Missing Certificates and Passwords in VCF Operations UI
search cancel

Missing Certificates and Passwords in VCF Operations UI

book

Article ID: 440558

calendar_today

Updated On:

Products

VCF Operations

Issue/Introduction

When managing VMware Cloud Foundation (VCF) 9.0.x Operations, users may encounter the following issues:

  • When accessing the VCF Operations admin UI, the cluster status message displays Configuring.

  • Within the VCF Operations admin UI, a Data node or Cloud Proxy remains stuck in a Configuring state indefinitely.

  • In the VCF Operations UI, when navigating to the Password and Certificates section in Fleet Management, no data is visible, even though lifecycle operations appear functional.

  • Attempting to sync VCF Operations in Fleet Manager fails with error code LCMVROPSSYETME25050, even after updating the root password in the Locker.

Environment

  • VMware Cloud Foundation Operations 9.0.x

  • VCF Fleet manager 9.0.x 

Cause

  • A Data node or Cloud Proxy was incorrectly added or failed to join the VCF Operations cluster, leaving the CaSA (Common Appliance Service Architecture) database in an "ADDING" membership state.

  • The Fleet Manager is unable to recognize password certificates or fails to display the management UI for credentials in the 9.0.2 appliance.

Resolution

Follow the steps below to manually remove the stalled node and restore Fleet Manager visibility.

Part 1: Manually Remove the Stalled Node from VCF Operations

  1. Take the VMware Cloud Foundation Operations offline manually:
    • Log in to each VCF Operations node via SSH as root.
    • Run the following command on every node to bring the slice offline:
      $VMWARE_PYTHON_BIN $VCOPS_BASE/../vmware-vcopssuite/utilities/sliceConfiguration/bin/vcopsConfigureRoles.py --action bringSliceOffline --offlineReason "Maintenance"
  2. On all nodes, execute the following block to stop the CaSA service, back up the database script, and force the state to OFFLINE:
    service vmware-casa stop; sleep 10;cp /storage/db/casa/webapp/hsqldb/casa.db.script /storage/db/casa/webapp/hsqldb/casa.db.script.backup;sed -ri 's/"onlineState":"\\w+"/"onlineState":"OFFLINE"/g;s/"initialization_state":"\\w+"/"initialization_state":"NONE"/g;s/"online_state":"\\w+"/"online_state":"OFFLINE"/g;s/"online_state_reason":"\\w+"/"online_state_reason":""/g;s/"remove_node_state":"\\w+"/"remove_node_state":"NONE"/g;s/"installation_state":"\\w+"/"installation_state":"DONE"/g' /storage/db/casa/webapp/hsqldb/casa.db.script;sleep 2; service vmware-casa start;
  3. Take a memory-free snapshot of all nodes (Primary, Replica, Data, and Cloud Proxies) before proceeding.

  4. From the Primary node, use the following curl command to remove the node that is stuck in Configuring status:
    curl -ik -u 'admin:[password]' -X DELETE https://[Primary_Node_IP]/casa/deployment/slice/[Node_To_Remove_IP]
  5. Take the VMware Cloud Foundation Operations Online in the admin interface.

Part 2: Restore missing Certificates and Passwords in Fleet UI

  1. Enable Legacy Locker UI:
    • SSH into the Fleet Manager appliance as root.
    • Execute the following command to enable the UI components:
      touch /var/lib/vrlcm/UI_ENABLED
  2. Sync VCF Ops in Fleet Manager Inventory:
    • Log in to the Fleet Manager UI.
    • Navigate to the VCF Operations environment and trigger a Sync.
    • Verify that certificates and passwords for all components are now visible.
Powered by Wolken Software