The VCSA proxy configuration/update via the VAMI fails because vmware.com no longer resolves.
search cancel

The VCSA proxy configuration/update via the VAMI fails because vmware.com no longer resolves.

book

Article ID: 380932

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

 

When trying to configure or reset the proxy settings in vCenter Server using the VAMI (https://<FQDN_or_IP_of_VC>:5480), you encounter a failure with an error message similar to:

 

"HTTP: Cannot connect to proxy server" or "HTTPS: Cannot connect to proxy server."

 



Environment

vSphere vCenter Server 6.x
vSphere vCenter Server 7.x
vSphere vCenter Server 8.x

Cause

The issue is that vmware.com is no longer accessible. Applmgmt attempts to connect to vmware.com (which is unreachable) when configuring the proxy settings via the VAMI page.

/var/log/vmwware/applmgmt/applmgmt.log shows a failure similar to the following:

applmgmt.log

[YYYY-MM-DDTHH:MM:SS] [1955902]INFO:vmware.vherd.base.proxy_utils:Testing connection to http://vmware.com through proxy
[YYYY-MM-DDTHH:MM:SS] [1955902]DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): <your.proxy.fqdn:port#>
[YYYY-MM-DDTHH:MM:SS] [1955902]ERROR:vmware.vherd.base.proxy_utils:Connection to proxy failed with error HTTPConnectionPool(host='<your.proxy.fqdn>', port=<yourPort#>): Read timed out. (read timeout=30)
[YYYY-MM-DDTHH:MM:SS] [1955902]DEBUG:vmware.appliance.networking.proxy.proxy_impl:ProxyPingStatus: server = http://<your.proxy.fqdn>
 status = SERVER_UNREACHABLE
message = {'id': 'com.vmware.appliance.proxy.connect_failure', 'default_message': 'Cannot connect to proxy server.', 'args': []}

Note: <your.proxy.fqdn:port#> will be the Proxy Settings you entered into the VAMI page.

Resolution

Broadcom VCF engineering is aware of the issue and a fix is being developed for a future patch of vSphere vCenter Server 7.x and 8.x versions.

The following workaround can be used until the fix is released:

  1. Log in to the VCSA VM via SSH with root credentials.

  2. Fetch your vCenter Server's IP address with the following command:
# ip address show dev eth0
  1. Back up the proxy validation script with the below command: 
# cp -p /usr/lib/applmgmt/networking/py/vmware/appliance/networking/proxy/proxy_impl.py /usr/lib/applmgmt/networking/py/vmware/appliance/networking/proxy/proxy_impl.py.old
  1. Update the proxy validation script with the below command:
    NOTE: Replace <vc_ip_address> with the vCenter Server's ip address
# sed -i -e 's/vmware.com/<vc_ip_address>/g' /usr/lib/applmgmt/networking/py/vmware/appliance/networking/proxy/proxy_impl.py
  1. Restart Appliance Management with the below command:
# service-control --restart applmgmt

 

You should now be able to update the proxy settings via the VAMI page.

 

 

 

Additional Information

Optionally, as a workaround, the user can directly update the /etc/sysconfig/proxy file by following the Option 3 steps in article How to configure Proxy Settings for vCenter Server