search

cloud-native-toolkit / software-everywhere

Automation modules to deploy IBM Software on IBM Cloud, AWS, and Azure
https://modules.cloudnativetoolkit.dev
Apache License 2.0
9 stars 9 forks source link

Solutions that include Portworx or ODF on IBM Cloud cannot be destroyed cleanly #339

Open seansund opened 2 years ago

seansund commented 2 years ago

The volumes are left hanging around and prevent the resource group from being destroyed. A separate issue has been opened with the resource group module to address the destroy failure if volumes remain - https://github.com/cloud-native-toolkit/terraform-ibm-resource-group/issues/58

We need a way to destroy the volumes if a purge_volumes variable is set. This flag would be set to false by default but always set to true in our automation tests. The question is where this flag should be defined. Options are:

Option>ProsCons
VPC module
  • Volumes are VPC resources
  • When the VPC is destroyed likely done with the volumes
  • Not sure we can easily tell with which VPC a volume is associated
Cluster module
  • Volumes are associated with the cluster through a tag and can be identified
  • The point of saving the volumes is so the data can be preserved and restored when one cluster is destroyed and a new one is created in its place
Resource group module
  • When the resource group is destroyed then it can be assumed the volume is no longer needed
  • Volume management is outside the scope of the resource group module's purpose and design

EDIT: After some consideration, I'm going to add this logic to resource group module and repurpose cloud-native-toolkit/terraform-ibm-resource-group#58 to implement this logic. It is somewhat outside the scope of the resource group module but volumes are a special case and we can provide better error information than the IBM Cloud apis in this case (i.e. why the resource group failed to destroy and how to correct it).

timroster commented 2 years ago

This does not require manual intervention for ROKS, simply setting the correct property in cluster creation. See: https://github.com/IBM/automation-ibmcloud-infra-openshift/issues/15

Parameter for ROKS cluster is already set, but defaulted to false when added: https://github.com/cloud-native-toolkit/terraform-ibm-ocp-vpc/pull/63

Edit: above comments are specific to ODF which use cluster services to provision volumes. Not the same for portworx - I have yet to see that module correctly clean up after itself in gitops form.

seansund commented 2 years ago

Unfortunately, there's no easy way to have the portworx module clean up its own volumes when it is destroyed