Controller connectivity is lost after you upgrade your hosts.


After upgrading your host, when running post checks, your Node Status shows loss of connectivity to the controller.


  1. Open an SSH session to the EXSi host experiencing the issue and confirm that none of the three NSX controllers are in a connected state. Run the nsxcli -c get controllers command.
    Example response:
    Controller IP    Port  SSL     Status       Is Physical Master   Session State    Controller FQDN    1235  enabled  disconnected   true                  down
    In a working configuration, two controllers display the not used status and one controller has the connected status. If the NSX controller shows connected, refresh the UI and confirm that the status is green. If the controller shows not connected, continue to the next step.
  2. Open an SSH session to one of the NSX Manager nodes as admin and run the get certificate api thumbprint command.
    The command output is a string of alphanumeric numbers that is unique to this NSX Manager.
  3. On the ESXi host, push the host certificate to the Management Plane:
    ESXi1> nsxcli -c push host-certificate <NSX Manager IP or FQDN> username admin thumbprint <thumbprint obtained in step #1>
    When prompted, enter the admin user password for the NSX Manager. See the NSX-T Data Center Command-Line Interface Reference for more information.
  4. Confirm the controller status is connected.
    ESXi1> nsxcli -c get controllers
    Confirm the controller connection state is green on the UI for this Transport Node.
    If this issue continues, restart the following NSX services on the ESXi host:
    ESXi1> /etc/init.d/nsx-opsagent restart
    ESXi1> /etc/init.d/nsx-proxy restart