SSP: NDR activation failed in air-gap mode at 68%
search cancel

SSP: NDR activation failed in air-gap mode at 68%

book

Article ID: 413744

calendar_today

Updated On:

Products

VMware vDefend Firewall VMware vDefend Firewall with Advanced Threat Prevention

Issue/Introduction

NDR activation failed  in air-gap mode at 68% 

 

Environment

SSP 5.0

Cause

 we need to  execute the bash script from SSPI to  activate NDR in air-gap mode as per the steps mentioned in the below document to set the airgap mode as False .

Configuring Network Detection and Response for the Air-Gap Environment   

we can verify airgap mode status by executing below  commands 

export KUBECONFIG=/config/clusterctl/1/workload.kubeconfig 

kubectl -n nsxi-platform describe cronjob nsx-metadata-service-load-feed-cronjob | grep AIRGAP

AIRGAP:                        true   >> airgap mode should display here as False 

Script failed at SSPI with the  below  error when we executed script on SSPI and issue is due  formatting issue in the script: the following line was split across multiple lines, causing the failure:

${NAPPK[@]} patch cronjob nsx-metadata-service-load-feed-cronjob -p '{"spec":{"jobTemplate":{"spec":{"template":{"spec":{"containers":[{"name":"nsx-metadata-load-feed-job","env":[{"name":"AIRGAP","value":"true"}]}]}}}}}}'
Due to the script failure, airgap mode was not enabled in the cronjob, causing the UI activation to remain stuck at 68% while checking for internet connectivity. 

 

failed script execution output wil be similar to the below lines: 

Error from server (Bad Request): invalid character '\n' in string literal 

Failed to enable airgap mode 

 

 

 

 

Resolution

Resolution

  1. Wait for the UI activation process to fail at 68%.
  2. Delete the NDR instance from the UI.
  3. Open the enable_ndr_airgap_mode.sh script (located on the SSPI) and correct the formatting issue mentioned in the Cause section.

     Ensure that the following line is not split across multiple lines and the entire command must appear as one continuous line.

    ${NAPPK[@]} patch cronjob nsx-metadata-service-load-feed-cronjob -p '{"spec":{"jobTemplate":{"spec":{"template":{"spec":{"containers":[{"name":"nsx-metadata-load-feed-job","env":[{"name":"AIRGAP","value":"true"}]}]}}}}}}'

    4. Re-execute the corrected script from the SSPI to enable NDR in air-gap mode.

    5. Verify successful execution using the following command:

export KUBECONFIG=/config/clusterctl/1/workload.kubeconfig
kubectl -n nsxi-platform describe cronjob nsx-metadata-service-load-feed-cronjob | grep AIRGAP

         The output should display:

AIRGAP: false

6. Once verification is complete, re-initiate the NDR activation from the UI.

 

Powered by Wolken Software