Enabling vSphere HA on a vSAN cluster fails with "This host has no port groups enabled for vSphere HA communication"
search cancel

Enabling vSphere HA on a vSAN cluster fails with "This host has no port groups enabled for vSphere HA communication"

book

Article ID: 425483

calendar_today

Updated On:

Products

VMware vCenter Server VMware vSphere ESXi VMware vSAN

Issue/Introduction

  • The vSphere High Availability (HA) cluster configuration fails with the error message: "This host has no port groups enabled for vSphere HA communication"
  • The vSphere HA agent fails to initialize on any available ESXi host/s within the cluster, resulting in the failure of the ESXi host Master/Slave election process.
  • The ESXi host(s) within the vSAN cluster have a valid Management Network (vmk0); however, vSAN-tagged VMkernel interface remains missing/unconfigured.
  • The vCenter server /var/log/vmware/vpxd/vpxd.log confirms that vSphere HA fails to initialize as the cluster cannot identify a valid VMkernel interface for heartbeat traffic: 

    yyyy-mm-ddThh:mm:ss.Z error vpxd[06###] [Originator@6876 sub=DAS opID=minnu5b1-31936-auto-on5-h5:70005660-fc-03-01] No networks for host [vim.HostSystem:host-####,<hostname>.example.com] in vSAN cluster
    yyyy-mm-ddThh:mm:ss.Z info vpxd[06###] [Originator@6876 sub=MoHost opID=minnu5b1-31936-auto-on5-h5:70005660-fc-03-01] VC state for host host-#### (uninitialized -> retry), FDM state (UNKNOWN_FDM_HSTATE -> UNKNOWN_FDM_HSTATE), src of state (null -> null)
    yyyy-mm-ddThh:mm:ss.Z info vpxd[06###] [Originator@6876 sub=DAS opID=minnu5b1-31936-auto-on5-h5:70005660-fc-03-01] While cleaning up DAS config for host [vim.HostSystem:host-####,<hostname>.example.com], found 1 unprotected vms
    yyyy-mm-ddThh:mm:ss.Z info vpxd[06###] [Originator@6876 sub=vmomi.soapStub[610] opID=FdmMonitor-domain-c####-5636####] SOAP request returned HTTP failure; <<io_obj p:0x00007f94b03a48a8, h:70, <UNIX ''>, <UNIX '/var/run/envoy-hgw/hgw-pipe'>>, /hgw/host-####/fdm>, method: login; code: 503(Service Unavailable); fault: (null)
    yyyy-mm-ddThh:mm:ss.Z error vpxd[06###] [Originator@6876 sub=Vmomi opID=FdmMonitor-domain-c####-5636####] Failed to login on host; <</hgw/host-####>, /fdm>, N7Vmacore4Http13HttpExceptionE(HTTP error response: Service Unavailable)
    yyyy-mm-ddThh:mm:ss.Z warning vpxd[06###] [Originator@6876 sub=Vmomi opID=FdmMonitor-domain-c####-5636####] Got vmacore exception when invoking VMOMI method; <</hgw/host-####>, /fdm>, csi.FdmService.retrieveClusterInfo, N7Vmacore4Http13HttpExceptionE(HTTP error response: Service Unavailable)
    yyyy-mm-ddThh:mm:ss.Z info vpxd[06###] [Originator@6876 sub=vmomi.soapStub[611] opID=FdmMonitor-domain-c####-5636####] SOAP request returned HTTP failure; <<io_obj p:0x00007f94b0105da8, h:70, <UNIX ''>, <UNIX '/var/run/envoy-hgw/hgw-pipe'>>, /hgw/host-####/fdm>, method: login; code: 503(Service Unavailable); fault: (null)
    yyyy-mm-ddThh:mm:ss.Z error vpxd[06###] [Originator@6876 sub=Vmomi opID=FdmMonitor-domain-c####-5636####] Failed to login on host; <</hgw/host-####>, /fdm>, N7Vmacore4Http13HttpExceptionE(HTTP error response: Service Unavailable)
    yyyy-mm-ddThh:mm:ss.Z warning vpxd[06###] [Originator@6876 sub=Vmomi opID=FdmMonitor-domain-c####-5636####] Got vmacore exception when invoking VMOMI method; <</hgw/host-####>, /fdm>, csi.FdmService.GetAbout, N7Vmacore4Http13HttpExceptionE(HTTP error response: Service Unavailable)
    yyyy-mm-ddThh:mm:ss.Z error vpxd[06###] [Originator@6876 sub=HostUpgrader opID=FdmMonitor-domain-c####-5636####] Failed to get fdm aboutInfo from host-####: N5Vmomi5Fault17HostCommunication9ExceptionE(Fault cause: vmodl.fault.HostCommunication

Environment

  • VMware vCenter Server 8.0.x
  • VMware vCenter Server 7.0.x
  • VMware vSphere ESXi 8.0.x
  • VMware vSphere ESXi 7.0.x
  • VMware vSAN

Cause

  • The failure was caused by the absence of a VMkernel interface enabled for 'vSAN' on the ESXi hosts within the vSAN cluster. Without this specific port group, the Fault Domain Manager (FDM) cannot establish a communication path, which prevents the Master/Slave election - even if the Management Network remains functional.
  • Once vSAN is activated, vSphere HA automatically routes inter-agent traffic over the vSAN storage network by default. vCenter server will only revert to the Management Network if vSAN is explicitly deactivated cluster-wide. In this case, because vSAN remained enabled, VCSA prioritized a vSAN storage network that was not actually configured on the host networking.

Resolution

To resolve this issue, ensure the vSAN VMkernel network is correctly configured and tagged on every host in the cluster.

  • Verify vSAN VMkernel Port:
    • Navigate to the ESXi host in the vSphere Client.
    • Go to Configure > Networking > VMkernel adapters.
    • Ensure there is a VMkernel adapter (e.g., vmk1) dedicated to vSAN-tagged VMkernel interface.
  • Check Traffic Tags:
    • Select the vSAN VMkernel adapter and click Edit.
    • Ensure the vSAN checkbox is selected under "Enabled services."
  • Reconfigure HA:
    • Once the vSAN network is verified, navigate to the ESXi host.
    • Right-click the cluster and select vSphere HA > Reconfigure for vSphere HA.
  • Test Connectivity:
    • Ensure that all hosts can ping each other over the vSAN network (MTU consistency is critical).

While vCenter server automatically selects the heartbeat network, the process failed here due to missing vSAN VMkernel configurations. Please ensure the vSAN service is fully deactivated at the cluster level if it is not intended for use.

Additional Information

Reference Documentation:

Powered by Wolken Software