Merge pull request #272 from MikeEdgar/MGDSTRM-10618

[MGDSTRM-10618] Re-factor uninstall for enterprise de-registration

README.md

@@ -11,6 +11,8 @@ in a single K8s cluster.
   - [Standalone Mode](#standalone)
   - [OCM Mode](#ocm)
   - [Enterprise Mode](#enterprise)
+    - [Registering a Cluster](#registering-a-cluster)
+    - [De-Registering a Cluster](#de-registering-a-cluster)
 - [Fleet Manager Parameter Customization](#fleet-manager-parameter-customization)
   - [Instance Types](#instance-types)
 - [SSO Providers](#sso-providers)
@@ -116,6 +118,8 @@ Enterprise is a variation of OCM mode that allows for simple installation of onl
 kas-fleet-manager. Following installation this mode, the fleet manager's cluster list is (unless overridden) an empty list
 and no data plane clusters are created or reconciled initially.
 
+#### Registering a Cluster
+
 In this mode, users must register their own data plane clusters using the `rhoas` CLI's `dedicated register-cluster` command with arguments
 `--cluster-mgmt-api-url` set to `https://api.stage.openshift.com` and `--access-token` set to a production `ocm token` value. Assuming
 an active `ocm` session, the following command will register a new data plane cluster, making it available for placement of new Kafka instances.
@@ -131,6 +135,17 @@ Registering a data plane cluster with kas-fleet-manager requires the KFM client
 If you are not an org admin in either RH SSO or RH SSO stage, you must configure `SSO_PROVIDER_TYPE='mas_sso'` and login to `rhoas` using your
 `RH_USERNAME` as username and password for this functionality to work.
 
+#### De-Registering a Cluster
+
+Enterprise/dedicated clusters may be de-registered using the `deregister_cluster.sh` script. This process will remove all Kafka instances from
+the cluster first, de-register it from kas-fleet-manager, and finally removal all remaining dataplane components such as CRDs and ingress
+resources specific to Managed Kafka. When there is only a single dedicated cluster registered, no cluster ID parameter needs to be given to
+`deregister_cluster.sh`. Otherwise, when multiple are registered, the ID to de-register is required.
+
+**NOTE:**
+Using the `uninstall.sh` script will automatically delete all Kafka instances and de-register all registered clusters known to the installed
+kas-fleet-manager prior to uninstalling the Managed Kafka resources.
+
 ## Fleet Manager Parameter Customization
 
 ### Service Customization

deregister_cluster.sh

@@ -0,0 +1,38 @@
+#!/bin/bash
+
+set -euo pipefail
+
+DIR_NAME="$(dirname $0)"
+source "${DIR_NAME}/utils/common.sh"
+source "${DIR_NAME}/kas-installer.env"
+source "${DIR_NAME}/kas-installer-defaults.env"
+
+CLUSTER_ID="${1:-""}"
+ACCESS_TOKEN="$(${DIR_NAME}/get_access_token.sh --owner 2>/dev/null)"
+CLUSTERS_BASE_URL="https://kas-fleet-manager-kas-fleet-manager-${USER}.apps.${K8S_CLUSTER_DOMAIN}/api/kafkas_mgmt/v1/clusters"
+
+if [ -z "${CLUSTER_ID}" ] ; then
+    CLUSTERS=$(curl -sXGET -H "Authorization: Bearer ${ACCESS_TOKEN}" ${CLUSTERS_BASE_URL})
+    CLUSTER_COUNT=$(echo "${CLUSTERS}" | jq -r .total)
+
+    if [ "${CLUSTER_COUNT}" -eq "0" ] ; then
+        echo "No clusters found to deregister"
+        exit 1
+    elif [ "${CLUSTER_COUNT}" -gt "1" ] ; then
+        echo "Multiple clusters found, please provide a cluster_id"
+        exit 1
+    else
+        CLUSTER_ID=$(echo "${CLUSTERS}" | jq -r .items[0].cluster_id)
+        echo "Single cluster found: ${CLUSTER_ID}"
+    fi
+fi
+
+for MKID in $(${DIR_NAME}/managed_kafka.sh --list --search "cluster_id = ${CLUSTER_ID}" | jq -r '.items[] | .id') ; do
+    echo "Removing Kafka instance ${MKID}"
+    ${DIR_NAME}/managed_kafka.sh --delete ${MKID} --wait
+done
+
+echo "De-registering cluster ${CLUSTER_ID} from kas-fleet-manager"
+curl -sXDELETE -H "Authorization: Bearer ${ACCESS_TOKEN}" ${CLUSTERS_BASE_URL}/${CLUSTER_ID}?async=true
+
+delete_dataplane_resources 'true' 'true' "${CLUSTER_ID}"

