How to clean up cloud resourcesΒΆ
This guide demonstrates how to clean up a previously initialized cloud environment and a deployed Charmed HPC cluster. This includes clean-up of both the machine cloud and the Kubernetes (K8s) cloud. All compute plane and control plane applications hosted on these clouds will be destroyed.
Warning
Clean-up may result in permanent data loss. Ensure all data you wish to preserve has been migrated to a safe location before proceeding.
Always clean up public cloud resources that are no longer necessary! Abandoned resources are tricky to detect and can become expensive over time.
To clean up Microsoft Azure and Azure Kubernetes Service (AKS) resources, it is assumed you have:
Bootstrapped a Juju controller on Azure
Added AKS to the controller
Clean up Azure resources
List all controllers that have been registered to the local client with:
juju controllers
To destroy the Juju controller and remove the Azure instance:
juju destroy-controller <controller name> --destroy-all-models --destroy-storage --force
List current AKS instances with:
az aks list
This will give JSON-formatted output representing the current AKS instances. Look for the values of "name"
and "resourceGroup"
in the output:
[
{
"aadProfile": null,
[...]
"name": "charmed-aks-cluster",
[...]
"resourceGroup": "aks",
[...]
},
}
]
Here charmed-aks-cluster
and aks
. Now delete both the instance and its resource group with the following commands (substituting in your AKS instance name for charmed-aks-cluster
and your resource group for aks
):
az aks delete -n charmed-aks-cluster -g aks
az group delete -n aks
Destroying the controller or AKS instance may take a long time depending on the complexity of the deployment. Should the destroy process exceed 15 minutes or otherwise be seemingly stuck, you can proceed to delete resources manually via the Azure web portal or via the az
CLI.
To list any remaining Azure resources, use:
az resource list
This command will return []
if no Azure resources remain. If there are charmed-hpc
resources showing, repeat the above steps. If not, proceed to the steps for cleaning up your credentials below.
Clean up credentials
List your Juju credentials with:
~$
juju credentials
Client Credentials:
Cloud Credentials
azure <your credential name>
Remove Azure CLI credentials from Juju:
juju remove-credential azure <your credential name>
After deleting the credential, the interactive process may not clean up its Azure role resource and assignment. Check the full list of role definitions with:
az role definition list
Look for role definitions with "roleType": "CustomRole"
. If a custom <Azure role definition name>
was not specified when initially adding the credential, the "roleName"
will be similar to "Juju Role Definition"
or "juju-controller-role"
, followed by an ID, otherwise it will be the custom name provided. These definitions should be removed if Juju is no longer in use.
To remove a role definition, first its assignments must be removed. To check whether a role assignment is bound to <Azure role definition name>
run:
az role assignment list --role <Azure role definition name>
The assignment and then the definition itself can be removed with:
az role assignment delete --role <Azure role definition name>
az role definition delete --name <Azure role definition name>
To finish cleaning up, log out from Azure CLI:
az logout
To clean up Amazon Web Services and Amazon Elastic Kubernetes Service (EKS) resources, it is assumed you have:
Bootstrapped a Juju controller on AWS
Added EKS to the controller
Clean up AWS resources
List all controllers that have been registered to the local client with:
juju controllers
To destroy the Juju controller and remove the AWS instance:
juju destroy-controller <controller name> --destroy-all-models --destroy-storage --force
List current EKS clusters with:
aws eks list-clusters
This will give JSON-formatted output representing the currently active EKS clusters. Identify the cluster used by Juju in the output:
{
"clusters": [
"charmed-eks-cluster"
]
}
Here charmed-aks-cluster
. Now delete the cluster using the following command (substituting in your EKS cluster name for charmed-eks-cluster
):
eksctl delete cluster charmed-eks-cluster
Destroying the controller or EKS cluster may take a long time depending on the complexity of the deployment. Should the destroy
process exceed 15 minutes or otherwise be seemingly stuck, you can proceed to delete resources manually
via the AWS Management Console or via the aws
CLI.
Clean up credentials
List your Juju credentials with:
~$
juju credentials
Client Credentials:
Cloud Credentials
aws <your credential name>
Remove AWS credentials from Juju:
juju remove-credential aws <your credential name>
After deleting the credential, the interactive process may not clean up its AWS user and group. Check the full list of users with:
aws iam list-users
Then, refer to Deleting an IAM user (AWS CLI) for instructions on how to delete a user.
Next, list all the groups in the account with:
aws iam list-groups
Then, refer to Delete an IAM group for instructions on how to delete a group.
If you created a managed policy to restrict the Juju user permissions, list all custom policies with:
aws iam list-policies --scope Local
Then, refer to Delete IAM policies (AWS CLI) for instructions on how to delete a custom policy.
Finally, if you are using SSO to authenticate the AWS CLI, you can log out from the AWS CLI using:
aws sso logout