How To Update Harbor Certificates In TCA & TCA Deployed Clusters After Renewing Them In Harbor
book
Article ID: 322045
calendar_today
Updated On:
Products
VMwareVMware Telco Cloud Automation
Issue/Introduction
CNF lifecycle management operations might fail for CaaS Workload Clusters which are configured with a Harbor whose certificate has expired. To resolve this, the following procedure details the steps required to renew the Harbor certificates within VMware Telco Cloud Automation.
These steps do not include the process for renewing the Harbor certificate itself which is outside of the scope of this document and should be managed as a separate operation on the Harbor environment.
These steps are applicable only to v2 clusters. The Harbor Addon should be deleted and re-added to all the clusters which are registered with the affected Harbor. Until this procedure is completed, CNF LCM operation should not be performed.
Either of the following procedures can be applied.
Procedure 1
1. Log in to the TCA Manager. 2. Navigate to the 'CaaS Infrastructure' tab in the left navigation panel. 3. Select the cluster to which the Harbor whose certificate expired is attached (hereafter termed as affected Harbor). Click on the CaaS cluster, then go to the 'Addons' tab 4. Choose the 'Harbor Addon' and delete it. 5. Wait for the deletion task to complete. 6. Repeat the same steps on all clusters where the affected Harbor is added. 7. Access the partner system and check the affected Harbor is now in an 'Initiated' state. 8. User should renew the cert on the affected harbor before going to next step. 9. Associate all the VIMs that were previously using the same Harbor.
Procedure 2
High level steps: • Remove the affected Harbor addon from a single Workload Cluster • Re-add Harbor addon to the above Workload Cluster • Repeat steps above for every Workload Cluster which was connected to the affected Harbor
1. Log in to the TCA Manager. 2. Navigate to the "CaaS Infrastructure" tab in the left navigation panel. 3. Select the cluster to which the Harbor whose certificate expired is attached (hereafter termed as affected Harbor). Click on the CaaS cluster, then go to the 'Addons' tab. 4. Choose the 'Harbor Addon' and delete it. 5. Wait for the deletion task to complete. 6. Click on 'Deploy Addon'. 7. Select the Harbor addon and select the Harbor from the Registered Partner Systems. 8. Deploy this addon. 9. Wait for the addon configuration task to complete. 10. Repeat the same steps on all clusters where the affected Harbor is added.