VMware Cloud Community
timtrace
Contributor
Contributor
Jump to solution

proxy.xml

Greetings, I'm trying to change an ESXi 4.1.0.260247 host to listen for client connections on alternate ports.

This is documented and supported by VMware. http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=102119...

But I can't upload the edited proxy.xml file.

Here's my vifs put command:

vifs.pl --server 192.168.0.11 --username root -p proxy.xml /host/proxy.xml

I receive this error:

Error: File proxy.xml can not be uploaded to proxy.xml.

I've rebooted the host, and I get the same error.

Please help me understand why. Thank you.

Reply
0 Kudos
1 Solution

Accepted Solutions
AndreTheGiant
Immortal
Immortal
Jump to solution

Not sure if the syntax is correct.

But with ESXi 4.1 you can enable SSH service in Configuraton / Secure.

The use winscp or scp to copy the file.

Andre

Andrew | http://about.me/amauro | http://vinfrastructure.it/ | @Andrea_Mauro

View solution in original post

Reply
0 Kudos
16 Replies
AndreTheGiant
Immortal
Immortal
Jump to solution

Not sure if the syntax is correct.

But with ESXi 4.1 you can enable SSH service in Configuraton / Secure.

The use winscp or scp to copy the file.

Andre

Andrew | http://about.me/amauro | http://vinfrastructure.it/ | @Andrea_Mauro
Reply
0 Kudos
timtrace
Contributor
Contributor
Jump to solution

Thanks, in WinSCP or an SSH session there is no /hosts/ directory. There is however /etc/vmware/hostd/

When I use WinSCP to transfer c:\temp\proxy.xml to /etc/vmware/hostd/ ...the changes do not survive a reboot. Why is this so?

Reply
0 Kudos
lamw
Community Manager
Community Manager
Jump to solution

1) The syntax looks right, just make sure your files exists/etc.

2) /host directory via HTTP is mapped to /etc/vmware/hostd which is where the proxy.xml exists

3) The reason it does not survive a reboot is that the file needs to be backed up which is part of an automatic process every hour. If you actually login to Tech Support Mode and you run /sbin/auto-backup.sh, you'll see the list of files that are backed up to the bootbank. If you make the change and give it hour and then reboot, the changes will remain

=========================================================================

William Lam

VMware vExpert 2009,2010

VMware scripts and resources at:

Twitter: @lamw

Getting Started with the vMA (tips/tricks)

Getting Started with the vSphere SDK for Perl

VMware Code Central - Scripts/Sample code for Developers and Administrators

VMware Developer Community

If you find this information useful, please award points for "correct" or "helpful".

timtrace
Contributor
Contributor
Jump to solution

Thanks, I could never get vifs.pl to copy the file. WinSCP worked beautifully.

Running auto-backup.sh seemed to obviate the need to wait an hour to reboot.

Shortly after I used WinSCP to put my SSL certificate and key into the right directory, and now, I have my home ESXi server published just the way I like it Smiley Happy

Thanks!

Reply
0 Kudos
dheritage
Contributor
Contributor
Jump to solution

I am re-posting to this old thread specifically because I have the same issue of the proxy.xml not uploading. 

After doing what was listed here, and seeing the correct data in in fact in the currently listed proxy.xml via vi...  it still will not survive past a reboot.

I have manually ran the auto-backup.sh and waited for an hour to pass for it to do it on its own.

What I have noticed is that the proxy.xml is not actually listed as a file that is getting backed up when it runs.  How can I ge that to happen?

<output>

/etc/vmware/hostd # /sbin/auto-backup.sh

boot type: visor-thin
local.tgz
etc/dropbear/dropbear_dss_host_key
etc/dropbear/dropbear_rsa_host_key
etc/security/access.conf
etc/vmware/hostd/hostsvc.xml
etc/vmware/hostd/pools.xml
etc/vmware/hostd/vmAutoStart.xml
etc/vmware/hostd/vmInventory.xml
etc/vmware/ssl/rui.crt
etc/vmware/ssl/rui.key
etc/vmware/dvsdata.db
etc/vmware/esx.conf
etc/vmware/license.cfg
etc/vmware/locker.conf
etc/vmware/snmp.xml
etc/vmware/vmware.lic
etc/hosts
etc/inetd.conf
etc/chkconfig.db
etc/ntp.conf
etc/ntp.drift
etc/random-seed
etc/resolv.conf
etc/syslog.conf
etc/dhclient-vmk0.leases
etc/shadow
etc/sfcb/repository/root/interop/cim_indicationfilter.idx
etc/sfcb/repository/root/interop/cim_indicationhandlercimxml.idx
etc/sfcb/repository/root/interop/cim_indicationsubscription.idx
etc/sfcb/repository/root/interop/cim_listenerdestinationcimxml.idx
etc/cim/oem_cim_option_overrides
etc/cim/dell/srvadmin/log/openmanage/dcsys32.xml
etc/cim/dell/srvadmin/log/openmanage/omcmdlog.xml
etc/cim/dell/srvadmin/srvadmin-isvc/ini/dclrdy32.ini
etc/cim/dell/srvadmin/srvadmin-isvc/ini/dcevdy32.ini
etc/cim/dell/srvadmin/srvadmin-storage/stsvc.ini
--- /etc/vmware/hostd/hostsvc.xml       Tue May 24 21:21:49 2011
+++ /tmp/auto-backup.18655.dir/etc/vmware/hostd/hostsvc.xml     Tue May 24 21:13:40 2011
@@ -2,7 +2,7 @@
   <mode>maintenance</mode>
   <service>
     <TSM>off</TSM>
-    <TSM-SSH>on</TSM-SSH>
+    <TSM-SSH>off</TSM-SSH>
     <ntpd>on</ntpd>
   </service>
</ConfigRoot>
\ No newline at end of file
boot type: visor-thin
Saving current state in /bootbank
Clock updated.
Time: 21:30:56   Date: 05/24/2011   UTC
/

</output>

Ideas?

