RSS
 

VMware Cloud Foundation 3.10.1 | 08 SEP 2020 | Build 16808643

VMware Cloud Foundation 3.10.1.1 on Dell EMC VxRail | 20 OCT 2022 | Build 17010744

VMware Cloud Foundation 3.10.1.2 on Dell EMC VxRail | 24 NOV 2020 | Build 17206767

Check for additions and updates to these release notes.

What's New

The VMware Cloud Foundation (VCF) 3.10.1 on Dell EMC VxRail release includes the following:

  • BOM Updates: Updated Bill of Materials with new product versions.

VMware Cloud Foundation over Dell EMC VxRail Bill of Materials (BOM)

The VMware Cloud Foundation software product is comprised of the following software Bill-of-Materials (BOM). The components in the BOM are interoperable and compatible.

VMware Response to Apache Log4j Remote Code Execution Vulnerability: VMware Cloud Foundation is impacted by CVE-2021-44228, and CVE-2021-45046 as described in VMSA-2021-0028. To remediate these issues, see Workaround instructions to address CVE-2021-44228 & CVE-2021-45046 in VMware Cloud Foundation (KB 87095).

Software Component Version Date Build Number
Cloud Builder VM 3.10.1 08 SEP 2020 16808643
SDDC Manager 3.10.1 08 SEP 2020 16808643
VxRail Manager 4.7.515
VMware vCenter Server Appliance 6.7 Update 3j 20 AUG 2020 16708996
VMware NSX Data Center for vSphere 6.4.8 10 AUG 2019 16724220
VMware NSX-T Data Center 2.5.2.1 03 SEP 2020 16784095
VMware Enterprise PKS 1.7 02 APR 2020 16116522
VMware vRealize Suite Lifecycle Manager 2.1 Patch 2 04 MAY 2020 16154511
VMware vRealize Log Insight 4.8 11 APR 2019 13036238
vRealize Log Insight Content Pack for NSX for vSphere 3.9 n/a n/a
vRealize Log Insight Content Pack for Linux 2.0.1 n/a n/a
vRealize Log Insight Content Pack for vRealize Automation 7.5+ 1.0 n/a n/a
vRealize Log Insight Content Pack for vRealize Orchestrator 7.0.1+ 2.1 n/a n/a
vRealize Log insight Content Pack for NSX-T 3.8.2 n/a n/a
vSAN content pack for Log Insight 2.2 n/a n/a
vRealize Operations Manager 7.5 11 APR 2019 13165949
vRealize Automation 7.6 11 APR 2019 13027280
Horizon 7 7.10.0 17 SEP 2019 14584133

Note: 

  • VMware vSphere (ESXi) and VMware vSAN are part of the VxRail BOM.
  • vRealize Log Insight Content Packs are deployed during the workload domain creation.
  • VMware Solution Exchange and the vRealize Log Insight in-product marketplace store only the latest versions of the content packs for vRealize Log Insight. The software components table contains the latest versions of the packs that were available and automation at the time VMware Cloud Foundation released. When you deploy the VMware Cloud Foundation components, it is possible that the version of a content pack within the in-product marketplace for vRealize Log Insight is newer than the one used for this release.

Documentation

VMware Cloud Foundation 3.10.1.1 on Dell EMC VxRail Release Information

VMware Cloud Foundation 3.10.1.1 on Dell EMC VxRail includes bug and security fixes. You can upgrade to Cloud Foundation 3.10.1.1 on Dell EMC VxRail from a 3.10.1 deployment, or you can use the skip-level upgrade tool to upgrade to VMware Cloud Foundation 3.10.1.1 on Dell EMC VxRail from versions earlier than 3.10.1. For more information, see VMware Cloud Foundation on Dell EMC VxRail Admin Guide.

VMware Cloud Foundation 3.10.1.1 contains the following BOM updates:

Software Component Version Date Build Number
SDDC Manager 3.10.1.1 20 OCT 2020 17010744
VMware NSX-T Data Center 2.5.2.2 14 OCT 2020 17003648

Note: VMware vSphere (ESXi) and VMware vSAN are part of the VxRail BOM. For more information, see Dell EMC VxRail documentation.

Note: On November 2nd 2020, support for the VxRail Manager 4.7.520 bundle and corresponding skip-level upgrade tool was removed on advice from Dell EMC. Please contact Dell EMC Support for more details. If SDDC Manager is connected to the internet, you will get a bundle not found error related to this bundle. To fix the error, SSH to the SDDC Manager VM and execute the command python /opt/vmware/vcf/lcm/lcm-app/bin/bundle_cleanup.py DL100763_VxRail-4.7.520-Composite-Upgrade-Package-for-4.7.x.zip.

