I'm getting a strange issue while I'm trying to prepare a sphere 7.0 cluster with nsx-t, the problem is when I enable the Image at the cluster level, so Lifecycle Manager in vCenter in no more handling the versioning of the host with baseline.
The issue is when I try to prepare the cluster I get immediately an error of NSX Install fail.
This is not happening if I do the preparation of a cluster that's not using the Image.
Someone has already experienced this issue and could maybe advise me how to fix it?
I've attached the image of the first step error, and the configuration of the compute manager with Service Account and Enable Trust configured.
Let me know
Hi Gio,
I would suggest following the doc first:- https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.1/installation/GUID-0938D3D6-26B4-4FEB-B4BC-E6...
Maybe if I read the proxy logs, I may help out better than that, but if you see in reverse-proxy.log "Duplicate JWK" - I would ask to verify the VC cert health, and then you can follow https://kb.vmware.com/s/article/85695?lang=en_US
You can type to check
grep "VC JWK Set" /var/log/proxy/reverse-proxy.log
Please let me know if you have vSAN AND/OR Service insertion ?
Hello SrVMoussa,
thank you for your prompt answer.
on the proxy log, I cannot see any message with "duplicate JWK"
with the command you shared the output is this:
2021-11-25T15:23:41.976Z INFO https-jsse-nio-10.247.101.72-443-exec-2 VcTokenServices 14765 - [nsx@6876 comp="nsx-manager" level="INFO" subcomp="http"] VC JWK Set: {"keys":[{"kty":"RSA","e":"AQAB","use":"sig","kid":"7E244266854F8EC27582D0937ED3B889CD326862","x5c":["MIIDOTCCAiGgAwIBAgIJAP0+JZdj1oJkMA0GCSqGSIb3DQEBCwUAMD8xMDAuBgNVBAMTJ0NBLCBDTj1VU1ZNV1BWSVZDMiwgZGM9dnNwaGVyZSxkYz1sb2NhbDELMAkGA1UEBhMCVVMwHhcNMTQwNjAzMDcxMjEyWhcNMjQwNTMxMDcxMjEyWjA5MSowKAYDVQQDEyFzc29zZXJ2ZXJTaWduLGRjPXZzcGhlcmUsZGM9bG9jYWwxCzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr04NdcHb73viSqpfCSA0YLKcBCqFqly5PyDn0Aqx1qXPOP9HLaeTeLBbhI9TsLR7uFeMMek9wdaGqdTXXULXLCngJjPsNhvCgfkL4tD8ajgLirERJGSg7eiUXOL1CCA48zRAEidHMFXKh3g4bOaX6aZJHzc2ny6D21LYlFoPBxUu298ecFJd2thnAA5Yv8IRUYIq3Yudh8fC2YuRQ+ASZ4ZjxHLp6psrNzAmQT4xllRmRIm64XMLkWb3P2c9A9dcIShm/E9FmvcEIO9RXHilrsg2657aj4Kv17xt4SxBKyyMH1SqhD4wR/1nURhZzfkBDcQj20iEDY6+88XgHRarFwIDAQABoz4wPDALBgNVHQ8EBAMCBPAwLQYDVR0RBCYwJIIiVVNWTVdQVklWQzIuU0QwMS5VTklDUkVESVRHUk9VUC5FVTANBgkqhkiG9w0BAQsFAAOCAQEAoBmztjg2KTzU9b3nvP+o7hByS0yONpGUlNkaaYmTKg7WyWPy8XBwj0oEMVkdMHEXGR6q7ghQoQnb9yUFPgFf7RX/VLAwpH90M+V/kxwvF2l12ff22TXhJrurxYyiGOupeGU7+s5z9hxoYE3/Xq8tCzjxqIC53LSblEcdDOvK97mSYQamwo0EzHn4Wyr4KqYyxUMIEbyVPFRmgLc0GOrLUvoZ8/PNLCfl6z3T6Kp9FJUcDHphHfLyMT+NKgbN2oKxqPvUDCGggwm4FJincDYUtL87UK1CN8akEKaZHJ4sw2hfnvLIr0PBi3xR3q1vMTB9yGeGMdtCaWuwKHxcSChR/Q=="],"alg":"RS256","n":"r04NdcHb73viSqpfCSA0YLKcBCqFqly5PyDn0Aqx1qXPOP9HLaeTeLBbhI9TsLR7uFeMMek9wdaGqdTXXULXLCngJjPsNhvCgfkL4tD8ajgLirERJGSg7eiUXOL1CCA48zRAEidHMFXKh3g4bOaX6aZJHzc2ny6D21LYlFoPBxUu298ecFJd2thnAA5Yv8IRUYIq3Yudh8fC2YuRQ-ASZ4ZjxHLp6psrNzAmQT4xllRmRIm64XMLkWb3P2c9A9dcIShm_E9FmvcEIO9RXHilrsg2657aj4Kv17xt4SxBKyyMH1SqhD4wR_1nURhZzfkBDcQj20iEDY6-88XgHRarFw"}]}
I'll try to follow the KB.
By the way the version of NSX-T is 3.1.3
No service Insertion or vSAN.
Hello again,
this is the error showed if I click on resolve on the nsx-t failed host:
Failed to install software on host. Setting NSX depot(s) on Compute Manager: 15ca742b-ce6e-4d88-b410-f0e39683b653 failed with error: Set depot operation failed. Retry Transport Node Collection at cluster.
Hi @Giodomi
My apologies for the delay!
nsx syslog.log from any of the hosts may help me " I am assuming that RAM Disk if free to have the new VIBs installed, and you POSTed the API call as in the doc
Question: What is the Hardware? if it's HPE then please validate this https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-a00116792en_us
Ideally if possible you attach the nsx syslog logs from any of the hosts and the cm logs from the Manager node - I think I need to read more insights, moreover I will look if I can find a quicker workaround
You may need to open a case.
Hello @SrVMoussa
no problem, as you suggested I've opened an SR and attached the Logs of the managers.
We tested if it was a communication issue between vcenter and managers but it wasn't.
The Hardware is Lenovo.
Keep you posted on what they will find.
Thanks for your suggestion and willingness to help
Did you ever get a resolution here? I'm getting a similar (but not quite the same) error with NSX-T 3.2/vSphere 7.0U3c.
Seems the problem is the blocked communication between ESXi Hosts and the Manager with port 8080
but I'm still dealing with my Firewall friend in order to understand if they are blocking somewhere that port.
Hi,
Is this issue resolved ?
When we joined we found the port 8080 was blocked - It's required to be open [Refer to our ports guide]
Ping my MS anytime 😄