vCloud Director 220.127.116.11 for Service Providers | 2 JUL 2019 | Build 14046945 (installed build 14029997)
Check for additions and updates to these release notes.
What's in the Release NotesThe release notes cover the following topics:
- What's New
- System Requirements and Installation
- Previous Releases of vCloud Director 9.7.x for Service Providers
- Resolved Issues
- Known Issues
The vCloud Director 18.104.22.168 for Service Providers Express Patch Release | 2 JUL 2019 | Build 14046945 (installed build 14029997) provides bug fixes, updates the vCloud Director appliance base OS and the vCloud Director open-source components. The release resolves CVE-2019-11477 and CVE-2019-11478, for more information see https://www.vmware.com/security/advisories.
For more information about system requirements and installation instructions, see vCloud Director 9.7 for Service Providers Release Notes.
To access the full set of product documentation, go to VMware vCloud Director for Service Providers Documentation.
- The vCloud Director appliance management user interface Promote button and appliance console repmgr commands stop working
This issue occurs when the
postgresuser password has expired on one or more vCloud Director appliances. As a result, the vCloud Director appliance management user interface
Promotebutton fails to update the selected standby to become the new primary node in a database HA cluster. Some replication manager (repmgr) tool commands fail with errors such as:
Nodes unreachable via SSH. Upon startup, the appliance OS console displays error messages, such as
[FAILED] Failed to start User Manager.
Without the vCloud Director 22.214.171.124 fix, the
postgresuser password for 9.7 expired on May 25, 2019 and for 126.96.36.199, it expires on July 9, 2019. With the fix, the
postgresuser password never expires.
- During the database restore process, the reconfigure command fails with an error
create-db-backupscript does not include the new etc/truststore file. As a result, during the database restore process, the reconfigure command fails with a keystore error:
Could not read or write the configuration file: Keystore was tampered with, or password was incorrect.
- Cell startup fails intermittently
An intermittent race condition in the cell causes startup failure with the following error message in the
com.vmware.cell.heartbeat.NonFatalHeartbeatException: org.hibernate.NonUniqueResultException: query did not return a unique result
- vCloud Director cells stop working because the PostgreSQL data directory runs out of space
This issue occurs because the activity tables are not auto-vacuumed correctly and run out of space.
- Merging two provider VDCs fails with a VXLAN network pool error
When you merge two provider VDCs, the transport zones merge successfully in NSX, but in the VXLAN network pool fails with the following error message:
Error Merging VXLAN network pools.
The issue is resolved in NSX 6.3.x.
If you configured vCloud Director with NSX 6.4.x, you must use the repair VXLAN network pool option to resolve the issue.
- Unable to attach resource pools to an NSX-T backed provider VDC
When you add resource pools to an existing provider VDC with NSX-T Manager backed networking, the operation fails with an error message similar to:
- The federation metadata spring_saml_metadata.xml generates with a deprecated certificate SHA-1
The federation metadata
spring_saml_metadata.xmlgenerates with the deprecated Secure Hash Algorithm 1 (SHA-1) instead of SHA-256.
- After a migration from Oracle to a PostgreSQL database, the power on VMs operation fails intermittently
After a migration from an Oracle database to a PostgreSQL database, powering on VMs fails intermittently due to an internal server error
- New When you associate two vCloud Director appliance sites, pre-existing objects are not visible across the sites
If you make a site association and your sites have pre-existing objects like organizations, organization VDCs, vApps, VMs, you cannot see the pre-existing objects across sites. The HTML 5 UI displays an Internal server error message. The issue occurs during multisite fanout communication because the
/etc/hostsfile of the vCloud Director appliance does not have correct contents.
- New During vCloud Director Appliance deployment, attempting to set a static route via the provided OVF parameters fails
During vCloud Director Appliance deployment, attempting to set a static route via the provided OVF parameters fails. Error messages related to inaccessible system directories appear in the
# cat /opt/vmware/var/log/vcd/networkconfig.log
find: './proc/852': No such file or directory
find: './proc/853': No such file or directory
find: './proc/854': No such file or directory
Workaround: Contact VMware Global Support Services (GSS) for assistance with the workaround for this issue.
- Migration of a Microsoft SQL database to an external PostgreSQL database fails
When migrating a Microsoft SQL database to an external PostgreSQL database, executing the
dbmigratesubcommand of the cell management tool results in errors such as:
...Unable to retrieve entities from table [activity_partition_0] from the source database.
...Unable to retrieve entities from table [activity_partition_31] from the source database.
