Cisco Nexus 1000V Virtual Supervisor Module connection to vCenter Server fails
search cancel

Cisco Nexus 1000V Virtual Supervisor Module connection to vCenter Server fails

book

Article ID: 311078

calendar_today

Updated On:

Products

VMware vCenter Server VMware vSphere ESXi

Issue/Introduction

This article provides information on resolving a mismatch between the Nexus 1000V vCenter Server port settings and the actual vCenter Server port settings.

Symptoms:
  • During installation, the Cisco Nexus 1000V Virtual Supervisor Module (VSM) connection to VMware vCenter Server fails.
  • You see the error:

    vms_get_aERROR: [VMWARE-VIM] Operation could not be completed due to connection failure.
    EOF was observed that violates the protocol. The client probably provided invalid authentication information.
    SSL connect failed in tcp_connect()

  • Virtual machines that are down cannot be powered on, and virtual machines cannot be successfully migrated using vMotion.
  • None of the Virtual Ethernet Module (VEM) modules appear as modules in the VSM.


Environment

VMware vCenter Server 4.0.x
VMware ESX 4.0.x
VMware vSphere ESXi 5.0
VMware vSphere ESXi 5.1
VMware vSphere ESXi 5.5
VMware ESX 4.1.x

Cause

The Nexus 1000V VSM connects to vCenter Server via the default TCP/UDP port setting. If the vCenter Server default TCP/UDP ports have been customized, the VSM cannot connect to vCenter Server.

The VSM attempts to connect via ports 80 and 443. These ports can be in use by services other than vCenter Server, with the vCenter Server ports customized to other values.

Resolution

To resolve this issue, modify the vCenter Server default TCP/UDP port setting.

Note: If you cannot modify the vCenter Server default TCP/UDP port setting in the steps below, contact Cisco support for any additional assistance to modify the ports the Nexus 1000V uses to connect to the vCenter Server. See step 6, below.

To set the HTTP/HTTPS proxy ports in vCenter Server:

Note: This example uses ports 81 and 444 as the target ports.

  1. Log into vCenter Server using the vSphere Client.
  2. Navigate to Administration > vCenter Server Settings > Advanced Settings.
  3. Locate WebService.Ports.http and change the value to 81.
  4. Locate WebService.Ports.https and change the value to 444.

    Note: You may use any available ports for these values.

  5. Restart vCenter services. For more information, see Stopping, starting, or restarting vCenter services (1003895).
  6. Take backup of the running configuration, and change the port on the VSM point to port 81 for SVS connections. If you experience any difficulty understanding these commands or do not know how to enter supervisor mode on the Nexus, engage Cisco support:

    1. switch# copy run start
    2. switch# config t
    3. switch(config)# svs connection VC
    4. switch(config-svs-conn)# protocol vmware-vim
    5. switch(config-svs-conn)# remote ip address vCenter Server IP address
    6. switch(config-svs-conn)# remote port 81
    7. switch(config-svs-conn)# vmware dvs datacenter-name Datacenter
    8. switch(config-svs-conn)# connect

    Note: If you experience any difficulty understanding these commands or do not know how to enter supervisor mode on the Nexus, engage Cisco support

  7. After connecting from the VSM to vCenter and the VEMs appear in the VSM, enter the copy run start command to save your new configuration. Otherwise, enter the revert command to wipe away your changes; then establish what the vCenter IP address and port number are and try again.

To modify vCenter Server TCP/UDP ports using regedit:

Note: This procedure modifies the Windows registry. Before making any registry modifications, ensure that you have a current and valid backup of the registry and the virtual machine. For more information on backing up and restoring the registry, see Microsoft Knowledge Base article How to Modify the Windows Registry.

Note: The preceding link was correct as of July 7, 2014. If you find the link is broken, provide feedback and a VMware employee will update the link.
  1. Click Start > Run, type regedit and click OK.
  2. Navigate to:

    HKEY_LOCAL_MACHINE\SOFTWARE\Vmware, Inc.\VMware VirtualCenter

  3. HttpProxyPort identifies the port configured for HTTP and has a default value of 80.

    To change this value:
    1. Double-click HttpProxyPort.
    2. Change the Value data.
    3. Click OK.

  4. HttpsProxyPort identifies the port configured for HTTPS and has a default value of 443.

    To change this value:
    1. Double-click HttpsProxyPort.
    2. Change the Value data.
    3. Click OK.

  5. Reboot the server and see step 6 above to correct the port setting in the Nexus.




Additional Information

To test the connectivity from the Nexus 1000V VSM to the vCenter Server on ports 80 and 443:
  • Use telnet to connect to the vCenter Server from any other Windows virtual machine on port 443.
  • Create a new virtual machine or use any existing windows virtual machine and make it part of the same portgroup/dvportgroup as the Nexus 1000V VSM, then use telnet from that Windows virtual machine to vCenter Server on port 443.
  • Do a traceroute from the vCenter Server to the Nexus 1000V VSM and note the result.
  • Set up a wireshark trace on the vCenter Server to capture the events for ports 80 and 443.

For more information on setting the vCenter Server ports in the Nexus 1000V, see Managing Server Connections in Cisco Nexus 1000V System Management Configuration Guide, Release 4.0(4)SV1(2).

Note: The links in this article were correct as of February 18, 2014. If you find a link is broken, provide feedback and a VMware employee will update the link.How to stop, start, or restart vCenter Server services

Impact/Risks:
The vCenter services must be restarted if the port numbers are changed. Similarly, the VSM must be resynchronized after modifying the configuration.

Powered by Wolken Software