How to build an API Connection to vSphere Lifecycle Manager (vLCM) Offline Depot
search cancel

How to build an API Connection to vSphere Lifecycle Manager (vLCM) Offline Depot

book

Article ID: 391577

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

How to use vSphere Automation APIs to connect to a Lifecycle Manager offline depot.

Environment

vSphere Lifecycle Manager

VMware vCenter Server

Cause

A vCenter user session ticket needs to be created and passed to the vLCM fileupload login endpoint (i.e. https://{VC}:9087/vum-fileupload/login) to authenticate and authorize a user for access to the offline depot.

Resolution

How to create a VC user session ticket

You call a POST method to https://<vcenter>/api/session with the username and password as headers. The post method in curl would look like something like the following:

curl -X POST -H "Username:<user>" -H "Password:<pass>" https://<vcenter>/api/session

Here is also a script using pyVmomi to create a session ticket:

#PYTHONPATH=/usr/lib/vmware/site-packages python /root/pyvmomi.py
 
import pyVmomi
import pyVim.task
from pyVmomi import integrity, vim, vmodl
import datetime, time
import threading
 
from pyVmomi import Vim, Vmodl, SoapStubAdapter
  
# Disable Python Certificate Validation. Otherwise the following connection to a VUM with a self-signed certificate fails.
import os, ssl
ssl._create_default_https_context = ssl._create_unverified_context
 
 
stub = pyVmomi.SoapStubAdapter("127.0.0.1",version="vim.version.version8", port=80, sslProxyPath="/sdkTunnel")
vcsi = pyVmomi.vim.ServiceInstance("ServiceInstance", stub)
content = vcsi.RetrieveContent()
 
userSession = content.sessionManager.Login('[email protected]', 'Admin!23', None)
#userSession = content.sessionManager.Login('[email protected]', 'Admin!23', None)
print("VC connection established session with key: " + userSession.key)
 
sessionCookie = stub.cookie.split('"')
print("Login Session Cookie: ")
print(sessionCookie)
 
# stub.cookie = ""  # Done to remove the cookie, if we do this, the AcquireSessionTicket call fails as unauthenticated
 
sessionTicket = content.sessionManager.AcquireSessionTicket()
print("Session Ticket is: " + sessionTicket)
 
hasPriv = content.authorizationManager.HasPrivilegeOnEntity(content.GetRootFolder(), userSession.key, "VcIntegrity.lifecycleSettings.Write")
 
# stub.cookie = ""  # Done to remove the cookie, if we do this, the GetCurrentSession call fails as unauthenticated
userSession2 = content.sessionManager.GetCurrentSession()
 
print("stub.cookie: " + stub.cookie)
print("userSession2: " + userSession2.key)
 
print("Has Privileges : ")
print(hasPriv)

How to use the session ticket

This session ticket can then be used in any following commands to the vCenter, including logging into the vLCM offline depot and getting a session cookie from there. The below command should produce a session cookie in the headers of the response. You will want to save this value for the vum-fileupload/login call. This is how that might look in curl:

curl -X POST -d "sessionticket=<ticket>" https://<vcenter>:9087/vum-fileupload/login

How to pass the session cookie to the upload command

The cookie produced in the last call will be named "vmware_soap_session". This cookie you will pass as a header to the vum-fileupload/upload call. Along with file-size, file-type, and file-data. In curl it might look like this:

curl -X POST -H "vmware_soap_session=<session_id>" -d "file-size=<size of file>" -d "file-type=<type of file>" -d "file-data=<file_name_with_extension>" https://<vcenter>:9087/vum-fileupload/upload

This is demonstrated in the following screenshot:

 

Additional Information

Please see the below for common failures:

  • Error: "Failure, Authentication failed, not a valid user" - KB 411037
  • Error: "Failure, Authorization failed, user doesn't have enough privileges to upload file" - KB 411048
  • Error: "Failure, unsupported file extension" - KB 411049
Powered by Wolken Software