LikeABrandit
Enthusiast
Enthusiast

vCO Port Issue when connecting to vCenter

Jump to solution

Hi all,

I'm having an issue that I'm hoping is readily resolvable. I'm fairly sure I know what the issue is, just not how to correct it. When I set up vCO to connect to vCenter I receive the error "Exception, 'org.apache.http.conn.HttpHostConnectException: Connection to http://vcenter.domain.com:80 refused'". From what I know about the environment, vCenter here is actually using port 8080 for http connections. I can't seem to modify this behavior in vCO so far. Here are two screenshots to the config and the error itself:

vco_config.png

vco_error.png

Any way to modify the port vCO attempts to use on the http side, or just something I'm missing (seems likely Smiley Happy)?

Thanks!

~Brandit

0 Kudos
1 Solution

Accepted Solutions
LikeABrandit
Enthusiast
Enthusiast

jaytindel,

Apparently I completely missed this the entire time, while I was fully up to date with the build which implements a "fix" for this issue, there is still a workaround which must be followed. A VMware support engineer guided me to a KB and using the workaround of creating a workflow to add the vCenter server does in fact work for me. Here's the KB:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=204246...

Let me know if you run into any trouble with it.

~Brandit

View solution in original post

0 Kudos
17 Replies
robrtb12
Enthusiast
Enthusiast

Hello,

Uncheck "Secure channel" and change Port to 8080

here's what I got on my system:

image.jpg

0 Kudos
LikeABrandit
Enthusiast
Enthusiast

Thanks for the response, unfortunately that hasn't worked for me so far. I just tried it again, but I ended up with this error:

vCO_Error2.png

I'm assuming that SSL should still work regardless. I'm not sure I understand why there's even at attempt to use http on the secure connection in the first place, although maybe this error suggests something else is in fact wrong?

~Brandit

Edit: Also, I wanted to note that testing the connection has always been successful.

0 Kudos
StevenSchlegel
Contributor
Contributor

Hi ho,

I had the same issue before.

Changeing authentication method from "Session per user" to "Share a unique session" worked for me.

vCenter_connection_orchestrator.png

Hope this is working for you.

Greetings,

Steven

0 Kudos
robrtb12
Enthusiast
Enthusiast

What is the exact URL you have tested successfully, minus the actual server & domain?

0 Kudos
LikeABrandit
Enthusiast
Enthusiast

Hi Steven,

Unfortunately I have tried this and the result is the same error message for me. Smiley Sad I went ahead and double-checked both using 8080 / no secure channel and trying 443 / secure channel. The error messages are the same as before, respectively, with "Share a Unique Session" selected.

robrtb12,

The url that tests successfully is the same that I attempt the setup with, "vcenter.domain.com". When I select "Connection Test" while on the radio button "Session per user" and input the same user/pass as my configuration attempts, I get the below upon clicking Ok:

vco_test.png

~Brandit

Edit:

As a side note, after re-reading I'm sure you were curious as to the exact complete URL. The settings were the same before I clicked Connection Test so I assume (unfortunately vCO doesn't tell me) that it would be the same as well: "https://vcenter.domain.com:443/sdk".

0 Kudos
StevenSchlegel
Contributor
Contributor

Two questions:

1. is the URL "https://your-vcenter.your-domain/sdk" reachable?

2. does your serviceaccount (used to connect from Orchestrator to vCenter) has admin-rights in vSphere 4.x / 5.x?

0 Kudos
LikeABrandit
Enthusiast
Enthusiast

Hey Steven,

1) Well, it loads a blank page in IE when I go to "https://vcenter.domain.com:443/sdk" or "https://vcenter.domain.com/sdk" - I'm not sure if that's intended behavior in the browser here or not.

2) Yes, the service account has admin to the 5.1 vCenter.

~Brandit

0 Kudos
StevenSchlegel
Contributor
Contributor

Ok this looks fine to me.

What verson is your vCenter Server running (5.1 / 5.0)?

Have you tried a local admin-user for connecting via vCenter Server plugin?

Could you post a screenshot of the "Permissions"-Tab in vSphere (vCenter Server), please?

This is very strange, because of the "unexpected status code 301" message.

Maybe you could try to setup a brand new vCenter (using vCenter appliance) trying to connect from Orchestrator again

          or

Reinstall the vCenter Server plugin.

... bump ...

