Loading...
Loading...
When upgrading VxRail cluster to 7.0.410 or above version, find ESXi hosts are not responding, vCenter and VxRail manager VMs are disconnected, and cannot check the LCM status on VxRail plugin UI. Check lcm-web.log on VxRail manager, it finds VxRail manger IP and system DNS IP is not the same, so it tries to block DNS port on VxRail manager. Check DNS configuration on the VxRail manager. Check that /etc/hosts file, the hostname, and IP-mapping records have been deleted. Access VxRail managers onboard API documentation by entering the following address in a web browser: https://<VxM_IP>/rest/vxm/api-doc.html Navigate from the left side menu to "system information" → "Get DNS of VxRail cluster" The API call returns system DNS server IP, which is not the same as VxRail manager IP, and the flag "is_internal" shows it is not an internal DNS server. Check DNS configuration on vCenter and ESXi host, they are still using VxRail manager IP as DNS server.
Due to some DNS misconfiguration, VxRail manager is using external DNS server, but vCenter and ESXi hosts are still using internal DNS (use VxRail manager as DNS server). As part of the resolution for CVE-1999-0184, when upgrading to 7.0.410 or above, if the cluster is using external DNS server, LCM deletes hostname and IP-mapping records in VxRail manager /etc/hosts file, and add firewall rules to block DNS port in order to disable DNS dynamic update request, so VxRail manager will not expose to the CVE-1999-0184 vulnerability. But VxRail manager, vCenter and ESXi cannot resolve the hostnames within the cluster, and causes LCM failure.
1. Access onboard API documentation by entering the following address in a web browser: https://<VxM_IP>/rest/vxm/api-doc.html 2. Navigate from the left side menu to " system information " → "Set DNS of VxRail cluster" 3. From the right panel Enter " Auth " section with vCenter administrator username and password Enter " Body " section with vCenter administrator username and password, the value of the components field must be " ALL ." Enter DNS server IP address. If there are more than one DNS IP addresses, we must separate them by comma character, the correct format should be ["DNS1", "DNS2"] Click " Send Request" Check the API response, make sure it is returned with 200 OK. 4. After the ESXi hosts and VMs are connected back to vCenter, retry the LCM from VxRail plug-in UI.
Click on a version to see all relevant bugs
Dell Integration
Learn more about where this data comes from
BugZero Plan
Streamline upgrades with automated vendor bug scrubs
BugZero Prevent
Wish you caught this bug sooner? Get proactive today.