This guide describes how to delete the Stateful app with zero downtime deployment on GKE Jump Start Solution. You can use this guide to delete an existing deployment of the solution.
Stateful app with zero downtime deployment on GKE can no longer be deployed from the Google Cloud console, and is not supported.
Cost
For an estimate of the cost of the Google Cloud, see Autopilot mode pricing.
Get the required IAM permissions
To delete an existing deployment, you need the Identity and Access Management (IAM)
permissions that are listed in the following table. If you have the
roles/owner
basic role
for the project in which solution is deployed, then you
already have all the necessary permissions. If you don't have the roles/owner
role, then ask your administrator to grant these permissions (or the roles that
include these permissions) to you.
IAM permission required | Predefined role that includes the required permissions |
---|---|
|
Service Usage Admin ( roles/serviceusage.serviceUsageAdmin ) |
|
Service Account Admin ( roles/iam.serviceAccountAdmin ) |
|
Project IAM Admin ( roles/resourcemanager.projectIamAdmin ) |
config.deployments.create config.deployments.list |
Cloud Infrastructure Manager Admin ( roles/config.admin ) |
Service account created for the solution
When you initiate the deletion process through the console, a service account is created to deploy the solution on your behalf (and to delete the deployment later if you choose). This service account is assigned certain IAM permissions temporarily; that is, the permissions are revoked automatically after the solution deployment and deletion operations are completed. Google recommends that after you delete the deployment, you delete the service account, as described later in this guide.
View the roles that are assigned to the service account
These roles are listed here in case an administrator of your Google Cloud project or organization needs this information.
roles/storage.objectAdmin
roles/datastore.user
roles/compute.networkUser
roles/cloudtrace.agent
roles/iam.workloadIdentityUser
Delete the deployment
When you no longer need the solution, to avoid continued billing for the resources that you created in this solution, delete all the resources.
Delete through the console
Use this procedure if you deployed the solution through the console.
In the Google Cloud console, go to the Solution deployments page.
Select the project that contains the deployment that you want to delete.
Locate the deployment that you want to delete.
In the row for the deployment, click
Actions and then select Delete.You might need to scroll to see Actions in the row.
Enter the name of the deployment and then click Confirm.
The Status field shows Deleting.
If the deletion fails, see the troubleshooting guidance in Error when deleting a deployment.
When you no longer need the Google Cloud project that you used for the solution, you can delete the project. For more information, see Optional: Delete the project.
Delete using the Terraform CLI
Use this procedure if you deployed the solution by using the Terraform CLI.
In Cloud Shell, make sure that the current working directory is
$HOME/cloudshell_open/terraform-cloud-deployment-gke/infra
. If it isn't, go to that directory.Remove the resources that were provisioned by Terraform:
terraform destroy
Terraform displays a list of the resources that will be destroyed.
When you're prompted to perform the actions, enter
yes
.Terraform displays messages showing the progress. After all the resources are deleted, Terraform displays the following message:
Destroy complete!
If the deletion fails, see the troubleshooting guidance in Error when deleting a deployment.
When you no longer need the Google Cloud project that you used for the solution, you can delete the project. For more information, see Optional: Delete the project.
Optional: Delete the project
If you deployed the solution in a new Google Cloud project, and if you no longer need the project, then delete it by completing the following steps:
- In the Google Cloud console, go to the Manage resources page.
- In the project list, select the project that you want to delete, and then click Delete.
- At the prompt, type the project ID, and then click Shut down.
If you decide to retain the project, then delete the service account that was created for this solution, as described in the next section.
Optional: Delete the service account
If you deleted the project that you used for the solution, then skip this section.
As mentioned earlier in this guide, when you deployed the solution, a service account was created on your behalf. The service account was assigned certain IAM permissions temporarily; that is, the permissions were revoked automatically after the solution deployment and deletion operations were completed, but the service account isn't deleted. Google recommends that you delete this service account.
If you deployed the solution through the Google Cloud console, go to the Solution deployments page. (If you're already on that page, refresh the browser.) A process is triggered in the background to delete the service account. No further action is necessary.
If you deployed the solution by using the Terraform CLI, complete the following steps:
In the Google Cloud console, go to the Service accounts page.
Select the project that you used for the solution.
Select the service account that you want to delete.
The email ID of the service account that was created for the solution is in the following format:
goog-sc-DEPLOYMENT_NAME-NNN@PROJECT_ID.iam.gserviceaccount.com
The email ID contains the following values:
- DEPLOYMENT_NAME: the name of the deployment.
- NNN: a random 3-digit number.
- PROJECT_ID: the ID of the project in which you deployed the solution.
Click Delete.
Troubleshoot errors
The actions that you can take to diagnose and resolve errors depend on the deployment method and the complexity of the error.
Error when deleting a deployment
In certain cases, attempts to delete a deployment might fail:
- After deploying a solution through the console, if you change any resource that was provisioned by the solution, and if you then try to delete the deployment, the deletion might fail. The Status field on the Solution deployments page shows Failed, and the Cloud Build log shows the cause of the error.
