You start the management components for a VI workload domain with vSphere with Tanzu in a specific order to provide the necessary infrastructure, networking, and management services before powering on the components for containerized workload management.

You start the management components for the management domain first. Then, you start the management components for the VI workload domains and the customer workloads.

If the NSX Manager cluster and NSX Edge cluster are shared with other VI workload domains, follow this general order:

  1. Start the other VI workload domains.
  2. Start the VI workload domain that runs the shared NSX Edge nodes.
  3. Start the customer workloads that rely on NSX services.

Startup Order for a VI Workload Domain with vSphere with Tanzu

Table 1. Startup Order for a VI Workload Domain with vSphere with Tanzu

Startup Order

SDDC Component

1

ESXi hosts and vSAN for the VI workload domain
2

vCenter Server for the VI workload domain

3

 vCLS virtual machines

4

NSX Manager nodes for the VI workload domain

5

NSX Edge nodes for the VI workload domain
6 Started automatically after you start vCenter Server and vCLS, and NSX for the VI workload domain.
  • Supervisor Control Plane virtual machines
  • Tanzu Kubernetes Cluster control plane virtual machines
  • Tanzu Kubernetes Cluster worker virtual machines
  • Harbor registry virtual machines
7 Containerized customer workloads

For information on the startup steps, see below.

Start vSAN and ESXi Hosts in a Virtual Infrastructure Workload Domain with vSphere with Tanzu

You start the ESXi hosts using an out-of-band management interface, such as, ILO or iDRAC to connect to the hosts and power them on. You then exit maintenance mode for the ESXi hosts and prepare the vSAN cluster for startup.

Procedure

  1. Power on the first ESXi host in the VI workload domain.
    1. Log in to the first ESXi host in the workload domain by using the out-of-band management interface.
    2. Power on the ESXi host according to the hardware vendor guide.
  2. Repeat the previous step to start all the remaining ESXi hosts in the workload domain.

    This operation takes several minutes to complete.

  3. If your VMware Cloud Foundation environment has several VI workload domains with vSphere with Tanzu, start all ESXi hosts in all these workload domains to save time because the vSAN scan operation which takes place at ESXi startup requires some time to complete.
  4. Turn on SSH on all hosts in the domain by using the SoS utility of the SDDC Manager appliance.
    1. Log in to the SDDC Manager appliance by using a Secure Shell (SSH) client as vcf.
    2. Switch to the root user by running the su command and entering the root password.
    3. Run this command. 
      /opt/vmware/sddc-support/sos --enable-ssh-esxi --domain domain-name
  5. Log in to the first ESXi host in the domain as root by using a Secure Shell (SSH) client.
  6. Take the ESXi host out of maintenance mode by running the command. 
    esxcli system maintenanceMode set -e false
  7. Repeat 5 and 6 on all the remaining ESXi hosts in the domain.
  8. On the first ESXi host in each vSAN cluster, run the command to prepare the vSAN cluster for starting. 
    python /usr/lib/vmware/vsan/bin/reboot_helper.py recover

    The command returns Cluster reboot/poweron is completed successfully!

  9. Verify that all hosts in the vSAN cluster are available by running the command. 
    esxcli vsan cluster get

    Look for the following strings in the output:

    • Local Node Type: NORMAL

    • Local Node Health State: HEALTHY

  10. Turn on vSAN cluster member updates by running the command. 
    esxcfg-advcfg -s 0 /VSAN/IgnoreClusterMemberListUpdates

    The command returns Value of IgnoreClusterMemberListUpdates is 0.

  11. Repeat Step 9 and Step 10 for the remaining ESXi hosts in the workload domain.
  12. Deactivate SSH on the ESXi hosts in the domain from the SDDC Manager appliance.
    1. Log in to the SDDC Manager appliance by using a Secure Shell (SSH) client as vcf.
    2. Switch to the root user by running the su command and entering the root password.
    3. Run this command. 
      /opt/vmware/sddc-support/sos --disable-ssh-esxi --domain domain-name

Start vCenter Server for a Virtual Infrastructure Workload Domain with vSphere with Tanzu

Use the vSphere Client to power on the vCenter Server appliance in the VI workload domain. If the workload domain contains a vSAN cluster, check its health status too.

Procedure

  1. Log in to the management domain vCenter Server at https://<vcenter_server_fqdn>/ui as [email protected].
  2. In the VMs and templates inventory, expand the management domain vCenter Server tree and expand the management domain data center.
  3. Start vCenter Server.
    1. Locate the vCenter Server virtual machine for the VI workload domain.
    2. Right-click the virtual machine and select Power > Power on.

