VMware Cloud Community
rm_bk
Enthusiast
Enthusiast
‎04-18-2019 12:25 PM

VCSA 6.7U2 VAMI Update Fails With "Check the URL and try again"

My VCSA can't connect to the update source.  Tailing /var/log/vmware/applmgmt/applmgmt.log reveals:

2019-04-18T19:10:49.671 [19010]ERROR:vmware.appliance.update.update_functions:Can't read JSON file /etc/applmgmt/appliance/software_update_state.conf [Errno 2] No such file or directory: '/etc/applmgmt/appliance/software_update_state.conf'

Not sure if that's related.  Later I see:

2019-04-18T19:11:00.264 [19010]DEBUG:vmware.appliance.update.update_functions:runCommandAndCheckResult failed: LocalizableException({'id': 'com.vmware.appliance.update.download_failed', 'args': [], 'default_message': 'Download failed'}, '', '--2019-04-18 15:10:50--  https://vapp-updates.vmware.com/vai-catalog/valm/vmw/8d167796-34d5-4899-be0a-6daade4005a3/upgrade_in... vapp-updates.vmware.com... 184.27.136.35, 2600:1402:f000:385::2ef, 2600:1402:f000:3a1::2ef\nConnecting to vapp-updates.vmware.com|184.27.136.35|:443... failed: Connection timed out.\nConnecting to vapp-updates.vmware.com|2600:1402:f000:385::2ef|:443... failed: Network is unreachable.\nConnecting to vapp-updates.vmware.com|2600:1402:f000:3a1::2ef|:443... failed: Network is unreachable.\n')

2019-04-18T19:11:00.264 [19010]DEBUG:vmware.appliance.update.update_b2b:Index file not present for the url https://vapp-updates.vmware.com/vai-catalog/valm/vmw/8d167796-34d5-4899-be0a-6daade4005a3/upgrade_in...

But when I curl to those URL's from the VAMI bash shell, I can retrieve them just fine.  What gives?  We do use a proxy server.  When I refresh the VAMI update page to retry, netstat reveals:

tcp 01 contoso:47782 as-40816.engx.vmw:httpsSYN_SENT
tcp 01 contoso:46324 a104-74-67-235:www-httpSYN_SENT
tcp 01 contoso:33058 a104-74-67-235.de:httpsSYN_SENT

Oopsie, it's not using our proxy.  But curl is definitely using it.  /etc/sysconfig/proxy is present and properly formatted per kb article -- both http and https are present.  Wat do?

Reply
6 Replies
budai88
Contributor
Contributor
‎05-17-2019 03:14 AM

Chek the log at: /var/log/vmware/applmgmt/applmgmt.log

Look for wget

I can see this kind of lines

[2355]DEBUG:vmware.appliance.update.update_functions:Running /usr/bin/wget --no-check-certificate --connect-timeout 10 -P /storage/core/software-update/tmp/latest https://vapp-updates.vmware.com/vai-catalog/valm/vmw/8d167796-34d5-4899-be0a-6daade4005a3/6.7.0.3000... -e use_proxy=yes -e http_proxy=https://http://<foobar>:8080

Which is wrong. So......

I have found a solution:

1: At VCSA level either VAMI or CLI (/etc/sysconfig/proxy) you should turn off proxy config.

2: Configure the following file: /etc/wgetrc

like:

http_proxy = http://proxy.yoyodyne.com:18023/

https_proxy = http://proxy.yoyodyne.com:18023/

use_proxy=on

Then It should work like a charm.

Good Luck.

Reply
Brian_007
Contributor
Contributor
‎05-22-2019 12:31 PM

Editing the /etc/wgetrc solved my issue with getting the VCSA patch downloaded (thanks).  Any suggestions for getting VUM working with a proxy?  Nothing I've tried has worked properly for VUM to connect.

Reply
emcclure
Enthusiast
Enthusiast
‎05-23-2019 03:16 PM

I had a ticket opened with VMware to get this resolved.  Rather simple really.  Not sure why it's not in a document somewhere on the interwebs.

In the settings page for Update Manager just put the proxy information in.  I didn't put in any http://proxy.address, I just put in proxy.address and then specified the port number.  If you have credentials then use them.  However do not click on Test Connection.  That button doesn't seem to work right.  It might take a moment for the updated settings to show in vCenter.  You should then be able to click on Download Now in the upper right and it should get the latest patch definitions, which as of today was May 13th.  If you run into issues you can either restart the update manager service from the GUI or if you like command line stuff you can putty into the appliance and use:

service-control --stop vmware-updatemgr

service-control --start vmware-updatemgr

Hope this helps.

Reply
Czernobog
Expert
Expert
‎06-05-2019 03:47 AM

The workaround (editing etc/wgetrc) does work with the latest 6.7 u2a patch. None of the 6.x seemed to have a working proxy configuration out of the box, this is frustrating.

I yearn the day when VMware will finally fix this in the various appliances (with VRLM having the most ridiculous workaround), it seems like the company is not aware at all that clients use proxies in their environments.

Reply
0 Kudos
rm_bk
Enthusiast
Enthusiast
‎06-05-2019 07:32 AM

Agreed.  We have a history of challenges surrounding the proxy configuration of our vCenters.

Reply
0 Kudos
fcocquyt16
Contributor
Contributor
‎06-27-2020 11:54 AM

I updated our test ENV vcenter from 6.5 to 7.0

I ran into this error with the proxy setting

Disabling the proxy and manually putting the proxy settings via SSH into /etc/wgetrc allowed me to update to the latest vcenter 7.0 build

thanks

Reply
0 Kudos