Remove Host Task struck at 10% , it completes after 8 hours.
Article ID: 411527
Updated On:
Products
Issue/Introduction
Vpxd log:
YY-MM-DDT10:03:44.389Z info vpxd[06205] [Originator@6876 sub=TrustedInfrastructure.HostConfig opID=m4gvmp07-13427821-auto-7zsz2-h5:71735704-db] Succesfully deleted issuer with alias 'https://VC_FQDN/openidconnect/vsphere.local'
YY-MM-DDT18:03:44.470Z error vpxd[2794517] [Originator@6876 sub=TrustedInfrastructure.HostConfig opID=m4gvmp07-13427821-auto-7zsz2-h5:71735704-db] Http response code: 504
YY-MM-DDT18:03:44.472Z error vpxd[2794517] [Originator@6876 sub=TrustedInfrastructure.HostConfig opID=m4gvmp07-13427821-auto-7zsz2-h5:71735704-db] Failed to read from: http://VC_FQDN/acs/t/CUSTOMER/jwks
Environment
Esxi 8.X
Vcenter 8.x
Cause
Timeout issue related to the JWKS endpoint on vCenter server, which is listening on port 10114.
-
The JWKS (JSON Web Key Set) endpoint is used for token validation in authentication flows.
-
The timeout indicates that the service took too long to respond, possibly due to:
-
High load
-
Network latency
-
Insufficient timeout configuration
-
Resolution
Validate Health service status of vidb and restart Service
Do a ssh to VC and check
service-control --status vc-ws1a-broker
Restart Vcenter service.
Additional Information
Regarding VMware Identity Single Container Service:
-
It supports identity federation, including integration with Microsoft Entra ID (formerly Azure AD) and other external identity providers.
-
It runs as a containerized service inside the vCenter Server Appliance (VCSA).
Feedback
