Skip to main content

vCloud vApp fail to start with error "Edge deployment failed on host as the message bus infra on the host is not green"


Recently, we faced an issue when starting a vApp in the org due to an error " Edge deployment failed on host host-33 as the message bus infra on the host is not green. Please call API to re-sync the message bus and after successful re-sync, try edge installation., error code 10921"

This issue is completely from the ESXi / NSX end and there is no issue in the vCloud director. But this issue severely affects the power-on opeation for the Tenants in the vcloud director.
Error stack :
++++++++++++++++++++++++++++++++++++++++++++++++++++
[ 3455c8b1-d86f-4ee1-b982-d99f2737a5a3 ] Internal Server Error
 - java.util.concurrent.ExecutionException: com.vmware.ssdc.util.LMException: Unable to start vApp "Test-01".
 - com.vmware.ssdc.util.LMException: Unable to start vApp "Test-01".
 - Unable to start vApp "Test-01".
 - Unable to deploy network "Fence(urn:uuid:577df80b-f352-45f3-9739-8819fae1a02a)".
com.vmware.vcloud.common.network.VsmException: Edge deployment failed on host host-33 as the message bus infra on the host is not green. Please call API to re-sync the message bus and after successful re-sync, try edge installation., error code 10921
 - com.vmware.vcloud.common.network.VsmException: Edge deployment failed on host host-33 as the message bus infra on the host is not green. Please call API to re-sync the message bus and after successful re-sync, try edge installation., error code 10921
 - Edge deployment failed on host host-33 as the message bus infra on the host is not green. Please call API to re-sync the message bus and after successful re-sync, try edge installation., error code 10921
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
Edge deployment failed on host host-33 as the message bus infra on the host is not green


The error clearly indicates that there was a problem with the message bus infra agent (vsfwd) on the esxi host on which the NSX edge for the vApp was getting deployed.  It is must that the Message Bus Infra on the host should be up and running on the esxi for NSX Edge deployment.

To know the status of firewall agent ( vsfwd-message bus) , Go to Networking & Security --> Installtion--> Click on the cluster --> Actions --> Communication channel health,
Communication-Channedl-health









Login into the host which is showing the firewall agen is down and run the following commad to make sure the firewall agent is down,
Verify if VSFWD is configured and the output should display the NSX Manager IP address.
Affcted host:
[root@Test-esx85:/var/log] esxcfg-advcfg -g /UserVars/RmqIpAddress 
Value of RmqIpAddress is unset 
Working host:
[root@Test-esx45:~] esxcfg-advcfg -g /UserVars/RmqIpAddress 
Value of RmqIpAddress is 192.168.110.1  [NSX manager IP]

Verify the VSFWD connectivity to the RabbitMQ broker. Run this command on ESXi hosts to see a list of connections from the vsfwd process on the ESXi host to the NSX Manager.
Affcted host:
[root@Test-esx85:/var/log] esxcli network ip connection list | grep 5671 
[NO OUTPUT]
Working host:
[root@Test-esx45:/var/log] esxcli network ip connection list | grep 5671 
tcp 0 0 192.168.110.51:29969 192.168.110.15:5671 ESTABLISHED 35505 newreno vsfwd
tcp 0 0 192.168.110.51:29968 192.168.110.15:5671 ESTABLISHED 35505 newreno vsfwd
There should be at least two connections on port 5671.But there can be more connections on port 5671 as there are NSX Edge virtual machines deployed on the ESXi host which also establish connections to the RMQ broker.
And also you can get the list of host which has issues from the NSX manager Dashboard under Firewall Publish Status
Host-message-infra-down-firewall-timeout









