VMware Cloud Director | 14 APR 2022 | Build 19580631 (installed build 19580547)

Check for additions and updates to these release notes.

What's New

The VMware Cloud Director patch release resolves CVE-2022-22966. For information, see https://www.vmware.com/security/advisories.

System Requirements and Installation

For information about system requirements and installation instructions, see VMware Cloud Director 10.1 Release Notes.


To access the full set of product documentation, go to VMware Cloud Director Documentation.

Previous Releases of VMware Cloud Director 10.1.x

Known Issues

  • VMs become non-compliant after converting a reservation pool VDC into a flex organization VDC

    In an organization VDC with a reservation pool allocation model, if some of the VMs have nonzero reservation for CPU and Memory, non-unlimited configuration for CPU and Memory, or both, after converting into a flex organization VDC, these VMs become non-compliant. If you attempt to make the VMs compliant again, the system applies an incorrect policy for the reservation and limit and sets the CPU and Memory reservations to zero and the limits to Unlimited.


    1. A system administrator must create a VM sizing policy with the correct configuration.
    2. A system administrator must publish the new VM sizing policy to the converted flex organization VDC.
    3. The tenants can use the VMware Cloud Director API or the VMware Cloud Director Tenant Portal to assign the VM sizing policy to the existing virtual machines in the flex organization VDC.

  • The VMware Cloud Director appliance deployment fails when you enable the setting to expire the root password upon the first login

    If you attempt to deploy an appliance with enabled Expire Root Password Upon First Login setting, the deployment fails and the /opt/vmware/var/log/firstboot log file displays an error:

    [ERROR] postgresauth script failed to execute.

    Workaround: Disable the Expire Root Password Upon First Login setting and specify an initial root password that contains at least eight characters, one uppercase character, one lowercase character, one numeric digit, and one special character.

  • When a vApp User attempts to create a vApp from a template, this might result in Operation is denied message

    If your assigned user role is vApp User, when you attempt to create a vApp from a template and you customize the VM sizing policies for the virtual machines in the vApp, this results in Operation is denied message. This happens because the vApp User role allows you to instantiate vApps from templates, but it does not include rights that allow you to customize a virtual machine's memory, CPU or hard disk. By changing the sizing policy, you could be changing the virtual machine memory or CPU.

    Workaround: None.

  • NFS downtime can cause VMware Cloud Director appliance cluster functionalities to malfunction

    If the NFS is unavailable due to the NFS share being full, becoming read only, and so on, can cause appliance cluster functionalities to malfunction. HTML5 UI is unresponsive while the NFS is down or cannot be reached. Other functionalities that might be affected are the fencing out of a failed primary cell, switchover, promoting a standby cell, and so on. For more information about setting up correctly the NFS shared storage, see Preparing the Transfer Server Storage for the VMware Cloud Director Appliance.


    • Fix the NFS state so that it is not read-only.
    • Clean up the NFS share if it is full.

  • Trusting an endpoint while adding vCenter Server and NSX Resources in a multisite environment does not add the endpoint to the centralized certificate storage area

    In a multisite environment, while using the HTML5 UI, if you are logged in to a vCloud Director 10.0 site or trying to register a vCenter Server instance to a vCloud Director 10.0 site, VMware Cloud Director will not add the endpoint to the centralized certificate storage area. 


    • Import the certificate into the VMware Cloud Director 10.1 site by using the API.
    • To trigger the certificate management functionality, navigate to the SP Admin Portal of the VMware Cloud Director 10.1 site, go to the Edit dialog of the service, and click Save.

  • Trying to encrypt named disks in vCenter Server version 6.5 or earlier fails with an error

    For vCenter Server instances version 6.5 or earlier, if you try to associate new or existing named disks with an encryption enabled policy, the operation fails with a Named disk encryption is not supported in this version of vCenter Server. error.

    Workaround: None.

  • In a multisite mixed environment with VMware Cloud Director versions 10.0 and 10.1, trusting the certificates for vCenter Server and NSX connections works only for the objects from the local site

    If you have a multisite environment with VMware Cloud Director versions 10.0 and 10.1 associated with each other, when you log in to one of the sites, you cannot register vCenter Server or NSX Manager instances on the other site.

    Workaround: Log into the site in which you want to register the vCenter Server or NSX Manager instance and start the registration process.

  • In the VMware Cloud Director Tenant Portal, you cannot filter VMs  by data center from the advanced filtering option for virtual machines under the Applications tab

    In the VMware Cloud Director Tenant Portal, when you navigate to Virtual Machines under the Applications tab in the top navigation bar, filtering the virtual machines by data center from the advanced filtering option results in an error Bad request: Unknown property name vdcName.

    Workaround: From the top navigation bar, select Data Centers and select a data center to view the virtual machines in it.

  • Extension services cannot process RabbitMQ messages from VMware Cloud Director

    Extension services that rely on RabbitMQ cannot get the header notification.type from a message because the header has a new temporary name. The header name for VMware Cloud Director 10.1.0 is notification.operationType.

