How to configure a witness appliance for use with a direct connect 2-node vSAN cluster
Article ID: 326584
Updated On:
Products
VMware vSAN
Issue/Introduction
The vSAN network is isolated between the host vSAN nodes. As a result, separate interfaces need to be tagged as witness traffic.
Symptoms:
Symptoms:
- Direct connect 2-node vSAN cluster
- Although all the hosts can ping the witness appliance and both hosts have correct unicast table entries, the witness will not join the cluster.
Environment
VMware vSAN 6.x
Cause
No interfaces are tagged for witness traffic.
Resolution
Before starting, verify the two vSAN nodes and witness are all on the same ESXi build version.
1. Decide whether you want to use the witnessPG or the management interface for vSAN traffic on the witness. Use an interface that can ping the management interfaces on both of the hosts.
2. Tag the interface for vSAN traffic only and do not tag it for anything else such as witness, vMotion, or management.
esxcli vsan cluster unicastagent list
NOTE: you should only see two entries for the other two nodes. You will not see the local node entry.
If all of this is done correctly, the witness should join the cluster successfully.
1. Decide whether you want to use the witnessPG or the management interface for vSAN traffic on the witness. Use an interface that can ping the management interfaces on both of the hosts.
2. Tag the interface for vSAN traffic only and do not tag it for anything else such as witness, vMotion, or management.
esxcli vsan network ip set -i vmkx -T=vsan3. Tag the management interfaces on the hosts for witness traffic.
esxcli vsan network ip add -i vmkx -T=witness4. Double-check the unicast table entries on both hosts.
esxcli vsan cluster unicastagent list
NOTE: you should only see two entries for the other two nodes. You will not see the local node entry.
If all of this is done correctly, the witness should join the cluster successfully.
Additional Information
Feedback
Yes
No
Powered by
