Welcome to yet another troubleshooting post for tmc self-managed operation in VCD. In the last post, I discussed the tmc self-managed deployment issue and how I fixed it. In this post, I will discuss another issue that I encountered with the solution.
After successfully deploying TMC Self-Managed, you must publish the solution to tenants so that they can attach their TKG clusters to TMC. When the publishing operation is performed, the TMC Self-Managed Add-On solution creates a temporary VM known as the solution agent vm, which is subsequently destroyed once the task is complete.
In my lab, the publishing task was completed for a couple of tenants and later when I tried publishing it to another tenant, the task got stuck (VCD was acting cranky at that time).
Once again I have to reach out to Engineering for assistance in troubleshooting this issue. Here are the steps that I followed:
Disclaimer: Before running the below commands in a production environment, consult the GSS team.
1: Obtain VCD Auth Token
|
1 2 3 4 5 6 7 |
Method: POST URL: https://{{vcd_host}}/cloudapi/1.0.0/sessions/provider Authorization: Basic Header: Accept: application/json;version=38.1 |
2: Fetch TMC-SM Solution Add-On Instance UUID
|
1 2 3 4 5 6 7 |
Method: GET URL: https://{{vcd_host}}/cloudapi/1.0.0/entities/types/vmware/solutions_add_on_instance Authorization: Bearer Token Header: Accept: application/json;version=38.1 |
This API call returns a list of all solution add-ons installed in the VCD environment. Locate the UUID of the tmc self-managed solution from the response output.
3: Update the ACL of the entity with the VCD System Admin user
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
Method: POST URL: https://{{vcd_host}}/cloudapi/1.0.0/entities/urn:vcloud:entity:vmware:solutions_add_on_instance:<uuid>/accessControls Authorization: Bearer Token Header: Accept: application/json;version=38.1 Payload: { "tenant":{ "name":"System", "id":"urn:vcloud:org:<system org uuid>" }, "grantType":"MembershipAccessControlGrant", "objectId":"urn:vcloud:type:vmware:person:1.0.0", "accessLevelId":"urn:vcloud:accessLevel:FullControl", "memberId":"urn:vcloud:user:<sys admin user uuid>" } |
4: Get the Solution Add-On Instance with its encryption key.
|
1 2 3 4 5 6 7 |
Method: GET URL: https://{{vcd_host}}/cloudapi/1.0.0/entities/urn:vcloud:entity:vmware:solutions_add_on_instance:<uuid>/fullContents Headers: Accept: application/json;version=39.0.0-alpha-1700608575 Authorization: Bearer Token |
In the response output of the above API call, ensure that the encryptionKey is not “******” but has actual value.
4: Update the payload with entity status: “READY” and patch.
In the Response Output of the above API call, you will see the tmc-sm add-on status as PENDING. Change this to READY and use the API to change the status. You need the full json that you obtained in response output.
|
1 2 3 4 5 6 7 8 9 |
Method: PUT URL: https://{{vcd_host}}/cloudapi/1.0.0/entities/urn:vcloud:entity:vmware:solutions_add_on_instance:<uuid> Headers: Accept: application/json;version=39.0.0-alpha-1700608575 Authorization: Bearer Token Payload: {response json of previous API call} |
And that’s it for this post.
I hope you enjoyed reading this post. Feel free to share this on social media if it is worth sharing.