Troubleshoot Tanzu Application Platform GUI
This topic tells you how to troubleshoot issues encountered when installing Tanzu Application Platform GUI (commonly called TAP GUI). The topic is divided into sections:
- General issues
- Runtime Resources tab issues
- Accelerators page issues
- Security Analysis plug-in issues
- Supply Chain Choreographer plug-in issues
General issues
The following are general issues:
Tanzu Developer Portal reports that the port range is not valid
Symptom
You provided a full URL in a backend.reading.allow entry, as in this example tap-values.yaml snippet:
tap_gui:
app_config:
backend:
reading:
allow:
- host: http://gitlab.example.com/some-group/some-repo/-/blob/main/catalog-info.yaml
and you see the following error message:
Backend failed to start up, Error: Port range is not valid: //gitlab.example.com/some-group/some-repo/-/blob/main/catalog-info.yaml
Cause
Tanzu Application Platform GUI expects a host name to be passed into the field backend.reading.allow[].host.
Solution
Edit your tap-values.yaml file as in the following example:
tap_gui:
app_config:
backend:
reading:
allow:
- host: gitlab.example.com
paths: ['/some-group/some-repo/']
Tanzu Application Platform GUI does not load the catalog
Symptom
You are able to visit Tanzu Application Platform GUI, but it does not load the catalog and you see the following error message.
> Error: Could not fetch catalog entities.
> TypeError: Failed to fetch
When viewing your network tab you see that your browser has not downloaded mixed content. This might look different on different browsers.
- Chrome
-
In the
Status column you see
(blocked:mixed-content)
- Firefox
-
In the
Transferred column you see
Mixed Block
Cause
As of Tanzu Application Platform v1.4, Tanzu Application Platform GUI provides TLS connections by default. Because of this, if you visit a Tanzu Application Platform GUI site your connection is automatically upgraded to https.
You might have manually set the fields app.baseUrl, backend.baseUrl, and backend.cors.origin in your tap-values.yaml file. Tanzu Application Platform GUI uses the baseUrl to determine how to create links to fetch from its APIs. The combination of these two factors causes your browser to attempt to fetch mixed content.
Solution
The solution is to delete these fields or update your values in tap-values.yaml to reflect that your Tanzu Application Platform GUI instance is serving https, as in the following example:
tap_gui:
app_config:
app:
baseUrl: https://tap-gui.INGRESS-DOMAIN/
backend:
baseUrl: https://tap-gui.INGRESS-DOMAIN/
cors:
origin: https://tap-gui.INGRESS-DOMAIN/
Where INGRESS-DOMAIN is the ingress domain you have configured for Tanzu Application Platform.
The installer determines acceptable values based on your tap_gui.ingressDomain or shared.ingress_domain and the TLS status of the installation.
Updating a supply chain causes an error (Can not create edge...)
Symptom
Updating a supply chain causes an error (Can not create edge...) when an existing workload is clicked in the Workloads table and that supply chain is no longer present.
Solution
Recreate the same workload to execute through the new or updated supply chain.
Catalog not found
Symptom
When you pull up Tanzu Application Platform GUI, you get the error Catalog Not Found.
Cause
The catalog plug-in can’t read the Git location of your catalog definition files.
Solution
- Ensure you have built your own Backstage-compatible catalog or that you have downloaded one of the Tanzu Application Platform GUI catalogs from VMware Tanzu Network.
-
Ensure you defined the catalog in the values file that you input as part of installation. To update this location, change the definition file:
- Change the Tanzu Application Platform profile file if installed by using a profile.
- Change the standalone Tanzu Application Platform GUI values file if you’re only installing that package on its own.
namespace: tap-gui service_type: SERVICE-TYPE app_config: catalog: locations: - type: url target: https://GIT-CATALOG-URL/catalog-info.yaml -
Provide the proper integration information for the Git location you specified earlier.
namespace: tap-gui service_type: SERVICE-TYPE app_config: app: baseUrl: https://EXTERNAL-IP:PORT integrations: gitlab: # Other integrations available - host: GITLAB-HOST apiBaseUrl: https://GITLAB-URL/api/v4 token: GITLAB-TOKEN
You can substitute for other integrations as defined in the Backstage documentation.
Issues updating the values file
Symptom
After updating the configuration of Tanzu Application Platform GUI, either by using a profile or as a standalone package installation, you don’t know whether the configuration has reloaded.
Solution
-
Get the name you need by running:
kubectl get pods -n tap-guiFor example:
$ kubectl get pods -n tap-gui NAME READY STATUS RESTARTS AGE server-6b9ff657bd-hllq9 1/1 Running 0 13m -
Read the log of the pod to see if the configuration reloaded by running:
kubectl logs NAME -n tap-guiWhere
NAMEis the value you recorded earlier, such asserver-6b9ff657bd-hllq9. -
Search for a line similar to this one:
2021-10-29T15:08:49.725Z backstage info Reloaded config from app-config.yaml, app-config.yaml -
If need be, delete and re-instantiate the pod.
