Unable to connect the host https://host-ip/sdk during NSX-T Upgrade
search cancel

Unable to connect the host https://host-ip/sdk during NSX-T Upgrade

book

Article ID: 313768

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • During the upgrade of NSX-T managers, hosts are not allowed to upgrade.
  • The upgrade fails at the 'Performing dry-run of installation of NSX bits' step.
  • The following error in upgrade-coordinator.log on the orchestrator node is present (/var/log/upgrade-coordinator/upgrade-coordinator.log):

             Unable to connect the host https://host-ip/sdk

Environment

VMware NSX-T Data Center

Cause

This issue is caused by blocked Host access from NSX Orchestrator node

Resolution

In the vSphere client, go to the Host > Configure > System > Firewall > Connections: > Incoming > vSphere Web Client, ensure "Allowed IP addresses" includes the IP address of the orchestrator node (or is set to "All").

 

You can use netcat (nc) to confirm connectivity to the TCP ports (443,80 and 902) from the NSX Manager(s) to the vSphere Host: 

  1. Open SSH to NSX Manager and log in using root account
  2. run the following command to check the connectivity on TCP port 443:
    #nc -zv <host-ip> 443
  3. Example response when connection succeeded:
    Connection to <host_ip> 443 port [tcp/*] succeeded!
  4. Repeat the same steps for ports 80 and 902
  5. If the connection is not succeeded, then investigate with your firewall team where the port may be blocked.
  6. Check the connection from all three NSX Managers.

Additional Information

Impact/Risks:

Not able to upgrade a host during NSX-T upgrade.

Powered by Wolken Software