Decommission the cluster without guessing what will be retained.

Deleting an OpenBaoCluster is not just removing Pods. The deletion policy determines whether PVC-backed data stays behind, whether critical secrets are preserved, and what still requires manual cleanup after the control plane is gone.

Use this page before you

• tear down a dev, staging, or production cluster intentionally
• change the deletion policy from the default retain behavior
• remove PVC-backed data as part of a deliberate teardown
• confirm whether snapshot backups still need manual cleanup afterward

Decision matrix

Choose the deletion policy

Choose the deletion policy.

Policy	Use it when	What gets deleted	Watch for
Retain	You want the safest default, especially for production clusters or any teardown where data may need to be recovered later.	Compute resources are removed, but PVCs and the key secrets needed to recover the data remain.	You must clean up retained data and secrets manually if the teardown is truly final.
DeletePVCs	You are tearing down an ephemeral or disposable environment and want the operator to remove PVC-backed data too.	Compute resources, secrets, and PVCs are deleted.	This is permanent data loss for the local cluster storage path.
DeleteAll	You want the most aggressive in-cluster cleanup the current implementation supports.	Compute resources and PVCs are deleted, but external object-storage backups are still left behind.	The API accepts the value, but external backup deletion is not implemented yet.

Understand what is retained

The default Retain behavior preserves the things you need if the deletion turns out not to be final:

• PVC-backed data
• the unseal key Secret
• the root token Secret
• any external backups already stored in object storage

Why the unseal key is retained

The unseal key material is what makes the retained PVC data usable later. If the operator let Kubernetes garbage-collect that Secret automatically, you could keep the encrypted data and still lose the practical ability to recover it.

Configure the teardown policy

Retain (Default)

Configure

Keep data and critical secrets after cluster deletion

yaml

spec:
deletionPolicy: Retain

DeletePVCs

Configure

Delete PVC-backed data during teardown

yaml

spec:
deletionPolicy: DeletePVCs

This removes the local storage path

Once the PVCs are deleted, the underlying volume data is gone unless you have an external snapshot or storage-level recovery path outside the operator.

DeleteAll

Configure

Request the most aggressive supported cleanup

yaml

spec:
deletionPolicy: DeleteAll

External backup deletion is still manual

DeleteAll currently removes PVC-backed data but does not delete snapshot objects already written to S3, GCS, or Azure Blob Storage.

Delete the cluster

Apply

Delete the OpenBaoCluster

bash

kubectl delete openbaocluster <name> -n <namespace>

If the cluster still serves production traffic, stop here and confirm your cutover, backup, and recovery assumptions before you continue.

Verify the cleanup result

Verify

Check for retained or remaining resources

bash

kubectl get pvc -n <namespace> -l openbao.org/cluster=<name>
kubectl get secret -n <namespace> -l openbao.org/cluster=<name>
kubectl get jobs -n <namespace> -l openbao.org/cluster=<name>

Under Retain, leftover PVCs and critical secrets are expected. Under DeletePVCs or DeleteAll, the PVC-backed path should be gone, but external backups still need their own manual cleanup decision.

Continue the teardown or recovery path

Open restore operationsUse the restore workflow if the goal changed from teardown to rebuilding from a snapshot.Review known limitationsConfirm the current pre-GA limitations around external backup deletion and other lifecycle edges.Run planned maintenanceGo back to the maintenance controls if the cluster is not actually ready for final teardown.