Caution
Depending on your database configuration, deleting, and re-instantiating the pod might cause the loss of user preferences and manually registered entities. If you have configured an external PostgreSQL database,
tap-guipods are not stateful. In most cases, state is held in ConfigMaps, Secrets, or the database. For more information, see Configuring the Tanzu Application Platform GUI database and Register components.To delete and re-instantiate the pod, run:
kubectl delete pod -l app=backstage -n tap-gui
Pull logs from Tanzu Application Platform GUI
Symptom
You have a problem with Tanzu Application Platform GUI, such as Catalog: Not Found, and don’t have enough information to diagnose it.
Solution
Get timestamped logs from the running pod and review the logs:
-
Pull the logs by using the pod label by running:
kubectl logs -l app=backstage -n tap-gui -
Review the logs.
Runtime Resources tab issues
Here are some common troubleshooting steps for errors presented in the Runtime Resources tab.
Error communicating with Tanzu Application Platform web server
Symptom
When accessing the Runtime Resource Visibility tab, the system displays Error communicating with TAP GUI back end.
Causes
- An interrupted Internet connection
- Error with the back end service
Solution
- Confirm that you have Internet access.
- Confirm that the back-end service is running correctly.
- Confirm the cluster configuration is correct.
No data available
Symptom
When accessing the Runtime Resource Visibility tab, the system displays
One or more resources are missing. This could be due to a label mismatch. \
Please make sure your resources have the label(s) "LABEL_SELECTOR".
Cause
No communications error has occurred, but no resources were found.
Solution
Confirm that you are using the correct label:
-
Verify the Component definition includes the annotation
backstage.io/kubernetes-label-selector. -
Confirm your Kubernetes resources correspond to that label drop-down menu.
Errors retrieving resources
Symptom
When opening the Runtime Resource Visibility tab, the system displays One or more resources might be missing because of cluster query errors.
The reported errors might not indicate a real problem. A build cluster might not have runtime CRDs installed, such as Knative Service, and a run cluster might not have build CRDs installed, such as a Cartographer workload. In these cases, 403 and 404 errors might be false positives.
You might receive the following error messages:
-
Access error when querying cluster CLUSTER_NAME for resource KUBERNETES_RESOURCE_PATH (status: 401). Contact your administrator.- Cause: There is a problem with the cluster configuration.
- Solution: Confirm the access token used to request information in the cluster.
-
Access error when querying cluster CLUSTER_NAME for resource KUBERNETES_RESOURCE_PATH (status: 403). Contact your administrator.- Cause: The service account used doesn’t have access to the specific resource type in the cluster.
- Solution: If the cluster is the same where Tanzu Application Platform is running, review the version installed to confirm it contains the desired resource. If the error is in a watched cluster, review the process to grant access to it in Viewing resources on multiple clusters in Tanzu Application Platform GUI.
-
Knative is not installed on CLUSTER_NAME (status: 404). Contact your administrator.- Cause: The cluster does not have Cloud Native Runtimes installed.
- Solution: Install the Knative components by following the instructions in Install Cloud Native Runtimes.
-
Error when querying cluster CLUSTER_NAME for resource KUBERNETES_RESOURCE_PATH (status: 404). Contact your administrator.- Cause: The package that contains the resource is not installed.
- Solution: Install the missing package.
Accelerators page issues
Here are some common troubleshooting steps for errors displayed on the Accelerators page.
No accelerators
Symptom
When the app_config.backend.reading.allow section is configured in the tap-values.yaml file during the tap-gui package installation, there are no accelerators on the Accelerators page.
Cause
This section in tap-values.yaml overrides the default configuration that gives Tanzu Application Platform GUI access to the accelerators.
Solution
As a workaround, provide a value for Application Accelerator in this section. For example:
app_config:
# Existing tap-values yaml above
backend:
reading:
allow:
- host: acc-server.accelerator-system.svc.cluster.local
Security Analysis plug-in issues
Here are troubleshooting steps for errors affecting the Security Analysis page.
Empty dashboard after upgrading from Tanzu Application Platform v1.3
Symptom
After upgrading to Tanzu Application Platform v1.4 from v1.3, the Security Analysis GUI dashboard appears empty.
Cause
From Tanzu Application Platform v1.4, the dashboard displays information from the Metadata Store. Previously, the Security Analysis GUI dashboard polled the Kubernetes clusters for information.
Solution
Repopulate the dashboard by running new source scans and image scans. To do so, do one of the following actions:
- Trigger a workload to run with a new commit to the source code
- Delete the relevant SourceScan or ImageScan on the Kubernetes cluster
Supply Chain Choreographer plug-in issues
These are troubleshooting steps for the Supply Chain Choreographer plug-in.
An error occurred while loading data from the Metadata Store
Symptom
In the Supply Chain Choreographer plug-in, you see the error message An error occurred while loading data from the Metadata Store.
Cause
There are multiple potential causes. The most common cause is tap-values.yaml missing the configuration that enables Tanzu Application Platform GUI to communicate with Supply Chain Security Tools - Store.
Solution
See Supply Chain Choreographer - Enable CVE scan results for the necessary configuration to add to tap-values.yaml. After adding the configuration, update your Tanzu Application Platform deployment or Tanzu Application Platform GUI deployment with the new values.
