    - /root/.helm
    - "{{ etcd_data_dir }}"
    - /var/lib/etcd-events
    - /etc/ssl/etcd
    - /var/log/calico
    - /etc/cni
    - /etc/nginx
    - /etc/dnsmasq.d
    - /etc/dnsmasq.conf
    - /etc/dnsmasq.d-available
    - /etc/etcd.env
    - /etc/calico
    - /etc/weave.env
    - /opt/cni
    - /etc/dhcp/dhclient.d/zdnsupdate.sh
    - /etc/dhcp/dhclient-exit-hooks.d/zdnsupdate
    - /run/flannel
    - /etc/flannel
    - /run/kubernetes
    - /usr/local/share/ca-certificates/etcd-ca.crt
    - /usr/local/share/ca-certificates/kube-ca.crt
    - /usr/local/share/ca-certificates/vault-ca.crt
    - /etc/ssl/certs/etcd-ca.pem
    - /etc/ssl/certs/kube-ca.pem
    - /etc/ssl/certs/vault-ca.crt
    - /etc/pki/ca-trust/source/anchors/etcd-ca.crt
    - /etc/pki/ca-trust/source/anchors/kube-ca.crt
    - /etc/pki/ca-trust/source/anchors/vault-ca.crt
    - /etc/vault
    - /var/log/pods/
    - "{{ bin_dir }}/kubelet"
    - "{{ bin_dir }}/etcd-scripts"
    - "{{ bin_dir }}/etcd"
    - "{{ bin_dir }}/etcd-events"
    - "{{ bin_dir }}/etcdctl"
    - "{{ bin_dir }}/kubernetes-scripts"
    - "{{ bin_dir }}/kubectl"
    - "{{ bin_dir }}/kubeadm"
    - "{{ bin_dir }}/helm"
    - "{{ bin_dir }}/calicoctl"
    - "{{ bin_dir }}/weave"
    - /var/lib/rkt
    - /etc/vault
  ignore_errors: yes
  tags:
    - files

- name: reset | remove dns settings from dhclient.conf
  blockinfile:
    dest: "{{ item }}"
    state: absent
    follow: yes
    marker: "# Ansible entries {mark}"
  failed_when: false
  with_items:
    - /etc/dhclient.conf
    - /etc/dhcp/dhclient.conf
  tags:
    - files
    - dns

- name: reset | remove host entries from /etc/hosts
  blockinfile:
    dest: "/etc/hosts"
    state: absent
    follow: yes
    marker: "# Ansible inventory hosts {mark}"
  tags:
    - files
    - dns

- name: reset | check cni network device
  stat:
    path: /sys/class/net/cni0
  register: cni
  when: kube_network_plugin == 'flannel'
  tags:
    - flannel

- name: reset | remove the network device created by the flannel
  command: ip link del cni0
  when: kube_network_plugin == 'flannel' and cni.stat.exists
  tags:
    - flannel

- name: reset | check flannel network device
  stat:
    path: /sys/class/net/flannel.1
  register: flannel
  when: kube_network_plugin == 'flannel'
  tags:
    - flannel

- name: reset | remove the network device created by the flannel
  command: ip link del flannel.1
  when: kube_network_plugin == 'flannel' and flannel.stat.exists
  tags:
    - flannel

- name: reset | Restart network
  service:
    name: >-
      {% if ansible_os_family == "RedHat" -%}
      network
      {%- elif ansible_os_family == "Debian" -%}
      networking
      {%- endif %}
    state: restarted
  when: ansible_os_family not in ["CoreOS", "Container Linux by CoreOS"] and reset_restart_network
  tags:
    - services
    - network