Recommendation job fails with error - Lack of cluster capacity

search cancel

Recommendation job fails with error - Lack of cluster capacity

book

Article ID: 426234

calendar_today

Updated On:

Products

VMware vDefend Firewall with Advanced Threat Prevention

Issue/Introduction

NSX Intelligence recommendation job fails with below error -
Recommendation cannot be scheduled due to lack of cluster capacity. Please retry the recommendation after trying any/all of the following based on your use case -
1) shorten the analysis time interval
2) Use port filters to exclude certain ports from re-run settings
3) Create Services beforehand with wider port ranges so that less rules are generated
4) if applicable, try reducing the number of computes or groups for which you are generating recommendation. If that is not possible, please increase cluster capacity by adding more worker nodes.
Details: not enough Memory: 28290Mi needed, cluster capacity: available{ cpu: 12905m, memory: 26136Mi }, allocatable{ cpu: 59745m, memory: 221732Mi }

Environment

NAPP 4.2 and older

Cause

NSX Application Platform features - MPS, NDR were activated in addition to Security Intelligence and Metrics with only 3 worker nodes.

Resolution

- Please note that when Malware Prevention and Network Detection services are enabled, a minimum of 4-5 worker nodes is required. You can find further details in the system requirements documentation here:

https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/vdefend/vmware-nsx-application-platform/4-2/deploying-and-managing-the-nsx-application-platform/deployment-requirements-for-napp/nsx-application-platform-system-requirements.html

- To determine the recommended number of worker nodes based on the flow count across monitored hosts in your network, please use the NAPP sizing tool available at this link: https://knowledge.broadcom.com/external/article/373793/security-intelligence-sizing-tool.html

Feedback

thumb_up Yes

thumb_down No