Using the VCF Diagnostic Tool for vSphere Kubernetes Service (VKS/TKGs)
Article ID: 402184
Updated On:
Products
Issue/Introduction
The VCF Diagnostic Tool (VDT) is a diagnostic tool that is run on the VCSA and connects to Supervisor nodes via SSH. It runs through a series of checks on the system configuration and reports user-friendly PASS/WARN/FAIL results for known configuration issues. It also provides information (INFO) messages from certain areas which we hope will make detecting inconsistencies easier. The goal of these tests is to provide live diagnostic information to the user about their environment which might otherwise be missed.
The utility is completely read-only for the entire environment.
The utility logs to the following directory on the VCSA.
/var/log/vmware/vks/vdt/
Please send feedback/feature requests to [email protected]
DISCLAIMER: This script is currently in its beta release phase.
As such, it may contain bugs, errors, or incomplete features. Please leverage results with caution.
Environment
VCSA 8.x, 9.x
Resolution
Using VCF-VDT:
1.Download the latest version of vSphere Diagnostic Tool from the Attachments section
2.Use the file-moving utility of your choice (WinSCP for example) to copy the entire ZIP directory to the /root partition on the VCSA that manages the Supervisor you want to check. Transferring a file to the VCSA may fail. See the following KB for the resolution - Connecting to vCenter Server Virtual Appliance using WinSCP fails with the error: Received too large (1433299822 B) SFTP packet. Max supported packet size is 1024000 B
3.SSH into the VCSA.
4.Change your directory to the location of the file, and unpackage the vdt zip file:
unzip vdt-<version>.zip
cd vdt-<version>
5. (Optional) If there is more than 1 Supervisor on the VCSA, VKS-VDT will choose the first Supervisor it finds in the VCDB, and it may not be the same each time. If you have a specific Supervisor you wish to run checks against, set the SUPERVISOR_NAME environment variable like so:
# Check the target Supervisor name in the VCSA
dcli com vmware vcenter namespacemanagement supervisors summary list | grep name
> name: sv-1
# Set the value to specify the target Supervisor
export SUPERVISOR_NAME="EXACT_SUPERVISOR_NAME" # example: sv-1
6.Run the tool with the command:
python vdt.py -p vks
Additional Information
Sample output
root@vcsa01 [ ~/vdt-release-2.2.9 ]# python vdt.py -p vks
___________________
"VDT FOR VKS"
Today:
Log Level: DEBUG
______________________
VKS VCENTER INFO
[INFO] vCenter Basic Info
Current Time:
vCenter Uptime: up 9:57
vCenter Load Average: 0.94, 0.43, 0.35
Number of CPUs: 4
Total Memory: 15.6
vCenter Hostname: vcsa01.gslabs.local
vCenter PNID: vcsa01.gslabs.local
vCenter IP Address: 192.168.1.10
vCenter Version: 8.0.3.00700 - 25092719
_______________________________
VKS SUPERVISOR BASIC INFO
[INFO] VKS Basic Info
Supervisor Name: Supervisor1
Supervisor Version: v1.31.11+vmware.1-fips-vsc0.1.13-25049472
TKG Service Version: 3.5.0+v1.34
ESXi Node Count: 4
Installed Supervisor Services: 3
Namespace Count: 2
VKS Cluster Count: 1
[INFO] Supervisor Name Detection
Running VDT against Supervisor: Supervisor1.
If this is not the correct supervisor, please set the environment variable SUPERVISOR_NAME to the correct value.
