VMware Cloud Community
ryanismean
Contributor
Contributor
‎06-20-2011 06:05 PM

Update Manager "connection refused" on scan attempt.

I went through the kb and searched here--no luck so far. I have 3 hosts which (should be!) configured identically. I set them all up to be the same. Recently decided to try Update Manager, so I set all that up (on my vCenter server), and got the baselines attached to the hosts. Everything was going well, until one of the three refused to scan:

[11Jun20-1137]   DEBUG:     Depot: Download Rules: {'blacklist': ['*.rpm'], 'exclusives': []}
[11Jun20-1137]   ERROR:      root: [Errno 4] IOError: <urlopen error (111, 'Connection refused')>: http://[vcenter IP]:80/vci/hostupdates/hostupdate/esx/esx-3.5.0/contents.xml.sig
It isn't DNS, as all three hosts are useing the vCenter server's IP per their esxupdate.log files, and I'm pretty sure it isn't the ESX firewall, because scans work fine on this machine:
[root@solaria root]# esxcfg-firewall -q
Chain INPUT (policy DROP 885 packets, 260K bytes)
<snip>
Opened ports:
Added Iprules:
They do not, however, work on this machine (despite opening the port in desperation):
[root@triton root]# esxcfg-firewall -q
Chain INPUT (policy DROP 1929 packets, 531K bytes)
<snip>
Opened ports:
updatemanager       : port 80 tcp.out
Added Iprules:
Both of the other hosts are communicating fine with the vCenter machine on port 80 according to their esxupdate logs. I don't see anything of particular usefulness in the vCenter host's vmware-vci-log for that host. Just this, every time I try to scan:
[2011-06-20 19:21:42:167 'SingleHostScanTask.SingleHostScanTask{60}' 5288 DEBUG]  [vciTaskBase, 551] Task started...
[2011-06-20 19:21:42:198 'SetFirewallConfig' 5288 INFO]  [hostUpdateBase, 445] Checking firewall configuration for host: triton.r07.epa.gov
[2011-06-20 19:21:42:198 'SetFirewallConfig' 5288 INFO]  [hostUpdateBase, 446] Ruleset name: updateManager
[2011-06-20 19:21:44:776 'SetFirewallConfig' 5288 INFO]  [hostUpdateBase, 454] Firewall ruleset activated
I've tried restarting the Update Manager service on the vCenter server to no avail. Triton can ping the vCenter / Update Manager server with no problems. The vCenter server has a C:\Windows\temp directory. I'm pulling my hair out here trying to figure out why this one host isn't playing nice like the others!
0 Kudos
3 Replies
MauroBonder
VMware Employee
VMware Employee
‎06-20-2011 06:20 PM

Check this kb http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=100491...

maybe helpful.

Regards

*Please, don't forget the awarding points for "helpful" and/or "correct" answers. *Por favor, não esqueça de atribuir os pontos se a resposta foi útil ou resolveu o problema.* Thank you/Obrigado
0 Kudos
ryanismean
Contributor
Contributor
‎06-21-2011 07:51 AM

Tried to make it clear that I had already read it but thanks.

0 Kudos
MauroBonder
VMware Employee
VMware Employee
‎06-21-2011 09:48 AM

you have proxy in your network to acess internet ?

if yes, check the configuration in http://virtualisedreality.com/2009/08/13/adding-proxy-settings-to-update-manager/

*Please, don't forget the awarding points for "helpful" and/or "correct" answers. *Por favor, não esqueça de atribuir os pontos se a resposta foi útil ou resolveu o problema.* Thank you/Obrigado
0 Kudos