0 Kudos
LikeABrandit
Enthusiast
Enthusiast

The version/build of vCenter is 5.1.0 Build 1123961. I have tried a local admin, and since it's SSO I also tested admin@System-Domain (after granting it proper permissions in vCenter) both with identical results. The circled line is the account I'm using in this screenshot of permissions on the vCenter server itself:

vcenter_perms.png

Unfortunately there would be no way to setup another vCenter and the environment is too large to deploy a VCVA (even if the sizing has changed, SQL is the database backend so I'd still need a Windows based vCenter install at the moment). As for reinstalling the plugin, I have done that, as well as redeploying Orchestrator - I suppose I should have mentioned these things, sorry. Smiley Sad

I tend to only ask if I'm really stumped on something. Smiley Happy On that note, it may be that I need to open a support case, I just wanted to make sure I wasn't missing something silly first, plus these discussions may help others and are excellent for tracking the issue easily.

~Brandit

0 Kudos
StevenSchlegel
Contributor
Contributor

I am using the same vCenter (Windows Server Installation) version 5.1.0 build 1123961 and vCenter Orchestrator (Linux Appliance) version 5.1.1 build 2942.

vCenter Server:

vCenter_Build_Version.png


vCenter Orchestrator:

vCenter_Orchestrator_BUILD-Version.PNG

Something might be different between our configurations or software installations / versions ...

Hmm... let me know if you got some help from vmware.

Note:
You can install a vCenter Server Appliance in VM or deploy it from template,

it uses an embedded database (postgre sql, I think).

0 Kudos
LikeABrandit
Enthusiast
Enthusiast

Yeah I'm on the same build for vCO and vCenter. I'm assuming if it's different it'd be in the configs, although both these are recently deployed (within 2 weeks) and it's always possible that it's something in the environment causing the issue.

Thanks for the assistance so far, I'll keep digging for a bit on this one and see if I can come up with anything. I'm currently involved in a few other projects I have to dedicate a lot of attention to so once those are stable I'll see about submitting a ticket and making this my primary focus.

As for the vCenter Appliance, the embedded is postgres (from DB2) as of 5.1 but it still only "officially" supports 5 hosts / 50 VMs. Officially supported is important in larger environments. Smiley Happy On a side note, I'll be deploying a couple of them in my lab soon and seeing how they perform.

Thanks again for the help, I'll keep the discussion updated with any new developments and if anyone has any ideas please send them my way.

~Brandit

0 Kudos
StevenSchlegel
Contributor
Contributor

Hi ho,

Just one more question in case of your existing vCenter Server setup, running on Windows Server.

Do you have the Windows Firewall configured?

This is my very last idea to narrow down the problem...

My configuration of Win Firewall:

FW-Settings_on_Test-vCloud-vCenter.png

Remember: This is just a test setup @ my site! We are not using the vCloud and the vCenter in

a production environment (just keep in mind) 😉

~Steven S.

LikeABrandit
Enthusiast
Enthusiast

Hey Steven,

Windows firewall is not being used on the vCenter server but as for the possibility of ports being blocked causing the issue we're on the same path. I've been thinking that might be happening since doing some more digging yesterday.

I'm trying to work out where in the logical network setup it could be getting blocked though, I'm unaware of any hardware firewalls blocking traffic between vCO and vCenter and can confirm there are no software based ones doing so. I'm going to see about talking with the network admins and doing some traffic monitoring to find out.

Thanks again for all the help, we should write up a manual on vCO connection troubleshooting once this is resolved haha.

~Brandit

0 Kudos
LikeABrandit
Enthusiast
Enthusiast

As an update on this, I've redeployed vCO from scratch, checked for firewalls (as best as my access allows) and ran through setup documentation all with no success. The errors remain exactly the same as before, everything works except the registration, even including the SSO connection and logins and SSO is on the vCenter server I'm trying to register to. Oddly, vSphere Web Client reports the vCO server now. At least I have some consistency I suppose.

Just thought I'd drop by and give an update, if I ever figure out what's causing it I'll post that here too.

~Brandit

0 Kudos
jaytindel
Contributor
Contributor

Having same issue here, any resolution to this?

0 Kudos
LikeABrandit
Enthusiast
Enthusiast

Hey jaytindel,

Unfortunately this fell off my radar, I've been working on a ton of projects since then with several environments. Sorry to hear it's an issue for you too, but I'm relieved to hear I'm not the only one who's noticed it, I was able to consistently replicate the issue so I assume it's not a one-off at this point.

If you're feeling up to it, I'd say the best route would be to open up a support request. I plan to myself whenever I get some time, but I'm currently too busy.

~Brandit

0 Kudos
LikeABrandit
Enthusiast
Enthusiast

jaytindel,

Apparently I completely missed this the entire time, while I was fully up to date with the build which implements a "fix" for this issue, there is still a workaround which must be followed. A VMware support engineer guided me to a KB and using the workaround of creating a workflow to add the vCenter server does in fact work for me. Here's the KB:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=204246...

Let me know if you run into any trouble with it.

~Brandit

0 Kudos