I find lots of aspects of Harvester's processes completely opaque. For instance, this VM backup has been running for an hour and a quarter, but I have no idea what is happening, why it's so slow, where it is in the progress. There are not even any logs or events I can find in the UI that I might use to glean fragments of information from.

Yes, I agree. Two things I would like to make this spaghetti mess more reasonable for the 'average' yet somewhat clueful enterprise administrator is better log management in the UI of all the different components with associated resolution/where to look next. Bread crumbs on which rabbit hole to fall down as there is so many moving components under the covers. The other area and this is similar to challenges a lot of people face is an easier to use certificate provisioning process with letsencrypt. I'm just using it as a single node lab to replace an ESXi host I was using and even that doc I sent was unable to uncover what my issue was and I ended up just installing from scratch. I was between phase 0 and phase 1 or their troubleshooting and said screw it... faster for me to rebuild.

I find adding a LetsEncrypt cert is easier than with ESXi. When I tried with ESXi there was lots of

scp

of the fullchain.pem, cert.pem & privkey.pem followed by an

ssh -i -C "services.sh restart"

which completely crashed node. For Harvester I use this script:

#!/bin/bash

set -e

publicCertificate=$(awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' /path/to/fullchain.pem)
privateKey=$(awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' /path/to/privkey.pem)

cat << EOF | kubectl apply -f - --context <harvester-cluster-context>
apiVersion: <http://harvesterhci.io/v1beta1|harvesterhci.io/v1beta1>
kind: Setting
metadata:
  name: ssl-certificates
value: >-
  {
    "publicCertificate":"${publicCertificate}",
    "privateKey":"${privateKey}"
  }
EOF

oooo... that looks handy! yoink thank you!