When attempting to perform a **Sync Updates** task in vCenter Server Lifecycle Manager (vLCM), the task fails with the following error in the vSphere Client: A general system error occurred: A depot is inaccessible or has invalid contents.
search cancel

When attempting to perform a **Sync Updates** task in vCenter Server Lifecycle Manager (vLCM), the task fails with the following error in the vSphere Client: A general system error occurred: A depot is inaccessible or has invalid contents.

book

Article ID: 435606

calendar_today

Updated On:

Products

VMware vCenter Server VMware SDDC Manager VCF Operations

Issue/Introduction

Symptoms

When attempting to perform a **Sync Updates** task in vCenter Server Lifecycle Manager (vLCM), the task fails with the following error in the vSphere Client:

`A general system error occurred: A depot is inaccessible or has invalid contents. Make sure an official depot source is used and verify connection to the depot.`

 

Log Observations

vCenter Server (/var/log/vmware/vmware-updatemgr/vum-server/imageservice.log):
Errors indicating a failure to parse XML data often return an HTML response instead of XML:
Failed to validate depot: (None, 'Could not parse type XML data: Opening and ending tag mismatch: hr line 5 and body, line 6, column 8')

SDDC Manager (/var/log/nginx/error.log):
Permission denied errors when vCenter attempts to access the UMDS patch store:
open() "/nfs/vmware/vcf/nfs-mount/umds/patch-store/hostupdate/CIS/__hostupdate20-consolidated-metadata-index__.xml" failed (13: Permission denied)

open() "/nfs/vmware/vcf/nfs-mount/umds/patch-store/hostupdate/DEL/__hostupdate20-consolidated-metadata-index__.xml" failed (13: Permission denied)

vCenter CLI Verification:
Running a curl command against the depot URL returns a **403 Forbidden** error:
curl -k https://<SDDC_MANAGER_FQDN>/vmware/vcf/umds/patch-store/hostupdate/CIS/__hostupdate20-consolidated-metadata-index__.xml

root@sddcmanager[ / ]# curl -k https://<SDDC_MANAGER_FQDN>/vmware/vcf/umds/patch-store/hostupdate/CIS/__hostupdate20-consolidated-metadata-index__.xml
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx</center>
</body>
</html>

Environment

VCF 9.0

Cause

The issue occurs because the offline depot directories on the SDDC Manager (located under the NFS mount point) have incorrect ownership and permissions.

Specifically, the directories may be owned by `root:root` with permissions set to `700`, preventing the Nginx web server from accessing and serving the files to vCenter.

Resolution


To resolve this issue, correct the ownership and permissions on the SDDC Manager appliance.

Prerequisites
1. Take a snapshot of the SDDC Manager appliance.
2. Ensure you have root access to the SDDC Manager via SSH.

Procedure

1. Log in to the SDDC Manager as `root` via SSH.
2. Navigate to the host update directory:
   cd /nfs/vmware/vcf/nfs-mount/umds/patch-store/hostupdate/
3. Verify current permissions:
   ls -la
   If directories like CIS, DEL, etc., show root ownership and drwx------ permissions, proceed to the next step.

Example:
root@[ /nfs/vmware/vcf/nfs-mount/umds/patch-store/hostupdate ]# ls -la
total 60
drwxrwxr-x 14 vcf_lcm vcf  4096 Mar 10 06:55 .
drwxrwxr-x  4 vcf_lcm vcf  4096 Mar 10 06:55 ..
drwx------  3 root    root 4096 Mar 10 07:32 CIS
drwx------  3 root    root 4096 Mar 10 07:32 DEL
drwx------  2 root    root 4096 Mar 10 07:32 FJT
drwx------  3 root    root 4096 Mar 10 07:32 FSA
drwx------  3 root    root 4096 Mar 10 07:32 HDS
drwx------  2 root    root 4096 Mar 10 07:32 HEP
-rwxrwxr-x  1 vcf_lcm vcf  3417 Mar 10 07:32 __hostupdate20-consolidated-index__.xml
drwx------  3 root    root 4096 Mar 10 07:32 HPE
drwx------  2 root    root 4096 Mar 10 07:32 HTI
drwx------  2 root    root 4096 Mar 10 07:32 INP
drwx------  3 root    root 4096 Mar 10 07:32 LVO
drwx------  3 root    root 4096 Mar 10 07:32 NEC
drwxrwxr-x  3 vcf_lcm vcf  4096 Mar 10 07:32 vmw

 


4. Apply the following commands to update ownership and permissions recursively:

This command will make changes to your system. Review it carefully before running.

  • chmod -R 755 /nfs/vmware/vcf/nfs-mount/umds/patch-store/hostupdate/
  • chown -R vcf_lcm:vcf /nfs/vmware/vcf/nfs-mount/umds/patch-store/hostupdate/

*** After step 4 ***

root@sddcmanager [ /var/log/nginx ]# ls -la /nfs/vmware/vcf/nfs-mount/umds/patch-store/hostupdate
total 60
drwxr-xr-x 14 vcf_lcm vcf 4096 Mar 10 06:55 .
drwxrwxr-x  4 vcf_lcm vcf 4096 Mar 10 06:55 ..
drwxr-xr-x  3 vcf_lcm vcf 4096 Mar 10 07:32 CIS
drwxr-xr-x  3 vcf_lcm vcf 4096 Mar 10 07:32 DEL
drwxr-xr-x  2 vcf_lcm vcf 4096 Mar 10 07:32 FJT
drwxr-xr-x  3 vcf_lcm vcf 4096 Mar 10 07:32 FSA
drwxr-xr-x  3 vcf_lcm vcf 4096 Mar 10 07:32 HDS
drwxr-xr-x  2 vcf_lcm vcf 4096 Mar 10 07:32 HEP
-rwxr-xr-x  1 vcf_lcm vcf 3417 Mar 10 07:32 __hostupdate20-consolidated-index__.xml
drwxr-xr-x  3 vcf_lcm vcf 4096 Mar 10 07:32 HPE
drwxr-xr-x  2 vcf_lcm vcf 4096 Mar 10 07:32 HTI
drwxr-xr-x  2 vcf_lcm vcf 4096 Mar 10 07:32 INP
drwxr-xr-x  3 vcf_lcm vcf 4096 Mar 10 07:32 LVO
drwxr-xr-x  3 vcf_lcm vcf 4096 Mar 10 07:32 NEC
drwxr-xr-x  3 vcf_lcm vcf 4096 Mar 10 07:32 vmw

5. Return to the vSphere Client and retry the Sync Updates task in Lifecycle Manager. The task should now be completed successfully.

Powered by Wolken Software