11 Replies Latest reply on Aug 10, 2005 11:56 AM by Keith Bennett

    Can't connect to VMWare/Linux Agent

      Hi all,


      Hope you can help, as this has been doing my head in.


      I have 4 IBM x86 servers, 1 with Win2003 SP1 running BL OpsMgr and 3 x VMWare ESX 2.5 servers. All of the ESX servers have at least 2 virtual machines all running Red Hat AS4.


      I've installed the agent on each RedHat server and also on each of the ESX servers, but I cannot get OpsMgr or NSH to talk to any of them.


      Doing agentinfo 'server' in nsh gives the error 'No route to host' and 'Connection Error' in the appserver.log


      Everything is pretty much default for all installs.


      Any ideas will be gratefully received.





        • 1. Re: Can't connect to VMWare/Linux Agent

          Hi Keith,


          Can you ssh from the appserver to the ESX and VM servers?


          can you post the output of ipconfig /all for the appserver and ifconfig -a for one of the VM servers?


          What OS is ESX? Is it a form of linux? Can you post the network config details for one of those too?


          Can you post the contents of secure, exports, users & users.local from the appserver (in %systemroot%\rsc\) and from ESX and the VM servers (/usr/lib/rsc)?

          • 2. Re: Can't connect to VMWare/Linux Agent

            This sounds like a basic network issue. When on the Ops Manager Windows box, can you successfully ping any of the 3 ESX servers or their vmware instances?


            If the answer is yes, then I would next validate that the agent is indeed up and running on each of 9 server instances (3 ESX + 6 vmware instances). You can do this with a simple ps as I'm sure you're aware.


            If they are up and running, then you may want to bump the log level on one of the agents to DEBUG, restart the agent, and attempt the agentinfo from the BL OPS MGR console again. This may unveil something for you in the logs.

            • 3. Re: Can't connect to VMWare/Linux Agent

              Here's how I debug agent connectivity issues (or any TCP-based service).


              Perform the following locally on the agent machine:

              - see if the agent is running (rscd in task manager or ps -ef)

              - see if the agent is listening locally (telnet localhost 4750)

              - If agentinfo is installed via nsh / CM, run agentinfo localhost


              If any of these steps fail, stop and investigate why.


              Remotely on the Bl app-server,

              - run agentinfo agentmachine

              - see if the agent is listening (telnet agentmachine 4750)

              - see if any other known ports or protocols are listening (telnet agentmachine port#) (ssh - 22, telnet - 21, http - 80, ping, etc...)

              - ping agentmachine

              - perform a traceroute agentmachine (tracert in windows)



              If everything is running fine locally, but you cannot get any response from any port remotely, it is a general networking issue (routers, firewalls, switches, etc...) If you can get some connectivity to the agent machine remotely, but cannot run agentinfo remotely, it is likely firewall issue.


              This only applies to connectivity to the agent, not authentication.

              • 4. Re: Can't connect to VMWare/Linux Agent

                I don't use ping as a test anymore because it's blocked on most production networks.


                That's why I suggest ssh to test connectivity to a linux server.


                Obviously telnet works just as well.... ;)

                • 5. Re: Can't connect to VMWare/Linux Agent

                  Keith, I meant to ask how the ethernet cards in your vm servers were configured.

                  • 6. Re: Can't connect to VMWare/Linux Agent

                    Given the number of good suggestions you've received I'm a little reluctant to add my .02 but if I had to guess, I'd ask if you enabled the firewall on the actual Linux agent.


                    By default it won't accept connections on 4750 and if the firewall is enabled and rejecting these connections, the client will be rejected with "No route to host" as the error.

                    • 7. Re: Can't connect to VMWare/Linux Agent

                      That's a good point. ps and grep for iptables and ip6tables

                      • 8. Re: Can't connect to VMWare/Linux Agent

                        It's typically built into the kernel now so it won't show in the process list (at least it doesn't for me).


                        You can do the following though (assuming this is redhat):

                        1) type "setup"

                        2) Go down to Firewall Configuration and hit enter

                        3) Check to see if Security Level is Enabled/Disabled.

                        • 9. Re: Can't connect to VMWare/Linux Agent

                          Thanks all,


                          I'm in the process of getting all the info requested, but I think that Sean has hit the nail on the head. Although I can connect to the RH servers from the Windows server through SSH, when I do the telnet localhost 4570 on the server, I get connection refused.


                          All the servers are on the same subnet and I know connectivity works for samba, but I'm certainly thinking it has something to do with the Linux installs and firewalls. When installing, I seem to remember being asked to limit ports etc.


                          However, I'm not sure exactly how to change this. Any ideas?


                          Thanks for all your help so far everybody.



                          • 10. Re: Can't connect to VMWare/Linux Agent



                            You're a star.


                            Disabling the firewall has sorted the connection error. I'm now getting I/O Error. If I remember correctly, isn't this something to do with the agent config on the server?



                            • 11. Re: Can't connect to VMWare/Linux Agent



                              Sorted, thanks for all your help. In trying to get this working, I'd added some stuff (wrongly) to the secure file. Removing the entries has sorted the I/O Error.


                              I now happily have my Linux servers in Ops Mgr.


                              Thanks for all your suggestions and help.