destroy: add destroyer code to destroy Azure clusters #1771

abhinavdahiya · 2019-05-21T23:16:16Z

It uses the infra-id from clustermetadata to extract the ResourceGroup

The destroy code performs 2 operations:

Remove dns records from the shared public DNS zone
- Find the private dns zones in Resource Group
- Find all public zones that can be parent of the private zone, and remove all records that match the complete dns record in the private zone
- Use the records in the private zone to remove the corresponding records from the shared dns zone.
Delete the Resource Group

Azure automatically deletes all the resources in the Resource Group

/cc @wking @jstuever

abhinavdahiya · 2019-05-22T01:44:24Z

/retest

pkg/destroy/azure/doc.go

wking · 2019-05-22T01:50:39Z

Why does nobody support tagging DNS records?? Sigh...

wking · 2019-05-22T01:56:02Z

pkg/destroy/azure/azure.go

Why the local variable vs. o.resourceGroupsClient = resources.NewGroupsGroupClient(o.SubscriptionID)? Are we casting to an Interface or some such and loosing access to the Authorizer property.

Azure sdk doesn't have a way to initialize a client with auth.
So the

client := NewClient() client.Authorizer = auth o.client = client

seems more appropriate of create a new client, and use that to initialize/assign our client.

Do you have strongly about not using the local var? If not personally current make more sense to me and i would like to keep it as is...?

I was thinking:

o.client = NewClient() o.client.Authorizer = auth

but don't feel strongly either way.

If it functions properly, I think Trevor's recommendation is more concise.

Sure, fixed with 1bd15ad...9a57507

pkg/destroy/azure/azure.go

trown · 2019-05-22T16:42:48Z

/test e2e-openstack

This bump is required to include `github.com/Azure/azure-sdk-for-go/services/preview/dns/mgmt/2018-03-01-preview/dns/`

pkg/destroy/azure/azure.go

wking · 2019-05-22T23:04:21Z

pkg/destroy/azure/azure.go

getSharedDNSZone -> getSharedDNSZones?

wking · 2019-05-22T23:08:01Z

pkg/destroy/azure/azure.go

Do we want our own type, or can we use dns.Zone directly?

[dns.Zone][https://godoc.org/github.com/Azure/azure-sdk-for-go/services/preview/dns/mgmt/2018-03-01-preview/dns#Zone] has pointers for fields, doesn't have the resource group (that needs to be inferred from ID).

This small spare struct stores the details in easy to use way.

wking · 2019-05-22T23:12:08Z

pkg/destroy/azure/azure.go

This will fail instead of endlessly retrying (which is what the AWS destroyer does now). Sometimes (e.g. stuck resource), failing is good. Sometimes (e.g. network hiccup), retrying is good. Do we have a design preference? Or is this behavior going to be a per-platform choice?

Azure only makes 2 calls, delete public records and another is delete resource group. Also the underlying impl has retries for retryable errors..

So I think this is good start. and We can make it retryable on our end when we think that will become necessary.

trown · 2019-05-22T23:41:35Z

/test e2e-openstack

abhinavdahiya · 2019-05-22T23:54:03Z

In the commit message, we pick the public DNS zone with the longest name that exists is stale now that we check all public zones.

also fixed the commit message.

abhinavdahiya · 2019-05-23T18:48:37Z

ping @wking @jstuever

pkg/destroy/azure/azure.go

It uses the `infra-id` from clustermetadata to extract the ResourceGroup The destroy code performs 2 operations: 1) Remove dns records from the shared public DNS zone - Find the private dns zones in Resource Group - Find all public zones that can be parent of the private zone, and remove all records that match the `complete` dns record in the private zone - Use the records in the private zone to remove the corresponding records from the shared dns zone. 2) Delete the Resource Group Azure automatically deletes all the resources in the Resource Group

jstuever · 2019-05-29T16:41:56Z

/lgtm

openshift-ci-robot · 2019-05-29T16:42:14Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: abhinavdahiya, jstuever

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

~~OWNERS~~ [abhinavdahiya]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

openshift-bot · 2019-05-29T17:17:26Z

/retest

Please review the full test history for this PR and help us cut down flakes.

openshift-bot · 2019-05-29T17:30:26Z

/retest

Please review the full test history for this PR and help us cut down flakes.

openshift-ci-robot · 2019-05-29T18:05:54Z

@abhinavdahiya: The following test failed, say /retest to rerun them all:

Test name	Commit	Details	Rerun command
ci/prow/e2e-aws-scaleup-rhel7	`9a57507`	link	`/test e2e-aws-scaleup-rhel7`

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

openshift-ci-robot requested review from jstuever and wking May 21, 2019 23:16

openshift-ci-robot added size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels May 21, 2019

abhinavdahiya force-pushed the azure_destroy branch from e0e3f86 to 80fb6ca Compare May 22, 2019 00:36