Monthly Archives: January 2020

vRA 8.0 header

vRSLCM – Replacing vRA key fails with “Failed to apply License key – LCMVRAVACONFIG590007”

The vRA evaluation license in my homelab had failed, and trying to log in, I was hitting a 402 error.

vRA license expired 402 error

When replacing the license using vRealize LifeCycle Manager, I received the below errors. This happens because the license key has already expired.

Error Code: LCMVRAVACONFIG590007
Failed to apply License key. Please check whether the license provided is correct and retry.
Failed to get vRA License Key.

LCMVRAVACONFIG590007 Failed to apply License key

The Fix

The fix for this is to re-apply the license using the vRA CLI directly on your vRA node. As per the below commands, and then re-inventory your vRA deployment in vRSLCM and finally Retrust with Identity Manager.

###### To check the current license ######

vracli license

###### To remove the license ######

vracli license remove {license key}

###### To add a new license ###### 

vracli license add {license key}

Below are the options to finalise the configuration in vRSLCM.

vRA license expired 402 error Retrust with Identity Manager

The Logs

For those of you who are interested in the log output, and for search engines to track;

Error log from vRSLCM UI as in above screenshot

com.vmware.vrealize.lcm.common.exception.EngineException: Failed to get vRA License Key. at com.vmware.vrealize.lcm.plugin.core.vra80.task.VraVaReplaceLicenseTask.execute(VraVaReplaceLicenseTask.java:134) at com.vmware.vrealize.lcm.automata.core.TaskThread.run(TaskThread.java:45) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748)

From the log bundle of vRSLCM

INFO  [pool-2-thread-5] c.v.v.l.d.v.h.VraPreludeInstallHelper -  -- Command to be run : vracli -j license
INFO  [pool-2-thread-5] c.v.v.l.d.v.h.VraPreludeInstallHelper -  -- PRELUDE ENDPOINT HOST :: sc-dc1-vra001.simon.local
INFO  [pool-2-thread-5] c.v.v.l.d.v.h.VraPreludeInstallHelper -  -- COMMAND :: vracli -j license
INFO  [pool-2-thread-5] c.v.v.l.u.SshUtils -  -- Executing command --> vracli -j license
INFO  [pool-2-thread-5] c.v.v.l.u.SshUtils -  -- exit-status: 0
INFO  [pool-2-thread-5] c.v.v.l.u.SshUtils -  -- Command executed sucessfully
INFO  [pool-2-thread-5] c.v.v.l.d.v.h.VraPreludeInstallHelper -  -- Command Status code :: 0 , Output :: {"status_code": 0, "output_data": [{"key": "XXXX-XXXX-XXXX-XXXX", "productName": null, "valid": false, "expirationDate": null, "error": "License expired"}], "error": "", "logs": {"asctime": "2020-01-28T12:55:43Z+0000", "name": "vracli", "processName": "MainProcess", "filename": "license.py", "funcName": "__get_license_result", "levelname": "INFO", "lineno": 325, "module": "license", "threadName": "MainThread", "message": "Running license command: check-serial --serial-number \"XXXX-XXXX-XXXX-XXXX\"", "timestamp": "2020-01-28T12:55:43Z+0000"}}

INFO  [pool-2-thread-5] c.v.v.l.p.c.v.t.VraVaReplaceLicenseTask -  -- Result of fetching License : null
ERROR [pool-2-thread-5] c.v.v.l.p.c.v.t.VraVaReplaceLicenseTask -  -- Failed to get vRA License Key.
INFO  [pool-2-thread-5] c.v.v.l.p.a.s.Task -  -- Injecting task failure event. Error Code : 'LCMVRAVACONFIG590007', Retry : 'true', Causing Properties : '{ CAUSE ::  }' 
com.vmware.vrealize.lcm.common.exception.EngineException: Failed to get vRA License Key.
	at com.vmware.vrealize.lcm.plugin.core.vra80.task.VraVaReplaceLicenseTask.execute(VraVaReplaceLicenseTask.java:134) [vmlcm-vrapreludeplugin-core-2.1.0-SNAPSHOT.jar!/:?]
	at com.vmware.vrealize.lcm.automata.core.TaskThread.run(TaskThread.java:45) [vmlcm-engineservice-core-2.1.0-SNAPSHOT.jar!/:?]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_221]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_221]
	at java.lang.Thread.run(Thread.java:748) [?:1.8.0_221]

Regards

Dean

LCM Migration vRSLCM Easy installer5

vRealize LifeCycle Manager – New License – Exception while loading DLF

Adding a new license into vRLCM locker fails with;

Exception while loading DLF. Check /var/log/vlcm for more detail

Sorry I didn’t take a screenshot of this in the UI.

