larstr
Champion
Champion

vCenter 7.0u1 and Proxy server

Hi,

I have configured a proxy server for VCSA and it's visible within the VAMI interface:

larstr_0-1605179816295.png

Unlike Update Manager that had it's own settings, LCM will in theory inherit the VAMI settings and use these for downloading updates.

I can also connect to the proxy server by using netcat from the vcsa directly:

Spoiler

root@localhost [ ~ ]# nc 10.xxx.yyy.zzz 3128 -vv
proxyhost.domain.com [10.xxx.yyy.zzz] 3128 (ndl-aas) open
GET https://hostupdate.vmware.com/software/VUM/PRODUCTION/addon-main/vmw-depot-index.xml HTTP/1.0

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/xml
ETag: "9e41a4c6fc5f9c133dc8c0a0c4941e8d:1602824593.743052"
Last-Modified: Fri, 16 Oct 2020 05:03:13 GMT
Server: AkamaiNetStorage
Content-Length: 2595
Date: Thu, 12 Nov 2020 11:07:53 GMT
X-Cache: MISS from proxyservername
X-Cache-Lookup: MISS from proxyservername:3128
Via: 1.1 proxyservername (squid/3.5.28)
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<vmwdpm:vendorList xmlns:vmwdpm="http://www.vmware.com/depotmanagement" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.vmware.com/depotmanagement ../../depot-index-xml.xsd">
<vendor>
<name>DellEMC</name>
<code>DEL</code>
<indexfile>DEL-addon-index.xml</indexfile>
<relativePath>addon/DEL</relativePath>
<content>
<name>Partner Addons</name>
<type>http://www.vmware.com/depotmanagement/esx</type>
</content>
</vendor>
...
...

But I'm unable to download any updates both for VAMI and LCM:

larstr_1-1605180950257.pnglarstr_2-1605180982905.png

Anyone else got proxy server settings workng in v7.0u1?

Lars

0 Kudos
3 Replies
lucasbernadsky
Hot Shot
Hot Shot

Hi there! Can you ssh into vCenter and try curl -v telnet://vcsa.vmware.com:443 -x http://proxyserver:port -I -k -u username:password?

0 Kudos
larstr
Champion
Champion

lukasbernardsky,

Sure. Result is similar to what I did with netcat above:

root@localhost [ ~ ]# curl -v telnet://vcsa.vmware.com:443 -x http://10.xxx.yyy.zzz:3128 -I -k
* Rebuilt URL to: telnet://vcsa.vmware.com:443/
* Uses proxy env variable no_proxy == 'localhost, 127.0.0.1'
* Trying 10.xxx.yyy.zzz...
* TCP_NODELAY set
* Connected to 10.xxx.yyy.zzz (10.xxx.yyy.zzz) port 3128 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to vcsa.vmware.com:443
> CONNECT vcsa.vmware.com:443 HTTP/1.1
> Host: vcsa.vmware.com:443
> User-Agent: curl/7.61.1
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* CONNECT phase completed!

Lars

0 Kudos
larstr
Champion
Champion

The solution was to manually edit /etc/sysconfig/proxy with the correct settings.

 

Lars