Problem description
Upgrade of Druva proxy servers for VMware workloads fails when initiated directly from the Druva Management Console.
Cause
The Druva Console upgrade fails because the underlying network connection is repeatedly reset or interrupted while downloading the deployment payload from the Amazon S3 bucket URL (dprod-devicestore-package.s3.us-east-1.amazonaws.com). Because the proxy environment cannot sustain a clean connection to the S3 bucket to verify package integrity, the process terminates before completion.
Traceback
Message="Failed to download & verify package"
Error="Get https://dprod-devicestore-package.s3.us-east-1.amazonaws.com/dcp/12289/DevicePackage/v0.4.10/3/1/EnterpriseWorkloads-VMWareBackupProxy-7.1.1-930986-amd64.deb?...&X-Amz-Signature=c9effec2c7d847cf671c52b9996c2243fc6ea23a409dcbed0078263a195c3fed"
Resolution
To permanently resolve this issue and restore automated console functionality, you must coordinate with your network team to ensure appropriate URL whitelisting. In the interim, use the manual workaround steps to complete the active upgrade.
Section 1: Permanent Solution (Network/Firewall Adjustment)
The console-initiated upgrade mechanism relies heavily on stable HTTPS communication over port 443 with specific Druva download endpoints and AWS S3 storage buckets.
Have your network administration team verify that firewall rules, intrusion prevention systems (IPS), or deep packet inspection (DPI) proxies are not dropping packets to
*.amazonaws.comor*.druva.com.Specifically, ensure both the FQDN and Alias URLs for
downloads.druva.comand the region-specific AWS S3 storage URLs are whitelisted to ensure successful future agent upgrades.
Section 2: Immediate Manual Workaround
If an immediate upgrade is required before the network configuration changes can take effect, perform a manual package upgrade directly on the VMware Backup Proxy appliance:
Log in to the Proxy Server: Use PuTTY or your preferred SSH client to connect to the affected VMware Backup Proxy server using administrator credentials.
Navigate to the Temporary Directory: Change your working directory to the temporary path:
cd /tmp
Download the Upgrade Package Manually: Fetch the standalone installer directly from the reliable Druva downloads repository via
wget:wget "https://downloads.druva.com/downloads/Phoenix/12289/DevicePackage/v0.4.10/3/1/EnterpriseWorkloads-VMWareBackupProxy-7.1.1-930986-amd64.deb"
Verify the Currently Installed Druva Package: Check the current version of your running enterprise workloads package:
dpkg -l | grep -i druva
Remove the Existing Package (Preserving Configuration): Uninstall the active binary container without purging your local system tokens and settings:
dpkg -r enterpriseworkloads
CRITICAL: When prompted with:
Do you want to cleanup all EnterpriseWorkloads config and data files: [yes/no]? [default: no]Type
noand press Enter. This ensures all backup configurations, network IDs, and tokens are safely retained.Install the Downloaded Package: Deploy the freshly downloaded package update using the package manager:
dpkg -i EnterpriseWorkloads-VMWareBackupProxy-7.1.1-930986-amd64.deb
Verify the Installation: Confirm the upgrade succeeded and check that the correct target version is registered:
dpkg -l | grep -i druva
Verification
To verify the resolution:
Log back into the Druva Management Console.
Navigate to your VMware Registered Proxies dashboard.
Locate the upgraded backup proxy and confirm that its status displays as Connected and the version reflects the new target release version.
See also