vSAN witness partitioned after moving to new vCenter
Article ID: 416268
Updated On:
Products
Issue/Introduction
After moving a cluster with a stretch cluster a new vCenter the witness is not joining the cluster.
vSAN health shows multiple alarms including vSAN cluster partition for the witness and an alarm for Data-in-transit encryption
under the details for the vSAN cluster partition the witness may be listed twice with one entry showing in the correct partition and the other showing in a different partition.
Environment
vSAN (witness)
Cause
Data-in transit encryption is not matching on all hosts, This causes the hosts to not be able to fully form a cluster due to one or more hosts requiring data to be encrypted over the network.
Resolution
Navigate to the cluster's Configure tab, go to vSAN > Services, click Edit under Data Services, and then enable the Data-In-Transit encryption toggle switch.
Once the cluster has finished applying the setting, Disable or leave Enabled based off your environment.
Additional Information
This is similar to the behavior in KB vSAN witness node partitioned after an upgrade of vCenter to 7.0u3f, 7.0u3g, or 7.0U3h with Data-In-Transit Encryption enabled
For additional information on troubleshooting a Witness Appliance being partitioned form a vSAN cluster see vSAN Witness appliance partitioned from the stretched cluster
Feedback
