Adding VMware vCenter infra provider


#1

Hi,

I have added and successfully validated VMware vCenter provider, but getting the following error while refreshing the relationships and power states

=======
Last Refresh
Error - 7 Minutes Ago
undefined method `[]’ for nil:NilClass

vCenter login credentials are having limited access and it doesnt have privilege to create a VM, but can list all VMs associated with it.

Any guess?

Thanks


Read-Only user in VMWare for ManageIQ
#2

@blomquisg can you review this question from @adlinix and forward to a SME if necessary.


#3

@adlinix could you include the full error message from the evm.log?
It should look something like this

[----] E, [2016-05-05T14:29:49.343166 #12228:11710dc] ERROR -- : MIQ(ManageIQ::Providers::Vmware::InfraManager::Refresher#refresh) EMS: [dev-vc60], id: [1] Refresh   failed
[----] E, [2016-05-05T14:29:49.349304 #12228:11710dc] ERROR -- : [NoMethodError]: undefined method `group_dvswitch_by_host' for ManageIQ::Providers::Vmware::         InfraManager::RefreshParser:Module  Method:[rescue in block in refresh]
[----] E, [2016-05-05T14:29:49.349397 #12228:11710dc] ERROR -- : /home/agrare/workspace/manageiq/app/models/manageiq/providers/vmware/infra_manager/refresh_parser.rb:85:in `host_inv_to_hashes'
/home/agrare/workspace/manageiq/app/models/manageiq/providers/vmware/infra_manager/refresh_parser.rb:17:in `ems_inv_to_hashes'

#4

@agrare, Please see error and advise

> [----] E, [2016-05-30T19:23:38.315609 #3132:633990] ERROR -- : [NoMethodError]: undefined method `[]=' for nil:NilClass  Method:[rescue in block in refresh]
> [----] E, [2016-05-30T19:23:38.315707 #3132:633990] ERROR -- : (druby://127.0.0.1:47828) /var/www/miq/vmdb/gems/pending/VMwareWebService/MiqVimInventory.rb:482:in `objFixUp'
> (druby://127.0.0.1:47828) /var/www/miq/vmdb/gems/pending/VMwareWebService/MiqVimInventory.rb:442:in `addObjHash'
> (druby://127.0.0.1:47828) /var/www/miq/vmdb/gems/pending/VMwareWebService/MiqVimInventory.rb:962:in `block in resourcePools_locked'
> (druby://127.0.0.1:47828) /var/www/miq/vmdb/gems/pending/VMwareWebService/MiqVimInventory.rb:961:in `each'
> (druby://127.0.0.1:47828) /var/www/miq/vmdb/gems/pending/VMwareWebService/MiqVimInventory.rb:961:in `resourcePools_locked'
> (druby://127.0.0.1:47828) /var/www/miq/vmdb/gems/pending/VMwareWebService/MiqVimInventory.rb:981:in `resourcePoolsByMor_locked'
> (druby://127.0.0.1:47828) /var/www/miq/vmdb/gems/pending/VMwareWebService/MiqVimInventory.rb:1011:in `block in resourcePoolsByMor'
> /var/www/miq/vmdb/bin/rails:4:in `require'
> /var/www/miq/vmdb/bin/rails:4:in `<main>'
> [----] E, [2016-05-30T19:23:38.315793 #3132:633990] ERROR -- : MIQ(ManageIQ::Providers::Vmware::InfraManager::Refresher#refresh) EMS: [vCenter-Onprem], id: [23] Unable 

> to perform refresh for the following targets:
> [----] E, [2016-05-30T19:23:38.315862 #3132:633990] ERROR -- : MIQ(ManageIQ::Providers::Vmware::InfraManager::Refresher#refresh) EMS: [vCenter-Onprem], id: [23]   

> ManageIQ::Providers::Vmware::InfraManager: [vCenter-Onprem], id: [23]
> [----] I, [2016-05-30T19:23:38.402441 #3132:633990]  INFO -- : MIQ(ManageIQ::Providers::Vmware::InfraManager::Refresher#refresh) Refreshing all targets...Completed in 

> 1.102555489s

#5

Thanks @adlinix, can you open an issue [1] upstream? If you can include the version you are using, if you started having this issue recently, and if it is happening consistently for you.

[1] https://github.com/ManageIQ/manageiq/issues/new


#6

@agrare, I will do. Thanks for your reply

But does that mean that there is no such privilege needed for discovering vms associated with vcenter user?


#7

@adlinix

Does your limited user have access to view the other inventory items in VMware? MIQ keeps track of things like hosts, datastores, some network info, etc.


#8

@ewannema, No, it does have access only to the virtual machines under it. So I just want to know whether the error is due to privileges issue or some bug related to miq. Also I wanted to know the minimum privileges required by the vcenter user to discover all items under it.


#9

@adlinix, it looks like permissions to me. This is what the role for your service user should look like in vCenter:

From the Global group, check:

Cancel task
Diagnostics
Log Event
Set custom attribute
Settings
The entire set of privileges for the following groups should be checked.

Alarms
Datastores
dvPort Group
Host
Network
Resource
Scheduled Task
Tasks
Virtual Machine
vSphere Distributed Switch
In addition, you must also have the following objects and new role in place:

Datacenter: At the Datacenter the CloudForms Management Engine (CFME) (formerly EVM) user/group must have at least the read-only role at the Datacenter level (Not Propagated) to be able to see the datacenter. Without this access, relationships cannot be made. Specifically, the datastores will not show up.

Cluster: Each Cluster that the CFME needs access to must have the new role assigned and propagated.

Folders: Each Folder that CFME needs access to must have the new role assigned and propagated.

Datastores: Each Datastore that CFME needs access to must have the new role assigned and propagated.

Networking: Each vLAN or Port Group that CFME needs access to must have the new role assigned and propagated.


#10

@brandon, thanks for the reply. I will check it


#11

Hello All,
I am trying to INTEGRATE VMware Vcenter 6.5 with ManaageIQ and i am getting an error (fingerprint 20:68:67:cc:16:2d:4f:13:92:95:39:6d:bc:3d:ec:f6 does not match for X.X.X.X ). I have initially validated that VMware Vcenter with ManageIQ but when i later tried to intergate it . i get the error about Fingerprint. Pls can anyone walk me through how to clear the previous fingerprint so that i can integrate it once again.


#12

@yomesky2000 That sounds like a different issue than this topic, can you open a new one?
That isn’t an error I’ve seen…can you post a screenshot of the error and a section of the log that shows where that error is printed?


#13

Thanks , ill create a new topic and attach a screenshot with it.