This message was deleted.

There are other things, like I have a VM which will not start running - it flip-flops between starting and paused. There is nothing in the "logs" for that host. I have no way to investigate why it's not starting.

Yes, I agree. Two things I would like to make this spaghetti mess more reasonable for the 'average' yet somewhat clueful enterprise administrator is better log management in the UI of all the different components with associated resolution/where to look next. Bread crumbs on which rabbit hole to fall down as there is so many moving components under the covers. The other area and this is similar to challenges a lot of people face is an easier to use certificate provisioning process with letsencrypt. I'm just using it as a single node lab to replace an ESXi host I was using and even that doc I sent was unable to uncover what my issue was and I ended up just installing from scratch. I was between phase 0 and phase 1 or their troubleshooting and said screw it... faster for me to rebuild.

I find adding a LetsEncrypt cert is easier than with ESXi. When I tried with ESXi there was lots of

scp

of the fullchain.pem, cert.pem & privkey.pem followed by an

ssh -i -C "services.sh restart"

which completely crashed node. For Harvester I use this script:

#!/bin/bash

set -e

publicCertificate=$(awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' /path/to/fullchain.pem)
privateKey=$(awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' /path/to/privkey.pem)

cat << EOF | kubectl apply -f - --context <harvester-cluster-context>
apiVersion: <http://harvesterhci.io/v1beta1|harvesterhci.io/v1beta1>
kind: Setting
metadata:
  name: ssl-certificates
value: >-
  {
    "publicCertificate":"${publicCertificate}",
    "privateKey":"${privateKey}"
  }
EOF

oooo... that looks handy! yoink thank you!