VSAN Health-Check
This post will be quite short.
As you may know the VSAN health-check plugin has a possibility to automatically download HCL and compare your configuration against it.
While in some environments it can be normal to provide internet access to vCenter server machine, in most enterprises vCenter servers are placed in a secured private network with no internet access at all.
In such situation there are 2 ways to proceed.
You can either proceed with downloading the offline HCL file form internet ad feeding it to vCenter manually. This approach is very well covered by William Lam in this blogpost.
Another way is to configure proxy server for VSAN health plugin. The way to do it is either CLI or from vSphere WEB client by navigating to General settings of VSAN on your Clsuter.
Initially i was thinking that configuring proxy server on vCenter appliance will work. But after i did it I discovered that VSAN health-check plugin ignores those settings. And while the easi way it to do it from GUI, I started looking ofr an alternative way. I started digging and found this great document from Cormac Hogan
I spent some time reading it and here is how you configure Proxy server for VSAN health-plugin using CLI..
As with many other advanced configurations, you will need to do it using RVC. So login to you vCenter appliance using SSH, run rvc agains your vcenter server IP, once asked for password use your SSO admin user, in my case its administrator@vsphere.local
Command> rvc IP_OF_VCENTER Install the "ffi" gem for better tab completion. WARNING: Nokogiri was built against LibXML version 2.7.6, but has dynamically loaded 2.9.2 Using default username "administrator@vsphere.local". password: 0 / 1 VCENTER/
I will not go deep in RVC, it’s a very strong tool and quite well documented. You can run help or –help and see available options for all commands.
So, I will just show how to configure the proxy.
You need to run the configuration agains VSAN cluster. Theoretically, if you have several VSAN clusters under same vCenter you need to run agains each. But HCL is downloaded once and saved on vCenter, so when i configured proxy for one cluster HCL became available on all others.
Here is how you configure proxy for one cluster:
vsan.health.cluster_proxy_configure /VCENTER/DATACENTER/computers/CLUSTER --host=IPOFPROXYSERVER --port=PORT
You will just need to replace the following:
- VCENTER: IP or hostname of your vCenter, the one you used when launching rvc.
- DATACENTER: Name of the datacenter you use in vCenter inventory.
- CLUSTER: Cluster name
- IPOFPROXYSERVER: IP of Proxy server.
- PORT: Port number used by Proxy server
In my case the command looked like this:
vsan.health.cluster_proxy_configure /vclab01/AMS/computers/AMS_Compute --host=192.168.222.2 --port=8080
Thats it, as simple as that.
Hope this helps.
Latest posts by Aram Avetisyan (see all)
- Make Youtube Videos About Technology? Why not… The Cross-Cloud Guy - October 7, 2021
- Automating (NSX-T) REST API using Ansible URI module - December 29, 2020
- Quick Reference: Create Security Policy with Firewall Rules using NSX-T Policy API - May 4, 2020