NSX installation failing on a vLCM enabled cluster
Article ID: 393803
Updated On:
Products
Issue/Introduction
When using VMware Life Cycle Manager to deploy/upgrade NSX, the deployment of NSX to a host transport node fails after upgrading the host to ESXi 8.x.
Environment
VMware NSX
vSphere 8.x
Cause
Upgrades being facilitated by vLCM require TCP ports 9087 (VMware Update Manager), 80 and 443 to be open from the NSX managers to the vCenter management interface. If port 9087 is not opened, then the vLCM workflows to configure and upgrade Host Transport Nodes will fail.
Note: During the upgrade if you have not allowed these ports:
- There may not be any errors shown.
- The host may become disconnected.
- The host may do a rollback.
- The host may show no distributed switches, with no networking configured.
- The host may show as a standalone host.
- Sometimes vLCM shows an error in the process
- Sometimes vLCM marks the process as completed successfully when it has only handed the process to the NSX Manager.
Resolution
Verify that communication on TCP port 9087 to the vCenter from NSX manager is allowed in firewalls, and smart switches.
To verify if TCP port 9087 is open on the vCenter server from the NSX appliances, the following command can be run from each of the NSX Managers CLI when logged in as root:
nc -zv <vCenter_IP/FQDN> 9087
A successful connection attempt will return: Connection to <vCenter_IP/FQDN> 9087 [tcp/9087] succeeded! if the connection attempt is allowed/open.
Additional Information
For more information on which ports should be open, see VMware Ports and Protocols.
Feedback
