VMware

VMware vCenter 7.0 U2 Deployment Stumbles at Stage 2

Deploying a new vCenter appliance can be a straightforward process, but sometimes issues can arise during the deployment stage. In my case, Stage 1 was easy, but Stage 2 failed several times. I re-deployed the vCenter appliance twice, but the third time it failed as well. Since there were no error messages, I decided to take a closer look at the logs.

To access the logs, I logged into the appliance using SSH or the console with the root account and root password I had set up during the initial setup. The first place to check was the /var/log/firstboot directory, where I used the command “ls -lt” to get the last written logs. As expected, there were two logs for each service: one ending with _stdout.log, and the second one ending with _stderr.log.

After searching through the logs, I found a service that had written to _stderr.log, and the log entry that caught my attention was:

“What what? A certificate not only has an end date, but also a date before which it is not valid – a start date.”

This hinted at a problem with NTP, as I had configured NTP for the vCenter but not for the ESXi hosts on which I deployed the vCenter. This led me to investigate further, and I discovered that the issue was indeed related to NTP.

Here’s what happened: when setting up the NTP configuration for the vCenter, I had specified the wrong start date for the certificate. As a result, the certificate was not valid before the specified start date, causing the deployment to fail.

To resolve the issue, I simply corrected the start date in the NTP configuration to match the correct date and time. After doing so, the deployment completed successfully, and I was able to proceed with the rest of my tasks.

In conclusion, when deploying a new vCenter appliance, it’s essential to check the logs for any hints or errors that may arise during the deployment process. In my case, I found the issue by checking the _stderr.log file and investigating further. The lesson learned here is that NTP configuration should be carefully reviewed to ensure correct start dates are specified, avoiding any potential issues with certificate validation.