DirectorySearch Exchange
Search All Sites
Nagios Live Webinars
Let our experts show you how Nagios can help your organization.Login
New ListingsDirectory Tree
Directory
BasrNL
byBasrNL, July 19, 2021
Excellent plugin, still today!
For those on vCenter 6.7 that replaced the VMA with MSW using https://github.com/T-M-D/MSW/blob/master/Deploy.md
and ran into error:
UNKNOWN: Server version unavailable at 'https://xxx:443/sdk/vimService.wsdl' at /usr/lib/perl5/5.10.0/VMware/VICommon.pm line 734
Security has been tightened in vCenter and and the VMA/MSW needs the vCenter root certificates to accept the SSL certificate from your vCenter server.
(On a side note I used Ubuntu 20 for the MSW, the CentOS I had issues getting all Perl modules to work/install).
on the vCenter server, on main website (enter only FQDN , without any /) , there is a "Download trusted root CA certificates", save as ZIP.
Extract, put contents (a 'certs' folder) on your MSW. I chose /home/vi-admin as location.
Then on MSW server, set 2 environmental variables (HTTPS_CA_FILE and HTTPS_CA_DIR). Not sure both are needed but it works for me.
My vi-admin user is set to a /bin/bash shell (using: usermod --shell /bin/bash vi-admin) so my approach is putting the vars in user home dir .bashrc file:
$nano ~/.bashrc
export HTTPS_CA_FILE='/home/vi-admin/certs/lin/96e3bd6f.0'
export HTTPS_CA_DIR='/home/vi-admin/certs/lin'
And a test to see it works:
vi-admin@monitoring-msw1:~$ ~/box293_check_vmware.pl --server YOUR_VCENTER_FQDN_HERE --check vCenter_Name_Version
OK: VMware vCenter Server 6.7.0 build-17137327
then exit, back to the main monitoring server:
nagios@monitoring1:~$ /usr/lib/nagios/plugins/check_by_ssh -E 1 -l vi-admin -H YOUR_MSW_IP_HERE -C "~/box293_check_vmware.pl --server YOUR_VCENTER_FQDN_HERE --check vCenter_Name_Version"
OK: VMware vCenter Server 6.7.0 build-17137327
More info:
https://code.vmware.com/docs/6530/vsphere-sdk-for-perl-installation-guide/doc/GUID-0F962FBE-A919-4997-9152-CA8D21AAC0DE.html
https://kb.vmware.com/s/article/2108416
MSW setup (Ubuntu 20):
cd /tmp
tar -xvzf VMware-vSphere-Perl-SDK-6.7.0-8156551.x86_64.tar.gz
sudo apt-get update
sudo apt-get install lib32z1 lib32ncurses6 build-essential uuid uuid-dev libssl-dev perl-doc libxml-libxml-perl libcrypt-ssleay-perl libsoap-lite-perl libmodule-build-perl
cd vmware-vsphere-cli-distrib/
cpan -i CPAN
cpan -i UUID
cpan -i Date::Format
./vmware-install.pl EULA_AGREED=yes
useradd vi-admin
passwd vi-admin
cd /home/
mkdir vi-admin
chown -R vi-admin:vi-admin vi-admin
usermod --shell /bin/bash vi-admin
chown vi-admin:vi-admin box293_check_vmware.pl
#fixing .ssh/authorized_keys - access & allowed key type:
chmod 700 .ssh
nano /etc/ssh/sshd_config #and insert: PubkeyAcceptedKeyTypes=+ssh-dss
For those on vCenter 6.7 that replaced the VMA with MSW using https://github.com/T-M-D/MSW/blob/master/Deploy.md
and ran into error:
UNKNOWN: Server version unavailable at 'https://xxx:443/sdk/vimService.wsdl' at /usr/lib/perl5/5.10.0/VMware/VICommon.pm line 734
Security has been tightened in vCenter and and the VMA/MSW needs the vCenter root certificates to accept the SSL certificate from your vCenter server.
(On a side note I used Ubuntu 20 for the MSW, the CentOS I had issues getting all Perl modules to work/install).
on the vCenter server, on main website (enter only FQDN , without any /) , there is a "Download trusted root CA certificates", save as ZIP.
Extract, put contents (a 'certs' folder) on your MSW. I chose /home/vi-admin as location.
Then on MSW server, set 2 environmental variables (HTTPS_CA_FILE and HTTPS_CA_DIR). Not sure both are needed but it works for me.
My vi-admin user is set to a /bin/bash shell (using: usermod --shell /bin/bash vi-admin) so my approach is putting the vars in user home dir .bashrc file:
$nano ~/.bashrc
export HTTPS_CA_FILE='/home/vi-admin/certs/lin/96e3bd6f.0'
export HTTPS_CA_DIR='/home/vi-admin/certs/lin'
And a test to see it works:
vi-admin@monitoring-msw1:~$ ~/box293_check_vmware.pl --server YOUR_VCENTER_FQDN_HERE --check vCenter_Name_Version
OK: VMware vCenter Server 6.7.0 build-17137327
then exit, back to the main monitoring server:
nagios@monitoring1:~$ /usr/lib/nagios/plugins/check_by_ssh -E 1 -l vi-admin -H YOUR_MSW_IP_HERE -C "~/box293_check_vmware.pl --server YOUR_VCENTER_FQDN_HERE --check vCenter_Name_Version"
OK: VMware vCenter Server 6.7.0 build-17137327
More info:
https://code.vmware.com/docs/6530/vsphere-sdk-for-perl-installation-guide/doc/GUID-0F962FBE-A919-4997-9152-CA8D21AAC0DE.html
https://kb.vmware.com/s/article/2108416
MSW setup (Ubuntu 20):
cd /tmp
tar -xvzf VMware-vSphere-Perl-SDK-6.7.0-8156551.x86_64.tar.gz
sudo apt-get update
sudo apt-get install lib32z1 lib32ncurses6 build-essential uuid uuid-dev libssl-dev perl-doc libxml-libxml-perl libcrypt-ssleay-perl libsoap-lite-perl libmodule-build-perl
cd vmware-vsphere-cli-distrib/
cpan -i CPAN
cpan -i UUID
cpan -i Date::Format
./vmware-install.pl EULA_AGREED=yes
useradd vi-admin
passwd vi-admin
cd /home/
mkdir vi-admin
chown -R vi-admin:vi-admin vi-admin
usermod --shell /bin/bash vi-admin
chown vi-admin:vi-admin box293_check_vmware.pl
#fixing .ssh/authorized_keys - access & allowed key type:
chmod 700 .ssh
nano /etc/ssh/sshd_config #and insert: PubkeyAcceptedKeyTypes=+ssh-dss
