VMware vSphere Lifecycle Manager had an unknow error when scan entity
search cancel

VMware vSphere Lifecycle Manager had an unknow error when scan entity

book

Article ID: 390520

calendar_today

Updated On:

Products

VMware vCenter Server 7.0 VMware vCenter Server 8.0

Issue/Introduction

The compliance check is failing on task of "Scan entity" when using ISO files but is working fine when using the zip file with the error messages:

Task Name: Scan entity
Status: VMware vSphere Lifecycle Manager has an unknow error. Check the events and log files for details.

Environment

VMware vCenter Server 8.x 
VMware vCenter Server 7.x

Cause

As part of the compliance check, VUA was installed on the ESXi host and started http service to listen from VC. But the compliance check was failing due to Application control application called "Fortigate" blocking the port 80 from vCenter to ESXi.

Please find the snippet below. 

VUA log on ESXi 

As part of the scan task, vCenter pushed the VUA agent to the ESXi host, which installed the VUA agent and started an HTTP service on port 80 to listen for requests from vCenter.

****-**-**T11:18:31.107Z info vua[*****] [Originator@6876 sub=VUA] http svc created
****-**-**T11:18:31.107Z info vua[*****] [Originator@6876 sub=VUA] Getting thumbprint for cert /etc/vmware/vua_client.crt
****-**-**T11:18:31.107Z info vua[*****] [Originator@6876 sub=VUA] Cert thumbprint is <thumbprint-id>
****-**-**T11:18:31.107Z info vua[*****] [Originator@6876 sub=VUA.HTTPService] Http Service started; SSL(<server <acceptor p:0x000000ccd9867380, h:6, <TCP ':: : 5555'>>, <acceptor p:0x000000ccd986aa90, h:7, <TCP '0.0.0.0 : 5555'>>, >)
****-**-**T11:18:31.107Z info vua[*****] [Originator@6876 sub=VUA] Marker file written
****-**-**T11:18:31.107Z info vua[*****] [Originator@6876 sub=VUA] VUA initialized properly

After the VUA agent was installed on the ESXi host, vCenter attempted to communicate with the ESXi over port 80, but the connection failed with an "HTTP error response: Forbidden."

vmware-vum-server log on the vCenter

****-**-**T19:18:33.103+08:00 info vmware-vum-server[*****] [Originator@6876 sub=AgentDeploy] [agentDeploy 282] Agent installed
****-**-**T19:18:33.103+08:00 info vmware-vum-server[*****] [Originator@6876 sub=Libs] [NFC INFO]Nfc_CloseSessionEx: session=7F52C846EC60
****-**-**T19:18:33.104+08:00 info vmware-vum-server[*****] [Originator@6876 sub=Libs] [NFC VERBOSE]Nfc_CloseSessionEx: Successfully removed session from client sessionlist. Client name : 
****-**-**T19:18:33.104+08:00 info vmware-vum-server[*****] [Originator@6876 sub=Libs] [NFC INFO]NfcSessionStats: session=7F52C846EC60, type=client, clientName='UnknownClient', streamMode=
****-**-**T19:18:33.104+08:00 info vmware-vum-server[*****] [Originator@6876 sub=Libs] [NFC INFO]readIoLatencyStats: count 73 min/max/avg 50/1299/527 usec
****-**-**T19:18:33.104+08:00 info vmware-vum-server[*****] [Originator@6876 sub=Libs] [NFC VERBOSE]writeIoLatencyStats: No data available.
****-**-**T19:18:33.104+08:00 info vmware-vum-server[*****] [Originator@6876 sub=Libs] [NFC INFO]netSendLatencyStats: count 159 min/max/avg 0/3109/164 usec
****-**-**T19:18:33.104+08:00 info vmware-vum-server[*****] [Originator@6876 sub=Libs] [NFC INFO]netRecvLatencyStats: count 6 min/max/avg 234/119227/56603 usec
****-**-**T19:18:33.107+08:00 info vmware-vum-server[*****] [Originator@6876 sub=ServerConnection] [serverConnection 94] connecting vua on port 80
****-**-**T19:18:33.108+08:00 warning vmware-vum-server[*****] [Originator@6876 sub=HttpConnectionPool-000000] Failed to get pooled connection; <cs p:00007f52c823edb0, TCP:<ESXi-Host-Name>:80>, (null), duration: 1msec, N7Vmacore4Http13HttpExceptionE(HTTP error response: Forbidden)
--> [context]zKq7AVECAQAAAAnecgEOdm13YXJlLXZ1bS1zZXJ2ZXIAADMcU2xpYnZtYWNvcmUuc28AAP4XQgAfP0MAjJlKACwSSACebUgAZuZCAA1lNwDlZjcABOw3ABdFOAC7D1EBsI4AbGlicHRocmVhZC5zby4wAALf+g9saWJjLnNvLjYA[/context]

Resolution

Open the port 80 in the FortiGate Application Control

Powered by Wolken Software