VMware Cloud Community
Martin_Norrsken
Enthusiast
Enthusiast

VMWare Update Manager, connecting to wrong port

My host update is trying to connect to port 80 on my VC server, but the patch depot is on port 9084 as stated by

--2008-01-22 13:18:34.571 'HttpSvc' 2576 info-- Http Service started: TCPServerSocket(listen=:9084)

(ip address crossed out)

--2008-01-22 13:19:25:493 'SingleHostScanTask.SingleHostScanTask{6}' 216 DEBUG-- [vciTaskBase, 416] Task started...

[2008-01-22 13:19:25:524 'HostUpdateConfig' 216 INFO] [hostUpdateConfig, 229] Patch depot url: [http://x.x.x.x:80/vci/hostupdates/hostupdate|http://x.x.x.x/vci/hostupdates/hostupdate]

[2008-01-22 13:19:25:540 'SetFirewallConfig' 216 INFO] [hostUpdateBase, 376] Checking firewall configuration for host: x.x.se

[2008-01-22 13:19:25:540 'SetFirewallConfig' 216 INFO] [hostUpdateBase, 377] Ruleset name: updateManager

[2008-01-22 13:19:27:243 'SetFirewallConfig' 216 INFO] [hostUpdateBase, 384] Firewall ruleset activated

[2008-01-22 13:19:29:056 'ScanHost' 216 INFO] [hostUpdateBase, 279] Depot for update: Unknown corrupted. remove the package from DB.

[2008-01-22 13:19:29:056 'ScanHost' 216 ERROR] [hostUpdateBase, 165] Patch Metadata Not Found: [PatchID: Unknown]

--2008-01-22 13:19:29:071 'SingleHostScanTask.SingleHostScanTask{6}' 216 ERROR-- [vciTaskBase, 442] Task execution has failed: SingleHostScan : Patch Metadata Not Found: [PatchID: Unknown]

--2008-01-22 13:19:29:071 'VciScanTask.ScanTask{3}' 216 DEBUG-- [vciTaskBase, 465] A subTask finished: VciHostScanTask{4}

Reply
0 Kudos
4 Replies
Martin_Norrsken
Enthusiast
Enthusiast

Also this is the worst post editor ever, cant even post a log output without it garbling it.

Reply
0 Kudos
bflynn0
Expert
Expert

It is actually supposed to connect to port 80. I'm not sure if it's possible to change that or not, but if you look in your log you can see the Patch depot location with port 80:

2008-01-22 13:19:25:524 'HostUpdateConfig' 216 INFO] Patch depot url: http://x.x.x.x:80/vci/hostupdates/hostupdate

This is the location the ESX Hosts will connect to for patches

Reply
0 Kudos
spawnxx
Contributor
Contributor

Just Stop the FireWall before Scanning the Host or permanently add the port you have chosen during updater setup to the firewall exeptions rulz.

Reply
0 Kudos
DougBaer
Commander
Commander

I can think of a few options, but I am not sure any of them are an optimal solution:

1) as mentioned, disable the firewall prior to each UM scan

2) enable one of the existing firewall rules that allows the port in question (I had someone use the EMC Networker client rule because it opened the port that they had used)

3) edit the updateManager firewall macro in /etc/vmware/firewall on each ESX host to specify your new port -- probably not supported and probably gets replaced during upgrade

4) run UM on the default port 80

Doug Baer, Solution Architect, Advanced Services, Broadcom | VCDX #019, vExpert 2012-23
Reply
0 Kudos