kubeplus
kubeplus copied to clipboard
cloud-ark
Support for forced delete
Application instance creation status is stored in the status field of the CRD instance. If for some reason the status field remains empty after the creation, KubePlus denies the request to delete such an instance. For example,
kubectl delete helloworldservices hs1
Error from server: admission webhook "platform-as-code.crd-binding.v1" denied the request: Error: Custom Resource instance cannot be deleted. It is not ready yet.
Here the status of hs1 is empty.
It is should be possible to force delete such instances.
One way to implement this will be to use labels. Add a label ("delete=true") to the application instance. In the mutating webhook, skip any checks for deleting the instance, if this flag is set on the instance.
Steps to re-create:
- cd tests
- kubectl create ns tenant1
- kubectl create -f wordpress-service-composition-chart-nopodpolicies.yaml --kubeconfig=../kubeplus-saas-provider.json
- kubectl create -f tenant1.yaml --kubeconfig=../kubeplus-saas-provider.json
- kubectl delete -f tenant1.yaml --kubeconfig=../kubeplus-saas-provider.json
- kubectl delete -f wordpress-service-composition-chart-nopodpolicies.yaml --kubeconfig=../kubeplus-saas-provider.json
These steps trigger this behavior because if an NS already exists KubePlus tries to run 'helm upgrade'. But since there is not helm release, helm upgrade fails. Consequently, the status of the CR instance is empty. This causes KubePlus to prevent delete of the CR instance (in step 5). Step 6 also fails as KubePlus looks at all the CR instances and only if none of them are empty, it deletes the CRD instance.