There are two solutions for this issue,
1) Run the message bus sync API call for the cluster using the API POST https://<NSX-IP>/api/2.0/nwfabric/configure?action=synchronize
Request Body:
<nwFabricFeatureConfig>
<featureId>com.vmware.vshield.vsm.messagingInfra</featureId>
<resourceConfig>
<resourceId>{HOST/CLUSTER MOID}</resourceId>
</resourceConfig>
</nwFabricFeatureConfig>
2) Collect the support bundle from the ESXi host / NSXM/ vCenter server and  Reboot the ESXi host which shows the firewall agent down.after disabling it in the vCloud Director.
After fixing the message bus validate the status using, Networking & Security --> Installtion--> Click on the cluster --> Actions --> Communication channel health, 

Refer : https://kb.vmware.com/s/article/2133897 (Understanding and troubleshooting Message Bus)
Labels:

Comments

  1. UNKNOWNDecember 15, 2020 at 10:24 PM

    Hello I am so delighted I located your blog, I really located you by mistake, while I was watching on google for something else, Anyways I am here now and could just like to say thank for a tremendous post and a all round entertaining website. Please do keep up the great work. error 502 bad gateway fix

    ReplyDelete

Post a Comment

Please leave your valuable comment to improvise the content.

Popular posts from this blog

How to Fix | Virtual SAN Health Alarm 'Performance data collection'' status is Red

Virtual SAN Health Alarm 'Performance data collection'' status is Red vSAN CLuster ==> Monitor ==> Virtual SAN==> Health ==> Performance Service ==> Performance Data Collection==>  Stats Gathering ==>  Failed Stats persistence==> Failed The causes for this error is unknown but there are two fixes available to this issue, 1)  Restarting the vsanmgmtd and vsanvpd service on all the ESXi hosts in the vSAN Cluster.  There is no impact of restarting these two services on the ESXi,  /etc/init.d/vsanmgmtd  restart /etc/init.d/vsanvpd restart Make sure the service is is running state after the restart,  /etc/init.d/vsanmgmtd  status /etc/init.d/vsanvpd status Post restart of the services retest the vsan health , vSAN CLuster ==> Monitor ==> Virtual SAN==> Health==>Retest and the Performance Data Collection should be green. 2) To resolve this issue, re-enable the performance service from...
5 comments
Read more

vSAN Disk group is in "Unhealthy State"

If you are running VMware vSAN 6.0, 6.1 and 6.2 then there is a high chance that you will be seeing this issue with the following RAID controllers, Cisco 12G SAS Modular Raid Controller DELL FD332-PERC (Dual ROC) DELL FD332-PERC (Single ROC) DELL PERC H730 Adapter DELL PERC H730 Mini ==> We are using with Dell R620/630 serves with this RAID controller DELL PERC H730P Adapter  DELL PERC H730P Mini Huawei Technologies Co. Ltd. SR 430C Lenovo ThinkServer RAID 720i AnyRAID Adapter Lenovo ThinkServer RAID 720ix AnyRAID Adapter Lenovo ServeRAID 5210e SAS/SATA Controller Lenovo ServeRAID M5210 SAS/SATA Controller LSI MegaRAID SAS 9361-8i LSI MegaRAID SAS 9362-8i Supermicro SMC3108 But this can happen due to Physical Disk Drive failure and RAID Controllers from above list resetting the Disk Drives. In some scenario only one disk group will go to unhealthy state or all the disk groups will go to unhealthy state on the ESXi host in the vSAN cluster....
1 comment
Read more

How to Fix | Virtual SAN Health - Physical Disk Health Retrieval Issues

Physical Disk Health – Physical Disk Health Retrieval Issues In Virtual SAN cluster, there is one more common issue is the Virtual SAN health test failing to retrieve the Physical Disk Health on an ESXi host.It is informing the administrator that it cannot get physical disk-related information from the ESXi host in question in order to perform a check on the health of the physical disks. If the Virtual SAN management service vsanmgmtd on the ESXi host is nonresponsive then you will encounter this issue, in the vsanmgmt.log you will see the following snippets, ++++++++++++++++++++++++++++++++++++++++++++ [root@esxihost-1:/var/log] cat vsanmgmt.log  2017-11-15T03:08:46Z VSANMGMTSVC: INFO vsanperfsvc[Thread-1] [VsanLsomHealth::getHealthStats] Get issued comps = {}  2017-11-15T03:08:46Z VSANMGMTSVC: WARNING vsanperfsvc[Thread-1] [VsanHealthUtil::InvokeMethod] Invoke: mo=ServiceInstance, info=RetrieveContent  2017-11-15T03:08:46Z VSANMGMTSVC: ERROR vsanperfsvc...
1 comment
Read more

