I did an update last night that just showed up in my update manager.
I followed the usual steps, migrated all VM's, maintenance mode, stage, remediation...
Looks like the updates installed fine, but on reboot it never reconnected.
I can get to the host directly through the local client, and everything looks fine.
When I log in through the VSphere server the host refuses to connect.
Cannot contact the specified host (xxxx.xxxxx.com). The host may not be available...
Call "Datacenter.QueryConnectionInfo "for object "xxxxx" on vCenter Server "xxxx.xxxxx.com" failed.
I've update the client and server, figuring that could be the problem. No luck.
I've done these updates 100+ times, and never experienced anything like this before. Appears to have lost communication VSphere Server as near as I can tell.
Client 3237766
Server 1945274
The host version is a little odd. The one that isn't update is 3116895, and the other is 3248547, but when I log in through Vcenter server it reports 3116895 as the build for both hosts. I am guessing it simply stores the last build info because it's not actually connecting.
I've tried disconnecting and reconnecting. Was going to try removing all together, but got a little nervous that I'd have to reconfigure the whole thing. Seeing as how it was disconnected anyway, I did try adding it back as a new host unsuccessfully. Same set of errors.
I'm at a loss.
I would think it would be something fairly simple considering it seems to be working fine when I connect directly through the client. I've also been in the console and nothing looks out of sorts.
HELP!
can you reach your Gateway form your host.
can you ping your host from your vcenter.
can host resolve the DNS and your vcenter/your jumpstation.
I can even connect the host directly through the client.
It appears it might have something to do with sslv3 being disabled on the update due to a security issue. Trying to re-enable it, but I'm a novice in putty. These were the instructions I found to re-enable it, but I'm afraid I don't understand how to edit in putty. I was expecting more of a linux editor. Not sure how to back it up either, and I'm guessing I need to add the <sslOptions>16924672</sslOptions> to enable it. Instructions aren't very clear.
Hope this KB will help you
already been there. the problem was caused by an update. thanks though..
Not understanding how to enable SSLv3, if that even solves the issue. I'm guessing it will, but the problem I have now is I can't figure out how to edit in Putty. Help would be greatly appreciated.
how you can backup : run these commands
cp /etc/vmware/rhttpproxy/config.xml /etc/vmware/rhttpproxy/config.xml.bck
vi /etc/vmware/rhttpproxy/config.xml
click " i " i=insert
do all the changes
press "wq!" this will save the file
You are done
Use WinSCP instead of putty. The embedded fileeditor works pretty well.
I got the host back, but I honestly don't feel good about it. Installing an update that forces you to start modifying a perfectly good system is just wrong. Now I have two hosts running different ESXi version because I'm hesitant to update the out of date host given all the trouble I went through. The fix was KB 2139396, but the instructions themselves don't exactly help if you change too much. I had to back out some changes because it crashed the server. I haven't had a real problem with this system in the 3+ years I've been using it, which is both good and bad. Good, because it ran well, bad because I have no experience fixing things like this when they do break.
I am very confused about the fix at this point. I'm not sure if I did too many steps in the KB, and what problems it might cause down the road. And I still don't understand why I would receive an update that basically takes the host offline by obsoleting a critical protocol. I also don't understand why updating my host, client, and server didn't remedy the problem. I've spent a good 10 hours on this problem and the solution feels very incomplete at the moment. I am afraid to move too many VM's to it, for fear something else might break, or cause other issues to the actual VM.
Does anyone have any experience with this issue?
Hi Andreas
I was having the exact same issue as you and your post has helped me resolve the issue. If you check out the KB article you referred to: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=213939...
At the very top there is a link to information referring to update 3b. Here is the release notes: VMware vCenter Server 5.5 Update 3b Release Notes
I looked through the notes and the update(s) I installed to my host included the update 3b. I wasn't aware but am now that this update "breaks" the ability to manage the host through vcentre server, because of VMWare pulling support for the SSLv3 protocol. To fix this I downloaded the 3+ Gb iso of the new release of VMWare Server, mounted it and inplace upgraded my VMWare Server edition to the 3b release. Once done I then added back the host that I previously couldn't, I had been seeing the exact same error message as you.
I now have all my hosts and VSphere Server upgraded and it is all running as it should be.
From what you have said it does seem that this is the same issue you are having, I'm not sure if you have a backup of the host but I would advise rolling it back to undo all your changes and then try the same solution.
Hope you get it sorted, as after wasting approx 6 hours trying to fix the first server I upgraded (which I now know wasn't the problem) I found your post which led me to the resolution.
Thanks
Ian
Tnx Ian.
We use ESX from version 2.1, and I always was a big fan of ESX(i) but the last year i've had so much "shit"(bugs, purple screens due to e1000 bug, network disconnects due to other e1000 bugs, Vmware not fixing it) with Vmware/ESX that I'm starting to wonder why not to switch to Hyper-V.
In our environment we have 30 ESX servers, we use DRS an vmotion but noting special...so we have the same thing running for years. It always was low maintenance, logical en stable solution , but now with every upgrade I do there is something new that goes wrong.
I have years of ESX/vpshere experience, and up until now vCenter a.b was fine for ESX a.b but, in this case it apparently isn't anymore and throws a generic error like this. Yeah, I understand it's a security thing which is good to have sorted, but I'm sure vmware could do better then trowing generic vpshere disconnection errors when people miss a few lines in the release notes. Loads of people will be frustrated by this.
Then I search the knowledgebase and the only thing I find is one outdated document after another, that links to itself. Luckily I found this thread.
Well...It's probably my own fault.
/END RANT
You don't see the issue until you go the VMware web site to download the u3b update patch ISO.
Support for SSLv3 protocol is disabled by default
Note: In your vSphere environment, you need to update vCenter Server to vCenter Server 5.5 Update 3b before updating ESXi to ESXi 5.5 Update 3b. vCenter Server will not be able to manage ESXi 5.5 Update 3b, if you update ESXi before updating vCenter Server to version 5.5 Update 3b. For more information about the sequence in which vSphere environments need to be updated, refer KB 2057795.
Download the associated update and install to resolve the issue.