vi /etc/systemd/system/cse.service
[Unit]
Description=Container Service Extension for VMware Cloud Director
[Service]
ExecStart=/opt/vmware/cse/cse.sh
User=root
WorkingDirectory=/opt/vmware/cse
Type=simple
Restart=always
[Install]
WantedBy=default.target
# systemctl status cse.service
cse.service - Container Service Extension for VMware Cloud Director
Loaded: loaded (/etc/systemd/system/cse.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2021-11-24 14:43:56 +01; 1min 9s ago
Main PID: 770 (bash)
CGroup: /system.slice/cse.service
├─770 bash /opt/vmware/cse/cse.sh
└─775 /usr/local/bin/python3.7 /usr/local/bin/cse run
Nov 24 14:44:06 cse01.lab.com cse.sh[770]: Validating CSE installation according to config file
Nov 24 14:44:06 cse.sh[770]: MQTT extension and API filters found
Nov 24 14:44:06 cse01.lab.com cse.sh[770]: Found catalog 'cse-site1-k8s'
Nov 24 14:44:06 cse01.lab.com cse.sh[770]: CSE installation is valid
Nov 24 14:44:06 cse01.lab.com cse.sh[770]: Started thread 'MessageConsumer' (140229531580160)
Nov 24 14:44:06 cse01.lab.com l cse.sh[770]: Started thread 'ConsumerWatchdog' (140229523187456)
Nov 24 14:44:06 cse01.lab.com cse.sh[770]: Container Service Extension for vCloud Director
Nov 24 14:44:06 cse01.lab.com cse.sh[770]: Server running using config file: /opt/vmware/cse/encrypted-config.yaml
Nov 24 14:44:06 cse01.lab.com cse.sh[770]: Log files: /root/.cse-logs/cse-server-info.log, /root/.cse-logs/cse-server-debug.log
Nov 24 14:44:06 cse01.lab.com cse.sh[770]: waiting for requests (ctrl+c to close)
I’ve downloaded Ubuntu 2004 Kubernetes v1.21.2 OVA since that’s the lates available version. File Name : ubuntu-2004-kube-v1.21.2+vmware.1-tkg.1-7832907791984498322.ova
Step2: Import TKG OVA to VCD Catalog
Upload the downloaded OVA to the CSE server. Use the following command to import the OVA in Catalog.
# cse template import -c encrypted-config.yaml -F ubuntu-2004-kube-v1.21.2+vmware.1-tkg.1-7832907791984498322.ova
Required Python version: >= 3.7.3
Installed Python version: 3.7.12 (default, Nov 23 2021, 15:49:55)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]
Password for config file decryption:
Decrypting 'encrypted-config.yaml'
Validating config file 'encrypted-config.yaml'
InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised.
Connected to vCloud Director (vcd.lab.com:443)
Connected to vCenter Server 'demovc.local' as '[email protected]' (demovc.local)
Config file 'encrypted-config.yaml' is valid
Uploading 'ubuntu-2004-kube-v1.21.2+vmware.1-tkg.1-7832907791984498322' to catalog 'cse-site1-k8s'
Uploaded 'ubuntu-2004-kube-v1.21.2+vmware.1-tkg.1-7832907791984498322' to catalog 'cse-site1-k8s'
Writing metadata onto catalog item ubuntu-2004-kube-v1.21.2+vmware.1-tkg.1-7832907791984498322.
Successfully imported TKGm OVA.
Step3: Restart CSE service.
I assume you’ve configured CSE to run as service. If yest restart the service.
Step4: Confirm TKG is available as option for Kubernetes Runtime
Login to the tenant portal and navigate to More > Kubernetes Container Clusters.
In CSE 3.1.1, delete operation on a cluster (Native or TKG) that is in an error state (RDE.state = RESOLUTION_ERROR (or) status.phase = :FAILED), may fail with Bad request (400) or the Delete process will be stuck in ‘DELETEIN_PROGRESS’ state. The steps are given below to resolve the issue.
Step1: Assign API explorer privilege to the CSE Service Account.
Login to VCD Provider portal as Administrator.
Edit the CSE Service Role.
Navigate to Administration > Provider Access Control > Roles > CSE Service Role.
In the tenant portal check if there’re any stale vApp entries for the failed clusters. If so, please delete them.
Login to VCD Provider portal with the CSE service account which has CSE Service Role assigned. Open API Explorer. Click on GET in difinedEntity section.
Click on TryitOut In Description, provide the cluster UID from last step. In the output we can see the state as PRE_CREATED.
Step3: Run the POST call resolve to resolve
Select the POST call from definedEntity section.
/1.0.0/entities/{id}/resolve Validates the defined entity against the entity type schema.
Provide the cluster ID and run the call. The state will be changed to RESOLVED.
Step4: Run the DELETE call to delete RDE.
Povide the cluser ID and ‘false’ as value for inovkeHooks.
Please check and confirm the failed Cluster is deleted now.
#vcd cse cluster list
InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised.
Name Org Owner VDC K8s Runtime K8s Version Status
-------- -------------- -------- ------------- ------------- --------------------- ------------------
tkg CSE-Site1-Test orgadmin CSE-TEST-OVDC TKGm TKGm v1.21.2+vmware.1 DELETE:IN_PROGRESS
tkgtest CSE-Site1-Test orgadmin CSE-TEST-OVDC TKGm TKGm v1.21.2+vmware.1 DELETE:IN_PROGRESS
tkg-test CSE-Site1-Test orgadmin CSE-TEST-OVDC TKGm TKGm v1.21.2+vmware.1 DELETE:IN_PROGRESS