Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
645
Views
0
Helpful
1
Replies

ACI EPG to vCenter PG integration issue

asimonf1
Level 1
Level 1

‎02-22-2024 04:08 AM

Hi,

I have managed to link ACI 6.0.3 with vCenter 7.0.3.
Integration works fine at Folder + DVS level.
VMM controllers are online and they retrieve all vPG and virtualized hosts and their vNIc, and all the ESXi nics..
The problem I am facing is with the EPG to PG alineation.
At ACI side we cannot get rid of following alarm:

asimonf1_0-1708603255730.png

Fault delegate: [FSM:FAILED]: Addition or Deletion of Port Group for: (uni/tn-ossinfra/ap-caas/epg-23010_backup_platform_10.73.229.128_25_0084) Tenant: ossinfra associated with either EPG:(Ap: caas Epg: 23010_backup_platform_10.73.229.128_25_0084) or Services:(LDevInst: EPpInfo: ) on VM Controller: esmalcasvvc001.prod.airtel.es VM Domain: ESMALCASVDS001-MGMT VM Provider: VMware, failed with error: addCustomFieldDef: SOAP FaultCode="":ServerFaultCode, FaultDetail=<NoPermissionFault xmlns="urn:vim25" xsi:type="NoPermission"><object type="Folder">group-d1</object><privilegeId>Global.ManageCustomFields</privilegeId></NoPermissionFault>, FaultString=Permission to perform this operation was denied.(TASK:ifc:vmmmgr:CompEpPDAddorDelExtPol)

At vCenter side, the tasks that are triggered by 'aciuser' fail because of following error:

asimonf1_2-1708603492854.png

And here am I..stuck..

I feel this is more related to privilege handling for 'aciuser' at vCenter side, but I am not sure.
Any hint welcome

 

BR/

Labels:
0 Helpful
1 Reply 1

RedNectar
VIP Alumni
VIP Alumni

‎02-22-2024 05:35 AM

Hi @asimonf1 ,

I think you probably answered your own question

I feel this is more related to privilege handling for 'aciuser' at vCenter side, but I am not sure.

 In vCenter, the 'aciuser' needs sufficient rights to add and delete vSwitches and Port Groups.

HOWEVER, you will also get an error in vCenter when you remove the VMM association from an EPG if there is one or more VMs with their NICs still linked to that PortGroup/EPG.

So if the 'aciuser' has sufficient privileges, go looking for VMs with a NIC still linked to the EPG named in the error (I can see the name in the picture, but not your text)

 

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.
0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License