vCloud Director 10.0.0.2 for Service Providers | 30 APR 2020 | Build 16094943 (installed build 16081830)
Check for additions and updates to these release notes.
What's in this Document
- What's New
- System Requirements and Installation
- Previous Releases of vCloud Director 10.0.x for Service Providers
- Resolved Issues
- Known Issues
The vCloud Director 10.0.0.2 for Service Providers Patch Release provides bug fixes, updates the vCloud Director appliance base OS and the vCloud Director open-source components.
System Requirements and Installation
For more information about system requirements and installation instructions, see vCloud Director 10.0 for Service Providers Release Notes.
To access the full set of product documentation, go to VMware vCloud Director for Service Providers Documentation.
Previous Releases of vCloud Director 10.0.x for Service Providers
- Adding an edge gateway firewall rule fails
In an edge gateway with enabled distributed logical routing, if you select a network with distributed routing interface as the source or destination for a new firewall rule, the operation fails with an error message.
Invalid vnicGroupId vnic-index-X is specified or vnic-index-X is being deleted but consumed in firewall rule id 0., error code 12008
- The Next button in the Create VM Placement Policy wizard is greyed out and you cannot create a VM placement policy
If during the creation of a VM placement policy you select a VM group or a cluster with a dot (
.) character in the name, the Next button in the Create VM Placement Policy wizard is greyed out.
- You can create a snapshot of a vApp or VM located outside your current organization VDC by using the API
If you have a local organization administrator credentials, by using the API you can create snapshots of vApps and VMs located in other organization VDCs.
- Using the vCloud Director REST API to run a GET query might not return the full list with edge gateways
For an organization VDC configured with 1000 or more edge gateways, an API
GET /network/edgesquery does not return the full list of edge gateways in the organization VDC.
- Updating the properties of an NSX edge gateway causes a redeployment of the same edge gateway
If you configure an NSX edge gateway as Large, when you update its properties, the vApp placement engine redeploys the same NSX edge gateway.
- Emails for expired vApps are sent to all members of an organization instead of sending them only to the organization administrator
When a vApp storage lease expires, an email notification is sent not only to the organization administrator, but also to all members of the same vCloud Director organization, irrespective of their assigned user role.
- Converting the interface of an organization VDC network from Internal to Subinterface fails
In the vCloud Director Web Console, when you try to convert the interface of an organization VDC network from Internal to Subinterface, the operation fails with an error message.
Logical switch Id 'id-of-logical-switch' of sub-interface index '10' and TRUNK vnic's backing distributed portgroup should be on the same switch., error code 10196
- The OK button in the New VM wizard is greyed out and you cannot create a new VM
In the vCloud Director Tenant Portal, if you add only one VM sizing policy to an organization VDC without setting it as the default sizing policy, when you initiate creation of a new VM, the OK button in the New VM wizard is greyed out and you cannot proceed with building the new VM .
- vCloud Director organization administrators receive a bounce email from firstname.lastname@example.org
When vCloud Director sends alert email notifications to the default user account
email@example.com, the organization administrators receive a bounce email from
- Creation of a routed organization VDC network fails
When you try to create a routed organization VDC network, the operation fails with an error message.
The input request is invalid.
- Deletion of an NSX-T backed organization VDC fails
If your organization VDC is backed by NSX-T, deleting the organization VDC fails with a
- In the vCloud Director Tenant Portal, updating the existing source NAT (SNAT) rule configuration removes the destination IP address
On an edge gateway, updating the configuration of an existing SNAT rule removes the destination IP address.
- Updating an existing IPsec VPN site or configuring a new IPsec VPN site, resets the IPsec VPN tunnel
On an edge gateway with a configured IPsec VPN connection between the sites, updating an existing or configuring a new IPsec VPN site resets the existing IPsec VPN tunnels.
- Creating vApp from a vApp template results in incorrect guest OS customization properties of the VMs within the vApp
The issue occurs if a vApp template has the Enable Guest Customization, Allow local administrator password, Require Administrators to change password on first login, and Auto generate password options enabled. When you create a new vApp from the vApp template by using the HTML5 UI, the Allow local administrator password and Require Administrators to change password on first login options are deselected.
- You cannot set a custom disk size value on a new virtual machine
When you select the Custom Sizing Options radio button during the creation of a new virtual machine, the Size drop-down menu displays only the predefined size values and you cannot set a custom disk size value.
- Adding a new virtual machine to a vApp fails
If your vApp external network is configured with multiple subnets, adding a new virtual machine to this vApp fails with an
Existing subnets cannot be deletederror message.
- Renaming a virtual machine deletes the existing Single Root I/O Virtualization enabled NIC
In a VM configured with a NIC that supports Single Root I/O Virtualization (SR-IOV), renaming the VM deletes the SR-IOV enabled NIC.
