This topic lists and describes the shutdown and startup sequence for VMware Tanzu Kubernetes Grid Integrated Edition including Tanzu Kubernetes Grid Integrated Edition-provisioned Kubernetes cluster nodes, TKGI components, and (vSphere only) vSphere hosts.
Many of these operations use your IaaS dashboard, such as vSphere Client, Azure Portal, AWS Management Console, or GCP Console.
To perform a graceful shutdown of all Kubernetes, Tanzu Kubernetes Grid Integrated Edition, and infrastructure components, complete the following tasks in sequence.
If you have the Enable VM Resurrector Plugin checkbox selected in the BOSH Director tile > Director Config pane, you must turn BOSH resurrection off before restarting TKGI, to prevent BOSH from recreating VMs.
To do this, run the command bosh update-resurrection off
.
To ensure that all workloads are drained as the worker nodes shutdown, remove all PodDisruptionBudgets before deleting your apps.
To confirm the names of your existing PodDisruptionBudgets:
kubectl get poddisruptionbudgets -A
Back up all PodDisruptionBudgets.
To back up a single PodDisruptionBudget:
kubectl get poddisruptionbudget PDB-NAME -o yaml > PDB-NAME.yaml
Where PDB-NAME
is the name of one of your PodDisruptionBudgets.
Delete each PodDisruptionBudget until you have removed all PodDisruptionBudgets.
To delete a single PodDisruptionBudget:
kubectl edit poddisruptionbudget PDB-NAME
Where PDB-NAME
is the name of one of your PodDisruptionBudgets.
Shut down all customer apps running on Tanzu Kubernetes Grid Integrated Edition-provisioned Kubernetes clusters.
Note: This task is optional. Perform it after considering the types of apps you have deployed. For example, stateful, stateless, or legacy apps.
Shut down all Tanzu Kubernetes Grid Integrated Edition-provisioned Kubernetes clusters following the procedure defined in the How to shutdown and startup a Multi Control Plane Node TKGI cluster knowledge base article.
For each Kubernetes cluster that you intend to shut down, do the following:
Using the BOSH CLI, retrieve the BOSH deployment name of your Tanzu Kubernetes Grid Integrated Edition clusters by running the following command:
bosh deployments
Kubernetes cluster deployment names begin with service-instance_
and include a unique BOSH-generated hash.
Using the BOSH CLI, stop the Kubernetes worker nodes:
For a Linux worker:
bosh -d service-instance_CLUSTER-UUID stop worker
For a Windows worker:
bosh -d service-instance_CLUSTER-UUID stop windows-worker
Where CLUSTER-UUID
is the BOSH deployment name of your Tanzu Kubernetes Grid Integrated Edition cluster.
For example:
$ bosh -d service-instance_aa1234567bc8de9f0a1c stop worker
Note: When you use the BOSH stop
command, all processes on the Kubernetes node are stopped. BOSH marks them stopped so that when the VM is powered back on, the processes do not start automatically.
Using the BOSH CLI, stop the Kubernetes control plane nodes by running the following command:
bosh -d service-instance_CLUSTER-UUID stop master
Where CLUSTER-UUID
is the BOSH deployment name of your Tanzu Kubernetes Grid Integrated Edition cluster. For example:
$ bosh -d service-instance_aa1234567bc8de9f0a1c stop master
Using your IaaS dashboard, shut down all Kubernetes node VMs. To do this, perform the following steps:
Perform a graceful shutdown by right-clicking the target VM and selecting Power > Shut Down Guest OS.
To shut down the TKGI control plane, stop and shut down the TKGI API and TKGI Database VMs as follows:
To stop Tanzu Kubernetes Grid Integrated Edition control plane processes and services, do the following:
Using the BOSH CLI, retrieve the BOSH deployment ID of your Tanzu Kubernetes Grid Integrated Edition deployment by running the following command:
bosh deployments
The Tanzu Kubernetes Grid Integrated Edition deployment ID is pivotal-container-service-
followed by a unique BOSH-generated hash.
Stop the TKGI control plane VM by running the following command:
bosh -d pivotal-container-service-DEPLOYMENT-ID stop
Where DEPLOYMENT-ID
is the BOSH-generated ID of your Tanzu Kubernetes Grid Integrated Edition deployment.
For example:
$ bosh -d pivotal-container-service-1bf7b02738056cdc37e6 stop
To shut down the TKGI API and TKGI Database VMs, do the following:
Run the bosh vms
command to list your Tanzu Kubernetes Grid Integrated Edition control plane VMs.
bosh -d pivotal-container-service-DEPLOYMENT-ID vms
Where DEPLOYMENT-ID
is the BOSH-generated ID of your Tanzu Kubernetes Grid Integrated Edition deployment.
For example:
$ bosh -d pivotal-container-service-1bf7b02738056cdc37e6 vms
From the bosh vms
output, record:
pivotal-container-service/
followed by a unique BOSH-generated hash.pks-db/
followed by a unique BOSH-generated hash.For each TKGI Database VM listed, run bosh stop
to shut it down:
bosh -d TKGI-DATABASE-VM-ID stop
Where TKGI-DATABASE-VM-ID
is the name of the TKGI Database VM.