    The startup of the virtual machine and the vSphere services takes some time to complete.

  4. Log in to the VI workload domain vCenter Server at https://<vcenter_server_fqdn>/ui as [email protected].
  5. In the Hosts and clusters inventory, expand the tree of the VI workload domain vCenter Server and expand the data center for the VI workload domain.
  6. Verify the vSAN health and resynchronization status.
    1. Select the vSAN cluster in the VI workload domain and click the Monitor tab.
    2. In the left pane, navigate to vSAN > Skyline health and verify the status of each vSAN health check category.
    3. In the left pane, navigate to vSAN > Resyncing objects and verify that all synchronization tasks are complete.
  7. If a vSAN cluster has vSphere HA turned on by design, start vSphere HA.
    1. Select the vSAN cluster and click the Configuretab.
    2. In the left pane, select Services > vSphere Availability and click the Edit button.
    3. In the Edit Cluster Settings dialog box, turn on vSphere HA and click OK.
  8. Verify that the Kubernetes services are started.
    1. Log in to the VI workload domain vCenter Server by using a Secure Shell (SSH) client as root.
    2. To switch to the Bash shell, run the shell command.
    3. Run the command. 
      vmon-cli -s wcp

      The command returns RunState: STARTED

Start the vSphere Cluster Services for a Virtual Infrastructure Workload Domain with vSphere with Tanzu

You start the vSphere Cluster Services (vCLS) virtual machines in a VI workload domain with vSphere with Tanzu by deactivating the retreat mode on the target cluster. Starting the vCLS virtual machines makes vSphere DRS and vSphere HA available to the workloads running on the clusters in the workload domain again.

Perform this operation on all vSAN clusters in the other workload domains with vSphere with Tanzu.

Procedure

  1. Log in to the VI workload domain vCenter Server at https://<vcenter_server_fqdn>/ui as [email protected].
  2. In the Hosts and clusters inventory, expand the tree of the VI workload domain vCenter Server and expand the data center for the VI workload domain.
  3. Select the cluster on which vCLS must be started.
  4. Copy the cluster domain ID domain-c(cluster_domain_id) from the URL of the browser.

    When you navigate to a cluster in the vSphere Client, the URL is similar to this one:

    https://<fqdn-of-vCenter-server>/ui/app/cluster;nav=h/urn:vmomi:ClusterComputeResource:domain-c8:eef257af-fa50-455a-af7a-6899324fabe6/summary

    You copy only domain-c8.

  5. In the Host and Clustersinventory, select the vCenter Server instance for the management domain or the VI workload domain and click the Configure tab.
  6. Under Advanced Settings, click the Edit Settings button.
  7. Locate the config.vcls.clusters.domain-c(number).enabled property for the domain cluster ID from 4and set it to true.
  8. Click Save

Start the NSX Manager Virtual Machines

You begin powering on the NSX infrastructure in the management domain or in a VI workload domain by starting the three-node NSX Manager cluster by using the vSphere Client.

Procedure

  1. Log in to the management domain vCenter Server at https://<vcenter_server_fqdn>/ui as [email protected].
  2. In the VMs and templates inventory, expand the management domain vCenter Server tree and expand the management domain data center.
  3. Power on the NSX Manager nodes for the management domain or the VI workload domain.
    1. Right-click the primary NSX Manager node and select Power > Power on.
    2. Repeat the steps to power on the remaining NSX Manager nodes.

    This operation takes several minutes to complete until the NSX Manager cluster becomes fully operational again and its user interface - accessible.

  4. Log in to NSX Manager for the management domain or VI workload domain at https://<nsxt_manager_cluster_fqdn> as admin.
  5. Verify the system status of NSX Manager cluster.
    1. On the main navigation bar, click System.
    2. In the left pane, navigate to Configuration > Appliances.
    3. On the Appliances page, verify that the NSX Manager cluster has a Stable status and all NSX Manager nodes are available.

Start the NSX Edge Nodes

You continue powering on the NSX infrastructure in the management domain or in a VI workload domain by starting the NSX Edge nodes by using the vSphere Client.

Procedure

  1. Log in to vCenter Server for the management or VI workload domain at https://<vcenter_server_fqdn>/ui as [email protected].
  2. In the VMs and templates inventory, expand the tree of workload domain vCenter Server and expand data center for the workload domain.
  3. Right-click an NSX Edge virtual machine from the edge cluster and select Power > Power on.

    This operations takes several minutes to complete.

  4. Repeat these steps to power on the remaining NSX Edge nodes.