• When attempting to perform a Brownfield import of an existing vCenter Server 8.x during a VMware Cloud Foundation (VCF) 9.x installation, the process fails with below error in UI:

  Import operation for convert with id ########-####-####-####-############ failed internally. Command was python3 /opt/vmware/vcf/domainmanager/scripts/vcf-import-tool/vcf_brownfield.py convert --auto-proceed --nsx-fqdn <FQDN_OF_NSX_MANAGER> --suppress-warnings --skip-ssh-thumbprint-validation --domain-name <DOMAIN_NAME> --vcenter <FQDN_OF_VCENTER> --sso-user [email protected] --internal-vcf-auth --output-dir /var/log/vmware/vcf/domainmanager/brownfield/########-####-####-####-############/ --non-interactive. Please check the log files located in /var/log/vmware/vcf/domainmanager/brownfield/########-####-####-####-############/ on the SDDC Manager appliance.

   

• The following error is present in the brownfield log file located at /var/log/vmware/vcf/domainmanager/brownfield/<ID>/vcf_brownfield.log:

  [DEBUG] sddc_manager_helper:###: Response from trigger import guardrails: b'{"id":"########-####-####-####-############","link":null,"taskId":"########-####-####-####-############","resourceId":"########-####-####-####-############","resourceType":"BASELINER_DISCOVERY","state":"IN_PROGRESS","description":"Discover SDDC","errors":null,"timestamp":#######,"completionTimestamp":null}'
  [INFO] sddc_manager_helper:###: monitor import guardrails - IN_PROGRESS
  [INFO] sddc_manager_helper:###: monitor import guardrails - COMPLETED
  [INFO] check_domain_reporter:##: ESC[91mTotal checks: 895, Successful checks: 812, Failed checks: 83, Internal errors: 0ESC[00m
  [INFO] check_domain:270: ESC[93mFor more details, please, check:ESC[00mESC[93m
          Failed guardrails YML: ESC[00m/var/log/vmware/vcf/domainmanager/brownfield/########-####-####-####-############/output/guardrails_report_vCenter_FQDN.ymlESC[93m
          Failed guardrails CSV: ESC[00m/var/log/vmware/vcf/domainmanager/brownfield/########-####-####-####-############/output/guardrails_report_vCenter_FQDN.csvESC[93m
          All guardrails CSV: ESC[00m/var/log/vmware/vcf/domainmanager/brownfield/########-####-####-####-############/output/guardrails_report_vCenter-FQDN_all.csv
  [INFO] vcf_brownfield:777: ESC[91mPhase '0. Guardrails' completed with errors:ESC[00m
  [INFO] vcf_brownfield:779: ESC[91m    - Critical guardrails have failed. Operation aborted.ESC[00m

   

• The specific failure details are found in the YAML report at the location /var/log/vmware/vcf/domainmanager/brownfield/########-####-####-####-############/output/guardrails_report_vCenter_FQDN.yml

  - Object Type: host
    Object Name: ESXi_host_fqdn
    Day-N Operation: ESX Upgrade
    Severity Level: WARNING
    Status: VALIDATION_FAILED
    Check Name: VMs not pinned to host
    Description: Check if VMs are not pinned to host
    Details: Detected VMs are pinned to host
    Remediation: Please ensure the host has no pinned VMs or host has no affinity rules for vms.

VCF 9.0.X

• Guardrails checks include VM-to-Host Affinity Rules. If VMs are "pinned" to specific hosts, the guardrail fails because these rules can interfere with automated maintenance mode operations, evacuations, and host upgrades performed by SDDC Manager during future Day-N operations.
• Any VM/Host Rule that does not have another ESXi host available for migrating VMs will prevent a node from entering Maintenance Mode.

To resolve this issue, we can disable the affinity rules that are pinning VM's to specific host's mentioned in the guardrails_report_vCenter_FQDN.yml.

1. Log in to the vSphere Client for the vCenter being imported.
2. Select the Cluster that contains the host's identified in the report.
3. Navigate to the Configure tab.
4. Under Configuration, select VM/Host Rules.
5. Deselect the Enable checkbox to deactivate the rule.
    Note: Do not delete the rule if you intend to re-enable it after maintenance.
6. Repeat for all the rules identified as violating current cluster constraints.
7. Retry the brownfield import again.