...Unable to retrieve entities from table [activity_partition_10] from the source database.
Workaround: Migrate the Microsoft SQL database to PostgreSQL using vCloud Director 188.8.131.52, and then upgrade to vCloud Director 184.108.40.206.
- Updating the properties of a shared direct organization VDC network in the tenant portal H5 UI causes it to be unshared if not in use by a VM or vApp, or causes it to fail, if in use by a VM or vApp.
When trying to update the name or description of a shared direct organization VDC network on the tenant portal H5 UI, if the network is shared and not in use, it becomes unavailable to other VDCs in the organization. If the network is in use, it fails with an error message saying that the network is in use. This is because the UI is not sending the shared flag and triggers an unsharing operation.
Workaround: Update properties of a direct organization VDC network through the Flex UI.
- Existing organization VDC networks that are operational are showing non-operational status in the vCloud Director tenant portal.
If you upgrade to vCloud Director 220.127.116.11 and you have organization VDC networks that you have not modified in the last month, the networks show a red operational status instead of green.
- Isolated and routed organization VDC networks: Update the description in the UI or perform an operation on it every month.
- Direct networks: Update the description through the flex UI every month.
- Promoting a standby cell to become a primary cell in a high availability cluster might result in an Nginx error screen
If a primary or a standby cell is offline at the moment when you attempt to promote a standby cell to become the new primary cell using the appliance management user interface, this might result in the following error message in your browser:
"An error occurred. Sorry, the page you are looking for is currently unavailable. Please try again later. If you are the system administrator of this resource then you should check the error log for details. Faithfully yours, nginx."
Workaround: Refresh your browser.
- Cannot configure the system to use a SAML identity provider by using the vCloud Director Service Provider Admin Portal
After you configure your system to use a SAML identity provider by using the vCloud Director Service Provider Admin Portal, you cannot log in again to the vCloud Director Service Provider Admin Portal.
Workaround: Configure your system to use a SAML identity provider by using the vCloud Director Web Console.
- Cannot access an SDDC proxy if vCloud Director uses legacy self signed certificates
After the upgrade to vCloud Director 9.7, connecting to an SDDC proxy might fail with the error message:
verify error:num=20:unable to get local issuer certificate. This issue happens if you generated the self signed certificates by using the cell management tool in vCloud Director 9.5 or earlier.
Workaround: After the upgrade to vCloud Director 9.7, regenerate and update the self signed certificates.
- After the upgrade to vCloud Director 9.7 (vCloud API v.32.0), custom links that you added by using branding OpenAPI calls are removed
In vCloud API v.32.0, type
UiBrandingLinkthat is used for custom links is replaced by type
UiBrandingMenuItem. These types have different elements. This change is backward incompatible. As a result, API calls from versions 31.0 or earlier that attempt to process or set
Workaround: Update your API calls to the new data type.
- Changing the compute policy of a powered on VM might fail
When trying to change the compute policy of a powered on VM, if the new compute policy is associated with a provider VDC compute policy that has VM Groups or Logical VM Groups, an error occurs. The error message contains:
Underlying system error: com.vmware.vim.binding.vim.fault.VmHostAffinityRuleViolation.
Workaround: Power off the VM, and retry the operation.
- When using the vCloud Director Service Provider Admin Portal with Firefox, you cannot load the tenant networking screens
If you are using the vCloud Director Service Provider Admin Portal with Firefox, the tenant networking screens, for example, the Manage Firewall screen for an organization virtual data center, might fail to load. This issue happens if your Firefox browser is configured to block Third-Party cookies.
Workaround: Configure your Firefox browser to allow third-party cookies.
- vCloud Director 9.7 supports only a list of input parameters of vRealize Orchestrator workflows
vCloud Director 9.7 supports the following input parameters of vRealize Orchestrator workflows:
- A fast-provisioned virtual machine created on a VMware vSphere Storage APIs Array Integration (VAAI) enabled NFS array, or vSphere Virtual Volumes (VVols) cannot be consolidated
In-place consolidation of a fast provisioned virtual machine is not supported when a native snapshot is used. Native snapshots are always used by VAAI-enabled datastores, as well as by VVols. When a fast-provisioned virtual machine is deployed to one of these storage containers, that virtual machine cannot be consolidated .
Workaround: Do not enable fast provisioning for an organization VDC that uses VAAI-enabled NFS or VVols. To consolidate a virtual machine with a snapshot on a VAAI or a VVol datastore, relocate the virtual machine to a different storage container.