NSX Edge creation failed with REGISTRATION_TIMEOUT
search cancel

NSX Edge creation failed with REGISTRATION_TIMEOUT

book

Article ID: 381997

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • The NSX Manager times out and displays the following error before the Edge node can complete its registration.  
    Error encountered: "Error joining the manager, status 500, err: Node registration failed: 'API error retrieving node configuration'"
  • Log lines similar to the ones below are encountered on the Edge node in /var/log/join_mp.log 
    root@<Edge-Node>:~# cat /var/log/join_mp.log
    Node successfully registered as Fabric Node: <Edge Node UUID>
    Timeout occurred while waiting for edge-service to connect with Manager

Environment

VMware NSX

Cause

The registration failure was caused by the OVF deployment exceeding the Edge registration token's 60-minute default timeout.

Resolution

Follow the steps to register the Edge node with the NSX manager manually.

  1. Log in to the Edge Node via ssh as user admin, switch to the root user account by running the command "st en", enter the 'root'password,
  2. Copy the command from the /var/log/join_mp.log starting with 'cmd' 
    root@<Edge-Node>:~# cat /var/log/join_mp.log
    Node successfully registered as Fabric Node: <Edge Node UUID>
    Timeout occurred while waiting for edge-service to connect with Manager

    cmd: su admin -c  join management-plane  <NSX-Manager-IP>:443 thumbprint <thumbprint>token <obfuscated> node-uuid <Edge-Node-UUID>
  3. Get the thumbprint of the NSX Manager by logging in as admin and run the command below
    get certificate api thumbprint
  4. Get the token by running the command on NSX Manager via ssh --> admin login --> st en  to switch to root login
    curl -X POST -sN -k -u admin:'NSX-Manager-Password' 'https://<NSX-Manager-IP>/policy/api/v1/aaa/registration-token'
    EX -  
    curl -X  POST  -sN -k -u   admin:'NSX-Manager-Password'  'https://<NSX-Manager-IP>/policy/api/v1/aaa/registration-token'
    {
      "token" : "#######-####-####-####-#########",
      "roles" : [ "enterprise_admin" ],
      "user" : "admin"
  5. Get the Edge node UUID, run the following commands from NSX Manager via ssh --> admin login --> st en  to switch to root login 
    curl -X GET  -sN -k -u   admin:'NSX-Manager-Password' 'https://<NSX-Manager-IP>/policy/api/v1/transport-nodes'  |grep -i "resource_type\|id\|display_name"  | grep -C 2 <Edge-Node-Hostname>
  6. Execute the tweaked command at Edge CLI  
    root@EdgeNode:~# su admin -c  join management-plane <NSX-Manager-IP>:443 thumbprint <Thumbprint-from-Step-1> token <Token-from-Step-2> node-uuid <UUID-from-Step-3>

Additional Information

"OVF certificate validation failed. Error: [VALIDATION_ERROR: CERTIFICATE_EXPIRED; ]" error for NSX Edge Install/Redeploy/Resize

Powered by Wolken Software