kas-installer-defaults.env

@@ -137,7 +137,7 @@ KAS_FLEET_MANAGER_GIT_URL="${KAS_FLEET_MANAGER_GIT_URL:-"https://github.com/bf2f
 # KAS Fleet Manager's git reference. A commit ID, branch name or tag can be used. The commit ID should be compatible with
 # the container image contents used
 #
-KAS_FLEET_MANAGER_GIT_REF="${KAS_FLEET_MANAGER_GIT_REF:-"7f968f0b39ffbb509d55fee01bea8b06c85324bc"}"
+KAS_FLEET_MANAGER_GIT_REF="${KAS_FLEET_MANAGER_GIT_REF:-"5e626134a52a36900aacb37397aacf79ac4c6b40"}"
 
 # [optional]
 # KAS Fleet Manager container image tag. Defaults to first seven characters of the KAS_FLEET_MANAGER_GIT_REF
@@ -211,4 +211,22 @@ KAFKA_TLS_KEY="${KAFKA_TLS_KEY:-}"
 #
 OBSERVABILITY_CR_MERGE_PATCH_CONTENT="${OBSERVABILITY_CR_MERGE_PATCH_CONTENT:-}"
 
+##########
+
+if [ -z "${KAS_FLEETSHARD_OPERATOR_NAMESPACE:-}" ] ; then
+    if [ -n "${OCM_SERVICE_TOKEN}" ] ; then
+        KAS_FLEETSHARD_OPERATOR_NAMESPACE='redhat-kas-fleetshard-operator-qe'
+    else
+        KAS_FLEETSHARD_OPERATOR_NAMESPACE='redhat-kas-fleetshard-operator'
+    fi
+fi
+
+if [ -z "${STRIMZI_OPERATOR_NAMESPACE:-}" ] ; then
+    if [ -n "${OCM_SERVICE_TOKEN}" ] ; then
+        STRIMZI_OPERATOR_NAMESPACE='redhat-managed-kafka-operator-qe'
+    else
+        STRIMZI_OPERATOR_NAMESPACE='redhat-managed-kafka-operator'
+    fi
+fi
+
 trap - EXIT

kas-installer.sh

@@ -46,22 +46,6 @@ read_kas_installer_env_file() {
       exit 1
     fi
   fi
-
-  if [ -z "${KAS_FLEETSHARD_OPERATOR_NAMESPACE:-}" ] ; then
-    if [ -n "${OCM_SERVICE_TOKEN}" ] ; then
-      KAS_FLEETSHARD_OPERATOR_NAMESPACE='redhat-kas-fleetshard-operator-qe'
-    else
-      KAS_FLEETSHARD_OPERATOR_NAMESPACE='redhat-kas-fleetshard-operator'
-    fi
-  fi
-
-  if [ -z "${STRIMZI_OPERATOR_NAMESPACE:-}" ] ; then
-    if [ -n "${OCM_SERVICE_TOKEN}" ] ; then
-      STRIMZI_OPERATOR_NAMESPACE='redhat-managed-kafka-operator-qe'
-    else
-      STRIMZI_OPERATOR_NAMESPACE='redhat-managed-kafka-operator'
-    fi
-  fi
 }
 
 check_observability_token() {

managed_kafka.sh

@@ -17,6 +17,8 @@ CREATE_PROVIDER=''
 CREATE_REGION=''
 CREATE_PLAN='standard.x1'
 REQUEST_BODY=''
+LIST_SEARCH=''
+OP_WAIT='false'
 OP_KAFKA_ID='<NONE>'
 ACCESS_TOKEN=''
 REFRESH_EXPIRED_TOKENS='false'
@@ -131,8 +133,31 @@ create() {
 }
 
