That link specifies the same roles and rights as I have already set. 

I also recreated the AviSeFolder and set the permissions on in again. 

When I redeployed the supervisor the same thing happens

I see your point. Did you try with administrator@vsphere.local for workload supervisor setup? Just to confirm this issue is permission/role related.

And I suppose you're following some of official VMware docs on this subject like this PoC for example https://core.vmware.com/resource/tanzu-proof-concept-guide#

BR,

Dragan

---

@Hiront wrote:

Can  SE access to  NSX ALB Controller Cluster ?
If you register controller using hostname, SE need to resolve ip address for ALB Cluster from DNS.

Since the errors I get are related to access I don't think this is the problem. 

I am unable to change the credentials used for vcenter in the Default-cloud config. When I change the username and password, and test the connection, I get no error messages, but the Save button at the bottom changes from green to gray.

As a workaround I changed the role on the ALB user in vsphere to admin.
I am redeploying the supervisor now so I will probably get some results in a few minutes

Changing the user role did not help. 

The errors are still CC_VNIC_ADDITION_FAILURE and MODIFY_FAIL.
Are there any logs that may shed some light on the specifics of the failing operation?

Which Avi version you're using for this test, and vSphere? Can you completely remove Default-Cloud config and redeploy it?

Regarding logs I would suggest checking them on vCenter side which can be done through GUI, and also on Avi side logs per this instructions https://avinetworks.com/docs/22.1/collecting-tech-support-logs/

BR,

Dragan

We are using NSX ALB 22.1.2 build 9086
Vcenter is 8.0.0 

But I just checked for newer versions on vmware and there is a new versjon, 22.1.3 where the release notes states it supports vcenter 8. So 22.1.2 might have had some problems with our vcenter. 

I just updated the install to 22.1.3.

I was hoping the problems I had was just caused by my own stupidity here, but the same errors keeps popping up. 

Same behaviour with 22.1.3 regarding default cloud modification? And also with administrator@vsphere.local user?

Same errors this time. 

Since I could not change the user in ALB I changed the role in @vsphere.local to administrator. 

But the error message "Invalid configuration for device '0'." on the Event Code CC_VNIC_ADDITION_FAILURE makes me think that it may not be an access error as the other event logs state, but something else. 

I had this exact error recently building out TKGS in a home lab. I made a few changes to try and resolve.

One of the changes I made was to delete and re-create the DPG that I was using for the service engines frontend network. I remembered I was previously using a DPG that was imported and restored from a backup from another VCSA. 

Now it is working, I can see the step that it was failing on was when it reconfigures one of the NICs to change its portgroup for the frontend network I had setup, so I suspect it may have been DPG related.

Another change I made was to the default service engine group. I specified an esxi host to create the SEs on and migrated the controller and the content library for the service engine image to that same esxi host. This was more to address a latency issue on my lab network. I don't think this was the fix, but worth mentioning in case you are also spinning this up in a slow home lab.

I ended up removing the controllers altogether and redeploying. 

The creation of SE works as expexted now.

Glad it's working @HelgeL 

It can be difficult sometimes to dig through logs, and just instead of that re-deploy whole setup... experienced that on my own multiple times 😐

BR