When monitoring VMware vSphere (previously known as vCenter) infrastructures, a very helpful monitoring plugin is check_vmware_snapshots. This monitoring plugin, written in Perl, checks for the number of snapshots and the snapshots' age and alerts if thresholds are reached.
However after an OS upgrade (from Ubuntu 16.04 to 20.04) the plugin stopped working. Instead of displaying the number of snapshots, an error "Server version unavailable" is showing up in the output:
root@monitoring:~# /usr/lib/nagios/plugins/check_vmware_snapshots.pl --server vsphereserver --username "monitoring" --password "secret" --mode age --warning 10 --critical 14
Server version unavailable at 'https://vsphereserver:443/sdk/vimService.wsdl' at /usr/share/perl/5.30/VMware/VICommon.pm line 704.
This error looks eerily familiar; back in 2011 I already came across a similar error related to VMware's API and Perl (check_esx3.pl Nagios plugin error - Server version unavailable).
Back then the fix was to add a Perl LWP config setting to disable hostname verfication on the TLS certificate. But the check_vmware_snapshots.pl plugin already contains this setting in the second line:
#!/usr/bin/perl
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0;
# check_vmware_snapshots.pl
# Extra packages required (URL given for vMA suitable RPMs)
# * Date::Parse from http://vault.centos.org/5.2/extras/i386/RPMS/
However with recent Perl (SSL) updates this setting is not enough anymore, as mentioned by GitHub user "PetrMa".
The solution is to additionally disable SSL verification in the IO::Socket::SSL module. The begin of the modified plugin therefore looks like this:
#!/usr/bin/perl
BEGIN {
$ENV{'PERL_LWP_SSL_VERIFY_HOSTNAME'} = 0;
eval {
# required for new IO::Socket::SSL versions
require IO::Socket::SSL;
IO::Socket::SSL->import();
IO::Socket::SSL::set_ctx_defaults( SSL_verify_mode => 0 );
};
};
# check_vmware_snapshots.pl
# Extra packages required (URL given for vMA suitable RPMs)
# * Date::Parse from http://vault.centos.org/5.2/extras/i386/RPMS/
Right after the plugin modification, the checks worked fine again:
root@monitoring:~# /usr/lib/nagios/plugins/check_vmware_snapshots.pl
--server vsphereserver --username "monitoring" --password "secret"
--mode age --warning 10 --critical 14
CRITICAL - 1 outdated VM snapshots found!, Snapshot "VM-Snapshot 26.7.2021, 14:58:32" (VM: 'wwtf111') is 25 days old | outdated_snapshots=1snapshots;10;14
NadaMac from wrote on Oct 14th, 2022:
MANY thanks Claudio
your patch helps ! and it works !!!
we use vSphere SDK for Perl to backup VMs
Your patch was applied at /usr/share/perl/5.32/VMware/VICommon.pm
OS debian Bullseye 11.5
Kernel Linux vm-backup 5.10.0-18-amd64 #1 SMP Debian 5.10.140-1 (2022-09-02) x86_64 GNU/Linux
Perl v5.32.1
VMware vSphere Perl SDK 7.0U1
have a nice weekend
AWS Android Ansible Apache Apple Atlassian BSD Backup Bash Bluecoat CMS Chef Cloud Coding Consul Containers CouchDB DB DNS Database Databases Docker ELK Elasticsearch Filebeat FreeBSD Galera Git GlusterFS Grafana Graphics HAProxy HTML Hacks Hardware Icinga Influx Internet Java KVM Kibana Kodi Kubernetes LVM LXC Linux Logstash Mac Macintosh Mail MariaDB Minio MongoDB Monitoring Multimedia MySQL NFS Nagios Network Nginx OSSEC OTRS Office OpenSearch PGSQL PHP Perl Personal PostgreSQL Postgres PowerDNS Proxmox Proxy Python Rancher Rant Redis Roundcube SSL Samba Seafile Security Shell SmartOS Solaris Surveillance Systemd TLS Tomcat Ubuntu Unix VMWare VMware Varnish Virtualization Windows Wireless Wordpress Wyse ZFS Zoneminder