NSX Application Platform Manager Disconnected alarm is open

All NAPP versions

Recommended actions:

There are multiple issues causing Manager disconnect alarm. To identify the issue, follow these steps:

1. Check Ingress FQDN:

1.1 ssh to the NSX manager

1.2 run the following command to check the connection to the Ingress FQDN:

netcat -z -v <Ingress-FQDN> 443

2. Check Messaging FQDN:

2.1 ssh to the NSX manager

2.2 run the following command to check the connection to the Messaging FQDN:

netcat -z -v <Messaging-FQDN> 9092

3. Check Kafka certificate

3.1 ssh to the NSX manager

3.2 get the kafka broker cert in the kafka brokers' keystore with following commands:

napp-k exec -it kafka-0 -- bash
env | grep KAFKA_CERTIFICATE_PASSWORD
keytool -v -list -keystore /certs/keystore.p12

3.3 Check if your client's truststore contains the above certificate with following commands:

cat /config/http/.http_cert_pw
keytool -v -list -keystore /home/secureall/secureall/.store/.client_truststore

3.4 Get the client keystore's certificate

cat /home/secureall/secureall/.store/.napp_kafka_keystore_pw
keytool -v -list -keystore /home/secureall/secureall/.store/.napp_kafka_keystore

3.5 Check if kafka brokers contain the above cert in the its truststore

napp-k exec -it kafka-0 -- bash
env | grep KAFKA_CERTIFICATE_PASSWORD
keytool -v -list -keystore /certs/truststore.p12