- When using the vCloud Director API, reverting a vApp with multiple VMs to a snapshot fails
If you have multiple VMs in a vApp, when you try to revert the vApp to a snapshot by using an API, the operation fails with a
- vCloud Director Tenant Portal takes longer than the vRealize Orchestrator Client to display a workflow as Completed
When the vRealize Orchestrator client runs the Deploy a new vApp workflow, if you add simultaneously multiple VMs to a VM group, the vCloud Director Tenant Portal takes longer than the vRealize Orchestrator Client to display the workflow as completed.
- You cannot select a predefined service when adding a new distributed firewall rule to an organization VDC
When you add a new distributed firewall rule to an organization VDC, the filter for selecting a predefined service of the new rule is case-sensitive and you cannot select the service.
- The Peripheral Component Interconnect (PCI) slot numbers in a newly created from a template virtual machine are in incorrect order
In a new vApp, after you added a VM from a template, the PCI slot numbers in the resulting VM do not match the PCI slot numbers in the source VM template.
- Quiescing or pausing the primary cell in a multi-cell environment does not restart the periodical tasks on the secondary cell
In a multi-cell environment, when you quiesce or pause the primary cell, the periodical tasks that are running in the background of the primary cell are not started from the secondary cell.
Workaround: Restart the vCloud Director services on the cell.
- In the vCloud Director Service Provider Admin Portal, deletion of an organization Virtual Data Center fails with a Cannot delete organization VDC network error message
In the vCloud Director Service Provider Admin Portal, you add an edge gateway to your organization virtual data center and enable the gateway to provide vCloud Director Distributed Routing.
When you try to delete the organization virtual data center recursively, the deletion fails with a
Cannot delete organization VDC networkerror message.
Workaround: To delete the organization VDC, follow the steps.
- By using API, delete the organization VDC networks and the edge gateways associated with the organization VDC that you want to delete.
- By using API, delete the organization VDC.
- If you disable the provider access to the legacy API login endpoint, all API integrations that rely on the system administrator login stop working, including vCloud Usage Meter and vCloud Availability for vCloud Director
Starting with vCloud Director 10.0, you can use separate vCloud Director OpenAPI login endpoints for service provider and tenant access to vCloud Director. If the service provider access to the legacy
/api/sessionsendpoint is disabled, it causes products that integrate with vCloud Director, like vCloud Usage Meter and vCloud Availability for vCloud Director, to stop working. These products will require a patch to continue to operate.
The issue affects only system administrators. The tenant login is not affected.
Workaround: Re-enable the service provider access to the legacy
/api/sessionsendpoint by using the cell management tool.
- When you change the reservation guarantee values of a VDC, the existing VMs are not updated accordingly even after a reboot
If you have a flex organization VDC with the system default policy and powered-on virtual machines on that VDC are with the default sizing policy, when you increase the resource guarantee value of the VDC, the resource reservation for the existing VMs is not updated and they are also not marked as non-compliant. The issue occurs also when you convert a legacy VDC allocation model to a flex allocation model and the existing VMs become non-compliant with the new default policy of the flex organization VDC after the conversion.
- To display the non-compliant VMs in the vCloud Director UI, perform an explicit compliance check against the VMs by using the vCloud API.
- To reapply the policy and reconfigure the resource reservations, in the vCloud Director Tenant Portal, click Make VM Compliant for a non-compliant VM.
- vCloud Director displays incorrect information about running and total VMs and CPU and memory stats in dedicated vCenter Server instances
If a dedicated vCenter Server is version 6.0 U3i or earlier, 6.5U2 or earlier, or 6.7U1 or earlier, vCloud Director displays incorrect information about running VMs, total VMs, and CPU and memory statistical information in the vCenter Server instance. The dedicated vCenter Server tile in the Tenant Portal and the dedicated vCenter Server information in the Service Provider Admin Portal display zero for both running and total VMs, even when there are virtual machines in the vSphere environment.
Workaround: Upgrade the vCenter Server instance to version 6.0 U3j, 6.5U3, 6.7U2 or later.
- If the current primary cell is healthy, you cannot promote a standby cell to primary by using the appliance management user interface
If the primary node is healthy, the Promote button in the appliance management UI does not work.
Workaround: Switch the roles of the primary and a standby by using the Replication Manager Tool suite. For more information, see Switch the Roles of the Primary and a Standby Cell in a Database High Availability Cluster.
- Updating a VM sizing policy fails with a memory allocation error
If you convert an allocation-pool VDC to a flex organization VDC, vCloud Director keeps the maximum policy information from the allocation-pool VDC before the conversion. CPU or memory reservation guarantees higher than the reservations defined in the allocation-pool VDC fail with a
Virtual machine reservation or limit or shares settings are invaliderror.
Workaround: Log in as a system administrator and set a new maximum policy with the new resource reservation guarantees.
- Used NICs count in edge gateways grid is incorrect for NSX-T Edge Gateways
For NSX-T organization VDC edge gateways, the number of used NICs displayed in the Edge Gateways page of the vCloud Director Service Provider Admin Portal is incorrect.The issue does not affect the functionality itself.
