Contributor
Contributor

Cannot add standalone host to datacenter in vCenter/vSphere 6.7

Jump to solution

Hello,

I am new to vCenter and trying to learn. Right now I am trying to add a new host onto my vSphere Client.

I am on version 6.7 for my VCSA and have a trial license for the moment.

Our ESXi Hosts are on version 6.7 as well.

--

Workflow for Attempting to Add a Standalone Host on my vCenter:

1. Created a new datacenter and named it "ESXi Hosts".

2. Now when I click to add a 'New Host' -

3. I get prompted to connect to what server so I put in my ESXi host IP address.

4. Then enter the credentials to log into that ESXi host.

5. Confirm the certificate.

6. Get a preview of the ESXi host of its model, version, vendor, and current VMs that are on that host.

7. Assign a license - I am assuming since I am on a trial that the only available license that is shown is the license to the Hypervisor so I kept it as selected then I clicked next.

8. For Lockdown mode, I have it set to disabled.

9. The VM location screen just to confirm to me that it will go to my new datacenter I created.

10. Lastly, click Finish.

--

I see that the Recent Tasks is showing a status at 80% and does not move until it ultimately fails and throws me the error of: "Cannot contact the specified host. The host may not be available on the network, a network configuration problem may exist, or the management service on this host is not responding."

--

I also have coordinated with my firewall team to open up these ports as bi-directional traffic (per VMware documentation I followed - https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vcenter.install.doc/GUID-925370DD-E3D1-455B...) between my vCenter appliance server (1 total) and of all my ESXi hosts (Total hosts we have are 6):

22 - TCP - System port for SSHD
53 - DNS Service
80 - TCP - Direct HTTP connections
88 - TCP - Active Directory server
389 - TCP - LDAP port for Directory services for vCenter Server group
443 - TCP - vCenter listens for connection from vSphere Client
514 - TCP/UDP - vSphere Syslog Collector
636 - TCP - vCenter Single Sign-On LDAPS
902 - TCP/UDP - Port used for vCenter to send data to managed hosts (ESXi heartbeat)
903 - TCP - Remote access to VM console
1514 - TCP - vSphere Syslog Collector TLS port for vCenter Server on Windows and vSphere Syslog Service TLS port for appliance
2012 - TCP - Control interface RPC for vCenter SSO
2014 - TCP - RPC port for all VMCA (VMware Certificate Authority) APIs
2015 - TCP - DNS management
2020 - TCP/UDP - Authentication framework management
5480 - TCP - Appliance Management Interface
6500 - TCP/UDP - ESXi Dump Collector
6501 - TCP - Auto deploy services
6502 - TCP - Auto deploy management
7080, 12721 - TCP - Secure Token Service
7081 - TCP - VMware Platform Services Controller Web Client
7475, 7476 - TCP - VMware vSphere Authentication Proxy
8200, 8201, 8300, 8301 - TCP - Appliance management
8084 - TCP - vSphere Update Manager SOAP
9084 - TCP - vSphere Update Manager Web Server
9087 - TCP - vSphere Update Manager Web SSL
9443 - TCP - vSphere Client HTTPS

--

With those ports being open - I tried to log into the appliance's shell and executed the command: "curl -v telnet://[IP address of an ESXi Host]:902" as a test and I got a connection timed out - failed to connect to [IP address]:902.

--

Questions I have:

1. Do I need to have a license that is NOT a trial/evaluation license in order to add new hosts to my vCenter/vSphere Client?

2. Should I be testing telnet on the ESXi host / shell to my vCenter appliance instead?

3. Any additional configurations on the VCSA or ESXi Host that need to occur in order to establish connection?

3. Are there any additional ports that I have missed that are required to be open?

4. What is the resolution or workaround to resolve me adding new hosts to my datacenter?

Labels (4)
0 Kudos
1 Solution

Accepted Solutions
Leadership
Leadership

A vCenter Server would need to be licensed for you to be able to add new hosts for management PLUS the hosts cannot be licensed with a vSphere Hypervisor license - note that I'm being VERY specific when I say vSphere Hypervisor rather than vSphere:

  • vSphere Hypervisor is a free license that you can get for a standalone host - one that is not managed by a vCenter Server.
  • vSphere is a paid-for license.

View solution in original post

0 Kudos
4 Replies
Leadership
Leadership

@tkongpachith 

Is the host licensed using a free vSphere Hypervisor key? If so, you cannot manage it with a vCenter Server. You would be able to if no key was applied and the host was running in evaluation mode.

0 Kudos
Enthusiast
Enthusiast

HI @tkongpachith 

Reason to drop the connection between the vcenter and the esxi host, could be multiple things like:

- License as @scott28tt mentioned

- 902 udp/tcp port bi-directional opening (you mentioned too). Checks can be done with nc:

nc -z <destination-ip> <destination-port> 

- Service issue on the esxi host (vpxa)

restart the vpxa service, or the complete host.

 



Blog: vxprt.blog
0 Kudos
Contributor
Contributor

@scott28tt I believe my vCenter Eval license has expired... but my vSphere Hypervisor License for my ESXi hosts (that show on the license page of the window to add a new host shows so I apply that license to it. So I do not believe my ESXi hosts are on evaluation mode. Would I need a valid vCenter license in order to proceed and have no issues with adding hosts?

0 Kudos
Leadership
Leadership

A vCenter Server would need to be licensed for you to be able to add new hosts for management PLUS the hosts cannot be licensed with a vSphere Hypervisor license - note that I'm being VERY specific when I say vSphere Hypervisor rather than vSphere:

  • vSphere Hypervisor is a free license that you can get for a standalone host - one that is not managed by a vCenter Server.
  • vSphere is a paid-for license.

View solution in original post

0 Kudos