After upgrading VMware Cloud Director (vCD) from version 10.3 to 10.5, users lose access to the vCD UI via the AVI Load Balancer VIP.

Administrators may observe the following symptoms:

• The vCD VIP Provider Portal is inaccessible, displaying a "site cannot be reached" error in the browser.

• Browser Developer Tools (Console) display a cross-origin protocol error similar to:

  "Unsafe attempt to load URL https://<vcd-fqdn>/provider from frame with URL chrome-error://chromewebdata/. Domains, protocols, and ports must match."

• In the AVI Load Balancer UI, the VirtualService is marked as DOWN with the failure code: CONNECTION_TIMEOUT ("Cloud configuration failed").

• The backend server nodes (vCD cells) are marked as DOWN in the AVI pool due to an HM vCD Health Monitor failure.

• Reviewing the request logs on the vCD cells (/opt/vmware/vcloud-director/logs/) shows incoming health check requests from the AVI Load Balancer receiving an HTTP 400 Bad Request response.

• VMware Cloud Director 10.5
• NSX Advanced Load Balancer (AVI)

This issue occurs due to a syntax error in the AVI Health Monitor configuration interacting with the updated security architecture of vCD 10.5.

Specifically, the HTTP method in the Health Monitor's 'User Input' field is configured with mixed casing (e.g., Get instead of GET).

vCD 10.5 utilizes updated Jetty/Tomcat embedded servers that strictly enforce HTTP RFC standards to protect against HTTP request vulnerabilities. While older versions (like vCD 10.3) silently forgave non-standard capitalization, the stricter parsing in vCD 10.5 immediately rejects mixed-case or improperly formatted HTTP methods with a 400 Bad Request. Because the health monitor receives a 400 error instead of a 200 OK, the AVI Load Balancer marks the pool members as DOWN, severing access to the UI.

To resolve this issue, you must update the configured request string within the AVI Load Balancer monitor to use standard capitalization.

1. Log in to the AVI Load Balancer administrative interface.

2. Navigate to Templates > Profiles > Health Monitors.

3. Select and edit the specific Health Monitor attached to your vCD Server Pool.

4. Locate the HTTPS section and find the Client Request Header > User Input field.

5. Update the string to use an all-caps GET HTTP method.

Incorrect Configuration (vCD 10.3 compatible, fails in 10.5):

Get /cloud/server_status HTTP/1.0

Corrected Configuration (Required for vCD 10.5+):

GET /cloud/server_status HTTP/1.0

6. Save the Health Monitor configuration.

Once the configuration is saved, the AVI Load Balancer will immediately send the correctly formatted health checks. The vCD cells will respond with an HTTP 200 OK, the server pool will be marked as UP, and access to the vCD UI will be restored.