Unable to update vsan HCL DB manually or online
search cancel

Unable to update vsan HCL DB manually or online

book

Article ID: 393204

calendar_today

Updated On: 04-04-2025

Products

VMware vSAN

Issue/Introduction

++Unable to update vsan HCL DB manually or online getting below error

Error: Failed to replace old HCL DB with new one.

Environment

vSphere 8.x 

Cause

File permission for "vsanvcg.db" file is incorrect resulting error while updating the vsan HCL DB 

SSH to vcenter and navigate to the below log location:
/var/log/vmware/vsan-health/vmware-vsan-health-service.log

2025-04-04T14:36:48.991Z ERROR vsan-mgmt[1173243] [VsanVcClusterHealthSystemImpl::UploadHclDb opID=agw-0005606-a304] Failed to update DB: [Errno 13] Permissi
on denied: '/etc/vmware-vsan-health/vsanvcg.db'
Traceback (most recent call last):
  File "bora/vsan/health/vpxd/pyMoVsan/VsanVcClusterHealthSystemImpl.py", line 12123, in UploadHclDb
  File "bora/vsan/health/vpxd/pyMoVsan/VsanHclUtil.py", line 368, in updateHclDb
PermissionError: [Errno 13] Permission denied: '/etc/vmware-vsan-health/vsanvcg.db'
 


root@vcenter [ /etc/vmware-vsan-health ]# ls -ltrh
total 38M
-rwxr--r-x 1 root root  573 Nov  7 10:56 silent.json
-rw-r--r-- 1 root root  726 Nov  7 10:56 config.conf
drwxr--r-- 3 root root 4.0K Nov  7 10:56 cloudHealthResources
-rwxr--r-x 1 root root 4.3K Nov  7 10:56 vsanhealth.properties
-rwxr--r-x 1 root root 8.2K Nov  7 10:56 vsanhealthcorrelation.json
-rwxr--r-x 1 root root 2.5K Nov  7 10:56 cloudhealthmanifest.json
-rwxr--r-x 1 root root 4.7K Nov  7 10:56 vsanhosthealthmanifest.json
-rwxr--r-x 1 root root 339K Nov  7 10:56 vsanhealthremediation.yaml
-rwxr--r-x 1 root root  19M Nov  7 10:56 vsanvcg.db----> This is incorrect file permission. It should be "vsan-health"
-rwxr--r-x 1 root root  19M Nov  7 10:56 vsanvcg.db.bak
-rwxr--r-x 1 root root 6.7K Nov  7 10:56 vsanhealthstatuschange.json
-rwxr--r-x 1 root root 3.0K Nov  7 10:56 logger.conf
drwxr--r-x 3 root root 4.0K Nov  7 10:56 licenses
-rwxrwxrwx 1 root root  12K Apr  4 14:17 vsan-releases.json


Expected file permission is : 
-rwxr--r-x   1 vsan-health root   20M Apr  1 10:45 vsanvcg.db

Note: Always make sure to validate the file permission from a working vcenter node with exact same version and build number.

Resolution

  • Correct the file ownership for the "owner" of file "vsanvcg.db" using below cmd
    chown vsan-health vsanvcg.db
  • To Verify
    ls -ltrha
    -rwxr--r-x 1 vsan-health root 20M Apr  1 10:45 vsanvcg.db

  • Re-try updating the vsan HCL DB manually or online (provide vCenter has access to internet)
Powered by Wolken Software