When the Tanzu Kubernetes Grid Service provisions a Tanzu Kubernetes cluster, several status conditions are reported that you can use to get direct insight into key aspects of machine health.

Check TanzuKubernetesCluster Readiness

You can use the TanzuKubernetesCluster readiness conditions to determine which, if any, phase or component is not ready. See ControlPlaneReady Condition and Reasons.

Once you check for cluster readiness, to diagnose further you can use capwcluster and machine conditions to look further in more detail failure. See Check Tanzu Kubernetes Machine Health and Check Tanzu Kubernetes Cluster Health.

To check the readiness of a Tanzu Kubernetes cluster:
  1. Log in to the Supervisor Cluster.
  2. Switch conext to the namespace where the target cluster is provisioned. For example:
    kubectl config use-context tkgs-cluster-ns
  3. Run the command kubectl get tkc -o yaml. The system displays the cluster readiness conditions. For example:
      status:
        addons:
          authsvc:
            conditions:
            - lastTransitionTime: "2021-01-30T19:53:54Z"
              status: "True"
              type: AuthServiceProvisioned
            name: authsvc
            status: applied
            version: 0.1-66-g8b8f07f
          cloudprovider:
            conditions:
            - lastTransitionTime: "2021-01-30T19:53:53Z"
              status: "True"
              type: CPIProvisioned
            name: vmware-guest-cluster
            status: applied
            version: 0.1-77-g5875817
          cni:
            conditions:
            - lastTransitionTime: "2021-01-30T19:53:53Z"
              status: "True"
              type: CNIProvisioned
            name: calico
            status: applied
            version: 1.16.14+vmware.1-tkg.1.ada4837
          csi:
            conditions:
            - lastTransitionTime: "2021-01-30T19:53:54Z"
              status: "True"
              type: CSIProvisioned
            name: pvcsi
            status: applied
            version: v0.0.1.alpha+vmware.79-7ecdcb1
          dns:
            conditions:
            - lastTransitionTime: "2021-01-30T19:53:48Z"
              status: "True"
              type: CoreDNSProvisioned
            name: CoreDNS
            status: applied
            version: v1.6.2_vmware.10
          proxy:
            conditions:
            - lastTransitionTime: "2021-01-30T19:53:48Z"
              status: "True"
              type: KubeProxyProvisioned
            name: kube-proxy
            status: applied
            version: 1.16.14+vmware.1
          psp:
            conditions:
            - lastTransitionTime: "2021-01-30T19:53:47Z"
              status: "True"
              type: PSPProvisioned
            name: defaultpsp
            status: applied
            version: v1.16.14+vmware.1-tkg.1.ada4837
        clusterApiStatus:
          apiEndpoints:
          - host: 192.168.1.2
            port: 6443
          phase: Provisioned
        conditions:
        - lastTransitionTime: "2021-01-30T19:53:54Z"
          status: "True"
          type: AddonsReady
        - lastTransitionTime: "2021-01-30T19:51:11Z"
          status: "True"
          type: ControlPlaneReady
        - lastTransitionTime: "2021-01-30T19:51:04Z"
          message: 3/3 Control Plane Node(s) healthy. 1/1 Worker Node(s) healthy
          status: "True"
          type: NodesHealthy
        - lastTransitionTime: "2021-01-31T21:22:45Z"
          status: "True"
          type: ProviderServiceAccountsReady
        - lastTransitionTime: "2021-01-30T19:53:50Z"
          status: "True"
          type: RoleBindingSynced
        - lastTransitionTime: "2021-01-30T19:53:58Z"
          status: "True"
          type: ServiceDiscoveryReady
        - lastTransitionTime: "2021-01-30T19:53:59Z"
          status: "True"
          type: StorageClassSynced
        - lastTransitionTime: "2021-01-27T11:34:53Z"
          status: "True"
          type: TanzuKubernetesReleaseCompatible
        - lastTransitionTime: "2021-01-27T11:34:54Z"
          message: '[1.17.13+vmware.1-tkg.2.2c133ed]'
          severity: Info
          status: "True"
          type: UpdatesAvailable

ControlPlaneReady Condition and Reasons

The table lists and describes the ControlPlaneReady condition.
Table 1. ControlPlaneReady Condition
Condition Type Description
ControlPlaneReady Reports if the control plane nodes are ready and functional for the cluster.

