Tonight’s blog post goes in-depth on Service Accounts especially the SPS account which the VMware vSphere Profile-Driven Storage Service relies on that lives within the Administrators group. Well, imagine the panic when the SPS service account goes missing, leaving your vSAN and storage policies in limbo.
In this blog post, we’ll dive into the nightmare scenario of losing these vital components and explore how to troubleshoot and recover from such a disaster. So grab a cup of coffee and get ready to learn how to tackle this challenging situation head-on. Let’s get started!
So Below – I logged into my vCenter Server 8 today, and I was like why are my policies missing and my vSAN Performance complaining ?? Well I started to dig in and found some evidence of the SPS service account gone.
Storage Providers are missing ?! What is happening?!
vSAN Performance complaining about its policy not being there, and your can see that the Storage Policy drop down is broken / not loading the vSAN policies I have for vSAN Performance
So – First thing is take a snapshot of what your current vCenter is, yeah we know its broken and SPS is missing but safety first!
First, what I did – is, I checked the logs where the VMware vSphere Profile-Driven Storage Service
/var/log/vmware/vmware-sps/sps.log
You will see lots of different spring frame work events and processes, but what you are really looking for is your specific SPS Service Account, for me, mine was
sps-71587023-8efd-4f7e-b094-ede500183201
Once you have your account copied – open your favorite text editor. You will want to structure your command below in the same way. As an example you may copy i provided mine from the screen shot – But replace my SPS account with yours.
/usr/lib/vmware-vmafd/bin/dir-cli group modify --name Administrators --add sps-71587023-8efd-4f7e-b094-ede500183201
After you hit enter, you will see that it will ask you for the [email protected] password, if you are running VCF, you will need to pull your password from the SDDC Manager if you have Auto Rotate passwords enabled.
Once Password has been entered you shall see the same following prompt where the SPS account has been added to the Administrators group.
Enter password for [email protected]:
Account [sps-71587023-8efd-4f7e-b094-ede500183201] added to group [Administrators]
Group member [sps-71587023-8efd-4f7e-b094-ede500183201] added successfully
Woohoo! vSAN and vCenter are all up and running with working VM Storage Policies
And Finally – We see our SPS account back in the Administrators Group!