Unable to take ESXi configuration backup using PowerShell.

As per the KB you can take configuration backup of ESXI so it can be restore if something goes wrong during maintenance/upgrade/reinstall kind of action. Following PowerShell can be use from VMware CLI.

PS C:\> Get-VMHostFirmware -VMHost esxi-1.gsslabs.org -BackupConfiguration -DestinationPath c:\backup

 

However sometime this command may fail with following error.

PS C:\> Get-VMHostFirmware -VMHost esxi-1.gsslabs.org -BackupConfiguration -DestinationPath c:\temp
An error occurred while sending the request.
At line:1 char:1
+ Get-VMHostFirmware -VMHost esxi-1.domain.local -BackupConfiguration -D ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Get-VMHostFirmware], ViError
    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_BackupVmHostFirmware_DownloadError,VMware.VimAutomation.ViCore.Cmdlets.
   Commands.Host.GetVMHostFirmware

 

You may see following lines in vpxd.log (vCenter) and hostd.log (ESXi host).

Hostd.log

2019-09-13T02:26:47.117Z info hostd[2098523] [Originator@6876 sub=Vimsvc.TaskManager opID=8b66f7f-a7-1965 user=vpxuser:VSPHERE.LOCAL\Administrator] Task Created : haTask--vim.host.FirmwareSystem.backupConfiguration-3991232424
2019-09-13T02:26:47.119Z info hostd[2099187] [Originator@6876 sub=SysCommandPosix opID=8b66f7f-a7-1965 user=vpxuser:VSPHERE.LOCAL\Administrator] ForkExec(/sbin/firmwareConfig.sh) 2266493
2019-09-13T02:26:48.393Z info hostd[2099187] [Originator@6876 sub=Vimsvc.TaskManager opID=8b66f7f-a7-1965 user=vpxuser:VSPHERE.LOCAL\Administrator] Task Completed : haTask--vim.host.FirmwareSystem.backupConfiguration-3991232424 Status success [LikewiseGetDomainJoinInfo:354] QueryInformation(): ERROR_FILE_NOT_FOUND (2/0):

VPXD.log

2019-09-13T02:28:26.134Z info vpxd[05841] [Originator@6876 sub=vpxLro opID=57b9c4a1] [VpxLRO] -- BEGIN lro-838226 -- firmwareSystem-161 -- vim.host.FirmwareSystem.backupConfiguration -- 521f50b8-5645-404f-11f8-f44099740a62(524a10f8-512b-637a-60ad-fb0b1d7510b6)
2019-09-13T02:28:29.300Z error vpxd[18796] [Originator@6876 sub=HostPicker opID=sps-Main-533116-133-60] [PickDoWork] Couldn't find any candidate host that satisfies all constraints

 

This particular problem comes when the port 80 (http) is blocked from your workstation to ESXi.  Following PS can be use to check the connectivity.

PS C:\> Test-NetConnection -Port 80 -ComputerName esxi-1.domain.local
WARNING: TCP connect to esxi-1.domain.local:80 failed
ComputerName           : esxi-1.domain.local
RemoteAddress          : 192.168.0.81
RemotePort             : 80
InterfaceAlias         : Ethernet0
SourceAddress          : 192.168.0.10
PingSucceeded          : True
PingReplyDetails (RTT) : 0 ms
TcpTestSucceeded       : False

 

Verify if the firewall inside the ESXi OR external firewall blocking that communication.

PS C:\> Get-VMHostFirewallException -VMHost esxi-1.domain.local -Name 'vSphere Web access'
Name                 Enabled IncomingPorts  OutgoingPorts  Protocols  ServiceRunning
----                 ------- -------------  -------------  ---------  --------------
vSphere Web Access   False   80                            TCP

 

If this is disabled then enabled using following command.

PS C:\> Get-VMHostFirewallException -VMHost esxi-1.domain.local -Name 'vSphere Web access' | Set-VMHostFirewallException -Enabled $True
Name                 Enabled IncomingPorts  OutgoingPorts  Protocols  ServiceRunning
----                 ------- -------------  -------------  ---------  --------------
vSphere Web Access   True    80                            TCP

 

A successful connection should show like below.

PS C:\> Test-NetConnection -Port 80 -ComputerName esxi-1.domain.local
ComputerName           : esxi-1.domain.local
RemoteAddress          : 192.168.0.81
RemotePort             : 80
InterfaceAlias         : Ethernet0
SourceAddress          : 192.168.0.10
PingSucceeded          : True
PingReplyDetails (RTT) : 0 ms
TcpTestSucceeded       : True

 

Make sure the IP of your workstation is present in allowed list. That can be done using the vCenter OR ESXi web console.

allowedip.jpg

Advertisements