A couple months ago I was working with a customer that was in the midst of deploying vRA 6.1 integrated with NSX. Once they had everything up and running there were having problems with the NSX data collection. There was an error in the vRA logs stating something about the security groups not being able to be enumerated.. my apologies for not having the exact error handy.
After some additional troubleshooting it was found that the NSX 1.0.1 plugin had been installed on the external vCO server. Unfortunately, this plugin only supports vRA 6.2 and above:
VMware vCenter Orchestrator Plugin 1.0.1 for NSX
This plug-in can be utilized by vRA 6.2.0, vRO 5.5.2, vRO 6.0.0, vCNS 5.5.2, vCNS 5.5.3.x, vCNS 5.5.4, NSX-vSphere 6.1.0, NSX-vSphere 6.1.1, NSX-vSphere 6.1.2, NSX-vSphere 6.1.3.
Once that was found, the path to rectify went like this:
- Remove the NSX 1.0.1 plugin from vCO
- Removing plugin’s from vCO isn’t a particularly fun task, but it is well documented: http://kb.vmware.com/kb/2064575
- Reset the Plugin versions in vCO, this step might not be necessary but just to be safe…
- Log in to the vRealize Orchestrator configuration interface as vmware.
- Click the Troubleshooting tab.
- Click Reset current version.
- Restart vCO Server/Config services
- Log in to the vRealize Orchestrator configuration interface as vmware.
- Click the Startup Options tab.
- Restart both the Server and the configuration server services.
- Install NSX 1.0.0 plugin
- Log in to the vRealize Orchestrator configuration interface as vmware.
- Click on the Plugins tab.
- Locate the plugin file and click Upload and Install.
- Restart vCO Server service
- Log in to the vRealize Orchestrator configuration interface as vmware.
- Click the Startup Options tab.
- Restart the Server service.
- Remove/Reset the NSX config info for the vCenter Endpoint
- This was the most time consuming annoying pieces of this fix… I loathe form elements that are greyed out when it’s something I need to modify. With the help of a seasoned colleague we arrived at this task:
- Clear out all vRA tables of DynamicOps.VCNS.* So, basically we needed to remove all the data that was collected and then, and only then could we actually remove the endpoint. This all took short of 40 minutes but was tedious enough that I build a SQL script to tackle the job, *Please read the comments in the script!*:
/****BE CAREFUL WITH THIS*** To see what tables are populated in the DynamicOps.VCNSModel schema simply change the database name and execute. To also clean out all the DynamicOps.VCNSModel tables except VCNSEndpoints, uncomment the last line at the end of the script By: Ben Sier bsier@vmware.com Date: 2/20/2014 Tested against vRA 6.2 / SQL 2012 R2 SP2 */ use vcac; --May need to change DB name. declare c1 cursor for select QUOTENAME(SCHEMA_NAME(schema_id)) + '.' + QUOTENAME(name) from sys.tables where SCHEMA_NAME(schema_id) LIKE 'DynamicOps.VCNSModel' AND name NOT LIKE 'VCNSEndpoints'; declare @ITABLE as nvarchar(500) declare @FTABLE as nvarchar(500) declare @SQL as nvarchar(200) declare @SQL2 as nvarchar(200) declare @DelSQL as nvarchar(200) declare @EPDelSQL as nvarchar(200) set @EPDelSQL = 'delete from [DynamicOps.VCNSModel].[VCNSEndpoints]' open c1 fetch next from c1 into @FTABLE; while (@@FETCH_STATUS =0) begin set @SQL = 'declare allVCNSTables cursor for ' set @SQL2 = 'Select COUNT(*) from ' + @FTABLE set @SQL = @SQL + @SQL2 exec sp_executesql @SQL open allVCNSTables fetch next from allVCNSTables into @ITABLE while (@@FETCH_STATUS =0) begin IF @ITABLE > 0 begin PRINT @FTABLE + ' has ' + @ITABLE + ' entries.' PRINT 'Clearing table - ' + @FTABLE set @DelSQL = 'delete from ' + @FTABLE PRINT @DelSQL /**** Uncomment the line below to clear out all tables except [DynamicOps.VCNSModel].[VCNSEndpoints] ****/ --exec sp_executesql @DelSQL end fetch next from allVCNSTables into @ITABLE end close allVCNSTables deallocate allVCNSTables fetch next from c1 into @FTABLE end close c1 deallocate c1 /**** Uncomment the line below to clear out the [DynamicOps.VCNSModel].[VCNSEndpoints] table ****/ --exec sp_executesql @EPDelSQL
- This was the most time consuming annoying pieces of this fix… I loathe form elements that are greyed out when it’s something I need to modify. With the help of a seasoned colleague we arrived at this task:
- Add the Networking and Security manager to the vCenter endpoint and run a data collection… since we just removed this, obviously you know how to add one 🙂 If not head over to http://dailyhypervisor.com/vmware-nsx-6-1-vcac-6-1-connecting-nsx-to-vcac/ to see how.
Hope this helps someone!
Links of thanks: