We’re encountering an issue while deploying a SailPoint VA (Virtual Appliance) in a privileged cluster setup and are seeking advice or suggestions from anyone who has faced a similar situation.
Background:
We created a privileged cluster and downloaded the VA image from the UI.
The VA was deployed using this image, and everything initially worked fine — the cluster was live and healthy.
However, after about 24 hours, we lost connectivity with the VA.
There were no helpful details in the logs, and the VA appeared unresponsive.
Recovery Steps Taken:
We decided to reset and re-pair the VA by performing the following steps in order:
va-bootstrap reset
Deleted the old VA from the UI and created a new one
va-bootstrap set-passphrase
va-bootstrap pair
We received a “successful pairing” message in the UI, which instructed us to wait up to 30 minutes for provisioning.
I suggest please start building from scratch. If your using any cloud delete existing bucket and re import va image in a newly created bucket and start build image as per sailpoint documentaion. Then it will work
We had a support case for this issues. We could get our network team and sailpoint support in joint troubleshooting session.
The reason we found for VAs being corrupted is after VA is installed, it tries to upgrade to latest image. Due to Firewall issues it could not connect to aws to fetch latest image. Even though we had all fireall openings performed as per Sailpoint documentation, the support team informed us that for some customers wildcard firewall settings does not work. Our firewall setup appeared to be one of those.
After we received specific URLs and firewalls opened for them we could get VA upgraded and connected.
