ESXi host compliance check in vSphere Lifecycle Manager fails with "Host Status is Unknown" due to DNS resolution failure
search cancel

ESXi host compliance check in vSphere Lifecycle Manager fails with "Host Status is Unknown" due to DNS resolution failure

book

Article ID: 408424

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

  • Checking ESXi host compliance during an upgrade via vSphere Lifecycle Manager (vLCM), the process fails with the following status in the vSphere Client: Host Status is Unknown

  • Subsequent UI errors indicate that cluster remediation has failed and compliance information is unavailable:
    • Remediation skipped for all hosts
    • Remediation of cluster failed
    • <HOSTNAME> - Skipped remediation for this host
    • Skipped host '<HOSTNAME>' because its compliance information is unavailable. Please check the host status.
    • A failure occurred when starting a host compliance check operation on host '<HOSTNAME>' : Error: com.vmware.vapi.std.errors.not_allowed_in_current_state Messages: com.vmware.esx.task.contention<Another task is in progress. Please retry later.>

  • Reviewing the /var/run/log/lifecycle.log on the affected ESXi host reveals name resolution failures when the host attempts to download metadata from the vCenter Server depot:
    lifecycle [<PID>] : Downloader: 214 Download failed: <urlopen error [Errno -3] Temporary failure in name resolution>, 5 retry left ...
    lifecycle [<PID>] : Downloader: 214 Download failed: <urlopen error [Errno -3] Temporary failure in name resolution>, 4 retry left ...
    lifecycle [<PID>] : Downloader: 214 Download failed: <urlopen error [Errno -3] Temporary failure in name resolution>, 3 retry left ...
    lifecycle [<PID>] : DepotCollection: 379 Could not download from depot at http://<VC_IP>\:9084/vum/repository/hostupdate/ micro-depot vendor-vmw_metadata-167 index

  • Reviewing the /var/log/vmware/vmware-updatemgr/vum-server/vmware-vum-server.log on the vCenter Server shows a corresponding task contention error:
    YYYY-MM-DDTHH:MM:SS info vmware-vum-server [Originator@6876 sub=Activation] [activationValidator 370] Leave Validate. Succeeded for integrity.VcIntegrity.probe on target: Integrity.VcIntegrity
    YYYY-MM-DDTHH:MM:SS info vmware-vum-server [Originator@6876 sub=SsoClient] Successfully acquired token: SamlToken [subject={Name: vpxd-extension-#######-####-####-#####; Domain:vsphere.local}, groups=[{Name: Users; Domain:vsphere.local}, {Name: SolutionUsers; Domain:vsphere.local}, {Name: SystemConfiguration.Administrators; Domain:vsphere.local}, {Name: ComponentManager.Administrators; Domain:vsphere.local}, {Name: LicenseService.Administrators; Domain:vsphere.local}, {Name: ActAsUsers; Domain:vsphere.local}, {Name: ServiceProviderUsers; Domain:vsphere.local}, {Name: vStatsGroup; Domain:vsphere.local}, {Name: AnalyticsService.Administrators; Domain:vsphere.local}, {Name: Everyone; Domain:vsphere.local}], delegationChain=[], startTime=YYYY-MM-DD HH:MM:SS, endTime=YYYY-MM-DDTHH:MM:SS, renewCount=0, delegableCount=10, isSolution=true, type=Saml_HOK]
    YYYY-MM-DDTHH:MM:SS info vmware-vum-server[134888] [Originator@6876 sub=Telemetry] [TelemetryManager 261] Sending telemetry data: {"@type":"pman_error_report","taskId":"ED###-#####-####-#####-########|######-######-####-#####","entityId
    ":"########-#####-#######-######|host #####,"parentTaskId":"","errorMessageId":"com.vmware.vcIntegrity.lifecycle.HostScan.TaskApiError","errorMessage":"A failure occurred when starting a host compliance check operation on host 'FDQN' : Error:\n   com.vmware.vapi.std.errors.not_allowed_in_current_state\nMessages:\n   com.vmware.esx.task.contention<Another task is in progress. Please retry later.>\n","errorTime":"YYYY-MM-DDTHH:MM:SS"}\

  • Name resolution errors are not observed in the vCenter Server vpxd logs, as the ESXi hostname is statically defined in the vCenter Server /etc/hosts file.

Environment

  • VMware vSphere ESXi 7.x
  • VMware vSphere ESXi 8.x

Cause

  • This issue occurs due to a Domain Name System (DNS) resolution failure on the affected ESXi host. This prevents the host from successfully resolving the vCenter Server hostname to download the required update metadata from the vSphere Lifecycle Manager depot.

Resolution

  • To resolve this issue, verify and correct the DNS configuration on the affected ESXi host to ensure it can successfully resolve the vCenter Server.
    • Connect to the affected ESXi host via SSH or the local ESXi Shell.

    • Verify the configured DNS servers by inspecting the resolv.conf file:
      • cat /etc/resolv.conf

    • Alternatively, use ESX CLI to verify DNS server configuration:
      • esxcli network ip dns server list

    • Ensure the nameserver entries listed are correct and reachable from the host.

    • Test name resolution from the ESXi host to the vCenter Server using the nslookup or ping command:
      • nslookup <VC_FQDN>
    • If the DNS servers are incorrect or missing, update the DNS configuration via the vSphere Client, the ESXi Host Client, or the command line.

    • Once the ESXi host can successfully resolve the vCenter Server, retry the compliance check or cluster remediation task in vSphere Lifecycle Manager.

Additional Information

DNS解決の失敗により、vSphere Lifecycle Manager での ESXiホスト コンプライアンス チェックが「Host Status is Unknown」で失敗する

Powered by Wolken Software