After analysis of iputil.py script, we found that rootcaust of issue is that vcenter name was created with uppercase(VCENTER01.domain.com), and DNS(HostA) record was created also with uppercase. But, unfortunately DNS reverse resolving(ip2fqdn) provides lowercase, and here is mismatch of records, cause for linux they are not the same, and there is no check for it, which definitely needs to be fixed with next release. So finally, I've just rebuild my vcenter 6.5 with lowercase and VOILA!!! PROBLEM IS FIXED!!!
This is annoying. I cannot enable vCenter HA and I can't just reinstall the vCenter with lower case letters. Is there a solution without having to rebuild the entire vCenter appliance? I see that version 6.5 has been released in a very "agile" way, so brace yourselves for more bugs. We're all beta testers now.
There is a workaround to resolve this issue:
SSH into the vCSA appliance and cd into /etc/vmware, and look for the file named systemname_info.json, and then run "cat systemname_info.json |grep -i VM_NAME" where VM_NAME is the name of your vCSA appliance.
If the above command comes back with capitals we will need to modify the entry for all lowercase letters.
To do so:
take a snapshot of the vCSA, and back up the systemname_info.json file by making a copy of it. To make a backup copy, run this command:
cp systemname_info.json systemname_info.json_backup
using vi, edit the original systemname_info.json file, correcting the hostname to be all in lower case.
Once that's done, reboot the vCSA appliance and try configuring vCenter HA again.
in your configuration you use different subnets at the three nodes's HA ports. How can they communicate with each other without a HA port default route? Did you use static routes?
Yeap, you have to add routes to eth1(second nic) file in /etc/systemd/network via ssh
root@XXXXXXXX [ /etc/systemd/network ]# cat 10-eth1.network
Thanks Ardak, it works.
1 person found this helpful
There is another big pitfall...
VMware requires you to allow a TCP connection to your DNS servers
If your firewall permits UDP only, the setup will fail.
You can see it in the iputil.py script:
root@vcenter [ ~ ]# grep -n "usr/bin/host" /usr/lib/vmware-vcha/scripts/iputil.py
131: fqdnCmd = [ '/usr/bin/host', '-W', '30', '-T', ip ]
root@vcenter [ ~ ]#
The "-T" is for TCP.
There is no hint in any documentation, not even in the great KB 1012382.
I asked them to update the documentation and maybe to remove the "-T".
I had same issue. The issue got solved after performing following two actions :
1. Edited file /etc/vmware/systemname_info.json to modify VCS name to lower case.
2. created reverse lookup zone in my AD , and recreated A record for VCS.
Wow, thanks! That was our problem! Our DNS is being load balanced via a Netscaler LB and the "DNS" protocol in the Netscaler does not use TCP.
My workaround was to specify one of the DNS severs directly (behind the LB) which does allow TCP and I was able to proceed with the VCHA setup.