VMware Cloud Community
calvinc
Contributor
Contributor
‎05-22-2007 12:26 PM

Applications Manager Vmware ESX SSH issue..

I am using a program called Applications Manager to do some monitoring. I t can monitor by using ssh credentials. For some reason, it is not able to login to the ESX console. When I check /var/log/messages it has

Did not receive identification string from X.X.X.X that of course would be my ip address. I can ssh fine with putty and from another linux box. I found some additional information on the net with a user who had the same problem. They did a test and disabled the firewall and then the software was finally able to login. My question is why? Also if I disable the firewall temp just to run these performance tests, Im assuming it wont have any adverse effects. Finally, When logged into the vmware infrastructure client and using the performance tab, I assume the client is pulling its data to graph performance directly from the ESX filesystem ie..

/proc/meminfo for memory as an example.

Sorry have to add one more thing. I noticed the ESX box's time was incorrect, so I set it with the date command. Does this affect any of my previous performance data?

thanks once again.

0 Kudos
5 Replies
jayolsen
Expert
Expert
‎05-22-2007 05:45 PM

So is the monitoring program agentless? Its not expecting a port aside from 22 to be listening? Disabling the firewall doesn't sound like the best option.

No idea on question 2

0 Kudos
admin
Immortal
Immortal
‎05-22-2007 07:47 PM

For item #1, if disabling the firewall enables login to work, then Applications Manager is either listening on another port or responding on another port. You can try temporarily disabling the firewall and monitoring the server, and on the service console run a 'netstat -p' command and look for the Application Manager process. You'll probably see the port the app is talking on, and you may need to open this port outbound.

As for item #2, you'll definately skew the performance data. The central reporting server will display the data according to the timestamp of the update, so when you change the time, you won't know where your prior stats were appearing...you could have older data appearing after current data if the time was running fast.

ABu
Enthusiast
Enthusiast
‎05-23-2007 07:20 AM

I am using a program called Applications Manager to

do some monitoring. I t can monitor by using ssh

credentials. For some reason, it is not able to

login to the ESX console.

Which ESX version? V 2.5.x? V 3.0.x?

Do you use SSH-keys? See:

man sshkey-gen

Sorry have to add one more thing. I noticed the ESX

box's time was incorrect, so I set it with the date

command.

I think it`s highly recommend to use/configure "ntp".

BTW: Try vmktree, a very nice monitoring tool!

ABu.

0 Kudos
calvinc
Contributor
Contributor
‎05-24-2007 12:18 PM

Thanks for the answers guys, according to advent.net, an additional port needs to be open on the ESX firewall. whats the easiest way to do that and make it permanent? I did some digging and see that the firewall config is in some XML file? I'm hoping there is an easier interface for firewall changes.

0 Kudos
jayolsen
Expert
Expert
‎05-24-2007 12:48 PM

Type esxcfg-firewall to see the options but basic format is below to open a port.

-o|--openPort <port,tcp|udp,in|out,name> Opens a port.

0 Kudos