Solved: Running vSphere proxy agent (VRMagent.exe) in diff...

ehlomarcus · ‎02-13-2018

My initial question changed to: How do I run vSphere Proxy agent in a multi domain environment.

-----------------

Due to different active directory domains and other restrictions we are forced to run two servers in datacenter A that hosts the vSphere proxy agent. This agent is then used for an endpoint that is located in datacenter B. Datacenter B is in a different country and have a separate active directory domain.

This is working, but from time to time we get the following error:

2018-02-12T03:29:25.587Z SERVER08 vcac: [component="iaas:VRMAgent.exe" priority="Debug" thread="3192"] [sub-thread-Id="37" context="" token=""] Starting Ping Report
2018-02-12T03:29:30.462Z SERVER08 vcac: [component="iaas:VRMAgent.exe" priority="Debug" thread="3192"] [sub-thread-Id="37" context="" token=""] This exception was caught:
System.Net.WebException: The underlying connection was closed: A connection that was expected to be kept alive was closed by the server. ---> System.IO.IOException: Unable to read data from the transport connection: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond
   at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
   at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   --- End of inner exception stack trace ---
   at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count)
   at System.Net.Security._SslStream.StartFrameHeader(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security._SslStream.StartReading(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security._SslStream.ProcessRead(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.TlsStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.PooledStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.Connection.SyncRead(HttpWebRequest request, Boolean userRetrievedStream, Boolean probeRead)
   --- End of inner exception stack trace ---
   at DynamicOps.Vrm.Agent.Core.VRMCoreAgent.SendPingReport()
   at DynamicOps.Vrm.Agent.Core.CoreAgentBase.SendPingReportLoop(Object sender, ElapsedEventArgs e)
INNER EXCEPTION: System.IO.IOException: Unable to read data from the transport connection: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond
   at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
   at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   --- End of inner exception stack trace ---
   at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count)
   at System.Net.Security._SslStream.StartFrameHeader(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security._SslStream.StartReading(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security._SslStream.ProcessRead(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.TlsStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.PooledStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.Connection.SyncRead(HttpWebRequest request, Boolean userRetrievedStream, Boolean probeRead)
2018-02-12T03:29:30.462Z SERVER08 vcac: [component="iaas:VRMAgent.exe" priority="Error" thread="3192"] [sub-thread-Id="37" context="" token=""] <?xml version="1.0" encoding="utf-16"?>
<boolean>false</boolean>
This exception was caught:
System.Net.WebException: The underlying connection was closed: A connection that was expected to be kept alive was closed by the server. ---> System.IO.IOException: Unable to read data from the transport connection: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond
   at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
   at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   --- End of inner exception stack trace ---
   at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count)
   at System.Net.Security._SslStream.StartFrameHeader(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security._SslStream.StartReading(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security._SslStream.ProcessRead(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.TlsStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.PooledStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.Connection.SyncRead(HttpWebRequest request, Boolean userRetrievedStream, Boolean probeRead)
   --- End of inner exception stack trace ---
   at DynamicOps.Vrm.Agent.Core.VRMCoreAgent.SendPingReport()
   at DynamicOps.Vrm.Agent.Core.CoreAgentBase.SendPingReportLoop(Object sender, ElapsedEventArgs e)
INNER EXCEPTION: System.IO.IOException: Unable to read data from the transport connection: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond
   at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
   at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   --- End of inner exception stack trace ---
   at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count)
   at System.Net.Security._SslStream.StartFrameHeader(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security._SslStream.StartReading(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security._SslStream.ProcessRead(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.TlsStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.PooledStream.Read(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.Connection.SyncRead(HttpWebRequest request, Boolean userRetrievedStream, Boolean probeRead)

Right now I'm stuck in trying to figure out where the problem is. If it is the remote vCSA, or if it is the VPN/Firewall/Loadbalancer, or if it is just the fact that VRMagent is running to far from the endpoint it connects to.

Any ideas?

Meddelandet redigerades av: ehlomarcus

ehlomarcus · ‎02-14-2018

Hi

I've now solved the problem in running vSphere Proxy agent in another domain.

Both installation of the agent and connection to repository is solved by using runas and some hidden command line for the VRMagent.exe

First I ran "runas /netonly /user:REMOTEDOMAIN\Useraccount cmd", then executed the setup exe and completed the installation.

Then I had to stop the windows service and then from a new command prompt run: "VRMagent.exe -Repo-SetCredetials -user SERVICEACCOUNT -password PASSWORD -domain REMOTEDOMAIN

Now it was possible to start the windows service again.

//Marcus

View solution in original post

daphnissov · ‎02-13-2018

It's most likely that the agent is too far away from the vCenter. The agent really needs to be, at the very least, in the same geographic proximity as the vCenter endpoint. There is a lot of talk that goes back and forth, especially for data collects and deployments, so that agent should be deployed in the domain where the vCenter is located.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net

ehlomarcus · ‎02-14-2018

Hi

Then I do I go about installing the proxy agent in the same domain as vCenter in datacenter B? as it will be different than vCenter in datacenter A?

When I try to install the agent, all works fine until Model Manager Web host validation. That fails with a 401: Unauthorized.

daphnissov · ‎02-14-2018

Yes, you will have to install proxy agent in datacenter B closest to vCenter B. Since this has to be a separate machine, that machine must have communication back to vRA. The error you're receiving indicates you don't have proper permissions, possibly due to authentication issues.