HCX Caveats & Limitations and Known Issues v1

Hi HCX community,

Leaving this here as a quick reference for things I’ve seen on the field in relation to HCX. If anything, these should provide points of discussion. My hope is that official design documentation provides authoritative commentary on anything mentioned here. Some small disclaimers:

  1. This list does not claim to be comprehensive. I am including items I know of.
  2. As with anything in a blog – the information I share here is superseded by any information VMware provides in official channels.
  3. This should be the community’s list. Feel free to provide feedback!

A. HCX Manager – Registering Remote Systems (VC,NSX,VCD,SSO,RMQ)

  • A1. Even if IPs are used to register the systems, provide a valid DNS server for internal resolution.
  • A2. Time Synch is not optional, provide a valid NTP server for time synchronization.
  • A3. If installing HCX Manager (Enterprise) with to multiple source vCenter Servers in Linked Mode, HCX Manager is required for each vCenter Server.
  • A4. When specifying the SSO server in the source or destination HCX Manager’s initial configuration, one must specify the server exactly as it is referenced in its respective vCenter Server’s vpxd.sso.admin.uri, the configuration is found here:
    – Browse https://vcenter-server-ip/mob 
    – Click Content > VpxSettings 
    – Find config.vpxd.sso.admin.uri
  • A5. HCX may erroneously report invalid Username/Password when the NSX/VCD is registered, if the system uses self-signed certs. Use the following procedure to manually configure the HCX Manager to trust the registered system. https://docs.vmware.com/en/VMware-HCX/services/user-guide/GUID-2CB2E6DC-D649-44FE-874D-4CA0C986A07C.html

B. HCX Service Mesh / Interconnect Deployments

  • B1. HCX Service Mesh relies on two Compute Profiles (one the source, one at the destination), the services that will be enabled on the Service Mesh need to be enabled on both Compute Profiles, or they will be grayed out in the Service Mesh UI.
  • B2. The HCX-WAN-IX (the migration appliance) will be added to the vCenter Server inventory, this added component is known as the HCX vMotion Proxy using its management interface IP. It will look like an ESXi host.
    The vCenter Server must be able to reach the IX IP using TCP-443, and the IX must be able to communicate with the vCenter Server using UDP-902 for this to work correctly.
  • B3 . The HCX Service Mesh components cannot be placed inside of vSphere vApp containers. A migration attempt will display the <vMotion|Bulk Migration> service is not enabled or interconnect is not deployed or being upgraded validation error.

C. HCX Bulk Migration

  • C1. HCX cannot Bulk migrate virtual machines older than Hardware Version 7
  • C2. HCX Bulk Migration can queue up to a 100 virtual machine migrations. As virtual machines are switched over to the target, new virtual machines will be queued up to the 100 limit.
  • C3. HCX Bulk Migration can coexist with vSphere Replication 6.5 and later. Bulk Migrations may be interrupted if vSphere Replication is older.

D. HCX Network Extension

  • D1. HCX generally requires NSX-V 6.2+ or NSX-T 2.4+, only at the destination environment.
    – With NSXv installation, a NSX ESG is required
    – If source NSX Logical Switches are extended, the NSX requirement applies to the source environment.
    – If Proximity Routing is enabled, NSX-V requirement is 6.4 (NSX-T does not support Proximity Routing).
  • D2. Network Connectivity over an HCX stretched network may be disrupted during a powercycle or HA failover when Connect at Power On is disabled for the extended network interface.
  • D3. Network Extension to an NSX-T integrated target requires an existing T1 router.
  • D4. Network Extension to an NSX-V integrated target network requires an existing NSX ESG or DLR to connect the extended network.

2 comments

  1. Also maybe ‘Windows SFTP may not be supported” should be added to list.

    Eventually had to open a BCS case for a customer that is still open but I think it will end with ‘not supported’.

    Like

Leave a Reply to Michael Rudloff Cancel reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s