 list() {
-    local RESPONSE=$(curl -sXGET -H "Authorization: Bearer $(access_token)" ${MK_BASE_URL}${OPERATION_PATH})
-    echo ${RESPONSE}
+    local SEARCH_EXPRESSION="${1}"
+    local RESPONSE=$(curl -s --get -H "Authorization: Bearer $(access_token)" --data-urlencode search="${SEARCH_EXPRESSION}" ${MK_BASE_URL}${OPERATION_PATH})
+    IFS=, read KIND CURR_PAGE PAGE_SIZE ITEM_TOTL < <(echo "${RESPONSE}" | jq -r '[ .kind, .page, .size, .total  ] | @csv')
+
+    if [ "${KIND}" != "KafkaRequestList" ] || [ "${ITEM_TOTL}" == "0" ] ; then
+        echo "${RESPONSE}"
+        return
+    fi
+
+    (( LAST_PAGE = (ITEM_TOTL + PAGE_SIZE - 1 ) / PAGE_SIZE ))
+
+    local RESULT_FILE=$(mktemp)
+    local WORK_FILE=$(mktemp)
+    echo "${RESPONSE}" > ${RESULT_FILE}
+
+    for (( PAGE = 2; PAGE <= LAST_PAGE ; PAGE++ )) ; do
+        RESPONSE=$(curl -s --get -H "Authorization: Bearer $(access_token)" --data-urlencode search="${SEARCH_EXPRESSION}" -d page=${PAGE} ${MK_BASE_URL}${OPERATION_PATH})
+        echo "${RESPONSE}" > ${WORK_FILE}
+        # Merge this page's items array with the items in the result file and update the page size to be the total
+        jq --argjson total "${ITEM_TOTL}" -s '.[0].items = ( [ .[].items ] | flatten) | .[0].size = $total | .[0]' ${RESULT_FILE} ${WORK_FILE} > ${RESULT_FILE}.tmp
+        mv ${RESULT_FILE}.tmp ${RESULT_FILE}
+    done
+
+    cat ${RESULT_FILE}
+    rm -f ${RESULT_FILE} ${WORK_FILE}
 }
 
 get() {
@@ -152,6 +177,7 @@ patch() {
 
 delete() {
     local KAFKA_ID=${1}
+    local WAIT_COMPLETED=${2}
 
     local RESPONSE=$(curl -sXDELETE -H "Authorization: Bearer $(access_token)" -w '\n\n%{http_code}' ${MK_BASE_URL}${OPERATION_PATH}/${KAFKA_ID}?async=true)
     local BODY=$(echo "${RESPONSE}" | head -n 1)
@@ -162,8 +188,20 @@ delete() {
     if [ ${CODE} -ge 400 ] ; then
         # Pretty print
         echo "${BODY}" | jq
+        exit 1
     else
         echo "Kafka instance '${KAFKA_ID}' accepted for deletion"
+        if [ "${WAIT_COMPLETED}" = "true" ] ; then
+            local KAFKA_RESOURCE=$(get ${KAFKA_ID})
+            local KAFKA_STATUS=$(echo ${KAFKA_RESOURCE} | jq -r .status || true)
+
+            while [ "${KAFKA_STATUS}" != "null" ]; do
+                echo "Kafka instance '${KAFKA_ID}' not yet removed: ${KAFKA_STATUS}" >>/dev/stderr
+                sleep 10
+                KAFKA_RESOURCE=$(get ${KAFKA_ID})
+                KAFKA_STATUS=$(echo ${KAFKA_RESOURCE} | jq -r .status || true)
+            done
+        fi
     fi
 }
 
@@ -257,6 +295,10 @@ while [[ $# -gt 0 ]]; do
         OPERATION='list'
         shift
         ;;
+    "--search" )
+        LIST_SEARCH="${2:?${key} requires a search expression}"
+        shift 2
+        ;;
     "--get" )
         OPERATION='get'
         OP_KAFKA_ID="${2:?${key} requires a kafka id}"
@@ -285,6 +327,10 @@ while [[ $# -gt 0 ]]; do
         ACCESS_TOKEN="${2}"
         shift 2
         ;;
+    "--wait" )
+        OP_WAIT="true"
+        shift
+        ;;
     *) # unknown option
         shift
         ;;
@@ -306,7 +352,7 @@ case "${OPERATION}" in
         create ${CREATE_NAME} "${CREATE_PLAN}" "${CREATE_PROVIDER}" "${CREATE_REGION}"
         ;;
     "list" )
-        list
+        list "${LIST_SEARCH}"
         ;;
     "get" )
         get ${OP_KAFKA_ID}
@@ -315,7 +361,7 @@ case "${OPERATION}" in
         patch ${OP_KAFKA_ID} "${REQUEST_BODY}"
         ;;
     "delete" )
-        delete ${OP_KAFKA_ID}
+        delete ${OP_KAFKA_ID} ${OP_WAIT}
         ;;
     "certgen" )
         certgen "${OP_KAFKA_ID}" ${CERTGEN_ARGS[@]+"${CERTGEN_ARGS[@]}"}

smoke_test.sh

@@ -56,6 +56,11 @@ fi
 BOOTSTRAP_HOST=$(echo ${MK_SMOKE} | jq -r .bootstrap_server_host)
 ADMIN_SERVER_URL=$(echo ${MK_SMOKE} | jq -r .admin_api_server_url)
 
+if [ "${ADMIN_SERVER_URL}" == "null" ] ; then
+    echo "Admin server url not yet available, unable to complete smoke test"
+    exit 1
+fi
+
 SMOKE_TOPIC="smoke_topic-$(${DATE} +%Y%j%H%M)"
 
 curl -f -skXPOST -H'Content-type: application/json' \