2018年3月24日 星期六

vCenter Appliance problem occurred on installation / Unable to connect to vCenter Single Sign-On: Failed to connect to SSO




Install VMware-VCSA-all-6.5.0-5973321 get error can try the following link tips














Source from : https://cstan.io/?p=8962&lang=en





Short tip: vCenter Server 6.5 UI installer: Failed to connect to SSO



UI-Installer SSO Error
UI-Installer SSO Error
When deploying vCenter Server 6.5 recently, I stumbled upon an issue that I was able to reproduce for the versions 6.5c and 6.5d. When deploying the appliance using the vCSA UI installer, the second stage always crashed with an error like this:
Unable to connect to vCenter Single Sign-On: Failed to connect to SSO; uri:https://st-vcsa03.stankowic.loc/sso-adminserver/sdk/vsphere.local
When analyzing the erroneous appliance I saw the following lines in the system protocol:
vmware-stsd[1762]: has address 127.0.0.1. Request for http://localhost:7080/afd failed after 10 seconds. Status: /usr/bin/curl status. Response: 000. Host: localhost has address 127.0.0.1. Request for http://localhost:7080/afd failed after 10 seconds. Status: /usr/bin/curl status. Response: 000. ...
It seems like the VMware Identity Management service, which is essential for SSO, could not be started – as a result, the installation crashes. I was able to reproduce this effect on multiple ESXi hosts and virtualized environments – so it was not an issue in my local environment. In the VMware board I stumbled upon an interesting post that matched this effect. It also named an workaround that fixed the problem for me.

Workaround

The vCSA installation consists of two stages. While the first stage simply deploys the OVA template, the second stage automatically configures the services. If errors occur during the second stage, the appliance is erroneous and needs to be re-deployed – so creating a snapshot at this stage is basically a good idea.
The assistant of the second stage needs to be filled. Before starting the configuration process, the appliance command-line needs to be accessed – e.g. using the VM console or SSH (which needs to be enabled first using the VM console). Enter the following commands:
> shell
# echo "::1 localhost.localdom localhost" >> /etc/hosts
This extends the local host resolution by an IPv6 entry. It seems that some SSO components are communication internally over IPv6 – even if an IPv4-onlyconfiguration was made:
# netstat -tulpen|grep idm
tcp6 0 0 :::36922 :::* LISTEN 0 17387 1603/vmware-sts-idm
tcp6 0 0 127.0.0.1:12721 :::* LISTEN 0 18267 1603/vmware-sts-idm
Without this entry, the localhost entry cannot be resolved into an IPv6 address forcing the installation to crash. Don’t remove this entry after the installationas SSO won’t start again – as a result, vCenter Server will not start either.





FINAL the above tips can't solve my case...

My Environment DNS is point to domain controller that is MS Windows 2003 SBS server and it does not support IPv6, so i think my problem is cause by my Win2003 SBS Server, i tried turn off all IPv6 for all computer, firewall and VMs but still got same problem on vCenter instal...



Final i install Windows 2012 R2 and become a Domain Controller with DNS server then all equipment DNS point to my Windows 2012 R2 and all IPv6 just let it on with DHCP, it works~~~~,  i can install the vCenter Appliance....



Remark : 
IPv6 just let it on and dynamic assign ip is ok, no need to static the IPs or create DHCP server for support IPv6, just like IPv4 if final no DHCP server all IPv4 will also using 169.xxx.xxx.xxx and all can communicate together.

If you firewall support IPv6, i think just point all equipment DNS to firewall also can solve this problem, this is my third times for install vCenter and got this problem, the first time install all DNS is point to Windows 2008 R2 and the second times is all DNS point to pfsense firewall, just this time all DNS is point to Windows 2003 Server and this DNS not support IPv6 only.

沒有留言:

張貼留言