Deployment of VCFA from Fleetmgmt fails with error 'deployment timed out: context deadline exceeded' Error Code : 'LCMVMSP10002'
search cancel

Deployment of VCFA from Fleetmgmt fails with error 'deployment timed out: context deadline exceeded' Error Code : 'LCMVMSP10002'

book

Article ID: 410338

calendar_today

Updated On:

Products

VCF Automation

Issue/Introduction

New deployment or redeployment of VCF Automation from Fleet Management fails with the following error in the UI: deployment timed out: context deadline exceeded. Error Code: 'LCMVMSP10002'

Review of the vrlcm.log shows a failure during the package push task:

2025-09-09T13:38:58.235Z ERROR vrlcm[1231] [pool-3-thread-88] [c.v.v.l.v.p.t.VmspPkgPushTask] – VMSP based product deployment failed
2025-09-09T13:38:58.529Z INFO vrlcm[1231] [pool-3-thread-88] [c.v.v.l.p.a.s.Task] – Injecting task failure event. Error Code : 'LCMVMSP10002', Retry : 'true', Causing Properties :
{ CAUSE :: }
com.vmware.vrealize.lcm.vmsp.common.exception.DeploymentFailedException: No failed pods found.

Additional snippets with a shortname resolution failure:

INFO vrlcm[1325] [pool-3-thread-4] [c.v.v.l.u.SshUtils] -- Executing process with command :: [nslookup, shortname, #.#.#.#]
INFO vrlcm[1325] [pool-3-thread-4] [c.v.v.l.u.SshUtils] -- DNS output: ;; got servfail reply from #.#.#.#
INFO vrlcm[1325] [pool-3-thread-4] [c.v.v.l.u.SshUtils] -- DNS output: server: #.#.#.#
INFO vrlcm[1325] [pool-3-thread-4] [c.v.v.l.u.SshUtils] -- DNS output: address: #.#.#.##53
INFO vrlcm[1325] [pool-3-thread-4] [c.v.v.l.u.SshUtils] -- DNS output:
INFO vrlcm[1325] [pool-3-thread-4] [c.v.v.l.u.SshUtils] -- DNS output: ** server can't find shortname: servfail
INFO vrlcm[1325] [pool-3-thread-4] [c.v.v.l.u.SshUtils] -- DNS output:
INFO vrlcm[1325] [pool-3-thread-4] [c.v.v.l.d.c.t.ValidationUtils] -- DNS resolution with dns #.#.#.# failed for hostName shortname

In the vmsp-operator console logs, the system indicates an inability to pull required packages from the repository with the shortname in the URL of the productBinariesRepo and possible certificate errors:

/services-logs/vmsp-platform/vcfa-#####/vmsp-operator-##########-#####/vmsp-operator/console-log-<datetime>.log

2025-09-09T15:19:58.297734498Z stderr F {"level":"info","ts":"2025-09-09T15:19:58Z","logger":"bundle_controller","msg":"pulling packages","bundle":{"name":"vra","namespace":"prelude"}}
2025-09-09T15:19:58.298943017Z stderr F 2025/09/09 15:19:58 [DEBUG] GET https://<fleetmgmt_FQDN>/repo/productBinariesRepo/vra/9.0.0.0/install/vra.tar
2025-09-09T15:19:58.311359882Z stderr F 2025/09/09 15:19:58 [ERR] GET https://<fleetmgmt_FQDN>/repo/productBinariesRepo/vra/9.0.0.0/install/vra.tar request failed: Get "https://<fleetmgmt_FQDN>/repo/productBinariesRepo/vra/9.0.0.0/install/vra.tar": tls: failed to verify certificate: x509: certificate is valid for <<Fleetmgmt_shortname>>, not <fleetmgmt_FQDN>
2025-09-09T15:19:58.314479642Z stderr F {"level":"error","ts":"2025-09-09T15:19:58Z","logger":"bundle_controller","msg":"failed to process packages","bundle":{"name":"vra","namespace":"prelude"},"error":"failed to download: GET https://<fleetmgmt_FQDN>/repo/productBinariesRepo/vra/9.0.0.0/install/vra.tar giving up after 1 attempt(s): Get \"https://<fleetmgmt_FQDN>/repo/productBinariesRepo/vra/9.0.0.0/install/vra.tar\": tls: failed to verify certificate: x509: certificate is valid for <<Fleetmgmt_shortname>>, not <fleetmgmt_FQDN>"

Environment

VCF Operations 9.0
VCF Automation 9.0

Cause

  • The certificate was issued for <<Fleetmgmt_shortname>> instead of the fully qualified domain name (FQDN) <fleetmgmt_FQDN>.
    • For example, it was valid for <<fleetmgmt>>, not <fleetmgmt.rainpole.com>.
  • The system was deployed with shortname and the guest operating system for the Fleet manager is reporting as a shortname through VMTools.

Resolution

Procedure

  • Redeploy fleet manager:
    1. Un-register VCF Operations for Logs and VCF Operations for Network from Fleet Management, and un-register Fleet Management from the VCF Operations Admin Page.
    2. Rework DNS entries to ensure all entries are lowercase. Verify that nslookup resolves both the short name and FQDN.
    3. Redeploy Fleet Management and register it again.
    4. Import VCF Operations, VCF Operations for Logs, and VCF Operations for Network.
    5. Reconfigure Depot to download the binaries for VCF Automation.
    6. Create a new certificate.
    7. Redeploy VCF Automation using the correct certificate with DNS reflecting correctly in lowercase.

Additional Information

Refer to https://techdocs.broadcom.com/us/en/vmware-cis/vcf/vcf-9-0-and-later/9-0/fleet-management/certificate-management-9-0.html

Powered by Wolken Software