Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
> Applies to: AKS on Azure Local, AKS Edge Essentials
When you delete an AKS Arc cluster that has PodDisruptionBudget (PDB) resources, the deletion might fail to remove the PDB resources. By default, PDB is installed in the workload identity-enabled AKS Arc cluster.
Mitigation
This issue was fixed in AKS on Azure Local, version 2503.
- For deleting an AKS cluster with a PodDisruptionBudget: If you're on an older build, please update to Azure Local, version 2503. Once you update to 2503, you can retry deleting the AKS cluster. File a support case if you're on the 2503 release and your AKS cluster is not deleted after at least one retry.
- For deleting a nodepool with a PodDisruptionBudget: By design, the nodepool isn't deleted if a PodDisruptionBudget exists, to protect applications. Use the following workaround to delete the PDB resources and then retry deleting the nodepool.
Workaround for AKS Edge Essentials and older versions of AKS on Azure Local
Before you delete the AKS Arc cluster, access the AKS Arc cluster's kubeconfig and delete all PDBs:
Access the AKS Arc cluster according to its connectivity state:
When the AKS Arc cluster is in a Connected state, run the
az connectedk8s proxycommandaz connectedk8s proxy -n $aks_cluster_name -g $resource_group_nameWhen the AKS Arc cluster is in a disconnected state, run the
az aksarc get-credentialscommand with permission to perform the Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action action, which is included in the Azure Kubernetes Service Arc Cluster Admin role permission. For more information, see Retrieve certificate-based admin kubeconfig in AKS Arc.az aksarc get-credentials -n $aks_cluster_name -g $resource_group_name --admin
Verify PDB:
kubectl get pdb -ADelete all PDBs. The following command is an example of deleting a PDB generated from workload identity enablement:
kubectl delete pdb azure-wi-webhook-controller-manager -n arc-workload-identity
Delete the AKS Arc cluster:
az aksarc delete -n $aks_cluster_name -g $resource_group_name