WilliamLam.com

Quick Tip - Changing default port for HTTP Reverse Proxy on both vCenter Server & ESXi

by // 11 Comments

If you decide to use a custom port for the HTTP Reverse Proxy (rhttpproxy) on vCenter Server which uses port 80 (HTTP) and 443 (HTTPS) by default, you should also apply the same change on all ESXi hosts being managed by that vCenter Server for proper functionality. The configuration files for the rhttpproxy has since changed from the early days of vSphere 5.x and in vSphere 6.x, there are now different.

UPDATE (04/27/18) - With release of vSphere 6.7, VMware now officially supports customizing the Reverse HTTP(s) Ports on the VCSA. Below is a screenshot using the VCSA Installer UI and this can also be customized in the JSON configuration file using the VCSA CLI Installer for automation purposes.

Below are the instructions for modifying the default ports for rhttproxy service for both Windows vCenter Server, vCenter Server Appliance (VCSA) and ESXi host.

Note: If you change the default ports of your vCenter Server, you will need to ensure that all VMware/3rd Party products that communicate with vCenter Server are also modified.

vCenter Server for Windows

On Windows, you will need to modify C:\ProgramData\VMware\vCenterServer\cfg\vmware-rhttpproxy\config.xml and look for the following lines to change either the HTTP and/or HTTPs ports:

<httpPort>80</httpPort>
<httpsPort>443</httpsPort>

Once you have saved the changes, you will need to restart the VMware HTTP Reverse Proxy service using Windows Services Manager.

vCenter Server Appliance (VCSA)

On the VCSA, you will need to modify /etc/vmware-rhttpproxy/config.xml and look for the following lines to change either the HTTP and/or HTTPs ports:

<httpPort>80</httpPort>
<httpsPort>443</httpsPort>

Once you have saved the changes, you will need to restart the rhttpproxy service by running the following command:

/etc/init.d/rhttpproxy restart

ESXi

Disclaimer: VMware does not officially support modifying the default HTTP/HTTPS ports on an ESXi host.

Pre-ESXi 8.0 - Use the following instructions:

On ESXi, you will need to modify /etc/vmware/rhttpproxy/config.xml and look for the following lines to change either the HTTP and/or HTTPs ports:

<httpPort>80</httpPort>
<httpsPort>443</httpsPort>

Once you have saved the changes, you will need to restart the rhttpproxy service by running the following command:

/etc/init.d/rhttpproxy restart

Handy tidbits & workarounds for the VCS to VCSA Migration Fling

by //

The VCS (Windows VC) to VCSA Migration Fling has been out for a little over 6 months and the response from customers thus far has simply been phenomenal. We have also received some great feedback (200+ comments) from customers who have tried out the Fling in either a Dev/Test environment and some even in their production environment for those that are a bit more on the adventurous side. I have also had the pleasure in talking to some of these customers who have been successful in migrating off of their Windows vCenter Server (both large and small) and onto the vCenter Server Appliance (VCSA) and sharing additional feedback they may have about the Fling and how we can further improve.

Given the popularity of this topic, I thought it would be useful to aggregate some of the learning's, tidbits and workarounds that have been discovered in the past 6months to help any new or even existing users who might be interested in trying out the Fling. We really do appreciate all the feedback that everyone has given in the various forms and in fact, several of the workarounds were ones provided by our customers. As you know, the Fling today is not currently officially supported, however the feedback has really helped our PM/Engineering team. In fact, you can even get a sneak peak at an early Tech Preview we did at VMworld here to give you an idea on how some of your feedback has influenced a feature that may or may not be out in the near future 😉