Using your IaaS dashboard, locate and gracefully shut down the TKGI API VMs:
To shut down the Harbor Registry VM, do the following:
Using the BOSH CLI, retrieve the BOSH deployment ID of your Harbor Registry deployment by running the following command:
bosh deployments
Harbor Registry deployment names begin with harbor-container-registry
and include a unique BOSH-generated hash.
Using the BOSH CLI, stop the Harbor Registry VM by running the following command:
bosh -d harbor-container-registry-DEPLOYMENT-ID stop
Where DEPLOYMENT-ID
is the BOSH-generated ID of your Harbor Registry deployment. For example:
$ bosh -d harbor-container-registry-b4023f6857207b237399 stop
Using vCenter, locate and gracefully shut down the Harbor Registry VM.
Using your IaaS dashboard, locate and gracefully shut down the BOSH Director VM.
View a larger version of this image.
Using your IaaS dashboard, locate and gracefully shut down the Ops Manager VM.
View a larger version of this image.
Using vCenter, gracefully shut down all NSX-T VMs in the following order:
View a larger version of this image.
To shut down the vCenter Server VM, do the following:
https://YOUR-VCENTER-HOSTNAME-OR-IP-ADDRESS>:5480
, where YOUR-VCENTER-HOSTNAME-OR-IP-ADDRESS
is the hostname or IP address that you use to connect to vCenter through the vSphere Web Client.For more information about how to shut down the vCenter Server VM, see Reboot or Shut Down the vCenter Server Appliance in the vSphere documentation and the How to stop, start, or restart vCenter Server 6.x services KB article.
Note: After you shut down this vCenter VM, the vSphere Web Client will not be available.
View a larger version of this image
To shut down each ESXi host in the vSphere cluster, do the following:
Put the ESXi host into maintenance mode by doing the following:
Power off the ESXi host. To do this, you have two options:
To restart all Kubernetes, Tanzu Kubernetes Grid Integrated Edition, and infrastructure components, complete the following tasks in the sequence presented.
To start the ESXi hosts, do the following:
Connect to the web interface of the ESXi server that hosts the vCenter VM. Select the vCenter VM, and click Power On.
To start the NSX-T components, perform the following steps:
Using your IaaS dashboard, power on the BOSH Director VM.
Note: BOSH is aware that all the VMs under its control were stopped. BOSH does not attempt to resurrect any VMs, which is the desired behavior.
It may take approximately 90 minutes for BOSH to start properly.
To speed up the BOSH startup process:
On the BOSH Director VM, run the following commands:
sudo -i
monit summary
If you see messages such as Process uaa Connection failed
and Process credhub not monitored
, then run the following command:
monit restart uaa
After a few minutes, run the following command again:
monit summary
You should see that the uaa
and credhub
processes are now running. At this point, the BOSH Director should be fully up and running.
To start the TKGI Control Plane, do the following:
Using your IaaS dashboard, power on the TKGI Database VMs.
Restart the TKGI Database VMs as follows, depending on whether they are scaled at 1
or 3
as determined in Stop the TKGI Control Plane:
TKGI Database Scaled at 1
:
To start the TKGI Database VM:
bosh -d TKGI-DB-VM-ID start
Where TKGI-DB-VM-ID
is the name of the TKGI Database VM listed by the bosh vms
command.
To start the TKGI Database deployment:
bosh -d DEPLOYMENT-ID start pks-db
Where DEPLOYMENT-ID
is the BOSH-generated ID of the Tanzu Kubernetes Grid Integrated Edition deployment.
TKGI Database Scaled at 3
:
Run the bootstrap
errand:
bosh -d tkgi-db-DEPLOYMENT-ID run-errand bootstrap
Where DEPLOYMENT-ID
is the BOSH-generated ID of the Tanzu Kubernetes Grid Integrated Edition deployment.
Note: For more information about the bootstrap
errand, see Run the Bootstrap Errand in the VMware Tanzu SQL with MySQL for VMs documentation.
Using your IaaS dashboard, power on the TKGI API VMs.
To start each TKGI API VM listed by the bosh vms
command:
bosh -d TKGI-API-VM-ID start
Where TKGI-API-VM-ID
is the name of a TKGI API VM. Your environment might have as many as three TKGI API VMs.
To start the TKGI API deployment:
bosh -d DEPLOYMENT-ID start pivotal-container-service
Where DEPLOYMENT-ID
is the BOSH-generated ID of the Tanzu Kubernetes Grid Integrated Edition deployment.
To start Harbor Registry, do the following:
Using the BOSH CLI, start the Harbor process on the VM by running the following command:
bosh -d harbor-container-registry-DEPLOYMENT-ID start
Where DEPLOYMENT-ID
is the BOSH-generated ID of your Harbor Registry deployment. For example:
$ bosh -d harbor-container-registry-b4023f6857207b237399 start
For each Kubernetes cluster that you intend to start, follow the steps in the section below that corresponds to the number of control plane nodes in the cluster:
Use the BOSH CLI to run the commands below. For more information about the BOSH CLI, see the BOSH CLI Documentation.
