Skip to main content

Cleaning everything up

Follow these steps in order. The trust domain cannot be deleted while clusters are still registered to it.

1. Remove the demo workload

helm -n spiffe-demo uninstall spiffe-demo
kubectl delete namespace spiffe-demo

2. Deregister the cluster

Disable the cluster first, then delete it:

./spirlctl cluster disable "cluster-1" --trust-domain "example.com"
./spirlctl cluster delete "cluster-1" --trust-domain "example.com"

On success, each command confirms the operation:

Cluster disabled.
Cluster deleted.

3. Remove the Defakto components from your cluster

If your cluster is disposable

Simply delete the kind cluster:

kind delete cluster --name "cluster-1"

If you want to keep the cluster

kubectl delete namespace spirl-system
kubectl delete mutatingwebhookconfiguration spirl-controller-webhook

4. Delete the trust domain

./spirlctl trust-domain delete "example.com"

On success:

Trust domain ‘example.com’ deleted successfully.
danger

Deleted trust domains cannot be recovered. All SPIFFE IDs issued under the domain are permanently invalidated.

5. Log out

./spirlctl logout