Question

Unable to add vCenter as target


Badge +3
Hi all,

I'm trying to add a new vCenter target but I get this error

[24/Jul/2017:17:21:54] HTTP Traceback (most recent call last):File "/home/nutanix/xray/lib/py/CherryPy-3.2.4-py2.6.egg/cherrypy/_cprequest.py", line 656, in respondresponse.body = self.handler()File "/home/nutanix/xray/lib/py/CherryPy-3.2.4-py2.6.egg/cherrypy/lib/encoding.py", line 188, in __call__self.body = self.oldhandler(*args, **kwargs)File "/home/nutanix/xray/lib/py/CherryPy-3.2.4-py2.6.egg/cherrypy/_cpdispatch.py", line 34, in __call__return self.callable(*self.args, **self.kwargs)File "/builds/d8a0d508/0/charon/charon-main/builds/build-master-release/codex-python-tree/bdist.linux-x86_64/egg/codex/server.py", line 738, in wrapperFile "/builds/d8a0d508/0/charon/charon-main/builds/build-master-release/xray-python-tree/bdist.linux-x86_64/egg/xray/server.py", line 2565, in discoveryFile "/builds/d8a0d508/0/charon/charon-main/builds/build-master-release/xray-python-tree/bdist.linux-x86_64/egg/xray/server.py", line 1906, in _do_discoveryFile "/builds/d8a0d508/0/charon/charon-main/builds/build-master-release/xray-python-tree/bdist.linux-x86_64/egg/xray/plugins/charon.py", line 755, in discover_vsphere_clustersFile "/builds/d8a0d508/0/charon/charon-main/builds/build-master-release/xray-python-tree/bdist.linux-x86_64/egg/xray/plugins/charon.py", line 1121, in ad_hoc_rpcFile "/builds/d8a0d508/0/charon/charon-main/builds/build-master-release/xray-python-tree/bdist.linux-x86_64/egg/xray/plugins/charon.py", line 1093, in do_rpcCodexError: ERROR: Unable to discover clusters: InternalError: Exception(u'my_vcneter_ip:443 is not a VIM server',)
[24/Jul/2017:17:21:54] Sending the following error response with status 500:{"details": "InternalError: Exception(u'my_vcenter_ip:443 is not a VIM server',)","message": "ERROR: Unable to discover clusters"

I also tried to add vcenter IP and hostname in the "no_proxy" variable as well, given that I'm using a httphttps proxy to authenticate against my.nutanix.com

10 replies

Badge +3
Just wanted to add that x-ray eth0 and vCenter are on the same VLAN and i can ping vCenter from x-ray VM

Thanks

Sergio
Userlevel 2
Badge +10
Hi Sergio,

Is that vCenter already used for another target that is working? In other words, in the past has X-Ray ever successfully connected to that vCenter IP?
In another thread, you configured the proxy. Have you tried with/without the proxy?

Regards,
Kevin
Userlevel 2
Badge +10
Perhaps you'll need to exclude your LAN addresses from being proxied. You could try adding the address to a line in /etc/environment:

no_proxy="localhost, 127.0.0.1, your.vcenter/lan/addresses.here"
Badge +3
Hi Kevin,
this is the first time I try to connect X-Ray to vCenter, so non successfull connections to vCenter in the past.
If I try a "wget https://my_vcenter_ip_or_domain" i get a "200 - OK" response

[root@xray ~]# wget https://my_vcenter_ip_or_domain--2017-07-25 09:20:51-- https://my_vcenter_ip_or_domain/Resolving my_vcenter_ip_or_domain... 10.0.X.Y.ZConnecting to my_vcenter_ip_or_domain|10.0.X.Y.Z|:443... connected.ERROR: cannot verify my_vcenter_ip_or_domain’s certificate, issued by “/DC=com/DC=domain/CN=MY_CA”:Unable to locally verify the issuer’s authority.To connect to my_vcenter_ip_or_domain insecurely, use ‘--no-check-certificate’.[root@xray ~]# wget https://my_vcenter_ip_or_domain --no-check-certificate--2017-07-25 09:21:08-- https://my_vcenter_ip_or_domain/Resolving my_vcenter_ip_or_domain... 10.0.X.Y.ZConnecting to my_vcenter_ip_or_domain|10.X.Y.Z|:443... connected.WARNING: cannot verify my_vcenter_ip_or_domain’s certificate, issued by “/DC=com/DC=domain/CN=MY_CA”:Unable to locally verify the issuer’s authority.HTTP request sent, awaiting response... 200 OKLength: 3029 (3.0K) [text/html]Saving to: “index.html.1”
Badge +3
Hi cwilson,

I tried to add vcenter IP to "no_proxy" variable and I'm able to get a "200 - OK" if I do a wget of vCenter IP or hostname on HTTPS

[root@xray ~]# wget https://my_vcenter_ip_or_domain--2017-07-25 09:20:51-- https://my_vcenter_ip_or_domain/Resolving my_vcenter_ip_or_domain... 10.X.Y.ZConnecting to my_vcenter_ip_or_domain|10.X.Y.Z|:443... connected.ERROR: cannot verify my_vcenter_ip_or_domain’s certificate, issued by “/DC=com/DC=crifnet/CN=CRIF-SUB-CA”:Unable to locally verify the issuer’s authority.To connect to my_vcenter_ip_or_domain insecurely, use ‘--no-check-certificate’.[root@xray ~]# wget https://my_vcenter_ip_or_domain --no-check-certificate--2017-07-25 09:21:08-- https://my_vcenter_ip_or_domain/Resolving my_vcenter_ip_or_domain... 10.X.Y.ZConnecting to my_vcenter_ip_or_domain|10.X.Y.Z|:443... connected.WARNING: cannot verify my_vcenter_ip_or_domain’s certificate, issued by “/DC=com/DC=crifnet/CN=CRIF-SUB-CA”:Unable to locally verify the issuer’s authority.HTTP request sent, awaiting response... 200 OKLength: 3029 (3.0K) [text/html]Saving to: “index.html.1”
Userlevel 2
Badge +10
Just for clarity, after changing the no_proxy variable you're able to communicate with the vcenter server as illustrated by wget, but attempts to connect to it with X-Ray are still failing. Is that correct?
Badge +3

cwilson wrote:Just for clarity, after changing the no_proxy variable you're able to communicate with the vcenter server as illustrated by wget, but attempts to connect to it with X-Ray are still failing. Is that correct?


Hi cwilson, yes that's correc, target creation is still failing. can you confirm I only need to reach port 443 TCP from X-Ray to vCenter?

Thanks for support

Sergio
Userlevel 2
Badge +10
Yes should just be port 443. X-Ray uses the standard management API.
Userlevel 7
Badge +35
Hi @sgtserge we did not hear from you and wanted to see if you were able to get this working? Also have you installed the latest release [link] - Let us know -always great sharing with the community. Thanks 👍
Userlevel 7
Badge +35
Hi @sgtserge Just wanted to see how things are going and if you tried installing the latest release? Think that might help. Let us know in this thread. Thanks 👍

Reply