VMware Cloud Community
bigbrig
Contributor
Contributor
‎01-17-2023 08:15 PM

Cannot access vCenter VAMI on port 5480 - connection reset

I have recently installed vCenter Server version 7.0 as an appliance VM on my ESXi host. 

The web console for vCenter works fine, but when I attempt to access the VAMI web console at https://my_vcenter_fqdn:5480/ - my browser just errors out with a "Connection reset" page, and I cannot access it. 

What I see:

Screenshot-2023-01-17-20_31_01.png

Output of /opt/vmware/var/log/lighttpd/error.log:

2023-01-17 05:40:09: (/build/mts/release/bora-16973022/studio/src/vami/apps/lighttpd/src/log.c.217) server started
2023-01-17 06:00:57: (/build/mts/release/bora-16973022/studio/src/vami/apps/lighttpd/src/connections-glue.c.166) SSL: -1 5 104 Connection reset by peer
2023-01-17 06:00:58: (/build/mts/release/bora-16973022/studio/src/vami/apps/lighttpd/src/connections-glue.c.166) SSL: -1 5 104 Connection reset by peer
2023-01-18 03:20:33: (/build/mts/release/bora-16973022/studio/src/vami/apps/lighttpd/src/connections-glue.c.166) SSL: -1 5 104 Connection reset by peer
2023-01-18 03:20:34: (/build/mts/release/bora-16973022/studio/src/vami/apps/lighttpd/src/connections-glue.c.166) SSL: -1 5 104 Connection reset by peer

 

Output of /var/log/vmware/applmgmt/vami.log:

2023-01-05T01:09:18.952 [33659]INFO:twisted:Received SIGTERM, shutting down.
2023-01-05T01:09:18.954 [33650]DEBUG:detwist:Process pid=33659, exitcode=0
2023-01-05T01:09:18.954 [33650]DEBUG:detwist:Before pPipe close
2023-01-05T01:09:18.954 [33650]DEBUG:detwist:After pPipe close
2023-01-05T01:09:18.955 [33650]DEBUG:detwist:Before cPipe close
2023-01-05T01:09:18.955 [33650]DEBUG:detwist:After cPipe close
2023-01-05T01:09:18.955 [33650]INFO:cgiutil:flow is: ['firstboot']
2023-01-05T01:09:18.955 [33650]INFO:cgiutil:firstboot: succeeded, 100, Starting VMware Performance Charts...
2023-01-05T01:09:18.955 [33650]INFO:cgiutil:Response :
<response><locale>en-US</locale><requestid>getStatus</requestid><value actions="enabled" id="status">succeeded</value><value actions="enabled" id="progress">100</value><value actions="enabled" id="details" /></response>

 

 

Output of service-control --status:

root@vcsa [ / ]# service-control --status
Running:
applmgmt lookupsvc lwsmd observability observability-vapi pschealth vlcm vmafdd vmcad vmdird vmonapi vmware-analytics vmware-certificateauthority vmware-certificatemanagement vmware-cis-license vmware-content-library vmware-eam vmware-envoy vmware-hvc vmware-infraprofile vmware-perfcharts vmware-pod vmware-postgres-archiver vmware-rhttpproxy vmware-sca vmware-sps vmware-statsmonitor vmware-stsd vmware-topologysvc vmware-trustmanagement vmware-updatemgr vmware-vapi-endpoint vmware-vdtc vmware-vmon vmware-vpostgres vmware-vpxd vmware-vpxd-svcs vmware-vsan-health vmware-vsm vsphere-ui vstats vtsdb wcp
Stopped:
vmcam vmware-imagebuilder vmware-netdumper vmware-rbd-watchdog vmware-vcha

 

 

Output of systemctl status vami-lighttp.service:

 

root@vcsa-01 [ / ]# systemctl status vami-lighttp.service
● vami-lighttp.service
Loaded: loaded (/lib/systemd/system/vami-lighttp.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2023-01-17 05:40:09 UTC; 22h ago
Docs: man:systemd-sysv-generator(8)
Process: 15159 ExecStop=/etc/init.d/vami-lighttp stop (code=exited, status=0/SUCCESS)
Process: 15184 ExecStart=/etc/init.d/vami-lighttp start (code=exited, status=0/SUCCESS)
Main PID: 15207 (vami-lighttpd)
Tasks: 1 (limit: 9830)
Memory: 2.9M
CGroup: /system.slice/vami-lighttp.service
└─15207 /opt/vmware/sbin/vami-lighttpd -f /opt/vmware/etc/lighttpd/lighttpd.conf

Jan 17 05:40:09 vcsa-01 systemd[1]: Starting vami-lighttp.service...
Jan 17 05:40:09 vcsa-01 vami-lighttp[15184]: Starting vami-lighttpd:Extracting SSL certificate from VECS
Jan 17 05:40:09 vcsa-01 vami-lighttp[15184]: SSL certificate extracted
Jan 17 05:40:09 vcsa-01 vami-lighttp[15184]: 2023-01-17 05:40:09: (/build/mts/release/bora-16973022/studio/src/vami/apps/lighttpd/sr>
Jan 17 05:40:09 vcsa-01 vami-lighttp[15184]: [ OK ]
Jan 17 05:40:09 vcsa-01 systemd[1]: Started vami-lighttp.service.

 

0 Kudos
5 Replies
maksym007
Expert
Expert
‎01-18-2023 07:34 AM

  • SSH to vCenter, log in as root

  • First list all services and their status:  

    • service-control --status  

  • Try restarting the vmware-vpxd service, which includes Tomcat web server:

    • service vmware-vpxd restart  

  • Failing that try restarting all services:

    • service-control --stop --all

    • service-control --start --all

  • Failing that reboot the server  

0 Kudos
bigbrig
Contributor
Contributor
‎01-18-2023 02:53 PM

None of that worked. Still "connection reset".

0 Kudos
maksym007
Expert
Expert
‎01-20-2023 02:54 AM

The problem is only with VAMI or with whole vCenter

 might be certificate issue

0 Kudos
bigbrig
Contributor
Contributor
‎02-08-2023 10:16 AM

FYI this was a firewall issue. My firewall was blocking the TLS/SSL connection since it was coming from a non-standard port (5480). After the rule was modified I was able to access normally.

0 Kudos
maksym007
Expert
Expert
‎02-08-2023 12:50 PM

I thought such ports are opened by default in firewall rules

0 Kudos