Scenario 20
< Back | Next>
Scenario:
In your vSphere environment, the vCenter Server frequently indicates that some ESXi hosts are not responding. Sometimes the connections automatically fix themselves, and sometimes you have to manually fix the connections. You need to gain familiarity with symptoms of and possible causes for lost connections between ESXi hosts and vCenter Server. To do so, you plan to use a test environment to deliberately break connections in various ways and examine the symptoms, alarms, and logs.
Requirements:
- Perform each of the following breaks. After performing each break, attempt to use the vSphere client and the web client to log in to vCenter Server and examine the Hardware Status of the host. Pay attention to any errors, warnings, alarms, or other signs of connectivity issues.
- Also, after performing each of the following breaks, examine the log files on the ESXi host and vCenter Server, and pay attention to any related entries. Undo each break before moving on to the next break
- Breaks:
- Stop the vCenter Server agent on the ESXi host.
- Disallow vCenter Server agent traffic through the host firewall.
- Allow vCenter Server agent traffic through the host firewall, but only from a range of IP addresses that do not include the vCenter Server.
- Change the permissions of the local vpxuser account to Read Only.
Environment Information:
- vCenter Server: vcenter-01.lab.local
- ESXi host: host-01.lab.local
VDCA510 Objective: 6.5 Troubleshoot vCenter Server and ESXi Host Management
VDCA550 Objective: 5.3 Manage vSphere Inventory Infrastructure
Guide Reference(s):
- Chapter 4 - Troubleshoot vCenter Server and ESXi Host Management
- Chapter 10 – Scenario 10-20
Click Here For Solution
Solution
- Select the ESXi host; then select Configuration tab > Security Profile.
- Select Services > Properties.
- Select the vpxa service. Click the Options button.
- Click Stop.
- Test the vCenter Server to ESXi host connectivity.
- Restart the vpxa service and return to Security Profile.
- Select Firewall > Properties.
- Uncheck the VMware vCenter Agent box.
- Test the vCenter to ESXi host connectivity.
- Recheck the VMware vCenter Agent box, and stay on the Firewall Properties page.
- Select (highlight) the VMware vCenter Agent row, and click the Firewall button.
- Provide a range of IP addresses that does not include the vCenter Server’s IP address.
- Test the vCenter Server to ESXi host connectivity.
- Undo the Firewall settings and verify that all settings are back to normal state.
- Use the vSphere Client to log on directly to the ESXi host.
- On the Permissions tab, locate the permission for the vpxuser account.
- Select the assigned vpxuser role, which should be Administrator, and change it to Read Only.
- Test the vCenter Server to ESXi host connectivity.