Recently we have introduced a couple of changes in LCM.
-
HTTPS is a requirement for many enterprise customers. Many of our customers employ strict firewalls, Deep Packet filtering algorithms that only let certain HTTPS traffic through the external gateway. And so today we allow LCM to access the Nutanix portal over HTTPS. (The URL accessed when performing inventory is https://download.nutanix.com/lcm/2.0/)
-
Nutanix is transitioning from delivering LCM modules as a payload that is associated with an LCM release to delivering them as release-independent repository image modules (RIM). This includes both software and firmware modules that is available from LCM 2.3.2.
That’s great! But how does it affect me?
Only if you have blocked HTTP traffic.
At the time of this post, we have identified an issue where LCM could incorrectly poll a HTTP endpoint, instead of HTTPS. It has been documented in the release notes as well. (ENG-310334)
https://portal.nutanix.com/page/documents/details?targetId=Release-Notes-LCM:Release-Notes-LCM
The issue is that if you select Enable HTTPS from the UI, LCM may still try to fetch the module from a HTTP endpoint and this is particularly problematic if there is a web proxy that blocks HTTP.
So what do I do if I really need to perform inventory?
-
Open up port 80 to http://download.nutanix.com until the inventory is complete
-
If the above is not an option, you will have to perform manual updates
We will have a fix for this issue in LCM 2.3.3.
Until then, happy Nutanix-ing!