VMware Cloud Foundation 4.2.1 on Dell EMC VxRail Release Notes

VMware Cloud Foundation 4.2.1 | 25 MAY 2021 | Build 18016307

Check for additions and updates to these release notes.

What's New

The VMware Cloud Foundation (VCF) 4.2.1 on Dell EMC VxRail release includes the following:

Security fixes for Photon OS: SDDC Manager 4.2.1 contains security updates for Photon OS packages from PHSA-2021-3.0-185 to PHSA-2021-3.0-209. To view information about the updates, see Photon OS release 3.0 advisories.
Security fixes for VMware vCenter Server Appliance: See VMSA-2021-0010.
Security fix for the credential logging vulnerability as described in VMSA-2022-0003. See KB 87050 for more information.
BOM Updates: Updated Bill of Materials with new product versions.

VMware Cloud Foundation over Dell EMC VxRail Bill of Materials (BOM)

The VMware Cloud Foundation software product is comprised of the following software Bill-of-Materials (BOM). The components in the BOM are interoperable and compatible.

VMware Response to Apache Log4j Remote Code Execution Vulnerability: VMware Cloud Foundation is impacted by CVE-2021-44228, and CVE-2021-45046 as described in VMSA-2021-0028. To remediate these issues, see Workaround instructions to address CVE-2021-44228 & CVE-2021-45046 in VMware Cloud Foundation (KB 87095).

Software Component	Version	Date	Build Number
Cloud Builder VM	4.2.1	25 MAY 2021	18016307
SDDC Manager	4.2.1	25 MAY 2021	18016307
VxRail Manager	7.0.131	23 FEB 2021	n/a
VMware vCenter Server Appliance	7.0.1.00301	25 MAY 2021	17956102
VMware NSX-T Data Center	3.1.2	17 APR 2021	17883596
VMware vRealize Suite Lifecycle Manager	8.2 Patch 2	04 FEB 2021	17513665
Workspace ONE Access	3.3.4	04 FEB 2021	17498518
vRealize Automation	8.2	06 OCT 2020	16980951
vRealize Log Insight	8.2	06 OCT 2020	16957702
vRealize Log Insight Content Pack for NSX-T	3.9.2	n/a	n/a
vRealize Log Insight Content Pack for Linux	2.1	n/a	n/a
vRealize Log Insight Content Pack for Linux - Systemd	1.0	n/a	n/a
vRealize Log Insight Content Pack for vRealize Suite Lifecycle Manager 8.0.1+	1.0.2	n/a	n/a
vRealize Log Insight Content Pack for VMware Identity Manager	2.0	n/a	n/a
vRealize Operations Manager	8.2	06 OCT 2020	16949153
vRealize Operations Management Pack for VMware Identity Manager	1.1	n/a	n/a

VMware ESXi and VMware vSAN are part of the VxRail BOM.
You can use vRealize Suite Lifecycle Manager to deploy vRealize Automation, vRealize Operations Manager, and vRealize Log Insight using the VMware Validated Design 6.2 documentation.
vRealize Log Insight content packs are installed when you deploy vRealize Log Insight.
The vRealize Operations Manager management pack is installed when you deploy vRealize Operations Manager.
VMware Solution Exchange and the vRealize Log Insight in-product marketplace store only the latest versions of the content packs for vRealize Log Insight. The Bill of Materials table contains the latest versions of the packs that were available at the time VMware Cloud Foundation is released. When you deploy the Cloud Foundation components, it is possible that the version of a content pack within the in-product marketplace for vRealize Log Insight is newer than the one used for this release.

Documentation

The following documentation is available:

VMware Cloud Foundation on Dell EMC VxRail Admin Guide

VMware Cloud Foundation 4.2.1 Release Notes

Support Matrix of VMware Cloud Foundation on Dell EMC VxRail

Limitations

The following limitations apply to this release:

vSphere Lifecycle Manager (vLCM) is not supported on VMware Cloud Foundation on Dell EMC VxRail.
Customer-supplied vSphere Distributed Switch (vDS) is a new feature supported by VxRail Manager 7.0.010 that allows customers to create their own vDS and provide it as an input to be utilized by the clusters they build using VxRail Manager. VMware Cloud Foundation on Dell EMC VxRail does not support clusters that utilize a customer-supplied vDS.
VMware Cloud Foundation on Dell EMC VxRail does not support ESXi lockdown mode.

Installation and Upgrade Information

When you deploy the management domain, VxRail Manager 7.0.131 deploys vCenter Server 7.0 Update 1c (build 17327517). However, the VMware Cloud Foundation 4.2.1 BOM requires vCenter Server 7.0.1.00301 (build 17956102). Until you upgrade vCenter Server, you will not be able to deploy a VI workload domain. To upgrade vCenter Server, download and apply the upgrade bundle. See Download VMware Cloud Foundation on Dell EMC VxRail Bundles.

You can upgrade to VMware Cloud Foundation 4.2.1 on Dell EMC VxRail from VMware Cloud Foundation 4.2, 4.1.0.1, or 4.1.

