Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Documentation says uninstalling chart uninstalls CRDs, but it does not #3416

Closed
antoineozenne-at-leocare opened this issue Oct 12, 2023 · 5 comments · Fixed by #3422
Closed

Documentation says uninstalling chart uninstalls CRDs, but it does not #3416

antoineozenne-at-leocare opened this issue Oct 12, 2023 · 5 comments · Fixed by #3422
Assignees
@theunrepentantgeek
Labels
documentation Improvements or additions to documentation
Milestone
v2.4.0

Comments

@antoineozenne-at-leocare
Copy link

Version of Azure Service Operator
2.3.0

Describe the bug
When uninstalling the chart, the CRD are not uninstalled (contrary to what the documentation indicates).

To Reproduce
Steps to reproduce the behavior:

  • Install the chart with the following commands:

    kubectl create namespace azureserviceoperator-system --dry-run=client -o yaml | kubectl apply -f -
helm upgrade --install --namespace azureserviceoperator-system azureserviceoperator-system aso2/azure-service-operator --version 2.3.0 --values myvalues.yaml

    The myvalues.yaml content is the following:

    azureSubscriptionID: xxx
azureTenantID: xxx
azureClientID: xxx
useWorkloadIdentityAuth: true
crdPattern: 'managedidentity.azure.com/*;authorization.azure.com/*'

  • Deploy some resources.

  • Delete these resources.

  • Uninstall the chart with the following commands:

    helm uninstall --namespace azureserviceoperator-system azureserviceoperator-system
kubectl delete namespace azureserviceoperator-system

  • See the CRD are always here:

    kubectl api-resources | grep azure.com
# roleassignments                                       authorization.azure.com/v1api20200801preview     true         RoleAssignment
# federatedidentitycredentials                          managedidentity.azure.com/v1api20220131preview   true         FederatedIdentityCredential
# userassignedidentities                                managedidentity.azure.com/v1beta20181130         true         UserAssignedIdentity

Expected behavior
All the CRD are uninstalled.
@theunrepentantgeek
Copy link
Member

theunrepentantgeek commented Oct 12, 2023
edited
Loading

This is by design, both for Helm and for ASO.

The documentation for Helm reads:

There is no support at this time for upgrading or deleting CRDs using Helm. This was an explicit decision after much community discussion due to the danger for unintentional data loss.

With ASO, it's a little more complicated - the CRDs are not included with the chart at all.

So, even if Helm supported CRD removal, it wouldn't know about them, and wouldn't remove them.

ASO has so many CRDs that their total size is too large for Helm to manage. Instead the Operator installs and upgrades them itself (though you can take over this process yourself). See CRD Mangement in ASO for more information.

For similar reasons to Helm, minimizing risks, we have not built any functionality to automatically remove CRDs.

@theunrepentantgeek theunrepentantgeek self-assigned this Oct 12, 2023
@theunrepentantgeek
Copy link
Member

Let me know if you have any questions about this behaviour.

@theunrepentantgeek theunrepentantgeek added waiting-on-user-response Waiting on more information from the original user before progressing. and removed needs-triage 🔍 labels Oct 13, 2023
@antoineozenne-at-leocare
Copy link
Author

antoineozenne-at-leocare commented Oct 13, 2023
edited
Loading

Yes, thank you @theunrepentantgeek, the process you are describing seems usual to me. I think the documentation https://azure.github.io/azure-service-operator/guide/uninstalling/ needs a fix. This part misled me:

Warning: This command will also remove installed ASO CRDs. As mentioned above it is strongly recommended that you ensure that there are no remaining ASO resources in the cluster before you run this command.

@matthchr
Copy link
Member

You are right @antoineozenne-at-leocare - that documentation is wrong!

I've updated the title of this issue and retagged it as a documentation issue, which we will fix.

@matthchr matthchr changed the title Bug: CRD are not uninstalled with the chart Documentation says uninstalling chart uninstalls CRDs, but it does not Oct 13, 2023
@matthchr matthchr added documentation Improvements or additions to documentation and removed waiting-on-user-response Waiting on more information from the original user before progressing. labels Oct 13, 2023
@theunrepentantgeek
Copy link
Member

Good catch @antoineozenne-at-leocare, we definitely need to fix our docs.

@theunrepentantgeek theunrepentantgeek mentioned this issue Oct 16, 2023
Merged
1 task
@theunrepentantgeek theunrepentantgeek added this to the v2.4.0 milestone Oct 25, 2023
@theunrepentantgeek theunrepentantgeek moved this from Backlog to In Progress in Azure Service Operator Roadmap Oct 25, 2023
@github-project-automation github-project-automation bot moved this from In Progress to Recently Completed in Azure Service Operator Roadmap Oct 30, 2023
@matthchr matthchr moved this from Recently Completed to Ready for Release in Azure Service Operator Roadmap Nov 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@theunrepentantgeek theunrepentantgeek

Labels
documentation Improvements or additions to documentation
Projects
Azure Service Operator Roadmap
Archived in project
Milestone
v2.4.0
Development

Successfully merging a pull request may close this issue.

Update documentation around CRD removal Azure/azure-service-operator
3 participants
@theunrepentantgeek @matthchr @antoineozenne-at-leocare