I am performing a vSphere 6.0 test deployment using 2 VCSAs connecting to a pair of external PSC appliances load balanced behind a Citrix Netscaler. I followed the vSphere 6 deployment guide for external HA PSCs and took snapshots of both PSCs at this point in case I needed to revert back for any reason.
The first VCSA I deployed was successful using the PSC VIP but when deploying the second VCSA it failed with a 'firstboot script execution error':
Error while configuring vSphere Auto Deploy Waiter: Service operation failed: {Auto Deploy register Exception {{ "resolution": null, "detail": [ { "args": [ "Stderr: error: Failed to add AD user(waiter-ecba3290-dc17-48f2-8abc-c1b92533352d) to group,\n37(dir-cli failed. Error 1317: Operation failed with error ERROR_NO_SUCH_USER (1317) \n)\n" ], "id": "install.ciscommon.command.errinvoke", "localized": "An error occurred while invoking external command : 'Stderr: error: Failed to add AD user(waiter-ecba3290-dc17-48f2-8abc-c1b92533352d) to group,\n37(dir-cli failed. Error 1317: Operation failed with error ERROR_NO_SUCH_USER (1317) \n)\n'", "translatable": "An error occurred while invoking external command : '%(0)s'" } ], "componentKey": null, "problemId": null }}}
When trying the deployment again I ran into the following error:
javascript:;An error occurred while invoking external command : 'Command: ['/usr/lib/vmware-vmca/bin/certool', '--server=<PSC hostname>', '--genCIScert', '--privkey=/etc/certs/machine/machine.priv', '--cert=/etc/certs/machine/machine.crt', '--Name=machine', '--FQDN=<vCenter hostname>'] Stderr: '
Error in appending hostname/ip <vCenter hostname> to Cert.
My web searches so far have been fruitless, has anyone else run into this problem or know why I'm having these issues?
Seems like session persistence is not set to the load balancer
sticky session (persistence)
-----------
click on Traffic management -> Virtual Server
Select a virtual server
select the Method and Persistence
set method to round robin
set persistence to source IP and set Timeout
Make sure to add all the ports in the persistence group
Seems like session persistence is not set to the load balancer
sticky session (persistence)
-----------
click on Traffic management -> Virtual Server
Select a virtual server
select the Method and Persistence
set method to round robin
set persistence to source IP and set Timeout
Make sure to add all the ports in the persistence group
Thanks for your reply,
I've checked the config on the NetScaler and the Virtual Servers were already set to use source IP and Round Robin with a timeout of 2 minutes.
I've created a new Persistency Group and included all of the applicable Virtual Servers and have managed to successfully deploy 3 VCSAs using the PSC VIP.
Thanks for your help.