VMware Cloud Director Encryption Management
search cancel

VMware Cloud Director Encryption Management

book

Article ID: 379829

calendar_today

Updated On:

Products

VMware Cloud Director

Issue/Introduction

  1. When opening VMware Cloud Director Encryption Management UI (BYOK) from the VMware Cloud Director (VCD) provider portal it keeps loading and then it eventually fails.

  2. VMware Cloud Director Encryption Management was just installed.

  3. After trying the remediation as per documentation at Remediate VMware Cloud Director Encryption Management , you can see on the activities for the VMware Cloud Director Encryption Management instance the remediation fails with the error below:

    Unable to communicate with extension urn:vcloud:object-ext:channel:966ad3c7-9c28-4c86-9ce9-962882f2c442 during phase urn:extensionPoint:vm:customize:clone

  4. On /opt/vmware/vcloud-director/logs/vcloud-container-debug.log you see entry similar the one reported below:

    2024-09-26 11:07:03,985 | ERROR    | Backend-activity-pool-20576 | FutureUtil                     | copy vApp contents failed | requestId=vcdext-create-instance-EncryptionManagementSNMyO-vmware-solutionsagent-1-1-0-#########-#####-####-#########8ea7,request=POST https://vcloud.example.com/api/vdc#########-#####-####-#########bdde/action/instantiateVAppTemplate,requestTime=1727341577062,remoteAddress=##.##.##.##:51138,userAgent=Go-http-client/1.1,accept=application/*+json;version 38.1 vcd=#########-#####-####-#########3ea5,task=#########-#####-####-#########3b81e activity=(com.vmware.vcloud.backendbase.management.system.TaskActivity,urn:uuid:#########-#####-####-#########b81e) activity=(com.vmware.vcloud.vdc.impl.InstantiateVAppActivity,urn:uuid:#########-#####-####-#########40ca)
    com.vmware.ssdc.util.LMException: Unable to communicate with extension urn:vcloud:object-ext:channel:#########-#####-####-#########c442 during phase urn:extensionPoint:vm:customize:clone
            at com.vmware.ssdc.util.LMException.wrap(LMException.java:128)
            at com.vmware.ssdc.library.ExceptionFactory.createFromMultiple(ExceptionFactory.java:32)
            at com.vmware.vcloud.vdc.impl.CopyContentsActivity.afterWaitForFabricInTx(CopyContentsActivity.java:1278)
            at com.vmware.vcloud.vdc.impl.CopyContentsActivity$AfterCopyPhase.invoke(CopyContentsActivity.java:1074)
            at com.vmware.vcloud.activity.executors.ActivityRunner.runPhase(ActivityRunner.java:175)
            at com.vmware.vcloud.activity.executors.ActivityRunner.run(ActivityRunner.java:112)
            at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
            at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
            at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
            at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
            at java.base/java.lang.Thread.run(Thread.java:829)
     Caused by: com.vmware.vcloud.api.presentation.service.InternalServerErrorException: Unable to communicate with extension urn:vcloud:object-ext:channel:966ad3c7-9c28-4c86-9ce9-962882f2c442 during phase urn:extensionPoint:vm:customize:clone
            at com.vmware.vcloud.common.cell.toolkit.extensibility.ExtensionPointActivity.handleExtensionException(ExtensionPointActivity.java:248)
            at com.vmware.vcloud.common.cell.toolkit.extensibility.ExtensionPointActivity$ProcessExtensionResponse.invoke(ExtensionPointActivity.java:540)
            ... 7 more
     Caused by: java.util.concurrent.TimeoutException: Expected response message not received within timeout period.
            at com.vmware.vcloud.common.activity.toolkit.VcdAbstractActivity$RetryablePhase.invokeCancelableOperation(VcdAbstractActivity.java:427)
            at com.vmware.vcloud.common.act
  5. You tried to delete the  VMware Cloud Director Encryption Management instance but it fails and there are no activities reported on the instance.
  6. The error continues after Manually trying to Remediate under Provider > More> Add-on> Encryption Management. 

 

Environment

VMware Cloud Director 10.5.x
VMware Cloud Director Encryption Management 1.2.0

Cause

This happens when encryption is enabled on the Solution Landing Zone (SLZ) VDC. This is not a supported operation since BYOK VM is being deployed there. The SLZ is provider-managed organization/VDC where all solutions are deployed. When encryption policy is applied to a VDC, the BYOK VM captures all VM creation requests. If the solution is not operational, it cannot capture and encrypt newly provisioned VMs and the task will fail with the error above. The agent fails because it is being deployed into the SLZ which is already encrypted.

Resolution

The remediation steps need to be manually run.

 To resolve this issue contact Broadcom Support and note this Article ID (379829) in the problem description. For more information, see Creating and managing Broadcom support cases.