Skip to main content

 

Manually unregister an onboarded machine from a deployment in case of an unregister action failure


Issue/Introduction

Machines fail to unregister and cannot be onboarded again. This article provides information on how to put these machines back to Discovered state.

Symptoms:
After performing the unregister action on an onboarded machine, the machine remains in "onboarded" state in the resource view and cannot be added to a new onboarding plan.

Environment

VMware Aria Automation 8.x
VMware vRealize Automation 8.9.x
VMware vRealize Automation 8.10.x
VMware vRealize Automation 8.x
VMware vRealize Automation 8.7.x
VMware vRealize Automation 8.8.x

Cause

Temporary issues can interfere with the unregistering process. Also, if onboarding isn't completed properly, the machine might not have the required information for unregister to work.

Resolution

VMware is aware of this issue. Currently there is no resolution.

Workaround:
To workaround this issue, manually remove the stale entries using REST API.

WarningThis workaround deletes database entries.
 

Prerequisites

  • You have backups of the VMware Aria Automation 8.x appliance(s)
    • You must back up all VMware Aria Automation appliances, at the same time - simultaneously for all nodes.
    • If you are making the snapshots manually, you must start the snapshots of the second and the third node not more than 40 seconds after you start the snapshots for the first node.
    • When you back up the VMware Aria Automation appliance, disable in-memory snapshots and enable quiescing (quiescing is a requirement only for version 8.9 and newer).
  • Acquire an Authentication Token
For more information, see Getting Your Authentication Token section in VMware Aria Automation Programming guide.
 

Procedure: Remove the stale entries using the REST API

  1. Get the affected compute ID
    GET https://AriaAutoFQDN/deployment/api/resources?search=VM-Name001

Note:
  • Replace AriaAutoFQDN with the FQDN of your Aria Automation environment.
  • Replace VM-Name001 with the affected VM name.
  • From the output take the ID, for example 20f7eb1b-0cfc-3af0-b364-963face2eb4c.
  • Use this ID as compute id below.
  1. Get the affected compute:
    GET https://AriaAutoFQDN/provisioning/uerp/resources/compute/compute id
    Take note of compute descriptionLink.
Example:
{
"descriptionLink": "/resources/compute-descriptions/c51a5472-72e8-4ded-afe6-6e41f1caa3b4"
}
  1. Delete compute description from the output in step 2.
    DELETE https://AriaAutoFQDN/provisioning/uerp/ComputeDescriptionLink
  2. Get each disk, delete disk description and update disk state:
  • For each entry in the diskLinks field of the get compute above:
    GET https://vra8 base uri/provisioning/uerp/diskLink
  • Find the descriptionLink field in the response and send DELETE command:
    DELETE https://<vra8 base uri>/provisioning/uerp/descriptionLink
Note: Boot disk and external devices such as CD/DVD Drive do not contain descriptionLink. Skip these.
  • For each disk entry containing descriptionLink above, take the response body and edit it as such:
  • From the tenantLinks field remove the entries which start with /owner/provisioning/auth/csp/users  and /provisioning/resources/projects
  • Remove the descriptionLinkownerAuthLink and projectAuthLink fields from the request body.
  • Edit the customProperties map to remove the following key-value pairs:
 '__blueprint_resource_type'
 '__deployment_id'
 - '__composition_context_id'
 
Note: You must remove both key AND the value.
  1. Send the above edited disk entry back as the request body with a PUT command:
    PUT https://AriaAutoFQDN/provisioning/uerp/diskLink
  2. Update compute tenant links and remove necessary properties.
Take the compute response body received in step 2 and edit it as follows:
  • Remove the descriptionLinkownerAuthLink and projectAuthLink fields from the request body
  • From the tenantLinks field remove the entries which start with /owner/provisioning/auth/csp/users and /provisioning/resources/projects
  • From the customProperties map remove the key-value pairs with the following keys:
 '__composition_context_id'
 '__deployment_id'
  1. Send the above edited compute entry back as the request body to the following command:
PUT https://AriaAutoFQDN/provisioning/uerp/computeSelfLink
  1. Get each network interface from affected compute response in Step2 and update the network interface state. 
   a. For each entry in the networkInterfaceLinks field of the get compute above:
        GET https://vra8 base uri/provisioning/uerp/networkInterfaceLink
   b. For each networkInterface entry, take the response body and edit it as such:
       In the tenantLinks field, if there are entries that start with /owner/provisioning/auth/csp/users and    /provisioning/resources/projects, remove them.
   c. Send the above edited networkInterface entry back as the request body with a PUT command:
      PUT https://AriaAutoFQDN/provisioning/uerp/networkInterfaceLink


Additional Information

Impact/Risks:
Note: This procedure modifies the database. Ensure to back up your appliances. For more information, see Backing Up the vRealize Automation 8.x Appliance.
Labels:

Comments

Post a Comment

Popular posts from this blog

  Issue with Aria Automation Custom form Multi Value Picker and Data Grid https://knowledge.broadcom.com/external/article?articleNumber=345960 Products VMware Aria Suite Issue/Introduction Symptoms: Getting  error " Expected Type String but was Object ", w hen trying to use Complex Types in MultiValue Picker on the Aria for Automation Custom Form. Environment VMware vRealize Automation 8.x Cause This issue has been identified where the problem appears when a single column Multi Value Picker or Data Grid is used. Resolution This is a known issue. There is a workaround.  Workaround: As a workaround, try adding one empty column in the Multivalue picker without filling the options. So we can add one more column without filling the value which will be hidden(there is a button in the designer page that will hide the column). This way the end user will receive the same view.  
Post a Comment
Read more

57 Tips Every Admin Should Know

Active Directory 1. To quickly list all the groups in your domain, with members, run this command: dsquery group -limit 0 | dsget group -members –expand 2. To find all users whose accounts are set to have a non-expiring password, run this command: dsquery * domainroot -filter “(&(objectcategory=person)(objectclass=user)(lockoutTime=*))” -limit 0 3. To list all the FSMO role holders in your forest, run this command: netdom query fsmo 4. To refresh group policy settings, run this command: gpupdate 5. To check Active Directory replication on a domain controller, run this command: repadmin /replsummary 6. To force replication from a domain controller without having to go through to Active Directory Sites and Services, run this command: repadmin /syncall 7. To see what server authenticated you (or if you logged on with cached credentials) you can run either of these commands: set l echo %logonserver% 8. To see what account you are logged on as, run this command: ...
Post a Comment
Read more
  The Guardrails of Automation VMware Cloud Foundation (VCF) 9.0 has redefined private cloud automation. With full-stack automation powered by Ansible and orchestrated through vRealize Orchestrator (vRO), and version-controlled deployments driven by GitOps and CI/CD pipelines, teams can build infrastructure faster than ever. But automation without guardrails is a recipe for risk Enter RBAC and policy enforcement. This third and final installment in our automation series focuses on how to secure and govern multi-tenant environments in VCF 9.0 with role-based access control (RBAC) and layered identity management. VCF’s IAM Foundation VCF 9.x integrates tightly with enterprise identity providers, enabling organizations to define and assign roles using existing Active Directory (AD) groups. With its persona-based access model, administrators can enforce strict boundaries across compute, storage, and networking resources: Personas : Global Admin, Tenant Admin, Contributor, Viewer Projec...
Post a Comment
Read more