Adding a Secondary NSX Manager to the Primary NSX Manager fails
Article ID: 345888
Updated On:
Products
VMware NSX
Issue/Introduction
Symptoms:
- Unable to add Secondary NSX Manager to Primary NSX manager.
- After decommission of Secondary NSX Manager, Primary NSX Manager still shows synchronization issues with the decommissioned NSX Manager.
- Changing VXLAN port of new secondary NSX Manager from default to another port value fails.
Environment
VMware NSX for vSphere 6.1.x
VMware NSX for vSphere 6.2.x
VMware NSX for vSphere 6.2.x
Cause
This issue occurs when:
- The primary NSX Manager fails to register or un-register with the Secondary NSX Manager.
- Port 443 is not opened between Secondary NSX Manager and NSX Universal Controllers.
- UDP port value on the primary NSX manager and secondary NSX manager do not match.
Resolution
Ensure that the VXLAN UDP port of the primary NSX manager matches with the VXLAN UDP port of the secondary NSX manager.
Modify the VXLAN UDP port on the NSX manager using REST API, if required:
Method: PUT
Url: https://nsxmgr_ip/api/2.0/vdn/config/vxlan/udp/port/portnum
Re-register the secondary NSX Manager to the Primary NSX Manager:
- Collect the UUID of the registered NSX Managers with the Primary NSX Manager using REST API:
GET https://nsxmgr_ip/api/2.0/universalsync/configuration/nsxmanagers
You see output similar to:
<nsxManagerInfos>
<nsxManagerInfo>
<uuid>f3##a6##-69##-4x74-bx75-37########e</uuid>
<nsxManagerIp>10.#.#.4</nsxManagerIp>
<nsxManagerUsername>replicator-f3##a6##-69##-4x74-bx75-37########e</nsxManagerUsername>
<certificateThumbprint>
A9:##:##:03:A3:28:##:##:##:##:4C:8D:##:##:45:D8:##:##:85:4C
</certificateThumbprint>
<isPrimary>false</isPrimary>
</nsxManagerInfo>
<nsxManagerInfo>
<uuid>4##C##x2-####-####-####-7##########A</uuid>
<nsxManagerIp>10.##.##.2</nsxManagerIp>
<nsxManagerUsername>replicator-4##C##x2-####-####-####-7##########A</nsxManagerUsername>
<certificateThumbprint>
03:B4:##:##:8A:9E:##:F0:80:80:##:F4:2C:##:05:11:##:A8:##:7C
</certificateThumbprint>
<isPrimary>false</isPrimary>
</nsxManagerInfo>
</nsxManagerInfos> - Unregister the NSX Manager completely from the primary NSX Manager using REST API:
DELETE https://nsxmgr_ip/api/2.0/universalsync/ configuration/nsxmanagers/4##C##x2-####-####-####-7##########A?force=true - Add the secondary NSX Manager to the Primary NSX Manager.
For more information on how to make API calls to the NSX Manager, see the Using the NSX REST API section of the VMware NSX for vSphere API Guide.
Note: Ensure that port 443 is opened between the Secondary NSX Manager and the Universal Controller Cluster.
Additional Information
You may experience these additional symptoms:
- In the vsm.log file of the NSX Manager, you see entries similar to:
2016-06-20 12:37:03.777 EDT WARN http-nio-127.0.0.1-7441-exec-1 RestTemplate:559 - POST request for "http://127.0.0.1:7442/api/1.0/replicator/configuration/nsxmanagers" resulted in 400 (Bad Request); invoking error handler2016-06-20 12:37:03.793 EDT ERROR http-nio-127.0.0.1-7441-exec-1 ReplicatorRestClient:92 - Exception occurred while invoking REST API call on Replicator org.xxx.web.client.HttpClientErrorException: 400 Bad Request at org.xxx.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:88) at org.xxx.web.client.RestTemplate.handleResponseError(RestTemplate.java:566) at org.xxx.web.client.RestTemplate.doExecute(RestTemplate.java:524) at org.xxx.web.client.RestTemplate.execute(RestTemplate.java:482)2016-06-20 12:37:03.805 EDT INFO http-nio-127.0.0.1-7441-exec-1 AuditingServiceImpl:147 - [AuditLog] UserName:'xxx.local\user-name', ModuleName:'xxx', Operation:'REGISTER_NSX_MANAGER', Resource:'10.xx.xx.2', Time:'Mon Jun 20 12:37:03.803 EDT 2016', Status:'FAILURE', Universal Object:'false'
Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.
Feedback
Yes
No
Powered by
