Symptoms
You are using Windows vCenter 6.x with Windows VMware Update Manager installed on the same or separate boxYou encounter error while running "Scan for updates":
Host cannot download files from VMware vSphere Update Manager patch store. Check the network connectivity and firewall setup, and check esxupdate logs for details.- VUM logs also show bellow error stack:'HostUpdateDepotManager' 14168 ERROR] [scanHost20, 371] result for host: esxihost2.domain.local (entity: host-9895) shows error :-----Result Begin (esxihost2.domain.local)-----<esxupdate-response><version>1.50</version><error errorClass="MetadataDownloadError"> <errorCode>4</errorCode> <errorDesc>Failed to download metadata.</errorDesc> <url>http://192.168.1.123:9084/vum/repository/hostupdate/vmw/vmw-ESXi-6.0.0-metadata.zip</url> <localfile>None</localfile> <msg>('http://192.168.1.123:9084/vum/repository/hostupdate/vmw/vmw-ESXi-6.0.0-metadata.zip', '/tmp/tmptVJYa1', '[Errno 12] Timeout: &lt;urlopen error timed out&gt;')</msg></error></esxupdate-response>
You will see similar entries in vum-server.log as mentioned below,
vum-server.log2019-04-17T18:39:26.421Z warning vmware-vum-server[7F1897F5D700] [Originator@6876 sub=Libs] SSL_Connect: SECURITY WARNING: Should use SSL_ConnectAndVerify instead2019-04-17T18:39:26.573Z warning vmware-vum-server[7F188936E700] [Originator@6876 sub=Libs] SSL_Connect: SECURITY WARNING: Should use SSL_ConnectAndVerify instead2019-04-17T18:39:26.593Z warning vmware-vum-server[7F188926A700] [Originator@6876 sub=Libs] SSL_Connect: SECURITY WARNING: Should use SSL_ConnectAndVerify instead
You will see similar entries in esxupdate.log as mentioned below,
Host cannot download files from VMware vSphere Update Manager patch store. Check the network connectivity and firewall setup, and check esxupdate logs for details.[Errno 4] IOError: <urlopen error [Errno -3] Temporary failure in name resolution>'
Cause
ESXi host is unable to communicate with Update Manager through port 9084.
Resolution
The port 9084 is required for VMware Update Manager.To resolve the issue make sure from ESXi to Update Manager Server or vCenter Server Port 9084 is open. Also check Update Manager port requirementsUpdate Manager Server is installed on a different node from the vCenter Server 6.x
Example: To test the connectivity between ESXi and vCenter Server or Update Manager Server if the port 9084 is port. From ESXi putty session run the below command,
nc -z [VCSA_IP] 9084 Connection to VCSA_IP 9084 port [tcp/*] succeeded!
If the above command is not succeeded, please check the 9084 port as mentioned in Step2 and get this port open between ESXi and VC/VUM.
Note: Make sure the forward lookup and reverse lookup for vCenter Server is working as expected using nslookup command.If this article didn’t solve your issue:
Ask for help here : Click for VMware Communities
