I upgrade my vRA environment from 7.2 to 7.4 but ever since the upgrade I was unable to deploy my multi-tier application which deploys 2 x on-demand NSX LB.
I have been troubleshooting this for a while and finally found that when I deploy only 1 on-demand LB it deploys successfully, however, if you have 2 on-demand LB in the blueprint it fails every time with the following error:
Request [421e6c26-b55b-4e6a-be51-2c657782aa6e]: Failure during dynamic enhancement of blueprint [SovBusinessApp, SovBusinessApp]. Internal error processing completion of blueprint [PROVISION] request [421e6c26-b55b-4e6a-be51-2c657782aa6e]. Status so far: [FAILED]
I traced it down in log files to the following message, which states that I cannot use different networks for the VIP of each LB in blueprint (This use to work in 7.2!!)
"Caused by: com.vmware.vcac.platform.rest.client.error.RestException: The NAT networks and Load Balancer VIPs must all reference the same external network profile: [development-external-web, development-external-app]"
So, I set both my LB VIPs to the same network but was still getting the same error.
Caused by: com.vmware.vcac.platform.rest.client.error.RestException: Select a VIP network for load balancer [On-Demand_Load_Balancer_1] that matches the external network on the machines NIC.
If then set up the configuration with only a single LB and VIP pointing to a different network (thinking this might be a 2xLB issues) but also get the same error
"errorCode" : 43332,
"errorMessage" : "Select a VIP network for load balancer [On-Demand_Load_Balancer_2] that matches the external network on the machines NIC."
Finally, if I then place both my VMs and on-demand LBs on the same network, then only does it deploy successfully.
Anybody else run into this problem? Or can someone please verify that is a bug since I cannot believe this is the way it is supposed to work because it makes the use of the on-demand LB very limited.
Hi, sorry I have been meaning to respond with the fix.
VMware's response is that this is now expected behavior because of a new validation put into place as a resolution to another bug reported in the past. The idea is to prevent invalid blueprint configurations.
I had to update my existing blueprint and connect the Virtual Machine object to an on-demand NAT network and also the Load Balancer object connected to a regular existing network. This is required for an inline LB configuration. This blog helps showing the difference between inline and one-armed and also shows how to setup the inline.
VMware's Engineering Team also confirmed that in anticipation to similar issues like this that there is a mechanism in place to turn off this validation. Please refer to the following document here keyword: nsx.validation.disable.single.edge.uplink
I have not tested this and also not sure what affect this will have on your environment when the validation is disabled. Use at own risk.
Hope this helps.