This quick thread will relate issues regarding the remediation of my upgrade to 6.7. Working at a customer site and upgrading the hosts to 6.7, Update Manager was failing to remediate my ESXi upgrade with the following error :
What a nice error message …Very Helpful!
No more indication was provided by the vCenter tasks & events so I had to look at the logs.
In vCenter Server Appliance, the Update manager logs are located here :
Looking at the last “vmware-vum-server.log”, I quickly matched an error with the last try :
2018-09-20T11:31:14.436Z warning vmware-vum-server [Originator@6876 sub=Default] Failed to connect socket; <io_obj p:0x00007fb0840161f0, h:20, <TCP 'X.X.X.X : 42026'>, <TCP 'Y.Y.Y.Y : 80'>>, e: 111(Connection refused)
This error indicates that the IP X.X.X.X tries to communicate through the port 80 on the IP address Y.Y.Y.Y. X being my vCenter and Y my ESXi host.
In order to prove that the error was the consequence of a blocked port, I used this the following command to test the ports :
# curl -v telnet://Y.Y.Y.Y:80
Guess the result ?
* Rebuilt URL to: telnet://Y.Y.Y.Y:80/ * Trying Y.Y.Y.Y... * TCP_NODELAY set * connect to Y.Y.Y.Y port 80 failed: Connection refused * Failed to connect to Y.Y.Y.Y port 80: Connection refused * Closing connection 0 curl: (7) Failed to connect to Y.Y.Y.Y port 80: Connection refused
We then tested a known working port such as 443 :
# curl -v telnet://Y.Y.Y.Y:443 * Rebuilt URL to: telnet://Y.Y.Y.Y:443 * Trying Y.Y.Y.Y... * TCP_NODELAY set * Connected to Y.Y.Y.Y (Y.Y.Y.Y) port 443 (#0)
It become then obvious that the port was blocked by some firewall.
We asked kindly the colleagues to open the port. Required ports for update manager are listed here: