NSX-T Upgrade fails on host transport nodes with Failed to send HostConfig RPC to MPA
search cancel

NSX-T Upgrade fails on host transport nodes with Failed to send HostConfig RPC to MPA

book

Article ID: 379443

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

When upgrading NSX-T, the ESXi host transport nodes show in a Failed state for NSX Configuration and produce this error:

ERROR
Host Configuration: Failed to send the HostConfig message.
[TN=TransportNode/<Transport_Node_UUID>]. Reason: Failed to send HostConfig RPC to MPA TN:<Transport_Node_UUID>. Error: Unable to reach client <Transport_Node_UUID>, application SwitchingVertical. LogicalSwitch full-sync: LogicalSwitch full-sync realization query skipped.

 

In the ESXi host logs in the /var/run/log/nsxdavim.log file we see errors like:

WARNING User <DOMAIN>\<Username> does not exist retrying updating exception list

Environment

VMware NSX 3.2.1.x

Cause

User account from the error may be configured in the ESXi lockdown exception list.

Resolution

Recommend these steps to resolve

  • Remove the user account from the lockdown exception list.
    • Select the ESXi Host in VC
    • Navigate to Configure>Security Profile>Lockdown Mode
    • Select Edit
    • Select Exception Users
    • Click the 3 dots next to the user throwing the "does not exist" error in /var/run/log/nsxdavim.log
    • Remove User
  • After removing the user restart the nsx-opsagent service using this command:  /etc/init.d/nsx-opsagent restart and complete the upgrade
  • Add the user back to the exception list if required