In the log file, you will see the error code;

LCMLICENSINGCONFIG11005

Over all the logs are not very helpful;

INFO [pool-2-thread-12] c.v.v.l.p.a.s.Task - -- Injecting task failure event. Error Code : 'LCMLICENSINGCONFIG11005', Retry : 'true', Causing Properties : '{ CAUSE :: }' 
com.vmware.vrealize.lcm.plugin.core.licensing.common.exception.ValidateLicensingException: Exception while loading DLF. Check logs for more detail
at com.vmware.vrealize.lcm.plugin.core.licensing.task.ValidateLicenseTask.execute(ValidateLicenseTask.java:137) [vmlcm-licensingplugin-core-2.1.0-SNAPSHOT.jar!/:?]
at com.vmware.vrealize.lcm.automata.core.TaskThread.run(TaskThread.java:45) [vmlcm-engineservice-core-2.1.0-SNAPSHOT.jar!/:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_221]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_221]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_221]

The Fix

Reboot the vRLCM appliance.

Regards

Dean

VMware Cloud Foundation Header

Nested VCF Lab – Error while creating NFS datastore

Whilst deploying my nested VCF environment for my home lab, I kept hitting the same issue over and over again, even when I rolled the environment back and redeployed it.

VCF bring up error while creating NFS datastore

Error while creating NFS Datastore for host XXX.XXX.XXX.XXX

Looking into the debug log files on the Cloud Builder appliance found in the below location;

vcf-bringup-debug.log /var/log/vmware/vcf/bringup/

You can see basically the same error message, and not much help.

ERROR [c.v.e.s.o.model.error.ErrorFactory,pool-3-thread-7] [TP9EK1] VCF_HOST_CREATE_NFS_DATASTORE_FAILED

And the log ends with the below comments, I’ve left my Task ID numbers in, but obviously these are unique to my bring up;

DEBUG [c.v.e.s.o.c.ProcessingTaskSubscriber,pool-3-thread-7] Collected the following errors for task with name CreateNFSDatastoreOnHostsAction and ID 7f000001-6ed0-12cd-816e-d1f7a33f006f: [ExecutionError [errorCode=null, errorResponse=LocalizableErrorResponse(messageBundle=com.vmware.vcf.common.fsm.plugins.action.hostmessages)]]

DEBUG [c.v.e.s.o.c.ProcessingTaskSubscriber,pool-3-thread-19] Invoking task CreateNFSDatastoreOnHostsAction.UNDO Description: Mount Repository NFS Datastore on ESXi Hosts, Plugin: HostPlugin, ParamBuilder null, Input map: {hosts=SDDCManagerConfiguration____13__hosts, nasDatastoreName=SDDCManagerConfiguration____13__nasDatastoreName, nfsRepoDirPath=SDDCManagerConfiguration____13__nfsRepoDirPath, repoVMIp=SDDCManagerConfiguration____13__repoVMIp}, Id: 7f000001-6ed0-12cd-816e-d1f7a33f006e ...

DEBUG [c.v.e.s.o.c.c.ContractParamBuilder,pool-3-thread-19] Contract task Mount Repository NFS Datastore on ESXi Hosts input: {"hosts":[{"address":"172.18.30.10","username":"root","password":"*****"},{"address":"172.18.30.11","username":"root","password":"*****"},{"address":"172.18.30.12","username":"root","password":"*****"},{"address":"172.18.30.13","username":"root","password":"*****"}],"nasDatastoreName":"lcm-bundle-repo","nfsRepoDirPath":"/nfs/vmware/vcf/nfs-mount","repoVMIp":"172.18.30.50"}

DEBUG [c.v.e.s.o.c.ProcessingTaskSubscriber,pool-3-thread-19] Collected the following errors for task with name CreateNFSDatastoreOnHostsAction and ID 7f000001-6ed0-12cd-816e-d1f7a33f006f: [ExecutionError [errorCode=null, errorResponse=LocalizableErrorResponse(messageBundle=com.vmware.vcf.common.fsm.plugins.action.hostmessages)]]

