Analysis of the nsx-syslog.log on the affected ESXi host reveals a socket.gaierror:

Failed to connect to <NSX-Manager-FQDN> port 443: [Errno -2] Name or service not known

Node registration failed: 'NSX Manager API certificate is not valid: curl_wrapper: (28) Failed to connect to <NSX-Manager-FQDN> port 443'

This error confirms that the curl_wrapper used by the NSX installation script cannot translate the FQDN into an IP address.

VMware NSX

The ESXi host is unable to resolve the NSX Manager's FQDN during the "join management-plane" phase. While the host may have basic IP connectivity, the NSX registration process specifically requires successful DNS lookups to validate certificates and establish a secure connection.

The issue is typically caused by an incorrectly configured or unreachable DNS server on the ESXi host's management network.

1. Correct DNS Configuration: Ensure the ESXi host is configured with the correct DNS server IPs that hold the records for the NSX infrastructure.

   • Navigate to Host > Configure > Networking > TCP/IP configuration.

   • Edit the Default stack to update DNS settings.

2. Verify Resolution: From the ESXi command line, ensure nslookup <NSX_Manager_FQDN> returns the correct IP.

3. Retry Installation: * In the NSX Manager UI, go to System > Fabric > Nodes > Host Transport Nodes.

   • Select the failed host and click Resolve or Re-install.

To confirm if your host is experiencing this specific DNS issue, perform the following:

1. SSH into the affected ESXi host.

2. Attempt to ping the NSX Manager using its IP address: ping <NSX_Manager_IP> (This should succeed).

3. Attempt to ping the NSX Manager using its FQDN: ping <NSX_Manager_FQDN> (This will likely fail with "Name or service not known").

4. Check the configured DNS servers on the host: esxcli network ip dns server list