When the Tanzu Kubernetes Grid Service provisions a Tanzu Kubernetes cluster, several status conditions are reported that you can use to get direct insight into key aspects of machine health.
Check TanzuKubernetesCluster Readiness
You can use the TanzuKubernetesCluster readiness conditions to determine which, if any, phase or component is not ready. See ControlPlaneReady Condition and Reasons.
Once you check for cluster readiness, to diagnose further you can use capwcluster and machine conditions to look further in more detail failure. See Check Tanzu Kubernetes Machine Health and Check Tanzu Kubernetes Cluster Health.
To check the readiness of a
Tanzu Kubernetes cluster:
- Log in to the Supervisor Cluster.
- Switch conext to the namespace where the target cluster is provisioned. For example:
kubectl config use-context tkgs-cluster-ns
- Run the command
kubectl get tkc -o yaml. The system displays the cluster readiness conditions. For example:status: addons: authsvc: conditions: - lastTransitionTime: "2021-01-30T19:53:54Z" status: "True" type: AuthServiceProvisioned name: authsvc status: applied version: 0.1-66-g8b8f07f cloudprovider: conditions: - lastTransitionTime: "2021-01-30T19:53:53Z" status: "True" type: CPIProvisioned name: vmware-guest-cluster status: applied version: 0.1-77-g5875817 cni: conditions: - lastTransitionTime: "2021-01-30T19:53:53Z" status: "True" type: CNIProvisioned name: calico status: applied version: 1.16.14+vmware.1-tkg.1.ada4837 csi: conditions: - lastTransitionTime: "2021-01-30T19:53:54Z" status: "True" type: CSIProvisioned name: pvcsi status: applied version: v0.0.1.alpha+vmware.79-7ecdcb1 dns: conditions: - lastTransitionTime: "2021-01-30T19:53:48Z" status: "True" type: CoreDNSProvisioned name: CoreDNS status: applied version: v1.6.2_vmware.10 proxy: conditions: - lastTransitionTime: "2021-01-30T19:53:48Z" status: "True" type: KubeProxyProvisioned name: kube-proxy status: applied version: 1.16.14+vmware.1 psp: conditions: - lastTransitionTime: "2021-01-30T19:53:47Z" status: "True" type: PSPProvisioned name: defaultpsp status: applied version: v1.16.14+vmware.1-tkg.1.ada4837 clusterApiStatus: apiEndpoints: - host: 192.168.1.2 port: 6443 phase: Provisioned conditions: - lastTransitionTime: "2021-01-30T19:53:54Z" status: "True" type: AddonsReady - lastTransitionTime: "2021-01-30T19:51:11Z" status: "True" type: ControlPlaneReady - lastTransitionTime: "2021-01-30T19:51:04Z" message: 3/3 Control Plane Node(s) healthy. 1/1 Worker Node(s) healthy status: "True" type: NodesHealthy - lastTransitionTime: "2021-01-31T21:22:45Z" status: "True" type: ProviderServiceAccountsReady - lastTransitionTime: "2021-01-30T19:53:50Z" status: "True" type: RoleBindingSynced - lastTransitionTime: "2021-01-30T19:53:58Z" status: "True" type: ServiceDiscoveryReady - lastTransitionTime: "2021-01-30T19:53:59Z" status: "True" type: StorageClassSynced - lastTransitionTime: "2021-01-27T11:34:53Z" status: "True" type: TanzuKubernetesReleaseCompatible - lastTransitionTime: "2021-01-27T11:34:54Z" message: '[1.17.13+vmware.1-tkg.2.2c133ed]' severity: Info status: "True" type: UpdatesAvailable
ControlPlaneReady Condition and Reasons
The table lists and describes the
ControlPlaneReady condition.
| Condition Type | Description |
|---|---|
ControlPlaneReady |
Reports if the control plane nodes are ready and functional for the cluster. |
The table lists and describes the reasons why the ControlPlaneReady condition may be false.
