VM failed to migrate to host after host reboot when lockdown is enabled
search cancel

VM failed to migrate to host after host reboot when lockdown is enabled

book

Article ID: 312476

calendar_today

Updated On:

Products

VMware NSX VMware vSphere ESXi

Issue/Introduction

  • The issue will happen when below criteria is met at the same time:
    • VM's network is configured to NSX segment
    • ESXi is lockdown enable before reboot

  • After ESXi reboot, VM failed to migrate to the ESXi. On NSX manager, the host state is "DOWN"
  • The host is upgraded from ESXi 6.7. In ESXi 6.7, there is a bug that lldpVim-user is removed:

    [YYYY-MM-DDTHH:MM:SS] opslldpvim: [ 2102220 ] INFO User lldpVim-user deleted^@

  • After ESXi is upgraded to 7.0, when rebooting with lockdown mode enable, hostd is to query users in exception list, but lldpVim-user is missing.
  • In nsxdavim.log

    [YYYY-MM-DDTHH:MM:SS] nsxaVim: [2102437]: WARNING User lldpVim-user does not exist retrying updating exception list^@

  • In hostd.log:

    [YYYY-MM-DDTHH:MM:SS] info hostd[2100916] [Originator@6876 sub=Solo.Vmomi opID=a56a6265 user=dcui] Throw vim.fault.UserNotFound
    [YYYY-MM-DDTHH:MM:SS] info hostd[2100916] [Originator@6876 sub=Solo.Vmomi opID=a56a6265 user=dcui] Result:
    --> (vim.fault.UserNotFound) {
    --> principal = "lldpVim-user",
    --> unresolved = false,
    --> msg = "",
    --> }

Environment

VMware NSX-T

Cause

On ESXi, nsxaVim failed to start because user "lldpVim-user" is missing.

Resolution

The issue is fixed in VMware vSphere ESXi 7.0. So, please upgrade to VMware vSphere ESXi 7.0 or higher.

Workaround:
Set host to "lockdown disable" before reboot.

Powered by Wolken Software