Upgrade of VMware Aria Automation 8.18.1 to 9.0 fails at Step 6 with error LCMVSPHERECONFIG1000095
search cancel

Upgrade of VMware Aria Automation 8.18.1 to 9.0 fails at Step 6 with error LCMVSPHERECONFIG1000095

book

Article ID: 428180

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

When upgrading VMware Aria Automation from version 8.18.1 to 9.0.x, the upgrade task fails during Step 6. The failure occurs during the services platform cluster bootstrap process.

You may observe the following symptoms in the VMware Aria Suite Lifecycle UI or logs:

  • The upgrade status shows a failure at Step 6.

  • Error Code: LCMVSPHERECONFIG1000095.

  • On the Fleet Management machine, in /var/log/vrlcm/vmsp_bootstrap_xxxxx.log, you see repeated authentication failures:

    Error: error: 403 Forbidden
Error: failed to connect with vCenter: ServerFaultCode: Cannot complete login due to an incorrect user name or password.

  • Validation errors regarding datastore connectivity (though no issue seen in vCenter):

    ERROR : Not all ESXi Hosts in the cluster [...] are connected to the datastore Datastore:datastore-##.
ERR:INIT0001 - Validating configuration

Environment

VCF Automation 9.0

Cause

This issue is caused by insufficient permissions assigned to the vSphere service account used by VMware Aria Suite Lifecycle.

Specifically, the account lacks the necessary privileges to manage global permissions or validate storage configurations across the ESX hosts during the bootstrap of the new services platform cluster required for version 9.0.x.

Resolution

To resolve this issue, you must add the missing permissions to the vSphere service account:

  1. Log in to the vSphere Client with administrative privileges.

  2. Navigate to Administration > Single Sign-On > Users and Groups.

  3. Verify the credentials for the service account used in the Aria Suite Lifecycle environment.

  4. Navigate to Administration > Access Control > Global Permissions.

  5. Ensure the service account is assigned a role (such as Administrator or a highly privileged custom role) that includes:

    • Content Library - ALL

    • Datastore - ALL

    • Global - ManageCustomAttributes

    • Global - SetCustomAttribute

    • Host - Configuration - Storage partition configuration

    • Host - Configuration - Change settings

    • Host - Local Operations - Add Host to vCenter

    • Host - Local Operations - Create Virtual Machine

    • Host - Local Operations - Delete Virtual Machine

    • Host - Local Operations - Reconfigure Virtual Machine

    • Network - Assign Network

    • Permissions - ModifyPermissions

    • Permissions - ModifyRole

    • Resource - Assign vApp to resource pool

    • Resource - Assign virtual machine to resource pool

    • ServiceAccountManagement - ALL

    • VM Storage Policies - View VM storage policies

    • vApp - ALL

    • Virtual Machines - ALL

  6. In VMware Aria Suite Lifecycle, navigate to the failed Request and click Retry.

Powered by Wolken Software