NSX context engine fails to start after Guest Introspection installation and/or upgrade
Article ID: 324292
Updated On:
Products
VMware NSX
Issue/Introduction
Symptoms:
- Context engine fails.
- In the /var/log/syslog.log file, you see entries similar to:
2017-11-28T19:33:36Z NSX-Context-Engine: [ERROR] (EPSEC) [2510439] ERROR. Ioctl failed to get filter count. Status: 0
2017-11-28T19:33:36Z NSX-Context-Engine: [ERROR] (EPSEC) [2510439] ERROR. Invalid devId -1
2017-11-28T19:33:36Z NSX-Context-Engine: [ERROR] (EPSEC) [2510439] ERROR. Failed to get VM filters. Retrying in 60000 seconds
2017-11-28T19:33:38Z NSX-Context-Engine: [WARN] error 12: cannot open device /dev/vsip: 2
Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.
Environment
VMware NSX for vSphere 6.4.x
Cause
This issue occurs when Guest Introspection (GI) is installed or upgraded before Host Preparation completes.
Resolution
This is a known issue affecting VMware NSX for vSphere 6.4.x.
Currently, there is no resolution.
Workaround:
To work around this issue, restart the vShield-Endpoint-Mux service by running either these commands:
Currently, there is no resolution.
Workaround:
To work around this issue, restart the vShield-Endpoint-Mux service by running either these commands:
- /etc/init.d/vShield-Endpoint-Mux restart-nsx-ctxteng
- /etc/init.d/vShield-Endpoint-Mux restart
Additional Information
Impact/Risks:
Identity Firewall for RDSH VMs will not work if the context engine is not started.
Identity Firewall for RDSH VMs will not work if the context engine is not started.
Feedback
Yes
No
Powered by
