VMware Cloud Director 10.1.4.1 | 14 APR 2022 | Build 19580631 (installed build 19580547)
Check for additions and updates to these release notes.
The VMware Cloud Director 10.1.4.1 patch release resolves CVE-2022-22966. For information, see https://www.vmware.com/security/advisories.
For information about system requirements and installation instructions, see VMware Cloud Director 10.1 Release Notes.
To access the full set of product documentation, go to VMware Cloud Director Documentation.
VMs become non-compliant after converting a reservation pool VDC into a flex organization VDC
In an organization VDC with a reservation pool allocation model, if some of the VMs have nonzero reservation for CPU and Memory, non-unlimited configuration for CPU and Memory, or both, after converting into a flex organization VDC, these VMs become non-compliant. If you attempt to make the VMs compliant again, the system applies an incorrect policy for the reservation and limit and sets the CPU and Memory reservations to zero and the limits to Unlimited.
The VMware Cloud Director appliance deployment fails when you enable the setting to expire the root password upon the first login
If you attempt to deploy an appliance with enabled Expire Root Password Upon First Login setting, the deployment fails and the /opt/vmware/var/log/firstboot log file displays an error:
[ERROR] postgresauth script failed to execute.
Workaround: Disable the Expire Root Password Upon First Login setting and specify an initial root password that contains at least eight characters, one uppercase character, one lowercase character, one numeric digit, and one special character.
When a vApp User attempts to create a vApp from a template, this might result in
Operation is denied message
If your assigned user role is vApp User, when you attempt to create a vApp from a template and you customize the VM sizing policies for the virtual machines in the vApp, this results in
Operation is denied message. This happens because the vApp User role allows you to instantiate vApps from templates, but it does not include rights that allow you to customize a virtual machine's memory, CPU or hard disk. By changing the sizing policy, you could be changing the virtual machine memory or CPU.
NFS downtime can cause VMware Cloud Director appliance cluster functionalities to malfunction
If the NFS is unavailable due to the NFS share being full, becoming read only, and so on, can cause appliance cluster functionalities to malfunction. HTML5 UI is unresponsive while the NFS is down or cannot be reached. Other functionalities that might be affected are the fencing out of a failed primary cell, switchover, promoting a standby cell, and so on. For more information about setting up correctly the NFS shared storage, see Preparing the Transfer Server Storage for the VMware Cloud Director Appliance.
Trusting an endpoint while adding vCenter Server and NSX Resources in a multisite environment does not add the endpoint to the centralized certificate storage area
In a multisite environment, while using the HTML5 UI, if you are logged in to a vCloud Director 10.0 site or trying to register a vCenter Server instance to a vCloud Director 10.0 site, VMware Cloud Director will not add the endpoint to the centralized certificate storage area.
Trying to encrypt named disks in vCenter Server version 6.5 or earlier fails with an error
For vCenter Server instances version 6.5 or earlier, if you try to associate new or existing named disks with an encryption enabled policy, the operation fails with a
Named disk encryption is not supported in this version of vCenter Server. error.
In a multisite mixed environment with VMware Cloud Director versions 10.0 and 10.1, trusting the certificates for vCenter Server and NSX connections works only for the objects from the local site
If you have a multisite environment with VMware Cloud Director versions 10.0 and 10.1 associated with each other, when you log in to one of the sites, you cannot register vCenter Server or NSX Manager instances on the other site.
Workaround: Log into the site in which you want to register the vCenter Server or NSX Manager instance and start the registration process.
In the VMware Cloud Director Tenant Portal, you cannot filter VMs by data center from the advanced filtering option for virtual machines under the Applications tab
In the VMware Cloud Director Tenant Portal, when you navigate to Virtual Machines under the Applications tab in the top navigation bar, filtering the virtual machines by data center from the advanced filtering option results in an error
Bad request: Unknown property name vdcName.
Workaround: From the top navigation bar, select Data Centers and select a data center to view the virtual machines in it.
