ESXi Patching from SDDC Manager Fails with "Error Running ESX Host Prechecks" Due to Connection Refused on Ports 9084, 9087, and 8084
search cancel

ESXi Patching from SDDC Manager Fails with "Error Running ESX Host Prechecks" Due to Connection Refused on Ports 9084, 9087, and 8084

book

Article ID: 411436

calendar_today

Updated On:

Products

VMware SDDC Manager

Issue/Introduction

  • When initiating ESXi patching from VMware SDDC Manager, the operation fails, and an error message is displayed in the UI indicating a failure during the ESX host prechecks.

  • From /var/log/vmware/vcf/lcm/lcm-debug.log, we can see that connection from SDDC manager to vCenter over port 8084 is blocked. 
  • We wil observe similar error snippets for 9084 and 9087 ports as well.  

/var/log/vmware/vcf/lcm/lcm-debug.log

YYYY-MM-DDTHH:MM:SSZ DEBUG [vcf_lcm,687691fc734485fb35b06c31624296cd,ece1] [c.v.e.s.l.a.i.i.InventoryClientImpl,vac-scheduler-1] Failed Resources Map: {ESX_HOST:27fd985b-a6fa-479b-b902-e4d09fac1293=1752600835597}
YYYY-MM-DDTHH:MM:SSZ INFO  [vcf_lcm,687691fc734485fb35b06c31624296cd,ece1] [c.v.e.sddc.lcm.audit.AuditScheduler,vac-scheduler-1] Last upgrade status for software type ESX_HOST and resourceId 27fd985b-a6fa-479b-b902-e4d09fac1293 is: {"id":"628","bundleId":"f486b010-2441-4ee3-93a3-1cae8d375e1e","bundleElementId":"54bf5dce-40e1-408b-9a1d-6ebb63b3dabe","bundleElementOrder":1,"resourceType"
:"ESX_HOST","resourceId":"27fd985b-a6fa-479b-b902-e4d09fac1293","upgradeId":"4bd48188-cd9b-48b2-98fd-c214f3fe5bdb","upgradeStatus":"COMPLETED_WITH_FAILURE","upgradeError":{"errorType":"RECOVERABLE","stage":"ESX_UPGRADE_VUM_STAGE_PRECHECK","errorCode":"com.vmware.vcf.error.runtime.esx.update.precheck.exception","errorDescription":"Error running ESX host prechecks: https://<vCenter_FQDN>:8084/vci/sdk invocation failed with \"org.apache.http.conn.HttpHostConnectException: Connect to <vCenter_FQDN>:8084 [<vCenter_FQDN>/<vCenter_IP>] failed: Connection refused\"","errorDescriptionCodes":["com.vmware.vcf.error.runtime.esx.update.precheck.exception"],"errorDescriptionAttributes":{"0":"https://<vCenter_FQDN>:8084/vci/sdk invocation failed with \"org.apache.http.conn.HttpHostConnectException: Connect to <vCenter_FQDN>:8084 [<vCenter_FQDN>/<vCenter_IP>] failed: Connection refused\""},"metadata":"\nManual intervention needed as upgrade failed during install stage.\nCheck for errors in the lcm log files located on SDDC Manager under /var/log/vmware/vcf/lcm.\n Please retry the upgrade once the upgrade is available again.","metadataCodes":

  • Run the below command from SDDC manager to check the port connectivity over 9084,9087 and 8084. 
    • nc -zv <vCenter_FQDN_OR_IP_Address> 9084
nc -zv <vCenter_FQDN_OR_IP_Address> 9087
nc -zv <vCenter_FQDN_OR_IP_Address> 8084

Environment

  • VMware cloud foundation 4.X 
  • VMware cloud foundation 5.X

Cause

  • This issue occurs because required communication ports (8084, 9084, and 9087) between SDDC Manager and vCenter Server are blocked. These ports must be open for successful ESXi patching and precheck operations.

Resolution

  • To resolve the issue, ensure that the following ports are open for Uni-directional communication from SDDC Manager to vCenter Server.
    • Ports 9084, 9087, and 8084

Additional Information

 

  • If the issue persists after opening the required ports, review the firewall configurations between SDDC Manager and vCenter Server.
  • Ensure that there are no network-level restrictions or policies that could block the communication.

 

Powered by Wolken Software