Use this section to troubleshoot TKG cluster connection problems and log on errors.
Insufficient Permissions Error
If you do not have sufficient permissions on the vSphere Namespace, you cannot connect to Supervisor or to a TKG cluster as a vCenter Single Sign-On user.
The vSphere Plugin for kubectl returns the error message
Error from server (Forbidden) when you attempt to connect to Supervisor or a TKG cluster as a vCenter Single Sign-On user.
You do not have sufficient role permissions on the vSphere Namespace, or your user account has not been granted access.
If you are a DevOps engineer who operates the cluster, verify with your vSphere administrator that you have been granted Edit permissions for the vSphere Namespace. If you are a developer who is using the cluster to deploy workloads, verify with your cluster administrator that you have been granted cluster access.
Kubectl vSphere Login Error
Failed to get available workloads, response from the server was invalid.
-v=10to get more verbose log output.
kubectl vsphere login --server=10.110.150.56 --vsphere-username firstname.lastname@example.org -v=10
invalid or missing credentialserror.
DEBU User passed verbosity level: 10 DEBU Setting verbosity level: 10 DEBU Setting request timeout: DEBU login called as: /usr/local/bin/kubectl-vsphere login --server=10.110.150.56 --vsphere-username email@example.com -v=10 DEBU Creating wcp.Client for --server=10.110.150.56. INFO Does not appear to be a vCenter or ESXi address. DEBU Got response: INFO Using firstname.lastname@example.org as username. DEBU Env variable KUBECTL_VSPHERE_PASSWORD is present DEBU Error while getting list of workloads: invalid or missing credentials FATA Failed to get available workloads, response from the server was invalid.
SSH to Supervisor
- Log in to vCenter using the root user account.
dcli +ito use the datacenter CLI in interactive mode.
- Run the command
namespacemanagement software clusters listto return the status of the Supervisor.
exitto exit the
shellto enter bash shell mode.
/usr/lib/vmware-wcp/decyptK8Pwd.pyto get the IP address and password for Supervisor.
ssh 10.100.150.56to ssh to Supervisor, where you replace the example IP address with the IP address returned by the previous command.