| Reason | Severity | Description |
|---|---|---|
WaitingForClusterInfrastructure |
Indicates that the cluster is waiting for prerequisites that are necessary for running machines, such as a a load balancer. This reason is only used if the InfrastructureCluster is not reporting its own ready condition. | |
WaitingForControlPlaneInitialized |
Indicates that the first control plane node is initializing. | |
WaitingForControlPlane |
Reflects the condition of KubeadmControlPlane. This reason is used if the KubeadmControlPlane is not reporting its own ready condition. | |
| Waiting for cluster infrastructure to be ready | Message | Indicates that the cluster is waiting for prerequisites that are necessary for running machines, such as networking and load balancers. |
NodesHealthy Condition and Reasons
The table lists and describes the
NodesHealthy condition.
| Condition Type | Description |
|---|---|
NodesHealthy |
Reports the status of TanzuKubernetesCluster nodes. |
The table lists and describes the reason for the NodesHealthy condition not being true.
| Reason | Severity | Description |
|---|---|---|
WaitingForNodesHealthy |
Documents that not all the Nodes are healthy. |
Addons Conditions and Reasons
The table lists and describes the conditions related to cluster addon components.
| Condition Type | Description |
|---|---|
AddonsReady |
Summary of conditions for TanzuKubernetesCluster addons (CoreDNS, KubeProxy, CSP, CPI, CNI, AuthSvc) . |
CNIProvisioned |
Documents the status of TanzuKubernetesCluster container network interface (CNI) addon. |
CSIProvisioned |
Documents the status of TanzuKubernetesCluster container storage interface (CSI) addon. |
CPIProvisioned |
Documents the status of TanzuKubernetesCluster cloud provider inteface (CPI) addon. |
KubeProxyProvisioned |
Documents the status of TanzuKubernetesCluster KubeProxy addon. |
CoreDNSProvisioned |
Documents the status of TanzuKubernetesCluster CoreDNS addon. |
AuthServiceProvisioned |
Documents the status of TanzuKubernetesCluster AuthService addon. |
PSPProvisioned |
Documents the status of PodSecurityPolicy. |
The table lists and describes the reasons addon conditions not being true.
| Reason | Severity | Description |
|---|---|---|
AddonsReconciliationFailed |
Summarized reason for all addons reconciliation failures. | |
CNIProvisioningFailed |
Warning | Documents CNI addon failed to create or update. |
CSIProvisioningFailed |
Warning | Documents CSI addon failed to create or update. |
CPIProvisioningFailed |
Warning | Documents CPI addon failed to create or update. |
KubeProxyProvisioningFailed |
Warning | Documents KubeProxy addon failed to create or update. |
CoreDNSProvisioningFailed |
Warning | Documents CoreDNS addon failed to create or update. |
AuthServiceProvisioningFailed |
Warning | Documents AuthService addon failed to create or update. |
AuthServiceUnManaged |
Documents AuthService is not managed by controller. | |
PSPProvisioningFailed |
Warning | Documents PodSecurityPolicy addons failed to create or update. |
Other Conditions and Reasons
The table lists and describes conditions for StorageClass and RoleBinding synchronization, ProviderServiceAccount resource reconciliation, ServiceDiscovery, and TanzuKubernetesCluster compatability.
| Condition | Description |
|---|---|
StorageClassSynced |
Documents the status of StorageClass synchronization from Supervisor Cluster to workload cluster. |
RoleBindingSynced |
Documents the status of RoleBinding synchronization from the Supervisor Cluster to the workload cluster. |
ProviderServiceAccountsReady |
Documents the status of provider service accounts and related Roles, RoleBindings and Secrets are created. |
ServiceDiscoveryReady |
Documents the status of service discoveries. |
TanzuKubernetesReleaseCompatible |
Indicates if the TanzuKubernetesCluster is compatible with the TanzuKubernetesRelease. |
The table lists and describes the reasons for other conditions not being true.
| Reason | Severity | Description |
|---|---|---|
StorageClassSyncFailed |
Reports the StorageClass synchronization failed. | |
RoleBindingSyncFailed |
Reports the RoleBinding synchronization failed. | |
ProviderServiceAccountsReconciliationFailed |
Reports that provider service accounts related resources reconciliation failed. | |
SupervisorHeadlessServiceSetupFailed |
Documents the headless service setup for Supervisor Cluster API server failed. |
