For NIOS vDiscovery to work with ESXi and to add DNS names to discovered objects, we need the Cloud Network Automation licence and the NIOS Grid must have the DNS zones added (even if the zones are not assigned to any appliance and even if Infoblox is not actually used for DNS). Otherwise, we just detect if the IP addresses are in use or not. We also need to create the networks in advanced. If we don't, the data doesn't get added.

The current vDiscovery feature supports tenants, networks, and compute VMs only. It does not support data that is retrieved from load balancer networks, load balancer VMs, Kubernetes platform VMs, application gateways, service VMs, SQL VMs, or any other VMs that are created using cloud services such as Kubernetes service or analytics service, where the IPAM is handled by the respective orchestration engines of the cloud provider. Note that if the vDiscovery job retrieves unsupported data from AWS, Azure, or GCP, then it impacts the performance of the vDiscovery process.

Discovery in Azure

Infoblox also recommends that you select “The tenant’s network view” as the network views for both public and private IP addresses. source

Azure best practice says to not have a subnet match its VNet CIDR.

• Your subnets shouldn't cover the entire address space of the virtual network. Plan ahead and reserve some address space for the future.

• You can run vDiscovery against VMware VCentre
• If you run vDiscovery against VMware where a VM is powered off, the powered off VM will be ignored.
• If you run vDiscovery against VMware where a VM does NOT have VMware Tools installed, VMware won't be aware of the VM's IP address and vDiscovery will ignore the VM with error message VM: <serial number> (name: <name>) has been ignored

There is a documented list of available variables for use with DNS naming

• vm_id
• vm_name
• discovered_name
• tenant_id
• tenant_name
• subnet_id
• subnet_name
• network_id
• network_name
• vport_name
• ip_address
• ip_address_octet1 or 1
• ip_address_octet2 or 2
• ip_address_octet3 or 3
• ip_address_octet4 or 4

SSL error ([SSL failure]: SSL Certificate verification failed)

Either the root CA and intermediate CA certificates have not been imported into NIOS (e.g in internal, VMware environments using internal PKI) or the root CA and intermediate CA certificates do not follow RFC 5280 which demands keyUsage extension MUST be present.

The following error messages were seen when the NIOS system was 15+ minutes out of date.

• Facility: user
• Level: Error
• Server: aws_r53_task_executor_ctl[]

AWSR53: SignatureDoesNotMatch, Signature not yet current: 20230712T103536Z is still later than 20230712T094129Z (20230712T093629Z + 5 min.)

• Facility: user
• Level: Warning
• Server: aws_r53_task_executor_ctl[]

AWSR53:Error Non successful AWS API request, code: 403, response: {u'error_response': {u'request_id': u'27779245-74fd-4343-a681-dadaf853a0b1', u'error': {u'message': u'Signature not yet current: 20230712T103536Z is still later than 20230712T094129Z (20230712T093629Z + 5 min.)', u'code': u'SignatureDoesNotMatch', u'type': u'Sender'}}}

Line parsing error: Invalid month value. Original line: DriverOtherError: [Error while trying to collect cloud data]: AWSIAMDataCollector: Action GetUser failed: http_status_code=403 aws_err_code=SignatureDoesNotMatch aws_err_message=Signature not yet current: 20230712T103405Z is still later than 20230712T094958Z (20230712T093458Z + 15 min.)

• Facility: user
• Level: Info
• Server: cdiscovery_executor[]
• Message:

  Complete discovering for task name: ESXi, result: [SSL failure]: SSL Certificate verification failed

• Facility: user
• Level: Info
• Server: cdiscovery_executor[]
• Message:

  Start discovering for task name: ESXi; driver type: VMWARE; FQDN or IP: esxi.staffordnet.uk; port: 443; protocol: HTTPS; member: ns1.example.uk

• Facility: user
• Level: Warning
• Server: cdiscovery_executor[]
• Message:

  Processing discovered data completed with warnings for task name: AWS-London; driver type: AWS; FQDN or IP: ec2.eu-west-2.amazonaws.com; port: 443; protocol: HTTPS; member: ns1.example.uk

• Facility: daemon
• Level: Notice
• Server: httpd[]
• Message:

  2023-07-12 09:49:23.686Z [bstafford]: Called - VDiscoveryControl: Args action="START",task=VDiscoveryTask:ESXi