Known Issues

For VMware Cloud Foundation 4.2.1 known issues, see VMware Cloud Foundation 4.2.1 Known Issues.

VMware Cloud Foundation 4.2.1 on Dell EMC VxRail known issues and limitations appear below:

VxRail Manager upgrade fails withMax instances of VxRail_System_Upgrade operation reached

When upgrading VxRail Manager from SDDC Manager, the upgrade fails. The lcm logs (/var/log/vmware/vcf/lcm) show the error LcmConflictException: Max instances of VxRail_System_Upgrade operation reached. Please try again later.

Workaround: Follow the steps in the Dell EMC KB and retry the upgrade from SDDC Manager.
VxRail upgrade task in SDDC Manager displays incorrect status

The VxRail upgrade task status in SDDC Manager is displayed as running even after the upgrade is complete or failed.
Workaround: Restart the LCM service:
1. Take a snapshot of the SDDC Manager VM from the vSphere Web Client.
2. Using SSH, log in to the SDDC Manager VM with the following credentials:
  User name: vcf
  
  Password: use the password specified in the deployment parameter workbook.
3. Enter su to switch to the root user.
4. Run the following command:
  systemctl restart lcm
  
  Task status is synchronized after approximately 10 minutes.
Adding a VxRail cluster to a VI workload domain fails

If the default cluster in the management domain is stretched, then adding a VxRail cluster to a VI workload domain may fail at the step Deploy NSX-T Data Center Manager(s).

Workaround: In the vSphere Client create a folder under the management domain data center and move the vSAN witness host VM into that folder.
Host with upper case letters in its name fails to be added to SDDC Manager

Hosts with upper case letters in their names can be added successfully to a VxRail cluster, but cannot be added to SDDC Manager.

Workaround: Rename the host name to contain only lower case letters and then re-try the add host workflow.
vSphere Cluster Services (vCLS) VMs are moved to remote storage after a VxRail cluster with HCI Mesh storage is imported to VMware Cloud Foundation

When you configure HCI Mesh storage on a VxRail cluster and then import it to VMware Cloud Foundation, vCLS VMs are moved to the remote storage instead of being placed on the cluster's primary storage. This can result in errors when you unmount the remote storage for the cluster.
Workaround:
1. Login to vCenter UI.
2. Retrieve the cluster MorfId.
  In the Hosts and Clusters tab, click the Cluster entity and check the URL.
  
  For example:
  
  https://dr26avc-1.rainpole.local/ui/app/cluster;nav=h/urn:vmomi:ClusterComputeResource:domain-c10:373acc41-be7e-4f12-855d-094e5f135a67/configure/plugin/com.vmware.vsphere.client.h5vsan/com.vmware.vsan.client.h5vsanui.cluster.configure.vsan.csd
  
  The cluster morfId for this URL is 'domain-c10'.
3. Click the vCenter entity.
4. Navigate to Configure -> Advanced Setting.
  Be default, vCLS property set to true:
  
  "config.vcls.clusters..enabled"
5. Deactivate vCLS on the cluster.
  Click Edit Settings, set the flag to 'false', and click Save.
6. Wait 2 minutes for the vCLS VMs to be deleted.
7. Unmount the remote storage.
8. Repeat steps 3 and 4.
9. Enable vCLS on the cluster.
  Click Edit Settings, set the flag to 'true', and click Save.
10. Wait 2-3 minutes for the vCLS VMs to be deployed.
  Three vCLS VMs are displayed in the VMs and Templates tab.
vVols is not a supported storage option

Although VMware Cloud Foundation on Dell EMC VxRail does not support vVols, storage settings options related to vVols appear in the SDDC Manager UI. Do not use Administration > Storage Settings to add a VASA provider.

Workaround: See KB 81321 for information about how to remove the Storage Settings from the SDDC Manager UI.
The API does not support adding a host to a cluster with dead hosts or removing dead hosts from a cluster
The following flags appear in the API Reference Guide and API Explorer, but are not supported with VMware Cloud Foundation on Dell EMC VxRail.
- forceHostAdditionInPresenceofDeadHosts: Use to add host to a cluster with dead hosts. Bypasses validation of disconnected hosts and vSAN cluster health.
- forceByPassingSafeMinSize: Remove dead hosts from cluster, bypassing validations.
Workaround: None.
Adding a VxRail cluster with hosts spanning multiple racks to a workload domain fails

If you add hosts that span racks (use different VLANs for management, vSAN, and vMotion) to a VxRail cluster after you perform the VxRail first run, but before you add the VxRail cluster to a workload domain in SDDC Manager, the task fails.
Workaround:
1. Create a VxRail cluster containing hosts from a single rack and perform the VxRail first run.
2. Add the VxRail cluster to a workload domain in SDDC Manager.
3. Add hosts from another rack to the VxRail cluster in the vCenter Server for VxRail.
4. Add the VxRail hosts to the VxRail cluster in SDDC Manager.