VMware Cloud Community
rwk1982
Enthusiast
Enthusiast

vRA 8.1 deployment failure - LCMVRAVACONFIG590003 - Unable to read vRA certificate configuration for 'lb': Missing certificate configuration for lb

Hello!

If you get this error there is a chance that you use IPs in the Subnet 172.16/12 (172.16.0.0 - 172.31.255.255) in your Network. In our Case the vRA Appliance has a 172.17.16.x address. The vCO docker image has a unused docker0 interface with the IP 172.17.0.1/16 so it breaks routing and the container can not reach anything between 172.17.0.1 - 172.17.255.254. Workaround is to remove the interface from the image:

Connect to the vRA Appliance with ssh and run:

cat << EOF > Dockerfile

FROM vco-polyglot-runner_private:latest

RUN mkdir -p /etc/docker

RUN printf '{\n "iptables": false,\n "bridge": "none"\n}\n' > /etc/docker/daemon.json

EOF

docker build -t vco-polyglot-runner_private:latest .

/opt/scripts/backup_docker_images.sh

After that you can hit "Retry" button in vRLCM and the deployment should finish. The same issue is in the vRO Standalone Appliance and to apply the workaround run:

/opt/scripts/deploy.sh --onlyClean

cat << EOF > Dockerfile

FROM vco-polyglot-runner_private:latest

RUN mkdir -p /etc/docker

RUN printf '{\n "iptables": false,\n "bridge": "none"\n}\n' > /etc/docker/daemon.json

EOF

docker build -t vco-polyglot-runner_private:latest .

/opt/scripts/backup_docker_images.sh

/opt/scripts/deploy.sh

A official KB should be released soon.

@VMware GSS: Thanks for the fix Smiley Happy

Drink coffee.. Do stupid things faster with more energy...
Reply
0 Kudos
1 Reply
garymboy
VMware Employee
VMware Employee

Man, am I glad the web crawlers found your post last night. And I'm especially thankful that you posted your (and my) issue and the fix.

Thanks for sharing.

gb

Reply
0 Kudos