Aria operations for Logs admin alert 'vCenter Kubernetes Service event collection failed'
search cancel

Aria operations for Logs admin alert 'vCenter Kubernetes Service event collection failed'

book

Article ID: 415511

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

  • Aria Operations for Logs intermittently triggers alert about vCenter Kubernetes Service event collection:

    This alert is about your VMware Aria Operations for Logs installation on https://<vcenter-ip-or-fqdn>/
    vCenter Kubernetes Service event collection failed triggered at YYYY-MM-DDTHH:MM:SS.425Z
    Event collection from vCenter Kubernetes Service failed for the following host:
    <vcenter-ip-or-fqdn>
    This message was generated by your VMware Aria Operations for Logs installation, visit the Documentation Center for more information.

  • The /storage/core/loginsight/var/plugins/vsphere/li-vsphere.log in Aria Operations for Logs contains below messages:

    [YYYY-MM-DDTHH:MM:SS+0000] ["pool-7-thread-1"/<node-ip> ERROR] [com.vmware.loginsight.scheduled.ScheduledPluginService] [Unable to collect vSphere WCP events]
    java.lang.Exception: {"messages":[{"args":[],"default_message":"An unexpected error occurred during authorization.","id":"vcenter.wcp.authorization.general"}]

  • The /var/log/vmware/wcp/wcpsvc.log in vCenter Server contains below messages:

    YYYY-MM-DDTHH:MM:SS.421Z warning wcp [vcrestlib/helper.go:176] [opID=wcp-AuthzFilter] Request to service failed; POST, url: http://localhost:1080/rest/com/vmware/cis/authz/privilege?~action=batch-has-privileges, Code: 500, Body: '{"type":"com.vmware.vapi.std.errors.internal_server_error","value":{"error_type":"INTERNAL_SERVER_ERROR","messages":[{"args":["com.vmware.cis.authz.privilege.batch_has_privileges"],"default_message":"Error in aggregator invocation of provider method: com.vmware.cis.authz.privilege.batch_has_privileges","id":"vapi.provider.aggregator.invokemethod.exception"}]}}'

  • The /var/log/vmware/vapi/endpoint/endpoint.log in vCenter Server contains below messages:

    YYYY-MM-DDTHH:MM:SS.420Z | ERROR | sso1                      | ProviderAggregation            | adf3324a-620f-98b6-b3b5-50bf38809437 | Error while invoking operation 'com.vmware.cis.authz.privilege.batch_has_privileges'
    java.lang.RuntimeException: Cannot load session
    Caused by: com.vmware.vapi.endpoint.sso.StsException: Call to STS failed
    Caused by: com.vmware.vim.sso.client.exception.InvalidTokenRequestException: Request is invalid: ns0:InvalidRequest: Cannot continue delegation chain

Environment

Aria Operations for Logs 8.18.x

Resolution

To workaround the issue, disable the collection of WCP service by following vCenter collections alerts are generated daily and Timeout while waiting for vSphere in Aria Operations for Logs

Powered by Wolken Software