Tidbit 1 Microsoft Windows 2012 is currently not supported.
Additional Info There is a known winexe bug which is affects migrating from this specific OS platform.
Workaround Engineering has a fix for this and is currently in the process of testing the fix along with legal review. There is not an ETA due to the review but we hope to release an update to Fling that includes this fix very soon. Stay tuned!This has been resolved with v0.9.1 of the Migration Appliance and for more details please take a look here.
Tidbit 2 Use of non-default (custom) ports on Microsoft SQL Server Database is not supported
Additional Info The Fling currently assumes the SQL Server Database is running on port 1433
Workaround Engineering has a fix for this and is currently in the process of testing the fix along with legal review. There is not an ETA due to the review but we hope to release an update to Fling that includes this fix very soon. Stay tuned!
Tidbit 3 Use of an Embedded Microsoft SQL Server or Microsoft SQL Express Database on the vCenter Server is not supported
Additional Info Since the source Windows vCenter Server must be powered off during the database migration; running the database on the same source vCenter Server is not possible.
Workaround One option is to re-ip the source Windows vCenter Server and ensuring the vCenter Server service is completely disable which would allow the Migration Appliance to communicate with the database. This is not ideal as you are modifying the source Windows vCenter Server but has worked in our testing. Second option that several other customers have recommended instead is to export the vCenter Server Database to a single instance of a Microsoft SQL Server or Microsoft SQL Express and that has worked really well.
Tidbit 4 Clustered database such as Microsoft Clustering Services (MSCS) is not supported
Additional Info There have been issues from some customers when trying to connect to an instance of the vCenter Server Database behind an MSCS Cluster.
Workaround Exporting the vCenter Server Database to a single instance of a Microsoft SQL Server or Microsoft SQL Express and then using the Fling has worked for several customers.
Tidbit 5 Issues connecting to a non-default named instance (e.g. SERVERNAME\VCENTER) of the vCenter Server Database.
Additional Info Some customers have had issues with the connection string to a non-default named instance of the vCenter Server Database during the database migration portion of the Fling.
Workaround A solution that was identified by a customer used the following: http://stackoverflow.com/a/11921896/2668394
Tidbit 6 Upgrade to VCSA 6.0 after migrating from Windows vCenter Server 5.5 to VCSA 5.5 fails
Additional Info You see the following error "Extra sequences: vpx_host_cnx_seq;" in /var/log/vmware/upgrade/vcdb_req.err during the upgrade to VCSA 6.0. These sequences are only found and valid in a Microsoft SQL Server Database and are not relevant in an vPostgres Database and just simply need to be dropped as they are not used at all.
Workaround Login to the VCSA 6.0 appliance as root and run the following command: /opt/vmware/vpostgres/current/bin/psql -U postgres -d VCDB -c "drop sequence if exists vpx_host_cnx_seq cascade"

If you are running into issues while through the the migration, one thing you can do is login to the Migration Appliance and go to another virtual console (ALT+F2) and view the Migration logs  under /var/log/migrate.log SSH is currently not installed by default. If you wish to pull out the logs for additional support, you can install which will require internet access and you can do so by running the following commands:

sudo apt-get -y update
sudo apt-get -y install openssh-server
sudo /etc/init.d/ssh start

The credentials to the Migration Appliance is vmware/vmware

Lastly, if there are other tidbits or workarounds that you would like to share, feel free to leave a comment and I will get it added to the list.

Which Platform Services Controller (PSC) is my vCenter Server pointing to?

by // 15 Comments

In vSphere 6.0 Update 1, one of the new features that is available for both the vCenter Server for Windows and vCenter Server Appliance (VCSA) is the ability to "repoint" the vCenter Server to a new or existing Platform Services Controller (PSC). The process is pretty straight forward and is nicely outlined in the following KB articles: KB 2113917 and KB 2131191.

One obvious question that might come up before you decide to repoint is what is the current PSC that my vCenter Server is currently pointing to? This was actually a question that I had just received this morning from one of my readers. Though I had some of the details documented in these two articles here and here on locating all deployed PSC's and vCenter Server's, I figured it was probably worth pulling this topic out into its own blog post for ease of searching.

Note: The solution below is applicable to both vSphere 6.0 and vSphere 6.0 Update 1, but the ability to repoint is only available in Update 1.

There are two methods in which you can quickly identify the PSC that your vCenter Server is currently pointing to.

Option 1: Using the vSphere Web/C# Client

Under the vCenter Server's Advanced Setting, there is a property called "config.vpxd.sso.admin.uri" which specifies the PSC it is currently configured with. This is the most simplistic approach if you want to do it using the vSphere UI. Also note this is available through the vSphere API, so you can also query this from the command-line

which-psc-is-my-vcenter-server-connected-to-2
Option 2: Using vmafd-cli command-line

The second option is to use the handy vmafd-cli utility which is avialable on the vCenter Server itself. You will need to run the following command depending on your vCenter Server platform (Windows or VCSA):

VCSA:

/usr/lib/vmware-vmafd/bin/vmafd-cli get-ls-location --server-name localhost

Windows VC:

C:\Program Files\VMware\vCenter Server\vmafdd\vmafd-cli get-ls-location --server-name localhost

Here is a screenshot of running the command on the VCSA:

which-psc-is-my-vcenter-server-connected-to-0