Deauthorize a Host
You can deauthorize a host in PMO to discontinue managing the host using Platform9.
Once you deauthorize a host from PMO, you are no longer able to manage the host with PMO, unless you reauthorize it.
You also have the option to permanently stop managing the host with Platform9 by uninstalling Platform9-specific packages from the host.
Deauthorizing a host has the following impact:
- The running VM and the VM data remain intact on the hypervisor. After deauthorization, you can make changes to the VM by using libvirt.
- Virtual machines running on the host lose network connectivity if Neutron is being used to manage flows.
- Any Cinder volumes connected to virtual machines are disconnected.
Removing the image library role from a host causes the following side effects.
- Images in the current Image folder are no longer available for VM provisioning.
- Any virtual machines that have been created with images in the current image library no longer have any associated images.
- New VM provisioning are disabled until you assign the image library role to a new host.
- Any VMs created using snapshots from your current image library may experience issues.
You may have configured a host to perform one or more roles.
Depending on the role or roles being performed by the host, you must perform one or more of the following operations before the host can be deauthorized.
- Remove all images from the image library.
- Detach all volumes associated with the host.
- Remove the host from host aggregate that the host is a part of.
Host in Image Library Role
The process to prepare an image library host for deauthorization would vary depending on the following factors.
Host acts as Shared Storage
If the image library path resides on shared storage (that is, NFS), the images would continue to be persisted via other image library hosts, and the path may safely be unmounted.
Images on the Host Do not Exist on Other Image Library Hosts
If one or more images that are present on the host being deauthorized, are not present on other image library hosts, the images must be backed up and uploaded to other hosts before deauthorizing the host. After any applicable images have been uploaded to one or more other image library hosts, they may be deleted from the host that is being deauthorized.
Host in Block Storage Role
You must remove all volumes associated with a host responsible for the block storage role. The volumes must either be detached and in an available state, or otherwise pointed towards another block storage host which is configured to use the same backend.
The host in question could be a standalone host used for local storage or could be part of a group of multiple hosts used for local storage.
Host as Local Storage - Standalone Host Scenario
If a volume is on local storage (for example, LVM) and no other block storage host services the same backend, the volume must be detached before deauthorizing the host.
Follow the steps given below to detach and delete volumes that are associated with the host to be deauthorized.
- Navigate to Volumes and Snapshots > Volumes.
Select the volumes that are associated with the host and are in the in-use state.
- Click Detach seen above the list of volumes. Confirm the detach operation.
Select the detached volume and click the Delete option seen above the list of volumes.
- Confirm the deletion of the volumes.
Host as Local Storage - Multiple Hosts Scenario
If a volume is on local storage and other block storage hosts service the same backend, you could migrate the volume to another block storage host.
For example, if you are using LVM, you may reference Migrating Cinder Volumes in a LVM Storage Backend
If a volume resides on a remote, network storage backend (for example, Solidfire, Pure Storage) and at least one other block storage host services this same backend, the volume may be remanaged. Contact Platform9 Support to remanage volumes, as volume remanagement can be done only through the management plane.
Host is part of a Host Aggregate
If the host is part of a host aggregate, it must be removed from the host aggregate before deauthorizing the host.
Follow the steps given below to remove the host from a given host aggregate.
Navigate to Infrastructure > Host Aggregates.
Select the host aggregate and click Edit Host Aggregate option seen above the list of host aggregates.
Deselect the host from the list of hosts and click Save.
You are now ready to deauthorize the host.
Follow the steps given below to deauthorize the host.
- Navigate to Infrastructure > Hosts.
- Select the host and click Deauthorize Host to deauthorize the host.
- Confirm the deauthorization.
The host is now in the deauthorized state. You can stop here if you want to temporarily suspend the management of the host from Platform9 Clarity UI. The host is available to be authorized and you can reauthorize the host to start managing the host through the Platform9 Clarity UI. However, the networking information associated with instances running at the time of deauthorization is lost and is not automatically recovered when the host is reauthorized.
If you wish to remove and stop managing the host completely through Platform9 Clarity UI, you can perform the steps mentioned in the following section.
Remove Platform9 Host Agent and Other Software from the Host
This is an optional step to permanently stop managing the host through the Platform9 Clarity UI, by removing the Platform9 host agent and other related software from the host.
The pf9-sidekick.js process is used as an emergency rescue mechanism for failed upgrades wherein the host agent might stop functioning. By design, the process is not terminated when the host agent software is removed. The pf9-sidekick.js process must be terminated, if it is running.
Follow the steps given below to uninstall all Platform9 software from the deauthorized host.
Uninstall the agent and its dependencies such as OpenStack nova drivers, image library components from the host. For RedHat-based distributions, run the following command.
sudo yum -y erase pf9-hostagent
For Ubuntu, run the following command.
sudo apt-get purge pf9-hostagent
Kill the pf9-sidekick.js process with the following command for both RedHat and Ubuntu distributions.
The Linux/KVM host is completely removed from Platform9. If you wish to start managing the host at a later point in time, you must add the host back with Platform9 Clarity UI.
Thank you for your feedback! What did you like about this article?
Thank you for your feedback! How could this article be improved?
Thank you for your feedback!