The product described by this documentation, Anthos Clusters on AWS (previous generation), is now in maintenance mode. All new installs must use the current generation product, Anthos clusters on AWS.
To connect to your GKE on AWS resources, perform the following
steps. Select if you have an existing AWS VPC (or direct connection to
your VPC) or created a dedicated VPC when creating your management service.
Existing VPC
If you have a direct or VPN connection to an existing VPC, omit the line
env HTTP_PROXY=http://localhost:8118 from commands in this topic.
Dedicated VPC
When you create a management service in a dedicated VPC,
GKE on AWS includes a
bastion host in a
public subnet.
To connect to your management service, perform the following steps:
To open the tunnel, run the bastion-tunnel.sh script. The tunnel forwards
to localhost:8118.
To open a tunnel to the bastion host, run the following command:
./bastion-tunnel.sh-N
Messages from the SSH tunnel appear in this window. When you are ready to
close the connection, stop the process by using Control+C or
closing the window.
Open a new terminal and change into your anthos-aws directory.
cd anthos-aws
Check that you're able to connect to the cluster with kubectl.
The output includes the URL for the management service API server.
Deleting user clusters
You use kubectl to delete user clusters. GKE on AWS gracefully
shuts down all nodes. Pods receive a SIGTERM and then, after a grace period, a
SIGKILL. After the pods stop, the management service starts removing AWS
resources.
To delete a user cluster, perform the following steps:
From your anthos-aws directory, use
anthos-gke to switch context to your user cluster.
cd anthos-aws
env HTTPS_PROXY=http://localhost:8118 \
anthos-gke aws clusters get-credentials CLUSTER_NAME
Use kubectl delete to delete any remaining Services or
PersistentVolumeClaims you created. For example, to delete the
LoadBalancer my-lb-service, run the following command:
When you create a management service, anthos-gke creates an S3 bucket on AWS
with binaries for cluster creation. The bucket is reused when you create new
user clusters. If you are no longer using GKE on AWS, you can
remove the bucket after you delete your management service.
To delete the GKE on AWS S3 bucket, perform the following steps:
To find the bucket's name, find the value of gcs_download_bucket in
terraform-workspace/terraform.tfvars.json with grep.
grepagent_s3_bucketterraform.tfvars.json
Delete this s3 bucket and its contents with the aws command, replacing
bucket-name with the name of your bucket from the previous
command.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["# Uninstalling GKE on AWS\n\nThis topic describes how to uninstall GKE on AWS.\n\nBefore you begin\n----------------\n\nTo perform these steps,\n[authenticate to your GKE on AWS management service](/kubernetes-engine/multi-cloud/docs/aws/previous-generation/how-to/installing-management#connect).\n\nTo connect to your GKE on AWS resources, perform the following\nsteps. Select if you have an existing AWS VPC (or direct connection to\nyour VPC) or created a dedicated VPC when creating your management service. \n\n### Existing VPC\n\nIf you have a direct or VPN connection to an existing VPC, omit the line\n`env HTTP_PROXY=http://localhost:8118` from commands in this topic.\n\n### Dedicated VPC\n\nWhen you create a management service in a dedicated VPC,\nGKE on AWS includes a\n[bastion](https://en.wikipedia.org/wiki/Bastion_host) host in a\npublic subnet.\n| **Important:** If you restart your terminal session or the SSH connection is lost, you need to re-launch the `bastion-tunnel.sh` script.\n\nTo connect to your management service, perform the following steps:\n\n1. Change to the directory with your GKE on AWS configuration.\n You created this directory when\n [Installing the management service](/kubernetes-engine/multi-cloud/docs/aws/previous-generation/how-to/installing-management).\n\n ```sh\n cd anthos-aws\n ```\n\n \u003cbr /\u003e\n\n2. To open the tunnel, run the `bastion-tunnel.sh` script. The tunnel forwards\n to `localhost:8118`.\n\n To open a tunnel to the bastion host, run the following command: \n\n ./bastion-tunnel.sh -N\n\n Messages from the SSH tunnel appear in this window. When you are ready to\n close the connection, stop the process by using \u003ckbd\u003eControl+C\u003c/kbd\u003e or\n closing the window.\n3. Open a new terminal and change into your `anthos-aws` directory.