The latest (as of 26th June 2019) version on vCenter Server Appliance is 6.7u2b. This may come as somewhat of a suprise – as that is not available as a download from VMware.

We discovered this after deploying 6.7u2, then allowing the update process to patch the VCSA.

But then when we go to internalize external PSCs, we get a failure with the the build versions from ISO not matching….

From the converge.log

2019-06-12T03:39:19.839Z INFO converge Downloading RPMs
2019-06-12T03:39:19.839Z INFO converge Collected client:rest as a part of Telemetry
2019-06-12T03:39:19.960Z INFO converge VCSA ISO is mounted. Copying RPMs from the ISO.
2019-06-12T03:39:19.991Z INFO converge ISO version : VMware-vCenter-Server-Appliance-
2019-06-12T03:39:19.991Z INFO converge VC version : VMware-vCenter-Server-Appliance-
2019-06-12T03:39:19.992Z ERROR converge The version of the ISO doesn't match to the version of the VCSA.

VMware support supplied an new ISO: VMware-VCSA-all-6.7.0-13843380

All good.

But deploying a new test VCSA using that iso was always failing with LDAP error.

“Could not connect to VMware Directory Service via LDAP. Verify VMware Directory Service is running on the appropriate system and is reachable from this host.”

Same as detailed here:

Turns out that during part 2 or the setup – it edits the /etc/hosts file and loses the references to localhost

At end of part1 (deployment) Before Part2 (setup):

Generated by Studio VAMI service. Do not modify manually. vcsa.xxxx.xxxx vcsa localhost
::1 vcsa.xxxx.xxxx vcsa localhost ipv6-localhost ipv6-loopback

After Part2 (failed install):

Begin /etc/hosts (network card version)
End /etc/hosts (network card version)
Generated by Studio VAMI service. Do not modify manually. vcsa.xxxx.xxxx vcsa vcsa.xxxx.xxxxvcsa

As you can see, the localhost entries for IPv4 and IPv6 are completely wiped out. So no service starts – because it can’t talk to itself.

So we need to fix this by logging into the shell after part 1, and before starting part 2 and append the localhost info after the VAMI_EDIT_END block

VAMI_EDIT_END localhost.localdom localhost
::1 localhost.localdom localhost ipv6-localhost ipv6-loopback

I don’t see how this would ever work. Looks like a regression of an issue that was fixed in 6.7u1

and was an issue at 6.5 as well:

VCSA 6.7u2b ISO and LDAP errors

Leave a Reply

Your email address will not be published. Required fields are marked *