Retrieve the BOSH deployment name of your Tanzu Kubernetes Grid Integrated Edition cluster:
bosh deployments
Tanzu Kubernetes Grid Integrated Edition cluster deployment names begin with service-instance_
followed by the BOSH deployment name.
Start etcd on the master/0
node. A cluster with three members must have at least two members running to satisfy quorum, so you must first start one etcd instance.
bosh -d DEPLOYMENT-NAME ssh master/0 "sudo monit start etcd"
Where DEPLOYMENT-NAME
is the BOSH deployment name retrieved in the previous step.
View the status of etcd on the master/0
node:
bosh -d DEPLOYMENT-NAME ssh master/0 "sudo monit summary"
Where DEPLOYMENT-NAME
is the BOSH deployment name retrieved in the previous step. Wait until etcd on master/0
is running before executing the next step.
Start the master/1
node:
bosh -d DEPLOYMENT-NAME start master/1
Where DEPLOYMENT-NAME
is the BOSH deployment name retrieved in the previous step. Wait until master/1
has status Ready before executing the next step.
Start the master/2
node:
bosh -d DEPLOYMENT-NAME start master/2
Where DEPLOYMENT-NAME
is the BOSH deployment name retrieved in the previous step. Wait until master/2
has status Ready before executing the next step.
Stop etcd on the master/0
node:
bosh -d DEPLOYMENT-NAME ssh master/0 "sudo monit stop etcd"
Wait until etcd on master/0
has stopped and has status not monitored before executing the next step.
Start the master/0
node:
bosh -d DEPLOYMENT-NAME start master/0
Wait until master/0
has status Ready before executing the next step.
Start the Kubernetes worker nodes:
bosh -d DEPLOYMENT-NAME start worker
Use the BOSH CLI to run the commands below. For more information about the BOSH CLI, see the BOSH CLI Documentation.
Retrieve the BOSH deployment name of your Tanzu Kubernetes Grid Integrated Edition cluster:
bosh deployments
Tanzu Kubernetes Grid Integrated Edition cluster deployment names begin with service-instance_
followed by the BOSH deployment name.
Start etcd on the master/0
and master/1
nodes. A cluster with five members must have at least three members running to satisfy quorum, so you must first start two etcd instance.
bosh -d DEPLOYMENT-NAME ssh master/0 "sudo monit start etcd"
bosh -d DEPLOYMENT-NAME ssh master/1 "sudo monit start etcd"
Where DEPLOYMENT-NAME
is the BOSH deployment name retrieved in the previous step.
View the status of etcd on the master/0
and master/1
nodes:
bosh -d DEPLOYMENT-NAME ssh master/0 "sudo monit summary"
bosh -d DEPLOYMENT-NAME ssh master/1 "sudo monit summary"
Where DEPLOYMENT-NAME
is the BOSH deployment name retrieved in the previous step. Wait until etcd on master/0
and master/1
is running before executing the next step.
Start the master/2
node:
bosh -d DEPLOYMENT-NAME start master/2
Where DEPLOYMENT-NAME
is the BOSH deployment name retrieved in the previous step. Wait until master/2
has status Ready before executing the next step.
Start the master/3
node:
bosh -d DEPLOYMENT-NAME start master/3
Wait until master/3
has status Ready before executing the next step.
Start the master/4
node:
bosh -d DEPLOYMENT-NAME start master/4
Wait until master/4
has status Ready before executing the next step.
Stop etcd on the master/1
node:
bosh -d DEPLOYMENT-NAME ssh master/1 "sudo monit stop etcd"
Wait until etcd on master/1
has stopped and has status not monitored before executing the next step.
Start the master/1
node:
bosh -d DEPLOYMENT-NAME start master/1
Wait until master/1
has status Ready before executing the next step.
Stop etcd on the master/0
node:
bosh -d DEPLOYMENT-NAME ssh master/0 "sudo monit stop etcd"
Wait until etcd on master/0
has stopped and has status not monitored before executing the next step.
Start the master/0
node:
bosh -d DEPLOYMENT-NAME start master/0
Wait until master/0
has status Ready before executing the next step.
Start the Kubernetes worker nodes:
bosh -d DEPLOYMENT-NAME start worker
Start all apps running on the Tanzu Kubernetes Grid Integrated Edition-provisioned Kubernetes clusters.
After you have restarted your apps, restore your PodDisruptionBudgets.
To restore your PodDisruptionBudgets, re-create each of the PodDisruptionBudgets you backed up before stopping your apps.
To re-create a single PodDisruptionBudget:
kubectl apply -f PDB-CONFIG-NAME
Where PDB-CONFIG-NAME
is the name of one of the backup PodDisruptionBudget YAML configuration files that you created before stopping your apps.
Turn BOSH resurrection back on by running the command bosh update-resurrection on
.