FAQ on Cluster Bootstrapping ¶
x509: certificate signed by unknown authority when deploying Management Cluster from Windows ¶
Upon completion of
Install the Tanzu CLI steps for Windows, you may encounter the following when performing
tanzu management-cluster create --ui:
PS > tanzu management-cluster create --ui Downloading TKG compatibility file from 'projects.registry.vmware.com/tkg/framework-zshippable/tkg-compatibility' Error: unable to ensure prerequisites: unable to ensure tkg BOM file: failed to download TKG compatibility file from the registry: failed to list TKG compatibility image tags: Get "https://projects.registry.vmware.com/v2/": x509: certificate signed by unknown authority Usage: tanzu management-cluster create [flags] ...
To workaround this, edit
%USERPROFILE%\.config\tanzu\tkg\config.yaml with the following, then retry management cluster setup:
release: version: "" TKG_CUSTOM_IMAGE_REPOSITORY_SKIP_TLS_VERIFY: true
Failed to create inotify errors ¶
Occasionally there are failures during management cluster deployment. In the case where deployment fails at the step indicating “Install providers on management cluster”, you may see the following error in the capx-controller-manager logs when following the Troubleshoot Clusters with Tanzu Diagnostics instructions.
Failed to create inotify object: Too many open files
This can be more common when the system being used for deployment already has several containers running.
On Linux, this issue can be resolved by increasing the inotify watch limits using these commands:
sysctl fs.inotify.max_user_watches=1048576 sysctl fs.inotify.max_user_instances=8192
After running those commands you should be able to retry deploying a managment cluster.