VMware vSphere SDKs and Tools 8.0

8.0 7.0 6.7 6.5

Remediate a Trusted Cluster

You can use
the
ServicesAppliedConfig
 interface from the
com.vmware.vcenter.trusted_infrastructure.trusted_clusters.kms
,
com.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestation
, and
com.vmware.vcenter.trusted_infrastructure.trusted_clusters
 packages
 to remediate
vSphere Trust Authority
 component configurations in a Trusted Cluster or remove the configurations.
  • Verify that you have access to a working
    vSphere Trust Authority
     environment.
  • Verify that you have Trusted Infrastructure administrative privileges.
You can update the applied Key Provider Service or Attestation Service configurations in a Trusted Cluster to become consistent with the desired state or you can remove the applied Key Provider Service or Attestation Service configurations. You can also update all applied
vSphere Trust Authority
 component configurations in a Trusted Cluster or remove the configurations. By removing the configurations, you can move hosts from a Trusted Cluster to another cluster.
  1. Remediate all Key Provider Service instances configured for use in a Trusted Cluster
    by calling the
    update_Task(java.lang.String cluster)
     method of the
    ServicesAppliedConfig
     interface from the
    com.vmware.vcenter.trusted_infrastructure.trusted_clusters.kms
     package
    .
    If the operation is successful, the Key Provider Service configuration of every host in the cluster is consistent with the desired state.
  2. Remove all Key Provider Service configurations from a Trusted Cluster
    by calling the
    delete_Task(java.lang.String cluster)
     method of the
    ServicesAppliedConfig
     interface from the
    com.vmware.vcenter.trusted_infrastructure.trusted_clusters.kms
     package
    .
    If the operation is successful, the applied Key Provider Service configurations are removed from the configuration of every host in the cluster without affecting the desired state.
  3. Remediate all Attestation Service instances configured for use in a Trusted Cluster
    by calling the
    update_Task(java.lang.String cluster)
     method of the
    ServicesAppliedConfig
     interface from the
    com.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestation
     package
    .
    If the operation is successful, the Attestation Service configuration of every host in the cluster is consistent with the desired state.
  4. Remove all Attestation Service configurations from a Trusted Cluster
    by calling the
    delete_Task(java.lang.String cluster)
     method of the
    ServicesAppliedConfig
     interface from the
    com.vmware.vcenter.trusted_infrastructure.trusted_clusters.attestation
     package
    .
    If the operation is successful, the applied Attestation Service configurations are removed from the configuration of every host in the cluster without affecting the desired state.
  5. Remediate all
    vSphere Trust Authority
     components configured for use in a Trusted Cluster
    by calling the
    update_Task(java.lang.String cluster)
     method of the
    ServicesAppliedConfig
     interface from the
    com.vmware.vcenter.trusted_infrastructure.trusted_clusters
     package
    .
    If the operation is successful, the
    vSphere Trust Authority
     component configuration of every host in the cluster is consistent with the desired state.
  6. Remove all
    vSphere Trust Authority
     component configurations from a Trusted Cluster
    by calling the
    delete_Task(java.lang.String cluster)
     method of the
    ServicesAppliedConfig
     interface from the
    com.vmware.vcenter.trusted_infrastructure.trusted_clusters
     package
    .
    If the operation is successful, the applied
    vSphere Trust Authority
     component configurations are removed from the configuration of every host in the cluster without affecting the desired state.
You can recheck the Trusted Cluster health after the remediation. See Check Trusted Cluster Health.

Content feedback and comments