Noemie
Enthusiast
Enthusiast

HCX service mesh deploiement failed :Permission to perform this operation was denied

Hello all,

I don't know if it's the good space to post about HCX, but as we need NSX for HCX i thought maybe i can post here, so please tell me if it's not the good place.

Technical context :

On-Premise site : vCenter 6.7 with NSX-V

Target site : vCenter 7.0 with NSX- T 3.1.2

HCX 4.0.2

We deployed our HCX manager, connector whithout any issue, pairing was sucessfully done and we create our compute and network profil without any issue.

Our issue arrived when we try to dpeloy our service mesh, each time we tried to deployed it we got this error on the web UI :

DeployAppliance Failed. Reson : Interconnect Service Wrokflow OvfUpload failed. Error [ Permission to perform this operation was denied "

We tryied to modify our service mesh, to deployed several appliance ( IX, NEt etc etc ) or just IX or just NE but each time we got this error.

On vCenter side, OVF deploiement is completed at 100%, VM is powered on, it reboot 2 times to attribute ip, dns name and then install vmtools but after that HCX manager send the order to power off the VM and then destroy it and generate the error describe previously.

We exported HCX logs to troubleshoot it, but i didn't find any relvant error for the moment :-(.

Does anybody already have this issue ? Any suggestion ?

Thanks in advance,

Regards,

 

 

 

 

0 Kudos
1 Reply
Noemie
Enthusiast
Enthusiast

Hello All,

We found the root cause of this, to avoid to use the user administrator@vsphere.local , we link our HCX Manager and HCX Connector to their respectively vcsa with a new service user ( svc_hcx for example) and this user seems to doesn't have enought access.

So we did a clone of administrator role and attribute it to our new user, and the service mesh deploiment working fine.

Does someone found the description of all mandatory right that HCX will use to deploy every type of appliance ? 

I only found the rights description for the user migration but not for the user for appliance deploiement.

Thanks a lot

0 Kudos