vSAN skyline health reports warning under Cluster configuration consistency as "Unable to fetch key provider details on host.get provider info error, please check the health logs.".
VMware vSAN 7.x
VMware vCenter 7.x
$ vmware-vsan-health-summary-result.log:
2024-06-19T20:11:06.835+10:00 INFO vsan-mgmt[17356] [VsanHealthSummaryLogUtil::PrintHealthResult opID=noOpId] Cluster <**Cluster name**> Overall Health : yellow
Test consistentconfig health : yellow
Issues: Host Disk Issue Recommendation
(Host-4****, '', UnableToFetchKeyProviderDetailsOnHost.GetProviderInfoError,PleaseCheckTheHealthLogs., ''), (Host-4****, '', UnableToFetchKeyProviderDetailsOnHost.GetProviderInfoError,PleaseCheckTheHealthLogs., ''),
(Host-4****, '', UnableToFetchKeyProviderDetailsOnHost.GetProviderInfoError,PleaseCheckTheHealthLogs., ''), (Host-4****, '', UnableToFetchKeyProviderDetailsOnHost.GetProviderInfoError,PleaseCheckTheHealthLogs., ''),
Group encryption health : unknown
Test kmsconnection health : skipped
HostsKmsStatus: Hosts KmsCluster KmsAlias ConnectionStatus KeyState Issue Recommendation
(Host-4****, vCenter, '', Yellow, Yellow, UnableToFetchKeyProviderDetailsOnHost.GetProviderInfoError,PleaseCheckTheHealthLogs., ''), (Host-4****, vCenter, '', Yellow, Yellow, UnableToFetchKeyProviderDetailsOnHost.GetProviderInfoError,PleaseCheckTheHealthLogs., ''),
(Host-4****, vCenter, '', Yellow, Yellow, UnableToFetchKeyProviderDetailsOnHost.GetProviderInfoError,PleaseCheckTheHealthLogs., ''), (Host-4****, vCenter, '', Yellow, Yellow, UnableToFetchKeyProviderDetailsOnHost.GetProviderInfoError,PleaseCheckTheHealthLogs., ''),
vmware-vsan-health-service.log
on vCenter would report events "User session count is limited to 550. Existing session count is 550 for user"$ less vmware-vsan-health-service.log
2024-06-19T20:11:08.435+10:00 ERROR vsan-mgmt[24256] [VsanVapiUtil::GetVapiConfigStubBySolUser opID=noOpId] Fail to connect vAPI by solution user machine
com.vmware.vapi.std.errors_client.ServiceUnavailable: {messages : [LocalizableMessage(id='com.vmware.vapi.endpoint.failedToLoginMaxUserSessionCountReached', default_message='User session count is limited to 550. Existing session count is 550 for user machine-****bbda-****-****-****-*******@vsphere.local.', args=['550', '550', 'machine-****bbda-****-****-****-*******@vsphere.local'], params=None, localized=None)], data : None, error_type : SERVICE_UNAVAILABLE}
The issue is fixed in the VMware vCenter version 7.0.U3q Build 23788036 and above.
Workaround:
As a workaround, the incoming connections limit can be increased by appending the following property on /etc/vmware-vapi/endpoint.properties:http.endpoint.default.maxConnections=550
The value can be increased maximum to 1000. It is recommended to keep lesser then 900.
This change requires vCenter services restart.
Steps to apply workaround as below.
Take a snapshot of the vCenter server.
Connect to vCenter server using SSH:
Take a backup of : /etc/vmware-vapi/endpoint.properties:
cp /etc/vmware-vapi/endpoint.properties /etc/vmware-vapi/endpoint.properties.backup
Edit the endpoint.properties file using the command below.
vi /etc/vmware-vapi/endpoint.properties
Modify the session.maxSessionsPerUser to 750 as below.
http.endpoint.default.maxConnections=750
Restart vmware-vapi-endpoint service
service-control --stop vmware-vapi-endpoint && service-control --start vmware-vapi-endpoint