WARN  [c.v.e.s.o.c.ProcessingOrchestratorImpl,pool-3-thread-10] Processing State completed with failure

INFO  [c.v.e.s.o.core.OrchestratorImpl,pool-3-thread-15] End of Orchestration with FAILURE for Execution ID 8c9c5ab1-e48a-414e-9c4d-8936e6f12c91

The Fix

I struggled with this one for a while, at first I considered maybe an IP address conflict with the SDDC manager appliance, but it wasn’t that, I had the same issue after trying again with a different IP address.

I discussed this with our internal support, and I was pointed to the direction of KB 1005948.

When I followed the article, I noticed that the default vmkernel used to access my subnet and the subnet of my SDDC manager was VMK2, which is assigned for VSAN traffic; Continue reading Nested VCF Lab – Error while creating NFS datastore

Naming Convention Header2

Naming Conventions and Standards for Systems and Devices

We all know how important it is to have a naming standard for our systems and devices that means something, rather than a number of Greek mythological names that ultimately mean nothing to most.

A quick google of “Server naming conventions” will lead you to actual help, or polls from slashdot on this subject, or even lists of the best and worst naming conventions in vendor blogs whilst they hammer you to buy their warez (<<< That link may have a massive popup from GFI trying to push you something). Or you can always fall back on reddit to get to heart of the action.

 

Here I am sharing the naming conventions we designed and implemented whilst I was working as a consultant. Please feel free to use, adapt or ignore as you please.

Name Convention Examples

For a good clean and clear name we defined the following;

  • Identify the client or site
    • 2 Letter Abbreviation
  • Site/Location Identification
    • 2 Digit Number
  • Primary Role or Function of the Service/Device
    • 3 Letter Abbreviation + 2 Digits for numbered instance
  • Identify the deployment type, such as Production/Test/Development/Staging
    • 1 Letter Identifier
  • Identify the service characteristic type such as Physical/Virtual Machine/Container
    • 1 Letter Identifier

Below I’ve drawn out a breakdown of such as a table;

Naming Convention Breakdown as a Table

Sorry for inserting the tables as images, but its the one lacking function of wordpress!

Or if its easier, here is a nice colourful diagram; Continue reading Naming Conventions and Standards for Systems and Devices

Veeam Header3

VeeamPN 2.1 – Configure static IP for Network Hub

Today I decided to deploy VeeamPN between two sites. This is a free VPN solution which is optimized for performance. Veeam produced this tool for their customers to be able to easily setup networking between their production site and DR site, so ensure continuity during a disaster or failover situation.

Below is a diagram of my basic setup.

  • Site A – runs the “Network Hub” role
  • Site B – runs the “Site Gateway” role

VeeamPN Site to Site

The issue

When I deployed the first OVA appliance, I realised there was no option for setting a static IP address. DHCP is a requirement to configure VeeamPN. However, when the OVA deployed and the initial configuration for Network Hub is selected, there is no static IP address settings available versus an OVA configured for the Site Gateway rule.

VeeamPN Network Hub Site Gateway

The Fix

The VeeamPN OVA is a stripped-down Ubuntu Linux image, which runs Netplan for the networking service.

I configured a static IP address the following way;

  1. Configure SSH access on the VeeamPN appliance via the management interface.
  2. Use WinSCP to connect to the appliance
  3. Browse to /etc/netplan/
  4. Edit the “01-netplan.yaml’ file and save (see below).
  5. SSH to the VeeamPN Appliance and run “sudo netplan apply” or “sudo netplan –debug apply” for troubleshooting
  6. Log back onto the management interface using the new IP address.

When you edit the YAML file, you will find that indentations are key (as with any YAML file).

To make life easier, I used this file found here that you can use as the baseline;

network:
  version: 2
  renderer: networkd
  ethernets:
    ens160:
      addresses:
        - 10.10.10.2/24
      gateway4: 10.10.10.1
      nameservers:
          search: [mydomain, otherdomain]
          addresses: [10.10.10.1, 1.1.1.1]

VeeamPN Static IP Address Netplan YAML

VeeamPN Static IP Address sudo netplan debug apply

Regards

Dean