VxRail:LCM 升级在“未能更新 VxRail 证书未能更新 FQDN 和 SAN 上的证书。”
摘要: 由于证书问题,生命周期管理器 (LCM) 从 7.0.4xx 升级到更高版本(包括 7.0 和 8.0 版本)失败。
本文适用于
本文不适用于
本文并非针对某种特定的产品。
本文并非包含所有产品版本。
症状
在 7.0 和 8.0 版本中将 VxRail 群集从 7.0.4xx 升级到任何更高版本时,LCM 进程运行错误: Failed to update VxRail certificate. Failed to update certificate on FQDN and San.
原因
这是 VxRail Manager 程序处理或确定 vCenter 完全限定域名 (FQDN) 时的代码错误。
解决方案
此问题可在 7.0 版本的 7.0.520 和 8.0.210 中修复。
因此,我们建议使用修复版本进行 LCM 升级。
如果 LCM 已启动,并且 LCM 进程失败消息与此知识库文章匹配,请联系支持工程师收集 VxRail 日志包,然后联系戴尔支持以获得官方技术支持。
浏览 联系技术支持 以创建服务请求以联系戴尔支持工程师。
其他信息
在lcm-web.log中,VxRail Manager 开始将证书更新到 vCenter。
2023-10-13 07:42:15,660 INFO [LCM] [upgrade-task-0] c.v.l.s.VxmCertUpdateService [VxmCertUpdateService.java:158] vlcm is enabled and current vxm cert is self signed. Start to remove current cert in VC trust store before update vxm cert.
2023-10-13 07:42:15,661 INFO [LCM] [upgrade-task-0] c.d.v.l.d.p.r.s.CmsApiService [CmsApiService.java:95] Sending request to cms-service to remove VC trusted cert.
2023-10-13 07:42:15,661 INFO [LCM] [upgrade-task-0] c.d.v.l.d.p.u.InternalApiUtils [InternalApiUtils.java:47] Sending request: unix.http://127.0.0.1/rest/vxm/internal/cms-service/v1/certificates/vc-trust-store?force=true
2023-10-13 07:42:15,878 ERROR [LCM] [upgrade-task-0] c.d.v.l.d.p.u.HttpUtilsForCms [HttpUtilsForCms.java:42] The cms service return http client error message is {"key":"common.http.bad.request","message":"ServerFaultCode: The guest operations agent could not be contacted."}
2023-10-13 07:42:15,880 ERROR [LCM] [upgrade-task-0] c.v.l.s.VxmCertUpdateService [VxmCertUpdateService.java:193] Failed to update certificate on FQDN and San.
com.dellemc.vxrail.lcm.data.provider.out.DataWriteException: Json process meets exception, it is Meet error in cms service request exchange, please check log for detail
at com.dellemc.vxrail.lcm.data.provider.repositories.service.CmsApiService.removeVcTrustedCert(CmsApiService.java:98)
at com.dellemc.vxrail.lcm.data.provider.in.CmsServiceMicroReader.removeVxmCertFromVcTrust(CmsServiceMicroReader.java:44)
at com.vce.lcm.service.VxmCertUpdateService.updateCertOnFQDNAndSan(VxmCertUpdateService.java:159)
at com.vce.lcm.service.VxmCertUpdateService.vxmCertUpdate(VxmCertUpdateService.java:69)
at com.vce.commons.core.UiToggleService.upgradeVcPlugin(UiToggleService.java:121)
at com.vce.lcm.core.upgrade.vc.task.UIEnableTask.perform(UIEnableTask.java:65)
at com.vce.lcm.task.UpgradeTask.execute(UpgradeTask.java:58)
at com.vce.lcm.task.SimpleUpgradeTaskExecutor.lambda$execute$0(SimpleUpgradeTaskExecutor.java:65)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:829)
2023-10-13 07:42:15,880 INFO [LCM] [upgrade-task-0] c.v.l.s.VxmCertUpdateService [VxmCertUpdateService.java:210] Start to import vxm self signed cert to VC trust store.