The table lists and describes the reasons why the ControlPlaneReady condition may be false.

Table 2. ControlPlaneReady False Reasons
Reason Severity Description
WaitingForClusterInfrastructure Indicates that the cluster is waiting for prerequisites that are necessary for running machines, such as a a load balancer. This reason is only used if the InfrastructureCluster is not reporting its own ready condition.
WaitingForControlPlaneInitialized Indicates that the first control plane node is initializing.
WaitingForControlPlane Reflects the condition of KubeadmControlPlane. This reason is used if the KubeadmControlPlane is not reporting its own ready condition.
Waiting for cluster infrastructure to be ready Message Indicates that the cluster is waiting for prerequisites that are necessary for running machines, such as networking and load balancers.

NodesHealthy Condition and Reasons

The table lists and describes the NodesHealthy condition.
Table 3. NodesHealthy Condition
Condition Type Description
NodesHealthy Reports the status of TanzuKubernetesCluster nodes.

The table lists and describes the reason for the NodesHealthy condition not being true.

Table 4. NodesHealthy False Reason
Reason Severity Description
WaitingForNodesHealthy Documents that not all the Nodes are healthy.

Addons Conditions and Reasons

The table lists and describes the conditions related to cluster addon components.
Table 5. Addons Conditions
Condition Type Description
AddonsReady Summary of conditions for TanzuKubernetesCluster addons (CoreDNS, KubeProxy, CSP, CPI, CNI, AuthSvc) .
CNIProvisioned Documents the status of TanzuKubernetesCluster container network interface (CNI) addon.
CSIProvisioned Documents the status of TanzuKubernetesCluster container storage interface (CSI) addon.
CPIProvisioned Documents the status of TanzuKubernetesCluster cloud provider inteface (CPI) addon.
KubeProxyProvisioned Documents the status of TanzuKubernetesCluster KubeProxy addon.
CoreDNSProvisioned Documents the status of TanzuKubernetesCluster CoreDNS addon.
AuthServiceProvisioned Documents the status of TanzuKubernetesCluster AuthService addon.
PSPProvisioned Documents the status of PodSecurityPolicy.
The table lists and describes the reasons addon conditions not being true.
Table 6. Addons False Reasons
Reason Severity Description
AddonsReconciliationFailed Summarized reason for all addons reconciliation failures.
CNIProvisioningFailed Warning Documents CNI addon failed to create or update.
CSIProvisioningFailed Warning Documents CSI addon failed to create or update.
CPIProvisioningFailed Warning Documents CPI addon failed to create or update.
KubeProxyProvisioningFailed Warning Documents KubeProxy addon failed to create or update.
CoreDNSProvisioningFailed Warning Documents CoreDNS addon failed to create or update.
AuthServiceProvisioningFailed Warning Documents AuthService addon failed to create or update.
AuthServiceUnManaged Documents AuthService is not managed by controller.
PSPProvisioningFailed Warning Documents PodSecurityPolicy addons failed to create or update.

Other Conditions and Reasons

The table lists and describes conditions for StorageClass and RoleBinding synchronization, ProviderServiceAccount resource reconciliation, ServiceDiscovery, and TanzuKubernetesCluster compatability.

Table 7. Other Conditions
Condition Description
StorageClassSynced Documents the status of StorageClass synchronization from Supervisor Cluster to workload cluster.
RoleBindingSynced Documents the status of RoleBinding synchronization from the Supervisor Cluster to the workload cluster.
ProviderServiceAccountsReady Documents the status of provider service accounts and related Roles, RoleBindings and Secrets are created.
ServiceDiscoveryReady Documents the status of service discoveries.
TanzuKubernetesReleaseCompatible Indicates if the TanzuKubernetesCluster is compatible with the TanzuKubernetesRelease.

The table lists and describes the reasons for other conditions not being true.

Table 8. Other Reasons
Reason Severity Description
StorageClassSyncFailed Reports the StorageClass synchronization failed.
RoleBindingSyncFailed Reports the RoleBinding synchronization failed.
ProviderServiceAccountsReconciliationFailed Reports that provider service accounts related resources reconciliation failed.
SupervisorHeadlessServiceSetupFailed Documents the headless service setup for Supervisor Cluster API server failed.