Redeploying the NSX Application Platform fails when the required DNS server IP addresses do not update.

Problem

When you use the NSX Application Platform Automation Appliance to redeploy the NSX Application Platform, the IP addresses of the Kubernetes Contour service and messaging service Kafka might change. These new Kubernetes service IP addresses might not be listed in the DNS server, which causes the NSX Application Platform deployment operation to fail.

Cause

During redeployment, Kubernetes follows an internal IP allocation logic to select the next available IP from the IP range. When it reaches the last IP in that range, it picks the first available IP in the starting or lower range again.

Solution

  1. SSH into the NSX Manager.
  2. Get an external IP address for the Contour service.
    napp-k -n projectcontour get svc | grep "envoy"
    Example:
    # napp-k -n projectcontour get svc | grep "envoy"
    projectcontour-envoy   LoadBalancer   10.104.217.190   10.221.216.163   80:31200/TCP,443:31580/TCP   15h
  3. Get an external IP address for the Kafka service.
    napp-k get svc | grep "kafka-external"
    Example:
    # napp-k get svc | grep "kafka-external"
    kafka-external    LoadBalancer   10.104.111.121   10.221.216.164   9092:30022/TCP
  4. Add the external IP addresses for each service in the DNS server.
    Note:

    The DNS server IP address and FQDN for these Kubernetes services are set in the Environment Configuration tab of the NSX Application Platform Automation Appliance deployment wizard.

  5. Redeploy NSX Application Platform Automation Appliance to apply the new DNS server IP addresses.

    The newly assigned DNS server IP addresses are updated and the deployment is successful.