Attempting to use Auto Deploy to provision ESXi host with VCLM Desired Image and NSX-T fails
search cancel

Attempting to use Auto Deploy to provision ESXi host with VCLM Desired Image and NSX-T fails

book

Article ID: 318726

calendar_today

Updated On:

Products

VMware NSX Networking VMware vCenter Server

Issue/Introduction

Symptoms:
When utilizing Auto Deploy to provision ESXi host to a vSphere Lifecycle Manager (vCLM) Desired Image which has NSX-T configured on it, you experience these symptoms:
  • The ESXi host fails to join the vSphere Distributed Switch which has been configured in NSX-T as part of its Transport Node Profile configuration.
  • The ESXi host fails to join vCenter Server with the error similar to:

    Host cannot be added to the cluster. Stateless host <Host Name> cannot be added to clusters using a single image to manage hosts.
     
  • In the /var/log/syslog.log file on the affect host(s), you see entries similar to:

    2020-07-24T10:58:46Z Host Profiles[1000350314 opID=MainThread]: INFO: Successfully initialized privilege list.
    2020-07-24T10:58:46Z HostProfileManager: 2020-07-24 10:58:46,481 [MainProcess INFO 'root' MainThread] Starting CGI server on stdin/stdout
    2020-07-24T10:58:46Z Host Profiles[1000350314 opID=28ea1be8-05-84-1da1]: INFO: Calling QueryState()
    2020-07-24T10:58:46Z Host Profiles[1000350314 opID=28ea1be8-05-84-1da1]: INFO: State = (vmodl.KeyAnyValue) [    (vmodl.KeyAnyValue) {       dynamicType = <unset>,       dynamicProperty = (vmodl.DynamicProperty) [],       key = 'NSX_INSTALL_OPAQUE_SWITCH_STATUS',       value = (str) [          'OpaqueSwitchProfile'       ]    },    (vmodl.KeyAnyValue) {       dynamicType = <unset>,       dynamicProperty = (vmodl.DynamicProperty) [],       key = 'REAPPLY_REQUIRED',       value = (str) [          'DvsProfile'       ]    },    (vmodl.KeyAnyValue) {       dynamicType = <unset>,       dynamicProperty = (vmodl.DynamicProperty) [],       key = 'NSX_DVS_CONFIG_REQUIRED',       value = (str) [          'DvsProfile'       ]    } ]
    2020-07-24T10:58:46Z Host Profiles[1000350314 opID=28ea1be8-05-84-1da1]: INFO: Cleaned up Host Configuration
    2020-07-24T10:58:46Z Host Profiles[1000350314 opID=28ea1be8-05-84-1da1]: INFO: Returning Host Profile Manager state: (vmodl.KeyAnyValue) [    (vmodl.KeyAnyValue) {       dynamicType = <unset>,       dynamicProperty = (vmodl.DynamicProperty) [],       key = 'NSX_INSTALL_OPAQUE_SWITCH_STATUS',       value = (str) [          'OpaqueSwitchProfile'       ]    },    (vmodl.KeyAnyValue) {       dynamicType = <unset>,       dynamicProperty = (vmodl.DynamicProperty) [],       key = 'REAPPLY_REQUIRED',       value = (str) [          'DvsProfile'       ]    },    (vmodl.KeyAnyValue) {       dynamicType = <unset>,       dynamicProperty = (vmodl.DynamicProperty) [],       key = 'NSX_DVS_CONFIG_REQUIRED',       value = (str) [          'DvsProfile'       ]    } ]

    Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.


Environment

VMware NSX-T Data Center 3.x
VMware NSX-T Data Center
VMware vCenter Server 7.0.x

Resolution

This issue is resolved in VMware NSX-T Data Center 3.1.0, available at VMware Downloads.

Workaround:
To work around this issue if you do not want to upgrade:

Note: Ensure all of your Management VMKernel Interfaces are on VLAN-backed Port Groups on a Distributed Virtual Switch or vSwitch. For more details see: https://storagehub.vmware.com/t/vmware-r-vsan-tm-network-design/nsx/.
  1. Enable stateful install on the ESXi host by navigating to Advanced Configuration Settings >  System Image Cache Profile Settings > Enable stateful installs on the host.
  2. If applicable to your environment, disable the core dump profile by navigating to General System Setting > Core Dump configuration.
  3. Set the "Flag indicating if NSX-T should be enabled on DVS” to false by navigating to Networking configuration > vSphere distributed Switch > the DVS name used within the NSX-T transport node profile.
  4. Disable the lockdown profile under Security and Services > Security Setting > Security > Lockdown mode.
  5. If NSX-T is not configured on the VDS, use a NSX-T Virtual Distributed Switch (N-VDS) in your transport node profile. No VMkernel adapter should reside on an NSX logical port group on the VDS.
  6. Retry to provision the ESXi host.
Note: Even after you complete these steps, the Host Profile for the cluster might display as non-compliant since NSX-T is enabled on the host, but not on the VDS. You can ignore the warning. Alternatively, you can re-set "Flag indicating if NSX-T should be enabled on DVS” to true. However, you must set the flag to false each time you use Auto Deploy to provision an ESXi host on that cluster.

Powered by Wolken Software