$ oc delete namespace stackrox
When you install Red Hat Advanced Cluster Security for Kubernetes, it creates:
A namespace called rhacs-operator
where the Operator is installed, if you chose the Operator method of installation
A namespace called stackrox
, or another namespace where you created the Central and SecuredCluster custom resources
PodSecurityPolicy
and Kubernetes role-based access control (RBAC) objects for all components
Additional labels on namespaces, for use in generated network policies
An application custom resource definition (CRD), if it does not exist
Uninstalling Red Hat Advanced Cluster Security for Kubernetes involves deleting all of these items.
You can delete the namespace that Red Hat Advanced Cluster Security for Kubernetes creates by using the OpenShift Container Platform or Kubernetes command-line interface.
Delete the stackrox
namespace:
On OpenShift Container Platform:
$ oc delete namespace stackrox
On Kubernetes:
$ kubectl delete namespace stackrox
If you installed RHACS in a different namespace, use the name of that namespace in the |
You can delete the global resources that Red Hat Advanced Cluster Security for Kubernetes (RHACS) creates by using the OpenShift Container Platform or Kubernetes command-line interface (CLI).
To delete the global resources by using the OpenShift Container Platform CLI, perform the following steps:
Retrieve all the StackRox-related cluster roles, cluster role bindings, roles, role bindings, and PSPs, and then delete them by running the following command:
$ oc get clusterrole,clusterrolebinding,role,rolebinding,psp -o name | grep stackrox | xargs oc delete --wait
You might receive the |
Delete the custom security context constraints (SCCs) labeled with app.kubernetes.io/name=stackrox
by running the following command:
$ oc delete scc -l "app.kubernetes.io/name=stackrox"
You might receive the |
Delete the ValidatingWebhookConfiguration
object named stackrox
by running the following command:
$ oc delete ValidatingWebhookConfiguration stackrox
To delete the global resources by using the Kubernetes CLI, perform the following steps:
Retrieve all the StackRox-related cluster roles, cluster role bindings, roles, role bindings, and PSPs, and then delete them by running the following command:
$ kubectl get clusterrole,clusterrolebinding,role,rolebinding,psp -o name | grep stackrox | xargs kubectl delete --wait
You might receive the |
Delete the ValidatingWebhookConfiguration
object named stackrox
by running the following command:
$ kubectl delete ValidatingWebhookConfiguration stackrox
You can delete the labels and annotations that Red Hat Advanced Cluster Security for Kubernetes creates, by using the OpenShift Container Platform or Kubernetes command-line interface.
Delete labels and annotations:
On OpenShift Container Platform:
$ for namespace in $(oc get ns | tail -n +2 | awk '{print $1}'); do oc label namespace $namespace namespace.metadata.stackrox.io/id-; oc label namespace $namespace namespace.metadata.stackrox.io/name-; oc annotate namespace $namespace modified-by.stackrox.io/namespace-label-patcher-; done
On Kubernetes:
$ for namespace in $(kubectl get ns | tail -n +2 | awk '{print $1}'); do kubectl label namespace $namespace namespace.metadata.stackrox.io/id-; kubectl label namespace $namespace namespace.metadata.stackrox.io/name-; kubectl annotate namespace $namespace modified-by.stackrox.io/namespace-label-patcher-; done