Following an upgrade to vCenter Server Appliance (VCSA) 7.0.2, Auto Deploy functionality may fail.

This issue is characterized by error messages within the /var/log/vmware/rbd/rbd-cgi.log file, specifically:

YYYY-MM-DDTHH:MM:SS.870 [12003]ERROR:miscutil:Error: Could not obfuscate string rc: 1 error:b'bad decrypt\n139787204512512:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:563:\n'
YYYY-MM-DDTHH:MM:SS.871 [12003]ERROR:pluginmaster:exception:rbdplugins.hostprofile.vmwGetGpxeConf -- unpickling stack underflowTraceback (most recent call last):
  File "/build/mts/release/bora-17956806/BOD/vcenter-autodeploy/linx64/release/9c6a169/build/bora/build/build/autodeploy-compiled/release/linux64/pyc/rbd/utils/pluginmaster.py", line 236, in _curry
  File "/build/mts/release/bora-17956806/BOD/vcenter-autodeploy/linx64/release/9c6a169/build/bora/build/build/autodeploy-compiled/release/linux64/pyc/rbdplugins/hostprofile.py", line 812, in vmwGetGpxeConfpickle.UnpicklingError: unpickling stack underflow

The error logs indicate that the rbd_watchdog service is unable to decrypt the root passwords stored within the host profiles. This failure prevents the service from accessing necessary information for Auto Deploy operations.

The root cause lies in the stored, encrypted root password. To restore Auto Deploy functionality:

1. Access the affected Host Profiles: Locate the host profiles associated with the failing Auto Deploy deployments.
2. Edit the Root Password: Within each host profile, navigate to the "Root Password" section.
3. Re-enter the Root Password: Enter the existing root password for the hosts associated with these profiles.
4. Save Changes: Save the modifications made to the host profiles.

Explanation:

By re-entering the root password, the host profiles are updated with a new, properly encrypted version. This resolves the decryption issues encountered by the rbd_watchdog service, allowing Auto Deploy to function correctly.