VMware Cloud Community
pargit
Enthusiast
Enthusiast
‎08-16-2022 03:28 AM

Error when setting up SMB in vsan file services

hi,

I'm trying to enable vSan File Services for both SMB and NFS.

When setting NFS only everything works fine.

When setting with SMB i get the following error:

 

 

 

The File service is not available, because the file service domain is not successfully created. Click the edit button to create the file service domain again.

 

 

 

I prepared the following:

1. created AD OU specific for vsan (root/vcsa7/vsan-fs)

2. created dns entries for the EAM vms (forward and reverse)

3. created a user account that has full control on the OU (basically every user in our AD can register new computers)

4. reserved IP's for the EAM vms in my DHCP

vCenter version:

 

  • Version:7.0.3
  • Build:20150588

Esxi version:

VMware ESXi, 7.0.3, 20036589

Our AD level is 2008.

i can't figure out why i get the error. Any help will be appreciated.

Thanks

Mor

 

Edit:

i see that the EAM vms are not being configured with the IP address i set up. that makes sense not being able to reach the AD... but why? any logs i can search for?

 

 

Labels (1)
Labels
Tags (2)
Reply
0 Kudos
4 Replies
depping
Leadership
Leadership
‎08-17-2022 03:59 AM

The VMs don't get the IP address, the container within the VM should get the IP address. This is why the portgroups will need promiscuous mode and forged transmit to be enabled. Try ping

What is the domain name you are using?

The logs would be: /var/run/log/vsanfs.mgmt.log

Reply
0 Kudos
pargit
Enthusiast
Enthusiast
‎08-17-2022 04:06 AM

hi,

i noticed later (when i found the way to access the eam vm) that the docker container got the ip.

i'm using the main domain in our environment (pelephone co il) and the dns record is for vm1.vcsa7.pelephone....

are there any logs i can check?

edit:

i just noticed you wrote about promiscuous mode.. i'll try and update...

Reply
0 Kudos
depping
Leadership
Leadership
‎08-17-2022 04:27 AM

yeah if that isn't enabled then that most likely is part of the problem. Forged Transmits and Promiscuous mode ensure that the container IP and Mac address are actually allowed to communicate through the virtual network. As the VM is not getting an IP but the container is, the mac address that is being used is unexpected, and we need to allow the virtual layer to be okay with that.

If you use NSX then mac-learning need to be enable on the zone.

Reply
0 Kudos
pargit
Enthusiast
Enthusiast
‎08-17-2022 06:29 AM

so i configured the promiscuous mode, forget transmit and when i deploy everything from scratch (after running the erase_fileservice_config.py script) i can ping all the ip's but for a very short time .

after that the process fail with the same errors...

just something i forgot to mention, this is done on my nested test enviroment (as i cannot "play" with it on my production VCF).

all nested networks works ok, vsan and vmotion are internal on the esx that host all the vms (vc, esx and witness).

Reply
0 Kudos