Reply
0 Kudos
Dave_Mishchenko
Immortal
Immortal
Jump to solution

That's a bit odd.  I just ran auto-backup.sh on my 4.1U1 test system and proxy.xml is included

...

etc/security/access.conf
etc/vmware/hostd/authorization.xml
etc/vmware/hostd/hostsvc.xml
etc/vmware/hostd/pools.xml
etc/vmware/hostd/vmAutoStart.xml
etc/vmware/hostd/vmInventory.xml
etc/vmware/hostd/proxy.xml
etc/vmware/ssl/rui.crt
....

What build of ESXi are you running?

Dave
VMware Communities User Moderator

Free ESXi Essentials training / eBook offer

Now available - VMware ESXi: Planning, Implementation, and Security

Also available - vSphere Quick Start Guide

Reply
0 Kudos
dheritage
Contributor
Contributor
Jump to solution

It is a 'Dell' specific build, but downloaded from VMware site, just in case there is a difference in those two downloads.

console shows ESXi 4.1.0 (VMKernel Release Build 348481)

Dave

Reply
0 Kudos
dheritage
Contributor
Contributor
Jump to solution

I should also mention this is my / our first production ESXi installation and we are working through all of what we need before it goes into production.  To that end, it can be modified in any way if I have something jacked up (interpreted free reign to kill off and rebuild from scratch if needed).

Currently we have built a test VM just to verify everything can be done fully remotely and have install the vMA and vCMA appliances to try and maximize our ability to interact with this.  The Dell server also has a full remote access card so we can get to the console remotely as well.  This machine when put into production will be in a data center 1k miles away so it is imperitive we work out all of our bugs / issues before it ships. Smiley Happy

Dave

Reply
0 Kudos
Dave_Mishchenko
Immortal
Immortal
Jump to solution

I'd update it with the lastest patch to see if that fixes it - http://www.vmware.com/patch/download/.

Reply
0 Kudos
dheritage
Contributor
Contributor
Jump to solution

Well it just 'started working' out of the blue.  That is frustrating, but it is still keeping my file now.

The issue now is that I cannot now touch the interface on the port I specified (30443).

Is there a firewall or somethign else running that I now need to modify?

Dave

Reply
0 Kudos
Dave_Mishchenko
Immortal
Immortal
Jump to solution

There's no firewall to change.  What did you change within proxy.xml?

Reply
0 Kudos
dheritage
Contributor
Contributor
Jump to solution

I added

<httpPort>30080</httpPort>

<httpsPort>30443</httpsPort>

immediately under <ConfigRoot> and before <EndpointList> at the top.

I was trying to follow this article

Dave

Reply
0 Kudos
Dave_Mishchenko
Immortal
Immortal
Jump to solution

I've done this a with an ESXi VM

1) Changed proxy.xml to the following and ran services.sh restart

<ConfigRoot>
<httpPort>30080</httpPort>
<httpsPort>30443</httpsPort>
  <EndpointList>
    <_length>10</_length>
    <_type>vim.ProxyService.EndpointSpec[]</_type>
    <e id="0">

2)  Opened a web browser and tested connectivity with https://192.168.1.54:30443/ - that worked fine.

3) Made the following change to the vSphere client config client and I could then connect OK

<appSettings>
    <add key = "protocolports" value = "https:30443;http:30080"/>
    <add key = "MaxLogFileCount" value = "10"/>
    <add key = "MaxLogSegments" value = "10"/>
    <add key = "LogSegmentMaxMB" value = "5"/>
  </appSettings>

As soon as I changed the file back to  443/80 a new instance of the vSphere client couldn't connect.

Dave
VMware Communities User Moderator

Free ESXi Essentials training / eBook offer

Now available - VMware ESXi: Planning, Implementation, and Security

Also available - vSphere Quick Start Guide

Reply
0 Kudos
dheritage
Contributor
Contributor
Jump to solution

Thank you for your assistance and yes if I do that it works.  It was my understanding though that I could simply append :30443 to the address to keep from having to edit the config file.  No matter, as long as I know that is my limitation.

Have a blessed day!

Dave

Reply
0 Kudos
stancm
Contributor
Contributor
Jump to solution

Running ESXi 7.0.U3 and no where is proxy.xml to be found. I need help changing the default http/https ports on my ESXI host. Something so simple shouldn't cause this much headache and consume so much time. Where is the file that needs to be modified?

Reply
0 Kudos
eastendtom
Contributor
Contributor
Jump to solution

Yes @stancm ! Me too, any ideas how/where proxy.xml lives for access via ssh?

Thanks in advance.

Reply
0 Kudos