VCAP-DCA Study guide – 6.5 Troubleshoot vCenter Server and ESX/ESXi Host Management
- Identify CLI commands and tools used to troubleshoot management issues
Skills and Abilities
- Troubleshoot vCenter Server service and database connection issues
- Troubleshoot the ESX Service Console firewall
- Troubleshoot ESX/ESXi server management and connectivity issues
- Determine the root cause of vSphere management or connectivity issue
- Product Documentation
- vSphere Client
- vSphere CLI
- Virtual Center – Troubleshooting Unleashed (VM2409, VMworld ’09)
- VMware whitepaper on Troubleshooting Performance issues
- Trainsignal’s Troubleshooting for vSphere course
Identify CLI tools used to troubleshoot management issues
- vpxd.exe -s
There are a few more covered later in this objective for restarting management agents on ESX/i hosts. This VMware article on resolution paths is a great place to start learning about troubleshooting.
Troubleshoot vCenter Server service and database connection issues
- Check the VMware vCenter service is started and the account it’s configured to run as. Check that account isn’t locked out.
- Start vCentre using vpxd.exe;
- ‘vpxd.exe –s’ to start it as an application rather than a service. This will show error messages in plain text rather than the cryptic service codes.
- ‘vpxd.exe –p’ refreshes the password hash used to connect to the database. Used after replacing the default SSL certificates (VMwareKB1003070)
- How to set SQL as a service dependency – blog post
- With a lab setup and SQL Express the database often grows to the 4GB limit, at which point the vCenter service will fail. Follow VMwareKB1025914for details of how to cleardown data in the vCenter database.
- Check the ODBC connectivity using the ‘Test’ button. Check the SQL security logs to see failed authentication attempts.
VMwareKB1003979 gives a good overview of the previous processes.
The vCenter Management Webservices
Under the hood vCenter uses a Tomcat webserver to provide functionality for Performance Charts, Storage View plugin, Service status and hardware status. If these components aren’t available check the Windows service is started. Useful logs can be found here;
- C:\Program Files\VMware\Infrastructure\tomcat\logs
- %ALLUSERSPROFILE%\Application Data\VMware\VMware VirtualCenter\Logs\sms.log
More for curiosity than likelihood of any exam related questions, check out this blogpost by Jason Boche about modifying vCenter configuration via the vpxd.conf file.
Troubleshoot the ESX firewall
There’s not that much to the Service Console firewall. One good step is to allow all outbound and incoming traffic and see if that resolves the issue – if so you can reenable rules and narrow down the specific ports required.
- Check the enabled firewall services in the GUI
- Telnet to a port to check connectivity. vCenter needs these ports. For a full list check out the great firewall diagram at vReference.com;
- Check esxcfg-firewall -q to see if individual ports are opened
- Use esxcfg-firewall -l to reload the firewall rules and ensure they’re up to date.
NOTE: When enabling or disabling services using esxcfg-firewall they’re case sensitive (like most things at the command line).
Troubleshoot the ESX/ESXi server management and connectivity issues
service mgmt-vmware restart</p> <p>service vmware-vpxa restart
Check logfiles – see section 6.1
DCUI – Troubleshooting tools – restart management agents
DCUI – Restart management network
Check logfiles – see section 6.1