check-circle-line exclamation-circle-line close-line

vCloud Director 9.7.0.2 for Service Providers | 2 JUL 2019 | Build 14046945 (installed build 14029997)

Check for additions and updates to these release notes.

What's in the Release Notes

The release notes cover the following topics:

 

What's New

The vCloud Director 9.7.0.2 for Service Providers Express Patch Release | 2 JUL 2019 | Build 14046945 (installed build 14029997) provides bug fixes, updates the vCloud Director appliance base OS and the vCloud Director open-source components. The release resolves CVE-2019-11477 and CVE-2019-11478, for more information see https://www.vmware.com/security/advisories.

System Requirements and Installation

For more information about system requirements and installation instructions, see vCloud Director 9.7 for Service Providers Release Notes.

Documentation

To access the full set of product documentation, go to VMware vCloud Director for Service Providers Documentation.

Previous Releases of vCloud Director 9.7.x for Service Providers

vCloud Director 9.7 for Service Providers Release Notes

vCloud Director 9.7.0.1 for Service Providers Release Notes

 

Resolved Issues

  • The vCloud Director appliance management user interface Promote button and appliance console repmgr commands stop working

    This issue occurs when the postgres user password has expired on one or more vCloud Director appliances. As a result, the vCloud Director appliance management user interface Promote button fails to update the selected standby to become the new primary node in a database HA cluster. Some replication manager (repmgr) tool commands fail with errors such as: Nodes unreachable via SSH. Upon startup, the appliance OS console displays error messages, such as [FAILED] Failed to start User Manager

    Without the vCloud Director 9.7.0.2 fix, the postgres user password for 9.7 expired on May 25, 2019 and for 9.7.0.1, it expires on July 9, 2019.  With the fix, the postgres user password never expires.

  • During the database restore process, the reconfigure command fails with an error

    The create-db-backup script does not include the new etc/truststore file.  As a result, during the database restore process, the reconfigure command fails with a keystore error: Could not read or write the configuration file: Keystore was tampered with, or password was incorrect.

  • Cell startup fails intermittently

    An intermittent race condition in the cell causes startup failure with the following error message in the cell-runtime.log file:

    com.vmware.cell.heartbeat.NonFatalHeartbeatException: org.hibernate.NonUniqueResultException: query did not return a unique result

  • vCloud Director cells stop working because the PostgreSQL data directory runs out of space

    This issue occurs because the activity tables are not auto-vacuumed correctly and run out of space.

  • Merging two provider VDCs fails with a VXLAN network pool error

    When you merge two provider VDCs, the transport zones merge successfully in NSX, but in the VXLAN network pool fails with the following error message: Error Merging VXLAN network pools.

    The issue is resolved in NSX 6.3.x.

    If you configured vCloud Director with NSX 6.4.x, you must use the repair VXLAN network pool option to resolve the issue.

  • Unable to attach resource pools to an NSX-T backed provider VDC

    When you add resource pools to an existing provider VDC with NSX-T Manager backed networking, the operation fails with an error message similar to:

    java.lang.NullPointerException: uri
    at com.vmware.vcloud.common.model.BaseObjectId.from(BaseObjectId.java:227)
    at com.vmware.vcloud.fabric.net.dao.impl.AbstractNetworkEntityDao.getHandleModel(AbstractNetworkEntityDao.java:77))

  •  The federation metadata spring_saml_metadata.xml generates with a deprecated certificate SHA-1

    The federation metadata spring_saml_metadata.xml generates with the deprecated Secure Hash Algorithm 1 (SHA-1) instead of SHA-256.

  • After a migration from Oracle to a PostgreSQL database, the power on VMs operation fails intermittently

    After a migration from an Oracle database to a PostgreSQL database, powering on VMs fails intermittently due to an internal server error org.hibernate.StaleObjectStateException.

Known Issues

  • New When you associate two vCloud Director appliance sites, pre-existing objects are not visible across the sites

    If you make a site association and your sites have pre-existing objects like organizations, organization VDCs, vApps, VMs, you cannot see the pre-existing objects across sites. The HTML 5 UI displays an Internal server error message. The issue occurs during multisite fanout communication because the /etc/hosts file of the vCloud Director appliance does not have correct contents.

    Workaround: None

  • New During vCloud Director Appliance deployment, attempting to set a static route via the provided OVF parameters fails

    During vCloud Director Appliance deployment, attempting to set a static route via the provided OVF parameters fails. Error messages related to inaccessible system directories appear in the vcd-ova-netconfig log file.
    # cat /opt/vmware/var/log/vcd/networkconfig.log
    find: './proc/852': No such file or directory
    find: './proc/853': No such file or directory
    find: './proc/854': No such file or directory

    Workaround: Contact VMware Global Support Services (GSS) for assistance with the workaround for this issue.

