NSX-T after new Service creation, the status changes to 'Failed' with 'Realization failure'
search cancel

NSX-T after new Service creation, the status changes to 'Failed' with 'Realization failure'

book

Article ID: 322511

calendar_today

Updated On:

Products

VMware NSX Networking

Issue/Introduction

Symptoms:
  • You recently modified a default service using API calls.
  • Distributed Firewall page shows realization failures, if any new rules are deployed with a service.
  • Checking the NSX-T manager /var/log/policy/policy.log, you see messages similar to the below:
ERROR providerTaskExecutor-95 PolicyProviderUtil 13257 POLICY [nsx@6876 comp="nsx-manager" errorCode="MP500015" level="ERROR" subcomp="policy"] Unexpected exception received during provider invocation.
com.vmware.nsx.management.policy.provider.ProviderNotReadyException: Realization failure, waiting for realization of resource type = ServiceEntry path=[{/infra/services/TCP_1234/service-entries/TCP_1234}], Realization will be reattempted in next cycle (max 5 minutes)
...
com.vmware.nsx.management.policy.provider.common.RealizationFetchUtility.polling(RealizationFetchUtility.java:805) ~[libpolicy-framework-api.jar:?]
... 
com.vmware.nsx.management.policy.providers.ServiceGroupProviderNSXT.handlePolicyChange(ServiceGroupProviderNSXT.java:204) ~[libpolicy-framework-api.jar:?]


Environment

VMware NSX-T Data Center

Cause

The default service was modified by an API an call, these default services should not be modified and you are prevented from doing so in the UI. The ability to modify them using the API will be removed in a future release.

Resolution

This issue is resolved in NSX-T 4.0.1 available at VMware Downloads.

Workaround:
Do not modify the system default service entries.

Powered by Wolken Software