    Workaround: If your extension services process RabbitMQ messages from VMware Cloud Director and use the notification.type message header, you must change them. If the notification.type header is not available, extension services must get the value from the header notification.operationType. This change is needed only for version 10.1.0.

  • In the VMware Cloud Director Service Provider Admin Portal, deleting an organization virtual data center fails with an error

    In the VMware Cloud Director Service Provider Admin Portal, if you add an edge gateway to your organization VDC and enable the gateway to provide VMware Cloud Director Distributed Routing, trying to delete the organization VDC recursively fails with a Cannot delete organization VDC network error message.


    1. By using API, delete the organization VDC networks and the edge gateways associated with the organization VDC.
    2. By using API, delete the organization VDC.

  • If you disable the provider access to the legacy API login endpoint, all API integrations that rely on the system administrator login stop working, including vCloud Usage Meter and vCloud Availability for VMware Cloud Director

    Starting with vCloud Director 10.0, you can use separate VMware Cloud Director OpenAPI login endpoints for service provider and tenant access to VMware Cloud Director. If the service provider access to the legacy /api/sessions endpoint is disabled, it causes products that integrate with VMware Cloud Director, like vCloud Usage Meter and vCloud Availability for VMware Cloud Director, to stop working. These products will require a patch to continue to operate.

    The issue affects only system administrators. The tenant login is not affected.

    Workaround: Re-enable the service provider access to the legacy /api/sessions endpoint by using the cell management tool.

  • When you change the  reservation guarantee values of a VDC, the existing VMs are not updated accordingly even after a reboot

    If you have a flex organization VDC with the system default policy and powered-on virtual machines on that VDC are with the default sizing policy, when you increase the resource guarantee value of the VDC, the resource reservation for the existing VMs is not updated and they are also not marked as non-compliant. The issue occurs also when you convert a legacy VDC allocation model to a flex allocation model and the existing VMs become non-compliant with the new default policy of the flex organization VDC after the conversion.


    1. To find the VM identifier, in the VMware Cloud Director Tenant Portal, navigate to the Details page of the VM. The URL shows the identifier


    2. To display the non-compliant VMs in the VMware Cloud Director UI, perform an explicit compliance check against the VMs by using the VMware Cloud Director API.

      POST: https://VCD_IP_Address/api/vApp/vm-Identifier/action/checkComputePolicyCompliance

    3. To reapply the policy and reconfigure the resource reservations, in the VMware Cloud Director Tenant Portal, click Make VM Compliant for a non-compliant VM.

  • VMware Cloud Director displays incorrect information about running and total VMs and CPU and memory stats in dedicated vCenter Server instances

    If a dedicated vCenter Server is version 6.0 U3i or earlier, 6.5U2 or earlier, or 6.7U1 or earlier, VMware Cloud Director displays incorrect information about running VMs, total VMs, and CPU and memory statistical information in the vCenter Server instance. The dedicated vCenter Server tile in the Tenant Portal and the dedicated vCenter Server information in the Service Provider Admin Portal display zero for both running and total VMs, even when there are virtual machines in the vSphere environment.

    Workaround: Upgrade the vCenter Server instance to version 6.0 U3j, 6.5U3, 6.7U2 or later.

  • Changing the compute policy of a powered on VM might fail

    When trying to change the compute policy of a powered on VM, if the new compute policy is associated with a provider VDC compute policy that has VM Groups or Logical VM Groups, an error occurs. The error message contains: Underlying system error: com.vmware.vim.binding.vim.fault.VmHostAffinityRuleViolation.

    Workaround: Power off the VM, and retry the operation.

  • When using the VMware Cloud Director Service Provider Admin Portal with Firefox, you cannot load the tenant networking screens

    If you are using the VMware Cloud Director Service Provider Admin Portal with Firefox, the tenant networking screens, for example, the Manage Firewall screen for an organization virtual data center, might fail to load. This issue happens if your Firefox browser is configured to block Third-Party cookies.

    Workaround: Configure your Firefox browser to allow third-party cookies.

  • VMware Cloud Director 10.1 supports only a list of input parameters of vRealize Orchestrator workflows

    VMware Cloud Director 10.1 supports the following input parameters of vRealize Orchestrator workflows:

    • boolean
    • sdkObject
    • secureString
    • number
    • mimeAttachment
    • properties
    • date
    • composite
    • regex
    • encryptedString
    • array

    Workaround: None.

  • A fast-provisioned virtual machine created on a VMware vSphere Storage APIs Array Integration (VAAI) enabled NFS array, or vSphere Virtual Volumes (VVols) cannot be consolidated

    In-place consolidation of a fast provisioned virtual machine is not supported when a native snapshot is used. Native snapshots are always used by VAAI-enabled datastores, as well as by VVols. When a fast-provisioned virtual machine is deployed to one of these storage containers, that virtual machine cannot be consolidated.

    Workaround: Do not enable fast provisioning for an organization VDC that uses VAAI-enabled NFS or VVols. To consolidate a virtual machine with a snapshot on a VAAI or a VVol datastore, relocate the virtual machine to a different storage container.

check-circle-line exclamation-circle-line close-line
Scroll to top icon