VCF Deployment fails at "Configure Base Install Image Repo" showing Failed to import {0} metadata in SDDC Manager API Reference Token: XXXXX
search cancel

VCF Deployment fails at "Configure Base Install Image Repo" showing Failed to import {0} metadata in SDDC Manager API Reference Token: XXXXX

book

Article ID: 436034

calendar_today

Updated On:

Products

VMware SDDC Manager

Issue/Introduction

During a VMware Cloud Foundation (VCF) deployment, bring-up fails at the "Configure Base Install Image Repo in SDDC Manager" step. The UI displays the error: Failed to import {0} metadata in SDDC Manager API Reference Token.

The following errors are observed in the /var/log/vmware/vcf/domainmanager/domainmanager.log on the VCF Installer: Could not get external tasks for execution ID <########> Rollback failed for configure base install repo task

Simultaneously, the following error is observed in the /var/log/vmware/vcf/commonsvcs/commonsvcs.log on the SDDC Manager: [token XXXXX] LOCAL_ACCOUNT_LOCKED Local account is locked.

Environment

VMware Cloud Foundation 9.0.x


Cause

A previously failed deployment execution is persistently retained in the VCF Installer's database. This stale execution repeatedly attempts to query the newly deployed SDDC Manager API using an outdated password. These continuous authentication failures lock the admin@local account on the SDDC Manager. Subsequent valid deployment tasks fail during their post-validation API invocations due to the lockout.

Resolution

To resolve this issue, clear the stale execution and reset the account lockout state:

  1. Log in to the VCF Installer appliance via SSH and switch to the root user (su -).

  2. Access the PostgreSQL database for the Domain Manager: psql -h localhost -U postgres domainmanager

  3. Delete the stale execution ID causing the lockout (replace <####> with the exact execution ID found in your domainmanager.log API exception): delete from execution where id='<CATEGORY_REDACTED>';

  4. Type \q to exit the database prompt.

  5. Log in to the newly deployed SDDC Manager appliance via SSH and switch to the root user (su -).

  6. Restart the Common Services daemon to clear the account lockout: systemctl restart commonsvcs

  7. Wait 3-5 minutes for the service to fully initialize.

  8. Return to the VCF Installer UI and retry the failed deployment task.

Additional Information

Ensure no other automated scripts or monitoring tools are polling the SDDC Manager with incorrect credentials during the bring-up phase, as this will result in similar lockout conditions.

Powered by Wolken Software