VMware Cloud Community
Henrique_Cicuto
Enthusiast
Enthusiast
‎03-06-2015 03:58 AM
Jump to solution

Unable to access vCloud Director VM console

Good morning,

We´re facing a very strange issue when trying to access a virtual machine console through the vCloud Director 5.6 Web Portal.

Let me describe the environment:

1 - 2 vCloud Director Cells;

2 - 1 Load Balancer;

3 - 1 VIP for the console proxy; 1 VIP for the web portal;

4 - 1 wildcard CA-signed certificate (*.<domain>) instead of the regular 2 host certificates (http.<domain> and consoleproxy.<domain>);

5 - The following procedure was used to create the Java Keystore and be able to import the same certificate twice (each time with a different alias):

openssl pkcs12 -in /keystore/<company>.pfx -out /keystore/<company>.pem

openssl pkcs12 -export -in /keystore/<company>.pem -inkey /keystore/<company>.key -out /keystore/<company>_http.p12 -name "http"

openssl pkcs12 -export -in /keystore/<company>.pem -inkey /keystore/<company>.key -out /keystore/<company>_console.p12 -name "consoleproxy"

keytool -v -importkeystore -srckeystore /keystore/<company>_console.p12 -srcstoretype PKCS12 -destkeystore /keystore/<company>.ks -deststoretype JCEKS

keytool -v -importkeystore -srckeystore /keystore/<company>_http.p12 -srcstoretype PKCS12 -destkeystore /keystore/<company>.ks -deststoretype JCEKS

6 - Running "keytool -list -keystore /keystore/<company>.ks -storetype JCEKS" shows both aliases within the keystore;

7 - vCD installer did not complain about it;

8 - Certificate is loaded correctly when accessing the web portal

Now the issue:

1 - Web portal opens as it should;

2 - Every kind of action is possible and works fine;

3 - When we open a VM console for the first time, it opens normally;

4 - If we close it and try to reopen, or if we try to open a second console, it won´t open;

5 - Depending on the browser:

5.1 - Console stays black; Status starts at "Connecting"; Changes to "Disconnected" after a short while;

5.2 - Console stays blank; Status freezes at "Loading"; Sometimes it goes to "Disconnected";

6 - If we reboot both cells, it starts all over (able to open the first console; unable to open the rest);

7 - Same behavior if accessing using the VIP (through the load balancer) or directly (using the Cells internal IP address).

I´ve seen some topics with what appeared the same problem but no conclusive answer.

Any help on this topic would be appreciated.

Thank you very much.

0 Kudos
1 Solution

Accepted Solutions
Henrique_Cicuto
Enthusiast
Enthusiast
‎03-10-2015 10:17 AM
Jump to solution

Fixed it.

1 - Upgrade from vCD 5.6.3 to 5.6.4.

2 - Something with the VMs we had deployed for testing. We erased them and the new ones did not have the behavior.

View solution in original post

0 Kudos
4 Replies
IamTHEvilONE
Immortal
Immortal
‎03-06-2015 06:11 AM
Jump to solution

Are you using any sort of SSL Termination (offload) for the Console Proxy VIP?

For a consistency check, can you bypass the load balancer?  e.g. use etc/hosts and put the public address for console proxy there and resolve it directly to a cell IP address?

If this allows you to consistently open a console, then it sounds like the load balancer.

For vCD 5.6, the browser matters as there are two "styles" of consoles.  Windows IE = VMRC, Windows/MAC Chrome/FF = HTML5

If you think it has to do with Chrome/FF, then try IE on Windows.

If the wildcard certificate is signed by an externally recognized CA by the browser, then that's great.  If not, then make sure to create an exception as per this KB: kb.vmware.com/kb/2058496

0 Kudos
Henrique_Cicuto
Enthusiast
Enthusiast
‎03-06-2015 08:42 AM
Jump to solution

Hum... I did the hosts file test and that helped me discover another two behaviors.

1.

If I try opening a console, it opens.

If I close it and try to re-open it, it won´t open (nothing new here).

But, if I wait about 5 minutes, it will open again.

2.

If I try opening a console, it opens.

If I try opening a console to another VM, it won´t open.

If I wait around 5 minutes I´ll only be able to open the console of the first virtual machine. The other one simply won´t open.


It seens like actually I have two issues:


1. Some sort of minimum interval between the closing/re-opening consoles;

2. I can´t open two consoles (to two different VMs) at the same time.


Test were done going throught the load balancer and also bypassing it.

0 Kudos
Henrique_Cicuto
Enthusiast
Enthusiast
‎03-10-2015 10:17 AM
Jump to solution

Fixed it.

1 - Upgrade from vCD 5.6.3 to 5.6.4.

2 - Something with the VMs we had deployed for testing. We erased them and the new ones did not have the behavior.

0 Kudos
iseek
Contributor
Contributor
‎06-04-2015 10:43 PM
Jump to solution

what web browser do you use to open VM console in vCloud director version  5.6.4??

0 Kudos