SDDC Manager 3.10.1.1 addresses the following:

SDDC Manager 3.10.1.1 contains security fixes for Photon OS packages PHSA-2020-3.0-0103 to PHSA-2020-3.0-0139 published here: https://github.com/vmware/photon/wiki/Security-Advisories-3

NSX-T Data Center 2.5.2.2 addresses the following issue:

VMware NSX-T contains a security vulnerability that exists in the way it allows a KVM host to download and install packages from NSX Manager. A malicious actor with MITM positioning may be able to exploit this issue to compromise the transport node. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned identifier CVE-2020-3992 to this issue. For more information, see VMware Security Advisory VMSA-2020-0023.

VMware Cloud Foundation 3.10.1.2 on Dell EMC VxRail Release Information

VMware Cloud Foundation 3.10.1.2 on Dell EMC VxRail includes bug and security fixes. You can upgrade to Cloud Foundation 3.10.1.2 on Dell EMC VxRail from a 3.10.1.1 deployment, or you can use the skip-level upgrade tool to upgrade to VMware Cloud Foundation 3.10.1.2 from versions earlier than 3.10.1.1.

VMware Cloud Foundation 3.10.1.2 contains the following BOM updates:

Software Component Version Date Build Number
SDDC Manager 3.10.1.2 24 NOV 2020 17206767
VxRail Manager 4.7.525 10 DEC 2020 n/a
VMware vCenter Server Appliance 6.7 U3l 19 NOV 2020 17138064

SDDC Manager 3.10.1.2 addresses the following issue:

SDDC Manager 3.10.1.2 contains security fixes for Photon OS packages PHSA-2020-3.0-0140 to PHSA-2020-3.0-0162 published here: https://github.com/vmware/photon/wiki/Security-Advisories-3.

After upgrading to SDDC Manager 3.10.1.2, the authentication mechanism for the Dell EMC depot changes from Basic Auth (V1 Auth) to NGSSO (V2 Auth). You must disconnect and reconnect to the Dell EMC depot to initialize this update. In the SDDC Manager UI, click Administration > Repository Settings and disconnect and then reconnect to the Dell EMC depot.

See the VMware vCenter Server 6.7 Update 3l Release Notes for information about the issues resolved in that release.

Note: VMware vSphere (ESXi) and VMware vSAN are part of the VxRail BOM. For more information, refer to Dell EMC VxRail documentation.

Known Issues

For VMware Cloud Foundation 3.10 known issues, see VMware Cloud Foundation 3.10 known issues.

VMware Cloud Foundation 3.10 on Dell EMC VxRail known issues and limitations appear below:

  • 3.10.1.2 skip-level upgrade tool requires ESXi bundles

    The skip-level upgrade tool for VMware Cloud Foundation 3.10.1.2 on Dell EMC VxRail requires bundle-30752 and bundle-32941, even though these ESXi bundles are not actually applied as part of the upgrade. VMware Cloud Foundation on Dell EMC VxRail uses ESXi bundles provided by VxRail Manager, but the skip-level upgrade tool will not work without bundle-30752 and bundle-32941.

    Workaround: No workaround required. Online skip-level upgrades download the required bundles when you use the sddcmanager-skip-level-upgrade.bat -d –u command. For offline skip-level upgrades, the required bundles are listed in the table of bundles to download.

  • VMware Cloud Foundation on Dell EMC VxRail bring-up fails with error Failed to apply default vSAN policy

    If bring-up fails when deploying the second Platform Services Controller (psc-2), retrying bring-up will fail with the error Failed to apply default vSAN policy. The cause is that the original deployment of psc-2 was not removed from the vCenter Server inventory.

    Workaround:

    1. Log in to the vCenter Server.
    2. Delete the psc-2 VM.
    3. Rename the psc-2 (1) VM to psc-2.
    4. Retry bring-up.

  • Bring-up fails with a password error

    Bring-up fails with the error password must contain only alphanumerics and special characters. The error is the result of different password requirements for VxRail and VMware Cloud Foundation.

