NSX Stretch in SDDC fails with domain manager logs indicating that 'vSAN ESA is not supported in combination with stretched cluster'
search cancel

NSX Stretch in SDDC fails with domain manager logs indicating that 'vSAN ESA is not supported in combination with stretched cluster'

book

Article ID: 393107

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

When attempting to stretch an NSX Service Deployment in SDDC, the stretch fails within the SDDC UI and the following error is visible in -

/var/log/vmware/vcf/domainmanager/domainmanager.log

vSAN ESA is not supported in combination with stretched cluster

and

Failed to update cluster
java.lang.UnsupportedOperationException: null
        at com.vmware.vcf.clustermanager.controller.v1.ClusterController.updateCluster(ClusterController.java:1224)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.base/java.lang.reflect.Method.invoke(Method.java:569)
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:343)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:196)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:751)
        at org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor.invoke(AuthorizationManagerBeforeMethodInterceptor.java:198)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:184)
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:751)
        at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:703)
        at com.vmware.vcf.clustermanager.controller.v1.ClusterController$$SpringCGLIB$$0.updateCluster(<generated>)

Environment

VMware NSX

SDDC

Cause

vSAN ESA stretch cluster functionality requires the subntp (Sub-Transport Node Profile) feature to be enabled in SDDC Manager. This feature is critical for managing NSX transport node configurations in stretched environments with vSAN ESA.

The subntp feature is required for properly handling the NSX Policy APIs that manage transport zone profiles in stretched cluster configurations. Without this feature enabled, the system cannot properly configure the transport nodes across availability zones, resulting in the compatibility error.

This situation commonly occurs in environments where the subntp feature was previously disabled to resolve other issues, particularly in environments that have been upgraded from VCF 4.x to 5.x.

Resolution

To stretch cluster vSAN ESA cluster, you have to enable subtnp feature and proceed with workflow.

Note: It is possible that subtnp feature was previously disabled following this article - VCF Cluster Delete Failure: ""FAILED_TO_FETCH_VALIDATE_NSXT_SERVICE_DEPLOYMENTS_INPUT" or "UNABLE_TO_GET_INPUT_FOR_NSXT_CONFIGURATION"

To resolve 

  1. Take snapshot of SDDC Manager VM
  2. Remove subtnp=false in SDDC Manager properties
    1. SSH into the SDDC Manager via the vcf user and su to root.
    2. Either edit or create the /home/vcf/feature.properties file and add/edit the following line: 
      vi /home/vcf/feature.properties
    3. Remove the below line 
      feature.vcf.subtnp=false
    4. Save and exit 
      esc > :wq!
  3. Turn ON policy APIs
    1. Update file /etc/vmware/vcf/domainmanager/application-prod.properties with following entry: 
      vi /etc/vmware/vcf/domainmanager/application-prod.properties
    2. Press i for insert mode
    3. Delete the below line 
      nsxt.base.version.policy=4.2.0.0.0-0
    4. Save and exit 
      esc > :wq!
    5. Restart domainmanager by running following command: 
      systemctl restart domainmanager
    6. Check that domainmanager is active by running following command: 
      systemctl status domainmanager

Retry stretch in SDDC and the compatibility concern should now be resolved

If the error persists after following these steps, contact Broadcom Support for further assistance.

Please provide the below information when opening a support request with Broadcom for this issue

  • The error that is appearing in the UI and backend also include the following logs - SDDC, vCenter, ESXi host, and NSX

Powered by Wolken Software