VMware Cloud Community
fr0nk
Contributor
Contributor
‎01-23-2013 01:43 PM

vCD: Network connection to vShield Manager failed.

Hi,

I'm setting up my vCD-Environment. Except for the following stumbling blocks everything went fine, until now...

- You can skip this part -

  • I set up my RHEL 6.3 and checked the prereq libs as stated in http://pubs.vmware.com/vcd-51/topic/com.vmware.ICbase/PDF/vcd_51_install.pdf. I could install everything through yum after enabling the repository except for: libxdmcp. This one I had to download from a binary compatible centos repo and rpm -i it.
  • I stumbled across the fact that in the default config, iptables blocks the traffic to the vCD HTTPS UI. Even from localhost o_O. I had to either enable firewall exceptions or disable the firewall entirely. I went with service iptables stop and disabled it entirely at the boot time with chkconfig iptables off. I'm planning to enable it when everything works and wanted to eliminate any problems in the test phase.
  • With the unconfigured vCD in place, I started to set up vShield Manager: login -> enable -> $password -> setup. Straight forward. I used the 5.1 OVF.
  • after wr mem my running-config looks like this:

[...]

enable-password hash $hash

!

user passwordreset password hash $hash

!

ntp server 0.de.pool.ntp.org

!

ip name server <ip>

!

hostname $hostname

!

interface mgmt

ip address $ip/net

!

ip route 0.0.0.0/0 $gw

!

web manager

Looks pretty normal, I guess... The vSM web interface is reachable so I configured the lookup service URL, configured the DNS servers, the NTP server and registered vSM in my vCenter. The vSM Admin user is the builtin admin. For the connection to the vCenter server I used a service account that is vCenter admin as well as vSM enterprise admin.

Then I started the vCD quick start wizard. It first asks me to connect to vSM, so I gave it the same account that I used to connect to the VC and also is enterprise admin in vSM.

The wizard tells me: vCD: Network connection to vShield Manager failed.

After I saw in the cell.log that the cell started fine I looked in the logs (/opt/vmware/vcloud-director/logs) and found in vcloud-container-info.log the following exception that is being thrown every time i try to register vSM in vCD:

2013-01-23 18:08:02,563 | INFO     |  pool-jetty-52             | ShieldSessionManager           | Test  connection to vsm:$ip vsmManager.loginToVSM(). |

2013-01-23 18:08:02,564 | INFO     |  pool-jetty-52             | CapabilityManager              |  VSMCLIENT-2.0.0 getVsmVersion; URI  :https://$ip:443/api/1.0/global/heartbeat |

2013-01-23 18:09:05,565 | INFO     |  pool-jetty-52             | ShieldSessionManager           | Test  connection with vsm:$ip failed to establish. |

com.vmware.vshield.vsmclient.exceptions.VSMNotReachableException: Network connection to vShield Manager failed

I couldn't believe the vSM machine wasn't reachable since the VC plugin worked just fine.

I then tried to ping the vSM from the vCD RHEL console: no echo reply. I was not sure whether the vSM is supposed to be pingable at all, so I tried a ping from my VC: success! Wait, what? The VC, the vSM and the vCD machine are on the same dvPortgroup in the same subnet and share the same VLAN... and just to be sure I put them on the same Host! The vCD RHEL has its iptables firewall completely turned off so I don't see any chanche that it blocks this echo requests or replys.

I'm running out of ideas here. Can you please help?

Thanks & kind regards,

Frank

Reply
0 Kudos
1 Reply
mhhutt
Contributor
Contributor
‎06-05-2014 05:43 AM

I had the same error. I resolved it but checking my DNS config and ensuring that my DNS entries were correct.

Reply
0 Kudos