    Workaround: Make sure that VxRail clusters use passwords that meet the Cloud Foundation requirements for the following users:

    • Default Single-Sign On Domain User (administrator@vsphere.local): 8-20 characters. At least 1 uppercase, 1 lowercase, 1 number, and 1 special character (@, !, #, $, %, ?, ^).
    • vCenter Server and Platform Services Controller Virtual Appliances root account: 8-12 characters. At least 1 uppercase, 1 lowercase, 1 number, and 1 special character (@, !, #, $, %, ?, ^).

  • Workload domain cannot be deployed on a fresh deployment of VMware Cloud Foundation on Dell EMC VxRail

    The VxRail version 4.7.410 included in the 3.10 BOM deploys a vCenter Server that is incompatible with VMware Cloud Foundation 3.10. vCenter Server must be upgraded before deploying a workload domain.

    Workaround:

    1. After bring-up, login to SDDC Manager and navigate to Administration > Repository Settings.
    2. Authenticate to the My VMware depot. 
    3. Wait for the bundles to show up under Bundle Management and download the vCenter/PSC upgrade bundle.
    4. Apply the vCenter bundle to the management domain. 
    5. Deploy a workload domain.

  • Deleting a cluster from an NSX-T workload domain fails

    If multiple clusters in the workload domain have similar names, deleting one of the clusters can fail with the error Can't find the TransportNodeProfile for the Cluster: <cluster name>.

    Workaround:

    1. Log in to the NSX Manager for the workload domain with admin privileges.
    2. Navigate to System > Fabric > Profiles > Transport Node Profiles > Edit.
    3. Record the names of all the transport node profiles.
    4. Rename the transport node profiles for all clusters with names similar o the cluster you want to delete.
    5. In the SDDC Manager Dashboard, delete the cluster.
    6. Log in to the NSX Manager and rename the transport node profiles back to their original names.

  • If you use the special character underscore (_) in the vCenter host name for the workload domain create operation, the vCenter deployment fails.

    The vCenter deployment fails with the "ERROR > Section 'new_vcsa', subsection 'network', property 'system_name' validation" error message.

    Workaround: None. This is an issue in the vCenter product installer where the installer pre-validation fails. You should create the workload domain by providing valid vCenter host names.

  • The VxRail vCenter Plugin UI options may disappear after the OpenSSL/Microsoft certificate replace operations of all the components or just VxRail Manager.

    The certificate replace operation involves changes in VxRail Manager and the vCenter VMs. Sometimes the vCenter plugin download might fail as the communication can happen with invalid thumbprint and the VxRail plugin UI option might disappear from vCenter. As a result, the user cannot invoke the add hosts and the remove hosts operations from vCenter.

    Workaround: Reload the plugin by opening the VxRail Manager page which redirects to vCenter and make sure the VxRail UI options are visible in the vCenter UI.

  • Duplicate node expansion tasks are generated in SDDC Manager

    If you select two hosts in the Add Host wizard, two tasks are generated and displayed in the task bar. The second task fails right away, but the first task adds both hosts.

    Workaround: None. Ignore the failed task since the functionality is not impacted.

  • Cluster and/or domain deletion fails when cluster names are not unique across shared NSX-T workload domains

    Cluster deletion fails when a cluster with the same name is present in another shared NSX-T workload domain. When two or more clusters have the same name, the associated NST-T workload domain cannot be deleted either.

    Workaround:

    1. Log in to the NSX-T Manager for the workload domain with admin privileges.
    2. Navigate to System > Fabric > Profiles > Nodes .
    3. For cluster deletion error, select select the corresponding vCenter Server in the Managed By dropdown.
    4. For workload domain deletion error, select None: Standalone Hosts in the Managed By dropdown.
    5. Select the hosts that belong to the cluster/domain you are deleting and click Delete.
    6. In the Delete Transport Node dialog box, click Uninstall NSX Components and then click Delete.
    7. After the deleted hosts are removed from the None: Standalone Hosts list, restart the delete operation.

  • Gateway timeout 504 error displayed during VxRail bundle upload

    VxRail bundle upload fails with the 504 Gateway Time-out error.

    Workaround:

    1. Open the /etc/nginx/nginx.conf file.
    2. Add the following entries after line 154.

      155 location /lcm/ {

      156 proxy_read_timeout 600;

      157 proxy_connect_timeout 600;

      159 proxy_pass http://127.0.0.1:7400;

      160 }

    3. Restart the nginx service:

      systemctl restart nginx

  • Cancelling an in-progress VxRail upgrade displays an error

    VxRail does not support cancellation of an in-progress upgrade though the UI provides this option.

    Workaround: None.

check-circle-line exclamation-circle-line close-line
Scroll to top icon