  • Migration of a Microsoft SQL database to an external PostgreSQL database fails

    When migrating a Microsoft SQL database to an external PostgreSQL database, executing the dbmigrate subcommand of the cell management tool results in errors such as: 

    ...Unable to retrieve entities from table [activity_partition_0] from the source database.
    ...Unable to retrieve entities from table [activity_partition_31] from the source database.
    ...Unable to retrieve entities from table [activity_partition_10] from the source database.

    Workaround: Migrate the Microsoft SQL database to PostgreSQL using vCloud Director 9.7.0.1, and then upgrade to vCloud Director 9.7.0.2.

  • Updating the properties of a shared direct organization VDC network in the tenant portal H5 UI causes it to be unshared if not in use by a VM or vApp, or causes it to fail, if in use by a VM or vApp.

    When trying to update the name or description of a shared direct organization VDC network on the tenant portal H5 UI, if the network is shared and not in use, it becomes unavailable to other VDCs in the organization. If the network is in use, it fails with an error message saying that the network is in use. This is because the UI is not sending the shared flag and triggers an unsharing operation.

    Workaround: Update properties of a direct organization VDC network through the Flex UI.

  • Existing organization VDC networks that are operational are showing non-operational status in the vCloud Director tenant portal.

    If you upgrade to vCloud Director 9.7.0.2 and you have organization VDC networks that you have not modified in the last month, the networks show a red operational status instead of green.

    Workaround:

    • Isolated and routed organization VDC networks: Update the description in the UI or perform an operation on it every month. 
    • Direct networks: Update the description through the flex UI every month.
  • Promoting a standby cell to become a primary cell in a high availability cluster might result in an Nginx error screen

    If a primary or a standby cell is offline at the moment when you attempt to promote a standby cell to become the new primary cell using the appliance management user interface, this might result in the following error message in your browser:  "An error occurred. Sorry, the page you are looking for is currently unavailable. Please try again later. If you are the system administrator of this resource then you should check the error log for details. Faithfully yours, nginx."

    Workaround: Refresh your browser.

  • Cannot configure the system to use a SAML identity provider by using the vCloud Director Service Provider Admin Portal

    After you configure your system to use a SAML identity provider by using the vCloud Director Service Provider Admin Portal, you cannot log in again to the vCloud Director Service Provider Admin Portal.

    Workaround: Configure your system to use a SAML identity provider by using the vCloud Director Web Console.

  • Cannot access an SDDC proxy if vCloud Director uses legacy self signed certificates

    After the upgrade to vCloud Director 9.7, connecting to an SDDC proxy might fail with the error message: verify error:num=20:unable to get local issuer certificate. This issue happens if you generated the self signed certificates by using the cell management tool in vCloud Director 9.5 or earlier.

    Workaround: After the upgrade to vCloud Director 9.7, regenerate and update the self signed certificates.

  • After the upgrade to vCloud Director 9.7 (vCloud API v.32.0), custom links that you added by using branding OpenAPI calls are removed

    In vCloud API v.32.0, type UiBrandingLink that is used for custom links is replaced by type UiBrandingMenuItem. These types have different elements. This change is backward incompatible. As a result, API calls from versions 31.0 or earlier that attempt to process or set customLinks within a UiBranding object fail.

    Workaround: Update your API calls to the new data type.

  • Changing the compute policy of a powered on VM might fail

    When trying to change the compute policy of a powered on VM, if the new compute policy is associated with a provider VDC compute policy that has VM Groups or Logical VM Groups, an error occurs. The error message contains: Underlying system error: com.vmware.vim.binding.vim.fault.VmHostAffinityRuleViolation.

    Workaround: Power off the VM, and retry the operation.

  • When using the vCloud Director Service Provider Admin Portal with Firefox, you cannot load the tenant networking screens

    If you are using the vCloud Director Service Provider Admin Portal with Firefox, the tenant networking screens, for example, the Manage Firewall screen for an organization virtual data center, might fail to load. This issue happens if your Firefox browser is configured to block Third-Party cookies.

    Workaround: Configure your Firefox browser to allow third-party cookies.

  • vCloud Director 9.7 supports only a list of input parameters of vRealize Orchestrator workflows

    vCloud Director 9.7 supports the following input parameters of vRealize Orchestrator workflows:

    • boolean
    • sdkObject
    • secureString
    • number
    • mimeAttachment
    • properties
    • date
    • composite
    • regex
    • encryptedString
    • array

    Workaround: None

  • A fast-provisioned virtual machine created on a VMware vSphere Storage APIs Array Integration (VAAI) enabled NFS array, or vSphere Virtual Volumes (VVols) cannot be consolidated

    In-place consolidation of a fast provisioned virtual machine is not supported when a native snapshot is used. Native snapshots are always used by VAAI-enabled datastores, as well as by VVols. When a fast-provisioned virtual machine is deployed to one of these storage containers, that virtual machine cannot be consolidated .

    Workaround: Do not enable fast provisioning for an organization VDC that uses VAAI-enabled NFS or VVols. To consolidate a virtual machine with a snapshot on a VAAI or a VVol datastore, relocate the virtual machine to a different storage container.