- After deploying a solution by using the Terraform CLI, if you change any
resource by using a non-Terraform interface (for example,
the console), and if you then try to delete the deployment,
the deletion might fail. The messages in the output of the
terraform destroy
command show the cause of the error.
Review the error logs and messages, identify and delete the resources that caused the error, and then try deleting the deployment again.
If a console-based deployment doesn't get deleted and if you can't diagnose the error by using the Cloud Build log, then you can delete the deployment by using the Terraform CLI, as described in the next section.
Delete a console-based deployment by using the Terraform CLI
This section describes how to delete a console-based deployment if errors occur when you try to delete it through the console. In this approach, you download the Terraform configuration for the deployment that you want to delete and then use the Terraform CLI to delete the deployment.
Identify the region where the deployment's Terraform code, logs, and other data are stored. This region might be different from the region that you selected while deploying the solution.
In the Google Cloud console, go to the Solution deployments page.
Select the project that contains the deployment that you want to delete.
In the list of deployments, identify the row for the deployment that you want to delete.
Click
View all row content.In the Location column, note the second location, as highlighted in the following example:
In the Google Cloud console, activate Cloud Shell.
At the bottom of the Google Cloud console, a Cloud Shell session starts and displays a command-line prompt. Cloud Shell is a shell environment with the Google Cloud CLI already installed and with values already set for your current project. It can take a few seconds for the session to initialize.
Create environment variables for the project ID, region, and name of the deployment that you want to delete:
export REGION="REGION" export PROJECT_ID="PROJECT_ID" export DEPLOYMENT_NAME="DEPLOYMENT_NAME"
In these commands, replace the following:
- REGION: the location that you noted earlier in this procedure.
- PROJECT_ID: the ID of the project where you deployed the solution.
- DEPLOYMENT_NAME: the name of the deployment that you want to delete.
Get the ID of the latest revision of the deployment that you want to delete:
export REVISION_ID=$(curl \ -H "Authorization: Bearer $(gcloud auth print-access-token)" \ -H "Content-Type: application/json" \ "https://config.googleapis.com/v1alpha2/projects/${PROJECT_ID}/locations/${REGION}/deployments/${DEPLOYMENT_NAME}" \ | jq .latestRevision -r) echo $REVISION_ID
The output is similar to the following:
projects/PROJECT_ID/locations/REGION/deployments/DEPLOYMENT_NAME/revisions/r-0
Get the Cloud Storage location of the Terraform configuration for the deployment:
export CONTENT_PATH=$(curl \ -H "Authorization: Bearer $(gcloud auth print-access-token)" \ -H "Content-Type: application/json" \ "https://config.googleapis.com/v1alpha2/${REVISION_ID}" \ | jq .applyResults.content -r) echo $CONTENT_PATH
The following is an example of the output of this command:
gs://PROJECT_ID-REGION-blueprint-config/DEPLOYMENT_NAME/r-0/apply_results/content
Download the Terraform configuration from Cloud Storage to Cloud Shell:
gcloud storage cp $CONTENT_PATH $HOME --recursive cd $HOME/content/infra
Wait until the
Operation completed
message is displayed, as shown in the following example:Operation completed over 45 objects/268.5 KiB
Initialize Terraform:
terraform init
Wait until you see the following message:
Terraform has been successfully initialized!
Remove the deployed resources:
terraform destroy
Terraform displays a list of the resources that will be destroyed.
If any warnings about undeclared variables are displayed, ignore the warnings.
When you're prompted to perform the actions, enter
yes
.Terraform displays messages showing the progress. After all the resources are deleted, Terraform displays the following message:
Destroy complete!
Delete the deployment artifact:
curl -X DELETE \ -H "Authorization: Bearer $(gcloud auth print-access-token)" \ -H "Content-Type: application/json" \ "https://config.googleapis.com/v1alpha2/projects/${PROJECT_ID}/locations/${REGION}/deployments/${DEPLOYMENT_NAME}?force=true&delete_policy=abandon"
Wait a few seconds and then verify that the deployment artifact was deleted:
curl -H "Authorization: Bearer $(gcloud auth print-access-token)" \ -H "Content-Type: application/json" \ "https://config.googleapis.com/v1alpha2/projects/${PROJECT_ID}/locations/${REGION}/deployments/${DEPLOYMENT_NAME}" \ | jq .error.message
If the output shows
null
, wait a few seconds and then run the command again.After the deployment artifact is deleted, a message as shown in the following example is displayed:
Resource 'projects/PROJECT_ID/locations/REGION/deployments/DEPLOYMENT_NAME' was not found
Submit feedback
Jump Start Solutions are for informational purposes only and are not officially supported products. Google may change or remove solutions without notice.
To troubleshoot errors, review the Cloud Build logs and the Terraform output.
To submit feedback, do the following:
- For documentation, in-console tutorials, or the solution, use the Send Feedback button on the page.
- For unmodified Terraform code, create issues in the GitHub repository. GitHub issues are reviewed on a best-effort basis and are not intended for general usage questions.
- For issues with the products that are used in the solution, contact Cloud Customer Care.
What's next
- Browse other Jump Start Solutions.