VMware Cloud Community
ndizz
Contributor
Contributor
‎03-24-2022 05:43 AM
Jump to solution

upgrade vCloud appliance to 10.2.2 and f5

We don't have any irules or anything special. Health monitors pass checks and see the appliance. After upgrade we can login to /provider as normal but no inventory loads. I've searched as much as I can and I'm seeing posts where this has happened before and that some iRules may need to be updated. The thing is, we don't have any iRules to begin with. Not sure how all the sudden this can break.

Connecting directly works. So something changes from 10.1.3 to 10.2.2a that breaks this. I don't know where to look, the f5 setup is extremely simple. It has a public vip for clients to connect to. the https and console pool has just the primary appliance active. Health monitors were updated to use /api instead of /cloud before the upgrade and everything was working. SSL terminates at the f5 (wildcard) and uses ssl to the backends. That isn't an issue because https works and gets to the login page.

There is nothing else setup here. I'm sure I can't be the only one with an f5 that upgraded. My only other recourse is to try again during the next maintenance window capture a tcpdump (had done that to resolve the cipher mismatch issues but didn't during the blank loading pages) for any clues.

0 Kudos
1 Solution

Accepted Solutions
AirheadPilot
Enthusiast
Enthusiast
‎04-19-2022 12:13 PM
Jump to solution

we had to resize maximum header size and maximum header count as we had issues with the gui when accessing through the f5. This kb had details:

https://kb.vmware.com/s/article/67696

 

 

View solution in original post

4 Replies
ndizz
Contributor
Contributor
‎03-24-2022 08:24 AM
Jump to solution

This might be related to "Failed Start: An error occurred during initialization" error while accessing the vCloud Director H5...

We previously had 2 linux cells and migrated to them to three appliances. In the cors filter list the primary appliance isn't listed. But I don't know if the filter list is just a collection of valid entry points in any order or if they need to be ordered properly. Next maintenance window I can try removing all the old entries and adding the primary cell hostname and its http and https url and see if that works. But again I don't know if this is the issue or if that webapp.allowed.origins property needs to be ordered specifically. Regardless I will update in case anyone comes across this later.

0 Kudos
Pierre345
Contributor
Contributor
‎04-06-2022 02:11 AM
Jump to solution

Tanzu Kubernetes Cluster Tenant Network Isolation - Tanzu Kubernetes clusters are now only reachable from workloads within the same organization virtual data center in which a cluster is created. If necessary, you can manually configure external access to specific services in a Tanzu Kubernetes cluster. For more information, see Configure External Access to a Service in a Tanzu Kubernetes Cluster in the VMware Cloud Director Tenant Portal Guide.

Subarunet.com Login

0 Kudos
AirheadPilot
Enthusiast
Enthusiast
‎04-19-2022 12:13 PM
Jump to solution

we had to resize maximum header size and maximum header count as we had issues with the gui when accessing through the f5. This kb had details:

https://kb.vmware.com/s/article/67696

 

 

ndizz
Contributor
Contributor
‎04-21-2022 05:37 PM
Jump to solution

That was exactly it, many thanks! I updated the header size and count as suggested in the KB and it loads.

0 Kudos