• Facility: User
• Level: Info
• Server: cdiscovery_executor[]
• Message:

  Start discovering for task name: AWS-London; driver type: AWS; FQDN or IP: ec2.eu-west-2.amazonaws.com; port: 443; protocol: HTTPS; member: ns1.example.uk

• Message:

  Complete discovering for task name: AWS-London, result: DISCOVERY_COMPLETE

• Facility: User
• Level: Info
• Server: cdiscovery_aggregator[]
• Message:

  Start processing discovered data for task name: AWS-London; driver type: AWS; FQDN or IP: ec2.eu-west-2.amazonaws.com; port: 443; protocol: HTTPS; member: ns1.example.uk

• Message:

  Network: 10.10.10.0/24 (network view: default) has been updated

• Message:

  Number of NETWORK has been processed : Created: 0; Updated: 10; Deleted: 0; Ignored: 2; Tags skipped due to missed EAs: [u'Name']

• Message:

  Number of IP has been processed : Created: 0; Updated: 0; Deleted: 0; Ignored: 0

• Message:

  Number of VM has been processed : Created: 0; Updated: 0; Deleted: 0; Ignored: 0

• Message:

  No tags. return.

• Message:

  Number of TENANT has been processed : Created: 0; Updated: 1; Deleted: 0; Ignored: 0

• Message:

  Finish synchronize DNS for events: Created: 0; Updated if needed: 0; Deleted: 0; Ignored: 0

• Facility: User
• Level: Info
• Server: cdiscovery_aggregator[]
• Level: Warning
• Message:

  Ignoring object Network: 10.11.11.0/25 (network view: default) : The network 10.11.11.0/24 must not have any active IP address outside the network you are creating.

• Message:

  Processing discovered data completed with warnings for task name: AWS-London; driver type: AWS; FQDN or IP: ec2.eu-west-2.amazonaws.com; port: 443; protocol: HTTPS; member: ns1.example.uk

KB article with error explanations When you see an error message, the GUI may not say what has gone wrong. Get the support bundle

Extract infoblox.log

tar xvzf <supportbundlename> active_node_supportBundle.tar.gz

tar xvzf active_node_supportBundle.tar.gz infoblox.log

Discovery jobs data processed on the GM (may be zero if not GM bundle)

egrep -ai "cdiscovery_aggregator.*Start processing discovered data" infoblox.log | awk '{print $(NF-13)}' | sort | uniq | wc -l

VPCs Overlapping within discovered dataset

egrep -aic "cdiscovery_aggregator.*Overlapped VPCs encountered.* entire discovered dataset discarded.*within discovered dataset" infoblox.log

VNETs Overlapping with existing NIOS objects

egrep -aic "cdiscovery_aggregator.*Overlapped VNETs encountered.*entire discovered dataset discarded.*with existing NIOS objects" infoblox.log

VPCs Overlapping with existing NIOS objects

egrep -aic "cdiscovery_aggregator.*Overlapped VPCs encountered.*entire discovered dataset discarded.*with existing NIOS objects" infoblox.log

Subnets with CIDR equal to the Virtual Network CIDR are not supported errors

egrep -aic "cdiscovery_aggregator.*Subnets with CIDR equal to the Virtual Network CIDR are not supported" infoblox.log

Network view cannot be created log messages as there is no associated project/tenant)

egrep -aic "cdiscovery_aggregator.*some network views can't been created as they dont have a project/tenant id associated with it" infoblox.log

Network view unavailable log messages

egrep -aic "cdiscovery_data_event.*Skip process network Network.*network view unavailable" infoblox.log

Network view id missing log messages

egrep -aic "cdiscovery_data_aggregation.*A required network_view_id is missing" infoblox.log

Error while processing IP address log messages

egrep -aic "cdiscovery_data_event.*Error while processing" infoblox.log

Parent Network missing log messages

egrep -aic "cdiscovery_aggregator.*Cannot find the parent network for the fixed address" infoblox.log

Bad Syntax errors (likely due to network_component_port_id string being too long)

egrep -aic "cdiscovery_aggregator.*Bad Syntax" infoblox.log

Duplicate Object errors

egrep -aic "cdiscovery_aggregator.*ERROR: Duplicate object" infoblox.log