NSX Manager unresponsive via UI and API until reboot
search cancel

NSX Manager unresponsive via UI and API until reboot

book

Article ID: 327396

calendar_today

Updated On:

Products

VMware NSX Networking

Issue/Introduction

  • Unable to access the NSX manager via Appliance UI
  • API calls made toward the NSX manager failing and consequently, external workflows/monitoring are impacted as API calls fail.
  • Unable able to manage and perform changes via the NSX manager.
  • In the NSX manager log bundle, entries similar to the below can be seen in logs/system/messages:

2022-07-19T01:28:22+00:00 nsxm.gss.com rngd: too many FIPS failures, disabling entropy source
2022-07-19T01:28:22+00:00 nsxm.gss.com rngd: No entropy sources working, exiting rngd

 

Environment

VMware NSX Data Center for vSphere 6.4.x
VMware NSX Data Center for vSphere 6.4 Extended Support

Cause

Lack of entropy on NSX-v Manager appliance is a very rare occurrence, the rngd process exits after too many failures to gather sufficient entropy from the environment, which is a requirement for running FIPS tests. This is working by design.

The Appliance Manager service remains UP but in a hung state as no rngd daemon is available to provide randomness(for UUIDs) requested,  this leads to no response to API requests.

Resolution

This issue is fixed in NSX Data Center for vSphere 6.4.14.

Workaround:

Monitoring for the below entries would serve as an indicator of encountering the issue, if the issue is encountered, the NSX Manager Appliance would need to be restarted. 

Log entries to monitor for:

2022-07-19T01:28:22+00:00 nsxm.gss.com rngd: too many FIPS failures, disabling entropy source
2022-07-19T01:28:22+00:00 nsxm.gss.com rngd: No entropy sources working, exiting rngd

Should you encounter this issue and the above workaround be insufficient, please raise a Support Request with VMware citing this KB. 


Powered by Wolken Software