by Harold Preyers | Mar 23, 2017 | ESXi, Trend Micro, VMware, vShield, vSphere
vCenter is showing an alarm on the TrendMicro Deep Security Virtual Appliance (DSVA): ‘vShield Endpoint SVM status’
Checking vShield for errors:
The DSVA VA console window shows: (as to where it should show a red/grey screen)
Let’s go for some log file analysis
To get a login prompt: Alt + F2
Login with user dsva and password dsva (this is the default)
The log file we are going to check is the messages log file at /var/log/messages
(why less is more: you get almost all the vi commands)
To go to the last line:
For some reason the ovf file is not like it is expected. The appliance is not able to set some ovf settings, in this case the network interfaces.
To exit the log file display mode:
To gain root privileges:
Enter the dsva user password
Navigate to the /var/opt/ds_agent/slowpath directory
|
|
cd /var/opt/ds_agent/slowpath |
Create the dsva-ovf.env file (if the file exists, delete the existing file first):
Reboot the appliance, once rebooted give it 5 minutes and the alarm should clear automatically:
by Harold Preyers | Mar 3, 2017 | PowerCLI, VMware, vSphere
Start the ssh service on all hosts:
|
|
Get-VMHost | Foreach { Start-VMHostService -HostService ($_ | Get-VMHostService | Where {$_.Key -eq "TSM-SSH"}) } |
If you want to start the ssh service on a single host, change ESXiHostName to your ESXi FQDN:
|
|
Get-VMHost -Name ESXiHostName | Foreach { Start-VMHostService -HostService ($_ | Get-VMHostService | Where {$_.Key -eq "TSM-SSH"}) } |
If you want to stop the ssh service on all hosts:
|
|
Get-VMHost | Foreach { Stop-VMHostService -HostService ($_ | Get-VMHostService | Where {$_.Key -eq "TSM-SSH"}) } |
If you have multiple cluster in vCenter, are connected to multiple vCenters, be sure to launch the command only to the necessary hosts:
- Get-Cluster -Name ClusterName will filter to the specified Cluster
- Get-VMHost -Name ESXiHostName will filter to the specified ESXi
- Get-VMHost -Server vCenterServerName will filter to the specified vCenter server
|
|
Get-Cluster -Name ClusterName | Get-VMHost -Name ESXiHostName -Server vCenterServerName | Foreach { Stop-VMHostService -HostService ($_ | Get-VMHostService | Where { $_.Key -eq "TSM-SSH"} ) } |
These are other services I frequently use:
- DCUI (Direct Console UI)
- lwsmd (Active Directory Service)
- ntpd (NTP Daemon)
- sfcbd-watchdog (CIM Server)
- snmpd (SNMP Server)
- TSM (ESXi Shell)
- TSM-SSH (SSH)
- vmsyslogd (Syslog Server)
- vmware-fdm (vSphere High Availability Agent)
- vpxa (VMware vCenter Agent)
- xorg (X.Org Server)
There are other services available but I have never used them in this context (yet):
- lbtd (Load-Based Teaming Daemon)
- pcscd (PC/SC Smart Card Daemon)
- vprobed (VProbe Daemon)
Change the startup policy for a service:
- Automatic: Start automatically if any ports are open, and stop when all ports are closed
- On: Start and stop with host
- Off: Start and stop manually
|
|
Get-VMHost | Foreach { Set-VMHostService -HostService ($_ | Get-VMHostService | Where {$_.key -eq "TSM-SSH"}) -policy On } |