\n\n ```sh\n cd anthos-aws\n ```\n4. Check that you're able to connect to the cluster with `kubectl`.\n\n env HTTPS_PROXY=http://localhost:8118 \\\n kubectl cluster-info\n\n The output includes the URL for the management service API server.\n\nDeleting user clusters\n----------------------\n\nYou use `kubectl` to delete user clusters. GKE on AWS gracefully\nshuts down all nodes. Pods receive a `SIGTERM` and then, after a grace period, a\n`SIGKILL`. After the pods stop, the management service starts removing AWS\nresources.\n| **Important:** If you do not delete all your user clusters and their associated resources, you cannot use `anthos-gke` to [remove the management service](#removing_a_management_service).\n\nTo delete a user cluster, perform the following steps:\n\n1. From your `anthos-aws` directory, use\n `anthos-gke` to switch context to your user cluster.\n\n ```sh\n cd anthos-aws\n env HTTPS_PROXY=http://localhost:8118 \\\n anthos-gke aws clusters get-credentials CLUSTER_NAME\n ```\n Replace \u003cvar translate=\"no\"\u003eCLUSTER_NAME\u003c/var\u003e with your user cluster name.\n\n \u003cbr /\u003e\n\n2. Delete any [Load balancers](/kubernetes-engine/multi-cloud/docs/aws/previous-generation/how-to/loadbalancer)\n [Ingress](/kubernetes-engine/multi-cloud/docs/aws/previous-generation/how-to/ingress), or\n [PersistentVolumeClaim](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#lifecycle-of-a-volume-and-claim)\n resources you created.\n\n 1. Use the following `kubectl` command to check if there are any remaining\n load balancer Services on your user cluster:\n\n env HTTPS_PROXY=http://localhost:8118 \\\n kubectl get services\n\n 2. Use the following `kubectl` command to check if there are any remaining\n PersistentVolumeClaims on your user cluster:\n\n env HTTPS_PROXY=http://localhost:8118 \\\n kubectl get persistentvolumeclaim\n\n 3. Use `kubectl delete` to delete any remaining Services or\n PersistentVolumeClaims you created. For example, to delete the\n LoadBalancer `my-lb-service`, run the following command:\n\n env HTTPS_PROXY=http://localhost:8118 \\\n kubectl delete service \u003cvar translate=\"no\"\u003emy-lb-service\u003c/var\u003e\n\n For example, to delete the\n PersistentVolumeClaims `my-pvc`, run the following command: \n\n env HTTPS_PROXY=http://localhost:8118 \\\n kubectl delete persistentvolumeclaim \u003cvar translate=\"no\"\u003emy-pvc\u003c/var\u003e\n\n3. From your `anthos-aws` directory, use\n `anthos-gke` to switch context to your management service.\n\n ```sh\n cd anthos-aws\n anthos-gke aws management get-credentials\n ```\n | **Note:** `anthos-gke` uses the credentials you specified when you ran `aws configure`.\n\n \u003cbr /\u003e\n\n4. Delete all AWSNodePools with `kubectl`.\n\n env HTTPS_PROXY=http://localhost:8118 \\\n kubectl delete AWSNodePool --all\n\n5. Delete all AWSCluster with `kubectl`.\n\n env HTTPS_PROXY=http://localhost:8118 \\\n kubectl delete AWSCluster --all\n\nRemoving a management service\n-----------------------------\n\nYou use `anthos-gke` to delete the management service.\n\n1. Change directory to the folder you created\n during [installation](/kubernetes-engine/multi-cloud/docs/aws/previous-generation/how-to/installing-management#configure).\n\n2. Use `anthos-gke` to delete resources for the management service.\n\n env HTTP_PROXY=http://localhost:8118 \\\n anthos-gke aws management delete\n\n | **Note:** The previous command uses the `HTTP_PROXY` environment variable instead of `HTTPS_PROXY`. The uninstallation process doesn't complete when using the `HTTPS_PROXY` environment variable.\n\nRemoving the AWS S3 bucket\n--------------------------\n\nWhen you create a management service, `anthos-gke` creates an S3 bucket on AWS\nwith binaries for cluster creation. The bucket is reused when you create new\nuser clusters. If you are no longer using GKE on AWS, you can\nremove the bucket after you delete your management service.\n\nTo delete the GKE on AWS S3 bucket, perform the following steps:\n\n1. To find the bucket's name, find the value of `gcs_download_bucket` in\n `terraform-workspace/terraform.tfvars.json` with `grep`.\n\n grep agent_s3_bucket terraform.tfvars.json\n\n2. Delete this s3 bucket and its contents with the `aws` command, replacing\n \u003cvar translate=\"no\"\u003ebucket-name\u003c/var\u003e with the name of your bucket from the previous\n command.\n\n aws s3 rb s3://\u003cvar translate=\"no\"\u003ebucket-name\u003c/var\u003e --force"]]
