Hi,
I'm setting up my vCD-Environment. Except for the following stumbling blocks everything went fine, until now...
- You can skip this part -
- I set up my RHEL 6.3 and checked the prereq libs as stated in http://pubs.vmware.com/vcd-51/topic/com.vmware.ICbase/PDF/vcd_51_install.pdf. I could install everything through yum after enabling the repository except for: libxdmcp. This one I had to download from a binary compatible centos repo and rpm -i it.
- I stumbled across the fact that in the default config, iptables blocks the traffic to the vCD HTTPS UI. Even from localhost o_O. I had to either enable firewall exceptions or disable the firewall entirely. I went with service iptables stop and disabled it entirely at the boot time with chkconfig iptables off. I'm planning to enable it when everything works and wanted to eliminate any problems in the test phase.
- With the unconfigured vCD in place, I started to set up vShield Manager: login -> enable -> $password -> setup. Straight forward. I used the 5.1 OVF.
- after wr mem my running-config looks like this:
[...]
enable-password hash $hash
!
user passwordreset password hash $hash
!
ntp server 0.de.pool.ntp.org
!
ip name server <ip>
!
hostname $hostname
!
interface mgmt
ip address $ip/net
!
ip route 0.0.0.0/0 $gw
!
web manager
Looks pretty normal, I guess... The vSM web interface is reachable so I configured the lookup service URL, configured the DNS servers, the NTP server and registered vSM in my vCenter. The vSM Admin user is the builtin admin. For the connection to the vCenter server I used a service account that is vCenter admin as well as vSM enterprise admin.
Then I started the vCD quick start wizard. It first asks me to connect to vSM, so I gave it the same account that I used to connect to the VC and also is enterprise admin in vSM.
The wizard tells me: vCD: Network connection to vShield Manager failed.
After I saw in the cell.log that the cell started fine I looked in the logs (/opt/vmware/vcloud-director/logs) and found in vcloud-container-info.log the following exception that is being thrown every time i try to register vSM in vCD:
2013-01-23 18:08:02,563 | INFO | pool-jetty-52 | ShieldSessionManager | Test connection to vsm:$ip vsmManager.loginToVSM(). |
2013-01-23 18:08:02,564 | INFO | pool-jetty-52 | CapabilityManager | VSMCLIENT-2.0.0 getVsmVersion; URI :https://$ip:443/api/1.0/global/heartbeat |
2013-01-23 18:09:05,565 | INFO | pool-jetty-52 | ShieldSessionManager | Test connection with vsm:$ip failed to establish. |
com.vmware.vshield.vsmclient.exceptions.VSMNotReachableException: Network connection to vShield Manager failed
I couldn't believe the vSM machine wasn't reachable since the VC plugin worked just fine.
I then tried to ping the vSM from the vCD RHEL console: no echo reply. I was not sure whether the vSM is supposed to be pingable at all, so I tried a ping from my VC: success! Wait, what? The VC, the vSM and the vCD machine are on the same dvPortgroup in the same subnet and share the same VLAN... and just to be sure I put them on the same Host! The vCD RHEL has its iptables firewall completely turned off so I don't see any chanche that it blocks this echo requests or replys.
I'm running out of ideas here. Can you please help?
Thanks & kind regards,
Frank