vSphere with Tanzu Guest cluster upgrade is hanging because of etcd
Article ID: 392916
Updated On:
Products
VMware vSphere Kubernetes Service
Issue/Introduction
-
After initiating an upgrade of a vSphere with Tanzu Guest Cluster, you notice that it appears the upgrade is not progressing
-
Describing the cluster with
kubectl get <cluster | tkc> -n <cluster_namespace> <cluster_name>shows that the cluster'sREADYcolumn is False -
The cluster's control plane VMs have high CPU and/or high Memory usage
Environment
vSphere with Tanzu 8.x
Resolution
Verify the health of the cluster's etcd service:
-
- Obtain the IP address of one of the guest cluster's control plane VMs using one of these methods:
- Use the vSphere Client to find the guest cluster node VM. The IP address will be in the Virtual Machine Details card
- While using the supervisor context, run
kubectl get vm -n <clusters_namespace> -o wideto find the VM's IP
- Connect to one of the guest cluster's control plane VMs using one of these methods:
- Run the following commands to get etcd's health:
sudo -ialias etcdctl='/var/lib/containerd/io.containerd.snapshotter.v1.overlayfs/snapshots/*/fs/usr/local/bin/etcdctl --cert /etc/kubernetes/pki/etcd/peer.crt --key /etc/kubernetes/pki/etcd/peer.key --cacert /etc/kubernetes/pki/etcd/ca.crt'etcdctl -w table endpoint --cluster health
- Note If one of the node's
HEALTHcolumn is false and theERRORis context deadline exceeded:
{"level":"warn","ts":"<timestamp>","logger":"client","caller":"[email protected]/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"etcd-endpoints://0xc0002d8e00/<IP>:2379","attempt":0,"error":"rpc error: code = DeadlineExceeded desc = context deadline exceeded"}+-----------------------------------+--------+--------------+---------------------------+
| ENDPOINT | HEALTH | TOOK | ERROR |
+-----------------------------------+--------+--------------+---------------------------+
| https://<CONTROL_PLANE_VM_1>:2379 | true | 7.039328ms | |
| https://<CONTROL_PLANE_VM_2>:2379 | true | 8.873411ms | |
| https://<CONTROL_PLANE_VM_3>:2379 | false | 5.004791585s | context deadline exceeded |
+-----------------------------------+--------+--------------+---------------------------+
- If you see that one of the nodes is unhealthy, you can attempt to run the command again with a higher timeout than 5 seconds (
etcdctl --command-timeout=10s -w table endpoint --cluster health):-
+-----------------------------------+--------+--------------+---------------------------+
| ENDPOINT | HEALTH | TOOK | ERROR |
+-----------------------------------+--------+--------------+---------------------------+
| https://<CONTROL_PLANE_VM_1>:2379 | true | 7.039328ms | |
| https://<CONTROL_PLANE_VM_2>:2379 | true | 8.873411ms | |
| https://<CONTROL_PLANE_VM_3>:2379 | true | 8.0091585s | |
+-----------------------------------+--------+--------------+---------------------------+
-
- If all the nodes now show as healthy, the node that was previously timing out could be busy with the upgrade process and/or having performance issues due to its configured CPU & Memory resources. You can re-run the etcd commands and see if the TOOK values decrease over time. The TOOK value should stabilize and be similar to the other nodes in the cluster.
- You can also check the size of the etcd database by running
ls -ltrh /var/lib/etcd/member/snap. etcd's maximum size is 2 GB and in most environments is well beneath this. If you see a size approaching 2 GB (such as 1.5 GB), it could be because the amount of worker nodes in the cluster, age of the cluster, the services installed in the cluster, etc. A larger etcd database size could also indicate that there is a large amount of activity in the etcd database that is causing performance issues.
- Obtain the IP address of one of the guest cluster's control plane VMs using one of these methods:
If there doesn't seem to be an issue with etcd, please contact VMware Support by Broadcom for assistance.
Feedback
Yes
No
Powered by
