While applying the async vCenter 7.0U3o patch to workload domain (related to VMSA-2023-0023) in VCF on VxRail 4.x, I faced an issue with VxRail prechecks in SDDC Manager:
‘VxManager HTTP Request failed with invalid status code’
If you open the Physical View of VxRail cluster in vCenter, page keeps loading or it shows ‘Unable to show physical view due to a failure of loading physical view data for the host’.
The reason was an expired vxm service account password – the SSO service account used for communication between VxRail Manager and vCenter Server. To validate it login to VxRail Manager as a mystic user and run:
curl --unix-socket /var/lib/vxrail/nginx/socket/nginx.sock -X GET "http://localhost/rest/vxm/internal/lockbox/v1/credentials?lockbox_name=SYSTEM&credential_names=management_account_vc"|jqIf ‘Connection_type’ is DISCONNECTED (screenshot below) that would indicate the password expired or the password was changed manually in vCenter and not updated on VxRail Manager.
Run below command to update/reset the password for service account used for communication between VxRail Manager and vCenter Server (use your username and password of course;) ). Once done please restart VxRail Manager vm.
curl -X PUT --unix-socket /var/lib/vxrail/nginx/socket/nginx.sock -H "accept: application/json" -H "Content-Type: application/json" -d '{"lockbox_name":"SYSTEM","credentials":[{"credential_name":"management_account_vc","username":"svc-xxx-xxx-xxx-vc@vsphere.local","password":"VnXXXXXXXXXIQ=="}]}' 'http://localhost/rest/vxm/internal/lockbox/v1/credentials';