____________________
VKS WCP CHECKS
[PASS] VKS WCP Pending Upgrade Check
[PASS] VKS WCP Ongoing Upgrade Check
[PASS] VKS WCP Supervisor Deployment Stuck Check
________________________
VKS SUPERVISOR VMS
[PASS] Supervisor Port 22 Check
[PASS] Supervisor Port 5000 Check
[PASS] Supervisor Port 6443 Check
[PASS] Supervisor to ESXi Host Port 10250 Check
[PASS] Supervisor Disk Space Check
[PASS] Supervisor Certificate Check
[PASS] Supervisor VM Node Configured Check
[PASS] Supervisor kubelet Status Check
[PASS] Supervisor containerd Status Check
[PASS] Supervisor wcp-sync Status Check
[PASS] Supervisor Core Container Running Check
[PASS] Supervisor WCP Schedext User Whitelist Check
[PASS] Supervisor OpenSSL authorityKeyIdentifier Check
[PASS] Supervisor .local DNS Check
[PASS] Supervisor Management DNS Check
________________________________
VKS SUPERVISOR ETCD HEALTH
[PASS] etcd Running Check
[PASS] etcd Member List Check
[PASS] etcd Endpoint Health Check
[PASS] etcd Endpoint Status Check
____________________________
VKS SUPERVISOR CLUSTER
[PASS] Supervisor VM Count
[PASS] Supervisor VIP Availability
[PASS] Supervisor Nodes Are Ready Check
[PASS] Supervisor VMs Roles Check
____________________________
VKS SUPERVISOR OBJECTS
[PASS] Supervisor vSphere Pod Timeout Check
[PASS] Supervisor Clusters Status Check
[PASS] Supervisor Machines Status Check
[PASS] Supervisor Nodes Status Check
[PASS] Supervisor VMs Status Check
[PASS] Supervisor Package Installs Status Check
[PASS] Supervisor Deployments Status Check
[PASS] Supervisor PVCs Status Check
[PASS] Supervisor Pods Status Check
[PASS] Supervisor CSI Pods Check
[PASS] Supervisor PVC Resize Check
[PASS] Supervisor Node Volume Mount Check
[PASS] Supervisor Terminating Namespace Check
[PASS] Supervisor Control Plane Roles Check
[PASS] Supervisor Cluster Creation Check
[PASS] Supervisor ClusterClass Reconciled Check
[PASS] Supervisor TKC Kapp-Controller Stuck Check
[PASS] Supervisor AKO Pods Check
[PASS] Supervisor Storage Quota Check
[PASS] Supervisor Services/Endpoints Status Check
[PASS] Supervisor DaemonSets Status Check
[PASS] Supervisor StatefulSets Status Check
[PASS] Supervisor ReplicaSets Status Check
______________________________
VKS CLUSTER CERTIFICATES
[PASS] TKC kubeadm Certificate Expiration Check
_____________________________
VKS CLUSTER ETCD HEALTH
[PASS] TKC etcd Member List Check
[PASS] TKC etcd Endpoint Health Check
[PASS] TKC etcd Endpoint Status Check
________________________________
VKS [GUEST] CLUSTER CHECKS
[PASS] TKC Clusters Status Check
[PASS] TKC Clusters Nodes Check
[PASS] TKC Clusters Pods Check
[PASS] TKC Clusters Deployments Check
[PASS] VKS Clusters Services Check
[PASS] TKC Clusters Package Installs Check
[PASS] TKC Clusters PVCs Check
[PASS] TKC Clusters DaemonSets Check
[PASS] TKC Clusters StatefulSets Check
[PASS] TKC Clusters ReplicaSets Check
[PASS] TKC PodDisruptionBudget Check
[PASS] TKC vmware-system-user DaemonSet Check
[PASS] TKC Antrea Health Check
[PASS] TKC Pause Image Check
[PASS] TKC Third-Party Webhook Check
[PASS] TKC Upgrade Stuck Check
[PASS] TKC Volume Attachment Check
[PASS] TKC Control Plane Roles Check
[PASS] TKC PV Released Check
[PASS] TKC Volume Mount Swap Check
[PASS] TKC NFS Mount Check
[PASS] VKS Clusters Pre-Upgrade 1.33 Cloud-Provider Flag Check (KB 410481)
[PASS] VKS Clusters Pre-Upgrade 1.33 Legacy KCP Managed Fields Check (KB 414483)
____________________________________________________
VKS [GUEST] CLUSTER CONTROL PLANE CONNECTIVITY
[PASS] TKC Control Plane Port 6443 Check (Kubernetes API server)
[PASS] TKC Control Plane Port 10250 Check (Kubelet API)
[PASS] TKC Control Plane Port 2379 Check (etcd client)
[PASS] TKC Control Plane Port 2380 Check (etcd peer)Japanese Version: VCF 診断ツール (VDT) による VKS Supervisor の健全性チェック
VDT 2.2.9 Checksums
MD5: 7bafc99ec995da1da2c5d88470af50a3
SHA256: eace5da3946b72a99549bf4bc30eff2ee238ae4ec300d667066c8ec469da0f09
Attachments
Feedback