- Cannot configure the system to use a SAML identity provider by using the vCloud Director Service Provider Admin Portal
After you configure your system to use a SAML identity provider by using the vCloud Director Service Provider Admin Portal, you cannot log in again to the vCloud Director Service Provider Admin Portal.
Workaround: Configure your system to use a SAML identity provider by using the vCloud Director Web Console.
- In the tenant H5 UI, not all organization VDC networks are displayed when adding an organization VDC network to a vApp
In the tenant H5 UI, when you try to select an organization VDC network to add to a vApp, the H5 UI does not display the full network list. This is observed only with shared organization VDC networks when a multi-clustered backed PVDC is used.
Workaround: Use vCloud Director Web console (Flex UI).
- Cannot access an SDDC proxy if vCloud Director uses legacy self signed certificates
After the upgrade to vCloud Director 9.7, connecting to an SDDC proxy might fail with the error message:
verify error:num=20:unable to get local issuer certificate. This issue happens if you generated the self signed certificates by using the cell management tool in vCloud Director 9.5 or earlier.
Workaround: After the upgrade to vCloud Director 9.7, regenerate and update the self signed certificates.
- After the upgrade to vCloud Director 9.7 (vCloud API v.32.0), custom links that you added by using branding OpenAPI calls are removed
In vCloud API v.32.0, type
UiBrandingLinkthat is used for custom links is replaced by type
UiBrandingMenuItem. These types have different elements. This change is backward incompatible. As a result, API calls from versions 31.0 or earlier that attempt to process or set
Workaround: Update your API calls to the new data type.
- Changing the compute policy of a powered on VM might fail
When trying to change the compute policy of a powered on VM, if the new compute policy is associated with a provider VDC compute policy that has VM Groups or Logical VM Groups, an error occurs. The error message contains:
Underlying system error: com.vmware.vim.binding.vim.fault.VmHostAffinityRuleViolation.
Workaround: Power off the VM, and retry the operation.
- When using the vCloud Director Service Provider Admin Portal with Firefox, you cannot load the tenant networking screens
If you are using the vCloud Director Service Provider Admin Portal with Firefox, the tenant networking screens, for example, the Manage Firewall screen for an organization virtual data center, might fail to load. This issue happens if your Firefox browser is configured to block Third-Party cookies.
Workaround: Configure your Firefox browser to allow third-party cookies.
- vCloud Director 9.7 supports only a list of input parameters of vRealize Orchestrator workflows
vCloud Director 9.7 supports the following input parameters of vRealize Orchestrator workflows:
- A fast-provisioned virtual machine created on a VMware vSphere Storage APIs Array Integration (VAAI) enabled NFS array, or vSphere Virtual Volumes (VVols) cannot be consolidated
In-place consolidation of a fast provisioned virtual machine is not supported when a native snapshot is used. Native snapshots are always used by VAAI-enabled datastores, as well as by VVols. When a fast-provisioned virtual machine is deployed to one of these storage containers, that virtual machine cannot be consolidated .
Workaround: Do not enable fast provisioning for an organization VDC that uses VAAI-enabled NFS or VVols. To consolidate a virtual machine with a snapshot on a VAAI or a VVol datastore, relocate the virtual machine to a different storage container.
- Org VDC network status is blank
In the H5 tenant portal, the status of some old operational Org VDC networks appears as blank.
Workaround: Change a property of the Org VDC network (e.g. description) and save it.
- Organization VDC network cannot be deleted from the Tenant portal
You have added a VDC network to a vApp and you have connected the same vApp to a virtual machine.
When you try to delete the organization VDC network in the tenant portal, you receive an error message and you cannot proceed with the deletion.
This network is in use.
Workaround: To delete the organization VDC network follow the steps.
- In vCloud Director Web console, navigate to System > Organizations, and select your organization name.
A window with all vApps, associated to your organization opens.
- Select the organization VDC vApp and navigate to the Networking tab.
- Right-click the organization VDC network you want to delete and select Delete.
- To delete the organization VDC network, click Apply.
- In vCloud Director Web console, navigate to System > Organizations, and select your organization name.
- When creating an Anti-Affinity Rule in the vCloud Director tenant portal, the UI displays empty virtual machine list
When you try to create an Anti-Affinity rule in the vCloud Director tenant portal, you cannot select a virtual machine to add to the rule because the virtual machine selection list is empty.
Workaround: To create an Anti-Affinity Rule, use the vCloud Director Web console.
- Newly created virtual machines are deployed on the organization VDC default storage policy
In the vCloud Director Tenant Portal, when you create a new standalone virtual machine, the option to specify the storage policy is missing. As a result the created virtual machine is deployed with the default storage policy of the organization VDC.
Workaround: After you create the virtual machine, go to the resulted virtual machine properties and change the storage policy.