After a failed upgrade or patching attempt on VMware Identity Manager (vIDM), you revert the appliance(s) back to a previous snapshot. Following the revert, the vIDM cluster fails to start, and users cannot access the service.

Further investigation shows that the load balancer has marked the vIDM server pool as administratively down, actively blocking traffic to the nodes.

This issue is caused by the vIDM nodes failing the load balancer's health checks after the snapshot revert.

During the upgrade attempt, services may have been stopped or altered. When the snapshot is restored, these services (such as the health check endpoint) may not return to a healthy, running state immediately. The load balancer detects this unresponsiveness, correctly identifies the nodes as "unhealthy," and disables the server pool to prevent routing traffic to a non-functional service.

Before beginning the upgrade or patching process, temporarily modify the load balancer's health checks for the vIDM server pool.

Change the health check method from an application-level check (like HTTP or TCP) to a basic network check, such as ICMP (ping).

Note: This change ensures the load balancer only verifies that the server's IP address is online, not that the vIDM application itself is fully functional.  This will prevent the load balancer from marking the nodes as administratively down during the upgrade, a time when services are expected to be temporarily stopped or unresponsive.

Important: After the upgrade is successfully completed and you have verified the vIDM services are running, you must revert the health checks back to their original, recommended settings.

https://www.f5.com/pdf/solution-center/f5-big-ip-vmware-workspaceone-integration-guide.pdf