VMware Cloud Community
sajithru
Enthusiast
Enthusiast
‎03-31-2017 05:45 AM

VROPS EP agent fails to connect with the server

Hi All,

I'm trying to monitor a SQL Server deployment with VROPS EP agent. I have installed SQL Server management pack and EP agent.

But I see following errors at EP agent logs and startup.

31-03-2017 18:03:15,206 IST ERROR [AiReportSender] [AutoinventoryCommandsServer] Unable to send autoinventory platform data to server, waiting for 22 seconds before retrying.  Error: Unable to communicate with server -- provider not yet setup. Agent might still be initializing.

31-03-2017 18:03:15,300 IST INFO  [autoinventory-scanner] [AutoinventoryCommandsServer] starting runtime scan, Sync Mode:false

31-03-2017 18:03:15,300 IST INFO  [autoinventory-scanner] [AutoinventoryCommandsServer] runtime scan complete 0 ms, Sync Mode:false

31-03-2017 18:03:18,628 IST ERROR [main] [BizappCallbackClient] peer not authenticated

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

    at sun.security.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)

    at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)

    at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:390)

    at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)

    at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)

    at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)

    at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:561)

    at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)

    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)

    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)

    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:732)

    at org.hyperic.util.http.HQHttpClient.post(HQHttpClient.java:117)

    at org.hyperic.util.http.Server.send(Server.java:128)

    at org.hyperic.util.http.ServersManager.sendTryAll(ServersManager.java:172)

    at org.hyperic.hq.bizapp.client.BizappCallbackClient$BizappCallbackHTTPClient.post(BizappCallbackClient.java:381)

    at org.hyperic.lather.client.LatherHTTPClient.invokeUnparsed(LatherHTTPClient.java:224)

    at org.hyperic.hq.bizapp.client.BizappCallbackClient.invokeUnparsedLatherCall(BizappCallbackClient.java:329)

    at org.hyperic.hq.bizapp.client.BizappCallbackClient.bizappServerInfo(BizappCallbackClient.java:123)

    at org.hyperic.hq.bizapp.agent.client.AgentClient.testProvider(AgentClient.java:290)

    at org.hyperic.hq.bizapp.agent.client.AgentClient.testConnectionToProvider(AgentClient.java:318)

    at org.hyperic.hq.bizapp.agent.client.AgentClient.cmdSetup(AgentClient.java:542)

    at org.hyperic.hq.bizapp.agent.client.AgentClient.cmdSetupIfNoProvider(AgentClient.java:418)

    at org.hyperic.hq.bizapp.agent.client.AgentClient.main(AgentClient.java:1359)

C:\ep-agent\bin>ep-agent.bat restart

Logs can be found at: C:\ep-agent\bin\..\log\agent.operations.log

wrapper  | Stopping the End Point Operations Management Agent service...

wrapper  | End Point Operations Management Agent stopped.

wrapper  | Starting the End Point Operations Management Agent service...

wrapper  | End Point Operations Management Agent started.

[ Running agent setup ]

- The agent loaded an existing token

    1490958663581-3785361662719748396-1085369844095871466

Enter the server hostname or IP address: vrops.vmtestlab.com

Enter the server SSL port [default=443]: 443

- Testing secure connection ...

Unable to complete automatic agent setup. The authenticity of the host cannot be established for one of the following reasons:

1. An untrusted certificate was presented.

2. The host is unreachable.

3. The agent machine or the host are overloaded.

Verify the serverIP and serverCertificateThumbprint agent properties and retry.

peer not authenticated

I followed this guide for implementation. I have VROPS v6.4 with vCenter v6.5 and Trying to monitor SQL Server 2012 on Windows Server 2016 R2. No firewall in between.

0 Kudos
4 Replies
Kpitt
VMware Employee
VMware Employee
‎03-31-2017 06:18 AM

At first initial glance it looks like the epops agent cannot make a secure connection back to the vROps installation. Are you using a custom certificate for the vROps?

If you are using a customer certificate for vROps please be sure to grab the first thumbprint from the certificate (in the admin UI). If you are using the VMware default certificate, take the 2nd thumbprint.

I might suggest to "reset" the agent with the following KB - How to reset End-Point Operations Agent (2141807) | VMware KB .

Please also ensure that the Machine where the epops agent is installed can communicate to vROps over port 443.

-K

0 Kudos
sajithru
Enthusiast
Enthusiast
‎03-31-2017 06:25 AM

Yes I'm using a custom certificate and I provided the thumbprint of that certificate at the setup. I have tried 2 other virtual machines which are in the same vCenter/VROPS environment and they both can successfully connect with VROPS. Ill try to reset the epops agent as suggested.

0 Kudos
sajithru
Enthusiast
Enthusiast
‎04-03-2017 04:43 AM

Hi, I tried to reset epops agent but still I cannot connect to VROPS from epops agent. I have identified the issue is with only domain joined servers. Even the VMs which has connectivity loose their connectivity with VROPS after they joined domain. I have checked windows firewalls. All the firewall attributes are turned off.

0 Kudos
evolex
Enthusiast
Enthusiast
‎04-24-2017 01:30 PM

Was this fixed? Can you post the ssl section of the agent.properties file found under {EP-AGENT-HOME}/conf/agent.properties ?

0 Kudos