Not able to put any of the ESXis in the maintinanace mode from vcenter
search cancel

Not able to put any of the ESXis in the maintinanace mode from vcenter

book

Article ID: 345050

calendar_today

Updated On:

Products

VMware vCenter Server VMware vSphere ESXi

Issue/Introduction

Not able to put any of the ESXi host in the maintenance mode from vCenter

WCP service is crashing immediately when attempting to start

/var/log/vmware/wcp/wcpsvc.log has the below errors:

2023-03-08T09:31:36.833Z error wcp [crypto/cryptography.go:67] Unable to read key from file /etc/vmware/wcp/keyForCryptography.dat. Error: open /etc/vmware/wcp/keyForCryptography.dat: permission denied

2023-03-08T09:31:36.833Z fatal wcp [crypto/cryptography.go:47] Cannot load secret key from file: open /etc/vmware/wcp/keyForCryptography.dat: permission denied

 

Cause

WCP configuration and permissions incorrect

Resolution

To resolve; apply the below steps:

  • Apply KB326225 and corrected entry for the reverse HTTP proxy port in /etc/vmware/wcp/wcpsvc.yaml/wcpsvc.yaml to be 443.
  • Apply the below 2 commands to guarantee the read permission to WCP as below:

/usr/lib/vmware-vmafd/bin/vecs-cli store permission --name wcp --user wcp --grant read

/usr/lib/vmware-vmafd/bin/vecs-cli store permission --name vpxd-extension --user wcp --grant read

 

  • Verify that all wcp files in the /etc/vmware/wcp have the correct permission as below - adjust as needed using chown command:

 

[/etc/vmware/wcp ]# ls -latrh

drwxr-xr-x 4 root root 4.0K Oct 27 2021 metadata

-rwxr-xr-x 1 root root 1.4K Oct 27 2021 wcpsvc.yaml.rpmsave

-rw-r--r-- 1 root root   0 Oct 27 2021 .configured_marker

-rw------- 1 wcp root  91 Oct 27 2021 .pgpass

-rw-r--r-- 1 root root   0 Oct 27 2021 .hdcs_configured_marker

-rw------- 1 wcp root  32 Oct 27 2021 keyForCryptography.dat

-rw-r--r-- 1 root root  78 Oct 27 2021 inProductTrial.yaml

-rw------- 1 wcp root  96 Sep 28 12:14 .storageUser

-rwxr-xr-x 1 root root 305K Sep 29 00:26 wcpsvcResourceBundle.zip

-r-------- 1 root root 5.3K Sep 29 00:26 wcp-sub-registry.yaml

-r-------- 1 root root 673 Sep 29 00:26 wcp-configuration-manifest.json

-rwxr-xr-x 1 root root 3.9K Sep 29 00:26 vpxd-extension.xml

-rwxr-xr-x 1 root root 307 Sep 29 00:26 supervisor-services-allow-list.txt

-rwxr-xr-x 1 wcp root 121 Sep 29 00:26 certool.cfg

-rw-r--r-- 1 root root 1.8K Oct 27 07:10 wcp_versions.yaml

-rw-r--r-- 1 root root 970 Oct 27 07:10 shared-t1-namespaces.yaml

-rw-r--r-- 1 root root 2.0K Oct 27 07:10 self-service-namespace-config.yaml

-rw-r--r-- 1 root root   7 Feb 21 15:39 wcp_version_preserved.txt

drwxr-xr-x 2 root root 4.0K Feb 21 15:39 supervisorservices

-rw-r--r-- 1 root root   7 Feb 21 15:39 wcp_version.txt

drwxr-xr-x 20 root root 4.0K Feb 21 15:40 ..

drwxr-xr-x 2 wcp root 4.0K Feb 21 15:41 guestclusters

-rwxr-xr-x 1 root root 6.4K Mar 7 15:08 wcpsvc.yaml.bak

-rwxr-xr-x 1 root root 6.4K Mar 7 15:09 wcpsvc.yaml

drwxr-xr-x 5 wcp root 4.0K Mar 7 15:09 .

-rw-r--r-- 1 root root 1.3K Mar 8 12:34 features.yaml

 

  • Start wcp service:

service-control --start wcp

 

Powered by Wolken Software