VMware Cloud Director Availability Logs

The log files that contain system messages are located in the VMware Cloud Director Availability virtual appliances.

Each VMware Cloud Director Availability service uses a separate log file, located in the following folders in the VMware Cloud Director Availability appliances.


Service	Default Location	Description
Replicator Service	/opt/vmware/h4/replicator/log/replicator.log	Contains application-specific logs and security-related messages.
Replicator Service	/opt/vmware/h4/replicator/log/requests.log	When activated, contains HTTP request and response data like URL, response code, and timing entries.
Manager Service	/opt/vmware/h4/manager/log/manager.log	Contains application-specific logs and security-related messages.
Manager Service	/opt/vmware/h4/manager/log/requests.log	When activated, contains HTTP request and response data like URL, response code, and timing entries.
Cloud Service	/opt/vmware/h4/cloud/log/cloud.log	Contains applicationvmware/var/log/-specific logs security-related messages.
Cloud Service	/opt/vmware/h4/cloud/log/requests.log	When activated, contains HTTP request and response data like URL, response code, and timing entries.
Tunnel Service	/opt/vmware/h4/tunnel/log/tunnel.log	Contains entries with the source or destination IP and the source or destination port for newly established TCP connections to and from the Tunnel Service.
Tunnel Service	/opt/vmware/h4/tunnel/log/requests.log	When activated, contains HTTP request and response data like URL, response code, and timing entries.
vSphere Replication Server	/var/log/vmware/hbrsrv.log	The log file of the HBR server. Useful for troubleshooting NFC errors other problems.
Upgrade Logs	/opt/vmware/var/log/vami/vami.log /opt/vmware/var/log/vami/updatecli.log	Contain upgrade log entries.

Note: The resources that relate to security operate with the required OS permissions and ownership. Do not attempt to change the ownership or permissions of these files.

Log Messages Related to Security

Attempting to log in by using an incorrect password for the root user account of the appliance shows the following log output.

2019-10-22 08:48:29.949  WARN - [3c08455a-343d-46d8-a21b-beefcc0a93fa_9V] [https-jsse-nio-8046-exec-10] c.v.h.c.system.AppliancePasswordHelper   : stderr: Unable to authenticate root.

2019-10-22 08:48:29.950  WARN - [3c08455a-343d-46d8-a21b-beefcc0a93fa_9V] [https-jsse-nio-8046-exec-10] c.v.h.c.system.AppliancePasswordHelper   : Incorrect appliance password received!

2019-10-22 08:48:29.953 ERROR - [3c08455a-343d-46d8-a21b-beefcc0a93fa_9V] [https-jsse-nio-8046-exec-10] c.v.h4.common.config.SecurityConfig      : An unauthorized POST request from 127.0.0.1 port 46406 to /sessions failed.

org.springframework.security.authentication.BadCredentialsException: Login failed

        at com.vmware.spring.security.creds.generic.CredentialsAuthenticationProvider.authenticate(CredentialsAuthenticationProvider.java:84)

        at com.vmware.h4.cloud.security.VcloudCredentialsProvider.authenticate(VcloudCredentialsProvider.java:40)

        at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:175)

        at com.vmware.spring.security.creds.JsonCredentialsAuthenticationFilter.attemptAuthentication(JsonCredentialsAuthenticationFilter.java:140)

        at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212)

Attempting to log in from the Internet by using the root user account of the appliance shows the following log output.

2019-10-22 08:51:19.245 ERROR - [6d57eddb-a9d7-4f85-8fec-98503d912c7e_JK] [https-jsse-nio-8043-exec-10] c.v.spring.security.SourceIpAuthorizer   : Authorization by source IP failure: the client IP 127.0.0.1 did not match the rule Rule{ != 127.0.0.1 }

Attempting to log in by using incorrect single sign-on user credentials shows the following log output.

2019-10-22 08:51:59.292 ERROR - [337a5316-56d7-4a28-8991-83911eadbdc9_9W] [https-jsse-nio-8046-exec-3] c.v.h4.common.config.SecurityConfig      : An unauthorized POST request from 127.0.0.1 port 46430 to /sessions failed.

org.springframework.security.authentication.BadCredentialsException: Login failed

        at com.vmware.spring.security.creds.SsoCredentialsAuthenticationProvider.authenticate(SsoCredentialsAuthenticationProvider.java:101)

        at com.vmware.h4.cloud.security.VcloudSsoCredentialsProvider.authenticate(VcloudSsoCredentialsProvider.java:44)

        at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:175)

        at com.vmware.spring.security.creds.JsonCredentialsAuthenticationFilter.attemptAuthentication(JsonCredentialsAuthenticationFilter.java:140)

        at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212)

        ...

Caused by: com.vmware.vlsi.client.sso.SsoException: com.vmware.vim.sso.client.exception.AuthenticationFailedException: Provided credentials are not valid.

        at com.vmware.vlsi.client.sso.SsoException.toSsoEx(SsoException.java:34)

        at com.vmware.vlsi.client.sso.StsService.acquireBearerToken(StsService.java:90)

        at com.vmware.vlsi.client.sso.StsService.acquireBearer(StsService.java:82)

        at com.vmware.spring.security.creds.SsoCredentialsAuthenticationProvider.authenticate(SsoCredentialsAuthenticationProvider.java:96)

Certificate mismatch after replacing the certificate of a VMware Cloud Director Availability service. The following log output shows a remote cloud site attempting to connect to the local cloud site, when trust is established with the old certificate.

2019-10-22 09:00:29.748  WARN - [cd88c84a-be07-4ae2-8150-1ba9a3806ad8_Ah] [https-jsse-nio-8046-exec-1] com.vmware.h4.cloud.peer.PeerRepo        : Unrecognized peer certificate: SHA-256:DC:8F:7E:F9:64:EF:45:A8:2A:EF:C1:71:E8:03:83:6C:B7:9F:F8:80:86:03:D9:2C:4E:51:E6:1F:B6:9F:BB:10

2019-10-22 09:00:29.749 ERROR - [cd88c84a-be07-4ae2-8150-1ba9a3806ad8_Ah] [https-jsse-nio-8046-exec-1] c.v.h4.common.config.SecurityConfig      : An unauthorized GET request from 172.16.198.49 port 46872 to /diagnostics/peer-health failed.

org.springframework.security.authentication.BadCredentialsException: Unrecognized client certificate

        at com.vmware.spring.security.clientcert.ClientCertAuthenticationProvider.authenticate(ClientCertAuthenticationProvider.java:47)

        at com.vmware.h4.cloud.peer.PeerClientCertAuthenticationProvider.authenticate(PeerClientCertAuthenticationProvider.java:65)

        at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:175)

        at com.vmware.spring.security.clientcert.impersonate.ImpersonatingClientCertFilter.attemptAuthentication(ImpersonatingClientCertFilter.java:45)

        at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212)

        ...