Enabling HA on an Image-Based Cluster Fails with Error: “A failure occurred when starting a host compliance check operation. Another task is in progress”
search cancel

Enabling HA on an Image-Based Cluster Fails with Error: “A failure occurred when starting a host compliance check operation. Another task is in progress”

book

Article ID: 414249

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • HA configuration on an Image-Based Cluster fails with a timeout error.
  • The task to Check the cluster compliance of an Image based cluster is timing out.
  • We can see the following error from the Cluster Image Compliance: Host status is unknown "A failure occurred when starting a host compliance check operation on host <ESXI-FQDN>" : Error:com.vmware.vapi.std.errors.not_allowed_in_current_state Messages: com.vmware.esx.task.contention<Another task is in progress. Please retry later.>



  • As per /var/run/log/lifecycle.log on one of the ESXi host shows that there are name resolution failures as shown below:
    lifecycle [#####] : Downloader: 214 Download failed: <urlopen error [Errno -3] Temporary failure in name resolution>, 3 retry left ...
    lifecycle [#####]: Downloader: 214 Download failed: <urlopen error [Errno -3] Temporary failure in name resolution>, 2 retry left ...
    lifecycle [#####]: Downloader: 214 Download failed: <urlopen error [Errno -3] Temporary failure in name resolution>, 1 retry left ...
  • Running nslookup for the vCenter Server FQDN from an ESXi host returns a failure or timeout.

Environment

  • VMware vCenter server 8.x
  • VMware vSphere ESXi 8.x

Cause

  • This issue occurs because the ESXi host is unable to resolve the vCenter Server FQDN due to DNS configuration issues. The outgoing DNS client traffic does not include the correct IP address for the DNS servers, preventing communication with the configured DNS servers.

Resolution

Update the firewall configuration on all ESXi hosts in the cluster to allow outgoing DNS traffic: 

  • Login to the vSphere web client.
  • Select the ESXi host and click on Monitor.
  • Select the firewall option under the system section.
  • Select the outgoing connection and click on edit.
  • Add the DNS server's IP in the allowed IP address section for DNS client and click save.
  • Repeat above steps for all the ESXi hosts in the cluster.
  • Enable the vSphere HA. Refer Disabling and enabling VMware vSphere High Availability (vSphere HA)

NOTE: The ESXI firewall rules can be configured using the VMware host client as well. Refer Add Allowed IP Addresses for an ESXi Host by Using the VMware Host Client

Powered by Wolken Software