VMware Aria

 View Only

 Aria Suite lifecycle manger SDDC manager deployment fail

Jump to  Best Answer
Michael Wang's profile image
Michael Wang posted Oct 09, 2024 04:40 AM
Hi all, 
I am trying to deploy Aria Suite Lifecycle with SDDC manager.
On deployment process, it stuck at this step "Request and Configure VMware Aria Suite Lifecycle SSL Certificate". 
 
And from SDDC manager's log output, it shows 
"Request and Configure VMware Aria Suite Lifecycle SSL Certificate Failed 10/9/24, 2:28 AM
Beginning of Expandable row content Screen reader table commands may not work for viewing expanded content, please use your screen reader's browse mode to read the content exposed by this button
Description Request and Configure VMware Aria Suite Lifecycle SSL Certificate
Progress Messages Replacing VMware Aria Suite Lifecycle certificates failed.
Error
 
Message: Replacing VMware Aria Suite Lifecycle certificates failed.
 
Remediation Message: Check if the Jumbo frames between SDDC Manager network and the VMware Aria Suite Lifecycle network are enabled and if the required ports listed at https://ports.esp.vmware.com are open.
 
Reference Token: A8RT7Q
 
Cause: InvalidArgument (com.vmware.vapi.std.errors.invalid_argument) => { messages = [LocalizableMessage (com.vmware.vapi.std.localizable_message) => { id = com.vmware.certificateauthority.invalidargument, defaultMessage = The CSR input specified is invalid (Certificate Signing Request value is blank), args = [Certificate Signing Request value is blank], params = <null>, localized = <null> }], data = <null>, errorType = INVALID_ARGUMENT }"
 
 
I put more log as attachment in "vcf.zip" 
the log path is "vcf/domainmanager/domainmanager.log"
 
 
My environment is
VCF: version 5.2,
AVN: Overlay-backed NSX segment
 
Kindly help me to resolve this issue.
Attachment  View in library
vcf.zip 31.09 MB
Kai Schwender's profile image
Broadcom Employee Kai Schwender posted Nov 25, 2024 03:16 AM  Best Answer

Most likely this error is due to a MTU mismatch between Host TEP and Edge TEP VLAN. Both VLANs including the routing device in between must be jumbo frames enabled/activated. Bear in mind that the Aria Suite LCM is connected to a NSX overlay segment for which the traffic is Geneve encapsulated. Therefore the payload incl. packet headers exceed 1500 MTU on transit from Tier-0 GW towards LCM appliance.

Gunnar Ahlen's profile image
Gunnar Ahlen posted Nov 01, 2024 09:26 AM

Hi, have you found any resaon or resolution to tis issue? I ran into simmular issue.

Michael Wang's profile image
Michael Wang posted Nov 26, 2024 10:30 PM

Hi Kai Schwender,

After discussion with my colleague, we found that because I was using VyOS as virtual router.

I did set port as jumbo frame, and I assume that it has the ability to route via VyOS in Jumbo Frame.

"set interfaces ethernet eth1 mtu 9000"

It run in to error.

But we found that we did not set "vif" as jumbo frame.  (It is the main cause!)

After I type this in every VLAN

"set interfaces ethernet eth1 vif 1631 mtu 9000"

"set interfaces ethernet eth1 vif 1632 mtu 9000"

..

..

..

commit 

save

and rerun the deployment, the deployment success!

Thanks for your big help!

Kai Schwender's profile image
Broadcom Employee Kai Schwender posted Nov 27, 2024 01:57 AM

I'm glad I could help. Thanks for letting us know the VyOS steps that needed to be done.