Edge deployment from NSX-T manager UI fails with 'connect timeout' error
search cancel

Edge deployment from NSX-T manager UI fails with 'connect timeout' error

book

Article ID: 324597

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • When attempting to deploy a new NSX-T Edge Node from UI, we will see a "connect timeout" error.
  • In the /var/log/cm-inventory/cm-inventory.log on NSX-T manager, you will find entries similar to:
2023-04-03T12:05:25.785Z ERROR Thread-28 ResourcePoolOperation - - [nsx@6876 comp="nsx-manager" errorCode="MP40409" level="ERROR" subcomp="cm-inventory"] Ovf deploy failed while deploying vmdk http://172.20.100.176:8080/repository/3.0.1.1.0.16556497/Edge/ovf/nsx-edge.vmdk on vc 52a11db6-####-####-####-##########12 for vm: vm-123458 with type error connect timed out
  java.net.SocketTimeoutException: connect timed out
  • In the /var/log/syslog on NSX-T manager, you will see entries similar to:
<182>1 2023-04-03T12:05:25.875Z NSX 30893 FABRIC [nsx@6876 comp="nsx-manager" level="INFO" subcomp="manager"] Updating the deploymentProgressState for deploymentUnitInstance: DeploymentUnitInstance [ id=cb1b5a00-####-####-####-##########1a, deploymentUnitId=e2010eaf-####-####-####-##########9d, hostId=null, entityId=vm-123458, runningVersion=null, deploymentProgressState=DEPLOYMENT_FAILED, deploymentGoalState=ENABLED, internalLastKnownOSVersion=null, agentId=null, errorId=0, errorMessage=connect timed out] to DEPLOYMENT_FAILED:connect timed out

<179>1 2023-04-03T12:05:25.877Z  NSX 30893 FABRIC [nsx@6876 comp="nsx-manager" errorCode="MP16019" level="ERROR" subcomp="manager"] [entId=Node/e4bba04b-####-####-####-##########e1] Edge node deployment failed due to errorDetails='connect timed out'
  • In the vCenter, the import task times out.
  • In the /var/log/vmware/vpxd/vpxd.log on vCenter, you will find entries similar to:
2023-04-03T17:40:23.835+05:30 info vpxd[22536] [Originator@6876 sub=VAppImport opID=661ed5d5-01] Import task timed out
2023-04-03T17:40:23.835+05:30 info vpxd[22536] [Originator@6876 sub=MoHttpNfcLease opID=661ed5d5-01] Releasing HTTP-NFC ticket
2023-04-03T17:40:23.838+05:30 info vpxd[22536] [Originator@6876 sub=MoHttpNfcLease opID=661ed5d5-01] Task aborted
2023-04-03T17:40:23.840+05:30 error vpxd[22536] [Originator@6876 sub=VAppImport opID=661ed5d5-01] Caught exception while importing VM: N3Vim5Fault8Timedout9ExceptionE(Fault cause: vim.fault.Timedout

Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.

Environment

All NSX-T versions

Cause

  • During Edge node deployment, NSX-T Manager will connect to the ESXi host where Edge will reside for transferring the required files.
  • This issue occurs when NSX-T manager is unable to communicate with ESXi host on TCP port 443 for transferring the edge vmdk files.

Resolution

NSX-T requires TCP port 443 to be open between NSX-T manager and ESXi hosts for management and provisioning connections.

  • To resolve this issue, disable any firewall rules which may be blocking traffic between NSX-T Manager and ESXi hosts over TCP port 443 and retry the edge deployment.
  • To test connectivity between NSX-T Manager and ESXi hosts, use the below command from NSX-T manager root login

nc -zv <ESXi_Host_IP> <tcp port no>

Output of a successful connection:

root@324:~# nc -zv 10.172.79.35 443
Connection to 10.172.79.35 443 port [tcp/https] succeeded!

Workaround:

  • If port 443 needs to remain blocked, deploy the edge from the vCenter using an edge ova and manually register it with the NSX-T Manager. For more information refer NSX T Documentation .



Additional Information



Powered by Wolken Software