Horizon View Pools stuck in Deleting state

Recently, had an issue with 2 view Desktop Pools that were stuck in Deleting state in horizon view manager. We are running Horizon View 7.2 and this issue happening since View 4.x. Out of 2 Pools, I was able to delete one pool by just removing the VM from Resources-->Machines--> Filtered using Pool name.But when doing the same thing for the TEST-Pool I was getting an error as below, "Machine","Desktop Pool","DNS Name","User","Host","Agent Version","Datastore","Status" "TEST-POOL-046","TEST-POOL","TEST-POOL-046.TEST.LOCAL","","esx3.TEST.LOCAL","Unknown","[TEST-VCENTER1VSAN]","Status:Error Status Errors:Nov 30, 2017 10:38:20 PM PST: Failed to delete VM - null" So I logged in to the connection server and found the following error logs, C:\programdata\vmware\vdm\logs\debug-2017-11-30-221023.txt ++++++++...
Post a Comment
Read more

How to fix | ESXI Virtual SAN Health service installation

I encountered an issue with the ESXi Virtual SAN Health service installation in one of the vSAN cluster, Step 1 : I checked whether all the ESXi hosts are running on the same version or not, VMware ESXi 6.0.0 build-5224934 VMware ESXi 6.0.0 Update 3 on ESX1 VMware ESXi 6.0.0 build-5224934 VMware ESXi 6.0.0 Update 3 on ESX2 VMware ESXi 6.0.0 build-5224934 VMware ESXi 6.0.0 Update 3 on ESX3 VMware ESXi 6.0.0 build-5224934 VMware ESXi 6.0.0 Update 3 on ESX5 VMware ESXi 6.0.0 build-5224934 VMware ESXi 6.0.0 Update 3 on ESX4 They are in the same version so we can go check whether vSAN health VIB  is installed or not. From the KB https://kb.vmware.com/s/article/2109874 , On vSphere 6.0 Update 2 release, none of the other health checks will be conducted until all the hosts are upgraded to 6.0 Update 2 (when running the latest version, vSAN 6.2) release to avoid false alarms.  But we have all the ESXi hosts in ESXi 6.0 Update 3 "Install the vSAN Health Servi...
25 comments
Read more

How to fix | vSAN CLOMD Liveness - Part I

In the following scenarios, you will see the CLOMD service liveness on ESXi hosts, If any of the ESXi hosts are disconnected, the CLOMD liveness state of the disconnected host is shown as unknown .If the Health service is not installed on a particular ESXi host, the CLOMD liveness state of all the ESXi hosts is also reported as unknown. If the CLOMD service is not running on a particular ESXi host, the CLOMD liveness state of one host is abnormal. The Cluster Health – CLOMD liveness check in the vSAN Health Service, and provides details on why it might report an error.This checks if the Cluster Level Object Manager ( CLOMD ) daemon is alive or not. It does so by first checking that the service is running on all ESXi hosts, and then contacting the service to retrieve run-time statistics to verify that CLOMD can respond to inquiries.  CLOMD (Cluster Level Object Manager Daemon) plays a key role in the operation of a vSAN cluster. It runs on every ...
Post a Comment
Read more

vSAN Component Failure State - Degraded vs Absent - Part I

Failure States of Virtual SAN Components: Virtual SAN  handles failures of the host, network and storage devices in the cluster based on the severity of the failure. When these fail they directly affect the components in the  vSAN cluster.  Virtual SAN has 2 types of failure states for components ABSENT and DEGRADED. According to the component state, it uses different approaches to recover the affected components. Degraded: "A component is in degraded state if Virtual SAN detects a permanent component failure and assumes that the component is not going to recover to working state." Absent: "A component is in absent state if Virtual SAN detects a temporary component failure where the component might recover and restore its working state." An ABSENT state may or not resolve itself over time, but a  DEGRADED state is a permanent state. From the above image, left side a disk has been unplugged or offline may be reinserted or brought online, Vir...
Post a Comment
Read more