Extension services cannot process RabbitMQ messages from VMware Cloud Director
Extension services that rely on RabbitMQ cannot get the header
notification.type from a message because the header has a new temporary name. The header name for VMware Cloud Director 10.1.0 is
Workaround: If your extension services process RabbitMQ messages from VMware Cloud Director and use the
notification.type message header, you must change them. If the
notification.type header is not available, extension services must get the value from the header
notification.operationType. This change is needed only for version 10.1.0.
In the VMware Cloud Director Service Provider Admin Portal, deleting an organization virtual data center fails with an error
In the VMware Cloud Director Service Provider Admin Portal, if you add an edge gateway to your organization VDC and enable the gateway to provide VMware Cloud Director Distributed Routing, trying to delete the organization VDC recursively fails with a
Cannot delete organization VDC network error message.
If you disable the provider access to the legacy API login endpoint, all API integrations that rely on the system administrator login stop working, including vCloud Usage Meter and vCloud Availability for VMware Cloud Director
Starting with vCloud Director 10.0, you can use separate VMware Cloud Director OpenAPI login endpoints for service provider and tenant access to VMware Cloud Director. If the service provider access to the legacy
/api/sessions endpoint is disabled, it causes products that integrate with VMware Cloud Director, like vCloud Usage Meter and vCloud Availability for VMware Cloud Director, to stop working. These products will require a patch to continue to operate.
The issue affects only system administrators. The tenant login is not affected.
Workaround: Re-enable the service provider access to the legacy
/api/sessions endpoint by using the cell management tool.
When you change the reservation guarantee values of a VDC, the existing VMs are not updated accordingly even after a reboot
If you have a flex organization VDC with the system default policy and powered-on virtual machines on that VDC are with the default sizing policy, when you increase the resource guarantee value of the VDC, the resource reservation for the existing VMs is not updated and they are also not marked as non-compliant. The issue occurs also when you convert a legacy VDC allocation model to a flex allocation model and the existing VMs become non-compliant with the new default policy of the flex organization VDC after the conversion.
VMware Cloud Director displays incorrect information about running and total VMs and CPU and memory stats in dedicated vCenter Server instances
If a dedicated vCenter Server is version 6.0 U3i or earlier, 6.5U2 or earlier, or 6.7U1 or earlier, VMware Cloud Director displays incorrect information about running VMs, total VMs, and CPU and memory statistical information in the vCenter Server instance. The dedicated vCenter Server tile in the Tenant Portal and the dedicated vCenter Server information in the Service Provider Admin Portal display zero for both running and total VMs, even when there are virtual machines in the vSphere environment.
Workaround: Upgrade the vCenter Server instance to version 6.0 U3j, 6.5U3, 6.7U2 or later.
Changing the compute policy of a powered on VM might fail
When trying to change the compute policy of a powered on VM, if the new compute policy is associated with a provider VDC compute policy that has VM Groups or Logical VM Groups, an error occurs. The error message contains:
Underlying system error: com.vmware.vim.binding.vim.fault.VmHostAffinityRuleViolation.
Workaround: Power off the VM, and retry the operation.
When using the VMware Cloud Director Service Provider Admin Portal with Firefox, you cannot load the tenant networking screens
If you are using the VMware Cloud Director Service Provider Admin Portal with Firefox, the tenant networking screens, for example, the Manage Firewall screen for an organization virtual data center, might fail to load. This issue happens if your Firefox browser is configured to block Third-Party cookies.
Workaround: Configure your Firefox browser to allow third-party cookies.
VMware Cloud Director 10.1 supports only a list of input parameters of vRealize Orchestrator workflows
VMware Cloud Director 10.1 supports the following input parameters of vRealize Orchestrator workflows:
A fast-provisioned virtual machine created on a VMware vSphere Storage APIs Array Integration (VAAI) enabled NFS array, or vSphere Virtual Volumes (VVols) cannot be consolidated
In-place consolidation of a fast provisioned virtual machine is not supported when a native snapshot is used. Native snapshots are always used by VAAI-enabled datastores, as well as by VVols. When a fast-provisioned virtual machine is deployed to one of these storage containers, that virtual machine cannot be consolidated.
Workaround: Do not enable fast provisioning for an organization VDC that uses VAAI-enabled NFS or VVols. To consolidate a virtual machine with a snapshot on a VAAI or a VVol datastore, relocate the virtual machine to a different storage container.