Sync Inventory under VCF Operations 9.x for a Brownfield deployment fails with error: Import operation for sync with id ########-####-####-####-############ failed internally.
search cancel

Sync Inventory under VCF Operations 9.x for a Brownfield deployment fails with error: Import operation for sync with id ########-####-####-####-############ failed internally.

book

Article ID: 431933

calendar_today

Updated On:

Products

VCF Operations

Issue/Introduction

  • When performing a Sync Inventory or a Brownfield import in VMware Cloud Foundation (VCF) Operations 9.x, the process fails during the guardrail validation phase.
  • In the VCF Operations UI, the following error message is displayed:



  • Under the SDDC Manager's /var/log/vmware/vcf/domainmanager/domainmanager.log, the following log snippets are found:

    YYYY-MM-DDTHH:MM:SS INFO [vcf_dm, ###############,####] [c.v.v.v.s.b.r.BrownfieldRunnerService, dm-exec-##]  raise DomainSyncException(ErrorMessages. GUARDRAILS_SYNC_FAILURE_CRITICAL_FOR_DOMAIN. format(domain_id))
    YYYY-MM-DDTHH:MM:SS INFO [vcf_dm, ###############,####] [c.v.v.v.s.b.r.BrownfieldRunnerService, dm-exec-##] common. common_exceptions. DomainSyncException: Could not proceed with sync operation since domain with Id: ########-####-####-####-############ has failed guard rails. This would leave SDDC Manager in a unconforming state Retry the sync operation after fixing guard rails warnings.
    YYYY-MM-DDTHH:MM:SS ERROR [vcf_dm,###############,####] [c.v.v.v.s.b.r.BrownfieldRunnerService,dm-exec-##] Brownfield process failed with exit value 1 for operation sync with id ########-####-####-########
    YYYY-MM-DDTHH:MM:SS.894+0000 ERROR [vcf_dm,###############,####] [c.v.e.s.o.model.error.ErrorFactory,dm-exec-##] [TOKEN] IMPORT_OPERATION_FAILED Import operation for sync with id ########-####-####-######## failed internally. Command was python3 /opt/vmware/vcf/domainmanager/scripts/vcf-import-tool/vcf_brownfield.py sync -- domain-name mgmt -- skip-ssh-thumbprint-validation -- internal-vcf-auth -- import-edge-clusters -- accept-edge-password-reset -- output-dir /var/log/vmware/vcf/domainmanager/brownfield/########-####-####-########/ -- non-interactive. Please check the log files located in /var/log/vmware/vcf/domainmanager/brownfield/########-####-####-########/ on the SDDC Manager appliance
    com. vmware. evo.sddc.orchestrator. exceptions. OrchTaskException: Import operation for sync with id ########-####-####-######## failed internally. Command was python3 /opt/vmware/vcf/domainmanager/scripts/vcf-import-tool/vcf_brownfield.py sync -- domain-name mgmt -- skip-ssh-thumbprint-validation -- internal-vcf-auth -- import-edge-clusters -- accept-edge-password-reset -- output-dir /var/log/vmware/vcf/domainmanager/brownfield/########-####-####-########/ -- non-interactive. Please check the log files located in /var/log/vmware/vcf/domainmanager/brownfield/########-####-####-########/ on the SDDC Manager appliance

  • Under /var/log/vmware/vcf/domainmanager/brownfield/########-####-####-####-############/output/guardrails_report_vCenter.example.com_all.csv, below log snippets are found:

    "VcManager","vCenter.example.com","Import","INFO","VALIDATION_SUCCESSFUL","vCenter Server no NSX-V Manager present","Check that the vCenter Server does not have an NSX-V Manager connected to it", "No NSX-V Manager connected to the vCenter was found as expected",""
    "VcManager","vCenter.example.com","Import","INFO","VALIDATION_SUCCESSFUL","vCenter Server no VxRail extension present","Check that the vCenter Server does not have a VxRail extension registered","No VxRail extension found for this vCenter Server",""
    "vCenter SSH Login enabled", "Check if SSH Login is enabled on vCenter", "SSH Login is disabled on vCenter", "Please enable SSH Login on vCenter"
    "VcManager","vCenter.example.com","Import","INFO","VALIDATION_SUCCESSFUL","vCenter Server virtual machine distributed virtual port group and traffic type check","Check if the vCenter Server virtual machine is connected to a distributed virtual port group associated with
    management or vm management traffic type", "Successfully validated that the vCenter Server virtual machine is connected to a distributed virtual port group associated with management traffic type",""

Environment

VCF Operations 9.x

Cause

The failure is caused by the SSH Login service being disabled on the target vCenter Server.

Resolution

To resolve this issue, follow below steps:

Step 1: Enable SSH on vCenter Server

  1. Log in to the vCenter Server Appliance Management Interface (VAMI) (e.g., https://vcenter-fqdn:5480).
  2. Navigate to Access.
  3. Click Edit in the top-right corner.
  4. Toggle Enable SSH login to On.
  5. Click OK.

Step 2: Retry Sync Inventory

  1. Log in to the VCF Operations UI.
  2. Navigate to Inventory > VCF Instances.
  3. Select the affected Workload Domain.
  4. From the Actions menu, select Sync Inventory.
  5. Monitor the task to ensure it completes successfully.

Note: If SSH is already showing as enabled but the check continues to fail, the SSH service may be unresponsive. In such cases, restart the SSH service via the VAMI or reboot the vCenter Server appliance.

Additional Information

  • VCF Operations 9.x utilizes a "Guardrails" mechanism during inventory synchronization to ensure the environment meets specific configuration standards.
  • SSH access to the vCenter Server is a mandatory requirement for the vcf_brownfield.py script to complete the synchronization and data collection tasks.
Powered by Wolken Software