2023-10-13 07:42:15,881 INFO [LCM] [upgrade-task-0] c.d.v.l.d.p.r.s.CmsApiService [CmsApiService.java:78] Sending request to cms-service to import vxm self signed cert as VC trusted.
2023-10-13 07:42:15,881 INFO [LCM] [upgrade-task-0] c.d.v.l.d.p.u.InternalApiUtils [InternalApiUtils.java:47] Sending request: unix.http://127.0.0.1/rest/vxm/internal/cms-service/v1/certificates/vc-trust-store?force=true
2023-10-13 07:42:16,071 ERROR [LCM] [upgrade-task-0] c.d.v.l.d.p.u.HttpUtilsForCms [HttpUtilsForCms.java:42] The cms service return http client error message is {"key":"common.http.bad.request","message":"ServerFaultCode: The guest operations agent could not be contacted."}
2023-10-13 07:42:16,071 WARN [LCM] [upgrade-task-0] c.v.l.s.VxmCertUpdateService [VxmCertUpdateService.java:214] Failed to import vxm self signed cert to VC trust store. ERROR: Json process meets exception, it is Meet error in cms service request exchange, please check log for detail
但是,更新作失败,并显示 cms-service 例外
在 cms-service 日志中,VxRail Manager 曾尝试找到 vCenter FQDN,但程序发现了五个虚拟机 (VM),并尝试更改所有这些虚拟机的状态,例如,在开机和关机之间更改运行状态。
"2023-10-13 07:42:14,044" microservice.cms-service "2023-10-13T07:42:13.213015069Z stderr F 2023-10-13 07:42:13[36m [INFO] <81980>[0m task_mgmt_callback_gateway_impl.go QueryTaskStatusByID() (49): Start to query transformed request status for ID LcmUpgrade-77880976-ea2f-4ace-841a-d80da6cbb576 via URL http://api-gateway:8080/rest/vxm/internal/marvin/v1/requests/LcmUpgrade-77880976-ea2f-4ace-841a-d80da6cbb576" "2023-10-13 07:42:14,044" microservice.cms-service "2023-10-13T07:42:13.317767019Z stderr F 2023-10-13 07:42:13[36m [INFO] <81980>[0m task_mgmt_controller.go GetTransformedTaskByReqID() (385): task mgmt get task by id: LcmUpgrade-77880976-ea2f-4ace-841a-d80da6cbb576" "2023-10-13 07:42:14,044" microservice.cms-service "2023-10-13T07:42:13.317799469Z stderr F 2023-10-13 07:42:13[36m [INFO] <81980>[0m log_request_middleware.go 1() (28): GET /v1/requests/LcmUpgrade-77880976-ea2f-4ace-841a-d80da6cbb576?lang=en-US 200" "2023-10-13 07:42:16,032" microservice.cms-service "2023-10-13T07:42:15.663289875Z stderr F 2023-10-13 07:42:15[36m [INFO] <81947>[0m log_request_middleware.go 1() (24): DELETE /v1/certificates/vc-trust-store?force=true" "2023-10-13 07:42:16,032" microservice.cms-service "2023-10-13T07:42:15.66330692Z stderr F 2023-10-13 07:42:15[36m [INFO] <81947>[0m import_vxm_cert_to_vc_trust_store_usecase.go RemoveVxmSelfSignedCertFromVc() (121): Start to check account permission" "2023-10-13 07:42:16,032" microservice.cms-service "2023-10-13T07:42:15.667344372Z stderr F 2023-10-13 07:42:15[36m [INFO] <81947>[0m vsphere_client_manager.go GetClientByAccount() (52): Start to get client by account Administrator@vsphere.local for host vcenterfqdn.com with passthrough false " "2023-10-13 07:42:16,032" microservice.cms-service "2023-10-13T07:42:15.667353316Z stderr F " "2023-10-13 07:42:16,032" microservice.cms-service "2023-10-13T07:42:15.827906733Z stderr F 2023-10-13 07:42:15[36m [INFO] <81947>[0m vsphere_connector.go RetrieveVMMatchesIPOrFQDN() (623): vm(Rvm_prefix_name_4) has power state: poweredOn" "2023-10-13 07:42:16,032" microservice.cms-service "2023-10-13T07:42:15.827981109Z stderr F 2023-10-13 07:42:15[36m [INFO] <81947>[0m vsphere_connector.go RetrieveVMMatchesIPOrFQDN() (623): vm(vm_prefix_name_3) has power state: poweredOff" "2023-10-13 07:42:16,032" microservice.cms-service "2023-10-13T07:42:15.828070545Z stderr F 2023-10-13 07:42:15[36m [INFO] <81947>[0m vsphere_connector.go RetrieveVMMatchesIPOrFQDN() (623): vm(vm_prefix_name_2) has power state: poweredOff" "2023-10-13 07:42:16,032" microservice.cms-service "2023-10-13T07:42:15.828142849Z stderr F 2023-10-13 07:42:15[36m [INFO] <81947>[0m vsphere_connector.go RetrieveVMMatchesIPOrFQDN() (623): vm(vm_prefix_name_1) has power state: poweredOff" "2023-10-13 07:42:16,032" microservice.cms-service "2023-10-13T07:42:15.828212613Z stderr F 2023-10-13 07:42:15[36m [INFO] <81947>[0m vsphere_connector.go RetrieveVMMatchesIPOrFQDN() (623): vm(prefix_name) has power state: poweredOn" "2023-10-13 07:42:16,032" microservice.cms-service "2023-10-13T07:42:15.828284844Z stderr F 2023-10-13 07:42:15[36m [INFO] <81947>[0m vsphere_connector.go RetrieveVMMatchesIPOrFQDN() (625): retrieve vm matches vcenterfqdn.com : prefix_name(VirtualMachine:vm_mobid)" "2023-10-13 07:42:16,032" microservice.cms-service "2023-10-13T07:42:15.828362583Z stderr F 2023-10-13 07:42:15[36m [INFO] <81947>[0m vsphere_client_manager.go GetClientByAccount() (52): Start to get client by account Administrator@vsphere.local for host vcenterfqdn.com with passthrough false " "2023-10-13 07:42:16,032" microservice.cms-service "2023-10-13T07:42:15.82836498Z stderr F " "2023-10-13 07:42:16,032" microservice.cms-service "2023-10-13T07:42:15.841388001Z stderr F 2023-10-13 07:42:15[36m [INFO] <81947>[0m vsphere_connector.go StartVMProgram() (658): Start to run /usr/bin/sh on vm vm_mobid" "2023-10-13 07:42:16,032" microservice.cms-service "2023-10-13T07:42:15.870593042Z stderr F 2023-10-13 07:42:15[33m [WARNING] <81947>[0m cms_gateway_vc_impl.go removeVxmSelfSignedCertFromInternalVcTrustStore() (492): Failed to run updatemgr-utility.py err : ServerFaultCode: The guest operations agent could not be contacted." "2023-10-13 07:42:16,032" microservice.cms-service "2023-10-13T07:42:15.87065143Z stderr F 2023-10-13 07:42:15[31m [ERROR] <81947>[0m cert_controller.go runCertUseCase() (403): ServerFaultCode: The guest operations agent could not be contacted." |
手动找到包含所有 vm_prefix_names 关于日志,所有确定的虚拟机都不是 vCenter Server,并且 vm_mobid 与“错误代码”中的 VxRail Manager 记录条目不匹配”system.system_vm“表。
请针对此问题打开 VXEE 工单工程师 VxRail EE,我们必须更换 cms-series DO 变通解决此问题。
受影响的产品
VxRail, VxRail Software产品
VxRail, VxRail Software文章属性
文章编号: 000220061
文章类型: Solution
上次修改时间: 19 2月 2026
版本: 4
从其他戴尔用户那里查找问题的答案
支持服务
检查您的设备是否在支持服务涵盖的范围内。