Plugin error when installing Consumption interface

Products

VMware vSphere with Tanzu

Issue/Introduction

Activation of the Consumption interface fails to complete when following instructions here.

Error during activation of vSphere IaaS control plane Consumption interface shows Error downloading plugin warning on the plugin interface.

The plug-in might fail to load on the initial attempt.

To check if the plug-in has loaded correctly, click the vSphere Client menu icon, then to

Administration -> Client -> Plug-ins.

Check the Status column of the Namespace UI plug-in, and in case you see an error

"Error downloading plugin. URL is unreachable status code 502 reason phrase bad gateway"

Environment

vSphere IaaS control plane

vCenter 8.0.u3

Cause

Access to projects.packages.broadcom,com repositories is required for activation of Consumption Interface.

The vsphere pods used by supervisor service are unable to download from the projects.packages.broadcom,com repositories.

This should be confirmed checking the status of the vsphere pods in the Cloud Consumption interface

Access the namespace for the new Cloud Consumption Interface then click on Compute menu and then select Pods

A list of the pods status should be visible.

You will see repeated failures of the cci-ns-controller-manager-xxxx

To check further as to why the controller manager pods are failing to install.

SSH to an ESXi host where the pod was failing on

Check the following folder

/var/run/crx/

you will see the folder similar to the following

imgfetcher-###-######

If you access the folder there is 2 logs

vmware.log and guest.log

In guest.log you will see the failures to connect to the projects.packages.broadcom.com

2024-07-25T08:49:22.892Z time="2024-07-25T08:49:22.180Z" level=debug msg="do request" host=projects.packages.broadcom.com request.header.accept="application/vnd.docker.distribution.manifest.v2+json, application/vnd.docker.distribution.manifest.list.v2+json, application/vnd.oci.image.manifest.v1+json, application/vnd.oci.image.index.v1+json, */*" request.header.user-agent=containerd/1.6.21+unknown request.method=HEAD url="https://projects.packages.broadcom.com/v2/vcf_cci_service/cci-namespace-ui-service/blobs/sha256:2f89a4ac527bd6fae8fb43b5a31d9b6013c25bb92df58fac851290e5f2eafb04"
2024-07-25T08:50:22.896Z time="2024-07-25T08:50:22.180Z" level=info msg="trying next host" error="failed to do request: Head \"https://projects.packages.broadcom.com/v2/vcf_cci_service/cci-namespace-ui-service/blobs/sha256:2f89a4ac527bd6fae8fb43b5a31d9b6013c25bb92df58fac851290e5f2eafb04\": dial tcp 44.226.59.123:443: i/o timeout" host=projects.packages.broadcom.com
2024-07-25T08:50:22.896Z time="2024-07-25T08:50:22.180Z" level=error msg="Failed to resolve image projects.packages.broadcom.com/vcf_cci_service/cci-namespace-ui-service@sha256:2f89a4ac527bd6fae8fb43b5a31d9b6013c25bb92df58fac851290e5f2eafb04. Err failed to do request: Head \"https://projects.packages.broadcom.com/v2/vcf_cci_service/cci-namespace-ui-service/manifests/sha256:2f89a4ac527bd6fae8fb43b5a31d9b6013c25bb92df58fac851290e5f2eafb04\": dial tcp 100.21.156.46:443: i/o timeout"
2024-07-25T08:50:22.896Z time="2024-07-25T08:50:22.180Z" level=error msg="Failed to resolve image projects.packages.broadcom.com/vcf_cci_service/cci-namespace-ui-service@sha256:2f89a4ac527bd6fae8fb43b5a31d9b6013c25bb92df58fac851290e5f2eafb04. Err failed to do request: Head \"https://projects.packages.broadcom.com/v2/vcf_cci_service/cci-namespace-ui-service/manifests/sha256:2f89a4ac527bd6fae8fb43b5a31d9b6013c25bb92df58fac851290e5f2eafb04\": dial tcp 100.21.156.46:443: i/o timeout"

This means the ESXi hosts are not permitted to download from the repository where the Cloud Consumption manager pods are located.

Resolution

Allow the ESXi hosts to the following domains

projects.registry.vmware.com
projects.packages.broadcom.com
jfrog-prod-usw2-shared-oregon-main.s3.amazonaws.com