How to fix | vSAN CLOMD Liveness - Part II (Virtual machine creation failed)

vSAN CLOMD daemon may fail when trying to repair objects with 0 byte components When Cloning a VM from a template from VRA and vCenter vMotion failed with the following errors. And the vApp deployment failed due to the clomd service is failed on the host, Read the importance of clomd here,  https://virtuawisdom.blogspot.in/2017/11/how-to-fix-vsan-clomd-liveness-part-i.html Task Details: Name: clone Status: Cannot complete file creation operation. Start Time: May 30, 2017 5:34:13 AM Completed Time: May 30, 2017 5:35:13 AM State: error Error Stack:  A CLOM is not attached. This could indicate that the clomd daemon is not running.Failed to create the object. Additional Task Details: Error Type: CannotCreateFile Task Id: Task Cancelable: true Canceled: false Description Id: VirtualMachine.clone Event Chain Id: 291778 /var/log/clomd.log +++++++++++++++++++++++++++++++++++++++++++++ 2017-05-25T18:20:12.755Z 26738391 (111018916128)(opID:0)main: Clom...
6 comments
Read more

vCloud Director vApp power on failure due to vim.fault.HAErrorsAtDest

When I was trying to power on a vApp with 12 VMs in vCloud Director the power on operation failed due to one VM was unable to power on the ESXi host with this error "The host is reporting errors in its attempts to provide vSphere HA support" ++++++++++++++++ Underlying system error: com.vmware.vim.binding.vim.fault.HAErrorsAtDest vCenter Server task (moref: task-689) failed in vCenter Server 'TEST-VC1' (73dc8fb7-28d6-41b3-86dd-09126c88aebe). - The host is reporting errors in its attempts to provide vSphere HA support. +++++++++++++++ I was searching for the fault message vim.fault.HAErrorsAtDest and got the information from the http://pubs.vmware.com/, http://pubs.vmware.com/vsphere-6-5/index.jsp?topic=/com.vmware.wssdk.apiref.doc/vim.fault.HAErrorsAtDest.html   Fault Description  The destination compute resource is HA-enabled, and HA is not running properly. This will cause the following problems:  1) The VM will not have HA protection.  ...
Post a Comment
Read more

LogicalSwitch virtualwire-xxxx is marked as missing | NSX

NSX Manager detected a backing DV portgroup for an NSX logical switch is missing in Virtual Center. There was a request to create a port group for a vApp network when deploying a vApp from the vcloud director. But due to some reason the port group was created and removed in the dvsiwtch, and in my case, the vApp was deleted from the vCloud director so the network also removed from the VC and NSX. If  there is an error on the NSX UI follow the below solutions, +++++++++++++++++++++++++++++++++ Dec  6 09:42:00 manager 2017-12-06 09:42:00.597 UTC  INFO DCNPool-1 VirtualWireInFirewallRuleNotificationHandler:58 - Recieved VDN CREATE notification for context virtualwire-33172:VirtualWire Dec  6 09:42:00 manager 2017-12-06 09:42:00.600 UTC  INFO DCNPool-1 VirtualWireDCNHandler:43 - Recieved VDN CREATE notification for context virtualwire-33172:VirtualWire Dec  6 09:42:00 manager 2017-12-06 09:42:00.696 UTC  INFO http-nio-127.0.0.1-7441-exec-917 Net...
Post a Comment
Read more