Receiving "Invalid Credentials" error with NSX-T datasource when vIDM is used an authentication method in Aria Operations for Networks.
search cancel

Receiving "Invalid Credentials" error with NSX-T datasource when vIDM is used an authentication method in Aria Operations for Networks.

book

Article ID: 417698

calendar_today

Updated On:

Products

VCF Operations for Networks

Issue/Introduction

  • Receiving "Invalid Credentials" error with NSX-T datasource in Aria Operations for Networks.
  • vIDM is used an authentication method for NSX data source. This kind of authentication will intermittently fail.
  • In collector logs /var/log/arkin/collector/collector.STDOUT-yyyy-mm-dd-hh.mm.ss.log.error:

INFO impl.dataprovider.AbstractDPOperationsManager DataProviderManager::healthCheck getHealthStatus:514 DPHealthStatus: dpId {
  dataProviderIdentifier: "NSXT_nsx_manager_fqdn"
  customerId: xxxxx

DPTaskStatus
{
        taskId='com.vnera.dataproviders.core.impl.vmware.nsxt.tasks.NSXTLatencyStateWatcher'
        collectedDataType=CONFIG
        taskExecType=SCHEDULED
        isSuccess=false
        timestamp=xxxxxxxxxxx
        errorCode='INVALID_CREDENTIALS'
        errorMessage='com.vnera.dataproviders.core.common.impl.dataprovider.utils.exceptions.HttpException: Could not get response for /policy/api/v1/infra/sites/default/enforcement-points/default/transport-zones/xxxx-xxxx-xxxx-xxxx, status 403
        at com.vnera.dataproviders.core.common.impl.dataprovider.utils.HttpUtils.checkCodeAndThrow(HttpUtils.java:54)
        at com.vnera.dataproviders.core.common.impl.dataprovider.utils.HttpUtils.checkStatusAndThrow(HttpUtils.java:34)
        at com.vnera.dataproviders.core.common.impl.dataprovider.utils.HttpUtils.checkStatusAndThrow(HttpUtils.java:23)
        at com.vnera.dataproviders.core.impl.vmware.nsxt.tasks.NSXTUtils.setPolicyTransportZones(NSXTUtils.java:1680)
        at com.vnera.dataproviders.core.impl.vmware.nsxt.tasks.ManageNSXTPolicyLatencyTask.enableLatencyTransportZone(ManageNSXTPolicyLatencyTask.java:196)
        at com.vnera.dataproviders.core.impl.vmware.nsxt.tasks.ManageNSXTPolicyLatencyTask.lambda_configureTransportZones_0(ManageNSXTPolicyLatencyTask.java:97)
        at java.base/java.util.concurrent.ConcurrentHashMap_KeySetView.forEach(ConcurrentHashMap.java:4706)
        at com.vnera.dataproviders.core.impl.vmware.nsxt.tasks.ManageNSXTPolicyLatencyTask.lambda_configureTransportZones_1(ManageNSXTPolicyLatencyTask.java:82)
        at java.base/java.util.concurrent.ConcurrentHashMap_KeySetView.forEach(ConcurrentHashMap.java:4706)
        at com.vnera.dataproviders.core.impl.vmware.nsxt.tasks.ManageNSXTPolicyLatencyTask.configureTransportZones(ManageNSXTPolicyLatencyTask.java:81)
        at com.vnera.dataproviders.core.impl.vmware.nsxt.tasks.NSXTLatencyStateWatcher.process(NSXTLatencyStateWatcher.java:103)
        at com.vnera.dataproviders.core.impl.vmware.nsxt.tasks.NSXTLatencyStateWatcher.doRun(NSXTLatencyStateWatcher.java:78)
        at com.vnera.dataproviders.core.common.impl.dataprovider.tasks.AbstractTask.run(AbstractTask.java:165)
        at com.vnera.dataproviders.tasker.Tasker_ScheduledTaskWrapper.run(Tasker.java:486)
        at com.google.common.util.concurrent.MoreExecutors_ScheduledListeningDecorator_NeverSuccessfulListenableFutureTask.run(MoreExecutors.java:678)
        at java.base/java.util.concurrent.Executors_RunnableAdapter.call(Executors.java:539)
        at java.base/java.util.concurrent.FutureTask.runAndReset(FutureTask.java:305)
        at java.base/java.util.concurrent.ScheduledThreadPoolExecutor_ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:305)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
        at java.base/java.util.concurrent.ThreadPoolExecutor_Worker.run(ThreadPoolExecutor.java:635)
        at java.base/java.lang.Thread.run(Thread.java:840)
'
        taskData={timeTaken=2, healthMsgPayload=, healthMsgPayloadKey=NSX_LATENCY_STATUS}
}

INFO vmware.nsxt.NSXTDPOperationsManager_NSXTHealthStatusConverter DataProviderManager::healthCheck convertDPStatusToUnhealthyIfAnyTaskHasError:865 Task id: com.vnera.dataproviders.core.impl.vmware.nsxt.tasks.NSXTLatencyStateWatcher
INFO vmware.nsxt.NSXTDPOperationsManager_NSXTHealthStatusConverter DataProviderManager::healthCheck convertDPStatusToUnhealthyIfAnyTaskHasError:866 Task error code: INVALID_CREDENTIALS
INFO vmware.nsxt.NSXTDPOperationsManager_NSXTHealthStatusConverter DataProviderManager::healthCheck convertDPStatusToUnhealthyIfAnyTaskHasError:892 Set health status as unhealthy for nsx: NSXT_nsx_manager_fqdn

Environment

Aria Operations for Networks

Cause

vIDM is not supported as an authentication method for NSX data sources in Aria Operations for Networks.

Resolution

Configure NSX manager data sources using local user account or principal identity authentication.

If credentials need to be changed, follow the workaround to resolve any issue with metrics not collecting after 2 hours post-change:

  1. Open Accounts and Data Sources;
  2. In the row for the NSX-T Manager data source for which metrics are not collecting:
    Toggle Data Collection "OFF"
    Toggle Data Collection "ON"

Additional Information

Review Add VMware NSX-T Manager to see supported authentication methods and other considerations.
Per KB 388529 NSX-T manager data source credentials have been changed and now no metrics are collecting in Aria Operations for Networks, turning off and on the data source will force a reconnection when the validation has failed due to this issue.

Powered by Wolken Software