NSX Intelligence fails to detect invalid IP address
Article ID: 327365
Updated On:
Products
VMware NSX Networking
Issue/Introduction
This article provides information on how to recover from a wrong manager node IP address after using an invalid IP address while using CLI to change manager node certificate.
Symptoms:
When you add a manager node certificate CLI with a wrong IP address, you experience these symptoms:
Symptoms:
When you add a manager node certificate CLI with a wrong IP address, you experience these symptoms:
- The NSX Intelligence node fails the detection of invalid IP address.
- Running the get intelligence manager-version command results in an error which indicates that the connection to the NSX Manager is broken,
- In the /var/log/pace-server.log file, you see entries similar to:
2020-07-22 11:25:49,133 ERROR c.v.n.p.o.OperationalApiImpl [http-nio-127.0.0.1-7447-exec-10] NSX-INTELLIGENCE [nsx@6876 comp="nsx-intelligence" errorCode="XXX910027" level="ERROR" subcomp="manager"] Exception during NSX node connectivity check org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://10.10.10.10/api/v1/node/version": Connect to 10.10.10.10:443 [/10.10.10.10] failed: Connection timed out (Connection timed out); nested exception is org.apache.http.conn.HttpHostConnectException: Connect to 10.10.10.10:443 [/10.10.10.10] failed: Connection timed out (Connection timed out).
Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.
Environment
VMware NSX-T Data Center 3.x
VMware NSX-T Data Center
VMware NSX-T Data Center
Cause
This issue occurs due to current architecture design, as the NSX Intelligence node is not able to know all the IP addresses of the NSX manager nodes.
Resolution
This is a known issue affecting VMware NSX Intelligence 1.2.0.
Currently, there is no resolution.
Workaround:
To work around this issue, set the manager to the correct manager node address by running this command:
set intelligence manager-node <ip-address> cert-id <cert-id> cert-b64-encoded-pem LS0tL...CRUdJT.
Currently, there is no resolution.
Workaround:
To work around this issue, set the manager to the correct manager node address by running this command:
set intelligence manager-node <ip-address> cert-id <cert-id> cert-b64-encoded-pem LS0tL...CRUdJT.
Feedback
Yes
No
Powered by
