VMware Cloud Foundation 4.3 | 24 AUG 2021 | Build 18433963

Check for additions and updates to these release notes.

What's New

The VMware Cloud Foundation (VCF) 4.3 on Dell EMC VxRail release includes the following:

  • Workflow improvements for better VxRail integration: API support for streamlining day-N operations, by allowing VMware Cloud Foundation to work with VxRail Manager to orchestrate common workflows, including creating a workload domain and adding a vSphere cluster to a workload domain. This API support facilitates a single pane of glass experience for these workflows.
  • Support for two system vSphere Distributed Switches: The ability to separate system traffic across two vSphere Distributed Switches allows you to segregate management traffic from other traffic (vMotion, vSAN, VM traffic) to meet security and bandwidth requirements.
  • Flexibility in Application Virtual Networks (AVN):  Application Virtual Networks (AVN)s, which include the NSX Edge Cluster and NSX network segments, are no longer deployed and configured during bring-up. Instead they are implemented as a Day-N operations in SDDC Manager, providing greater flexibility.
  • FIPS Support: You can enable FIPS mode during bring-up, which will enable it on all the VMware Cloud Foundation components that support FIPS.
  • Scheduled Automatic Password Rotations: In addition to the on-demand password rotation capability, it is now possible to schedule automatic password rotations for accounts managed through SDDC Manager (excluding ESXi accounts). Automatic password rotation is enabled by default for service accounts.  
  • SAN in Certificate Signing Requests (CSR) : You can now add a Subject Alternative Name (SAN) when you generate a Certificate Signing Request (CSR) in SDDC Manager.
  • Improvements for vSphere Lifecycle Manager images:  For workload domains that use vSphere Lifecycle Manager images, this release includes several improvements. These include: prechecks to proactively identify issues that may affect upgrade operations; enabling concurrent upgrades for NSX-T Data Center components; and enabling provisioning and upgrade of Workload Management. 
  • Add vSphere Clusters in Parallel: You can add up to 7 vSphere clusters to a workload domain in parallel, improving the performance and speed of the workflow.
  • Add and Remove NSX Edge Nodes in NSX Edge Clusters: For NSX Edge clusters deployed through SDDC Manager or the VMware Cloud Foundation API, you can expand and shrink NSX Edge clusters by adding or removing NSX Edge nodes from the cluster.
  • Guidance for Day-N operations in NSX Federated VCF environments: You can federate NSX-T Data Center environments across VMware Cloud Foundation instances. You can manage federated NSX-T Data Center environments with a single pane of glass, create gateways and segments that span VMware Cloud Foundation instances, and configure and enforce firewall rules consistently across instances. Guidance is also provided for password rotation, certificate management, backup and restore, and lifecycle management for federated environments.
  • Backup Enhancements: You can now configure an SDDC Manager backup schedule and retention policy from the SDDC Manager UI.
  • Capacity Planner tool: Administrators can use the VCF Capacity Planner online tool to model and generate a Software Defined Data Center build of materials. This interactive tool generates detailed guidance of hyper-converged server, storage, network, and cloud software SKUs required to successfully deploy an on-premises cloud.
  • Private APIs: Access to private APIs that use basic authentication is deprecated in this release. You must switch to using public APIs.
  • BOM updates: Updated Bill of Materials with new product versions.

VMware Cloud Foundation over Dell EMC VxRail Bill of Materials (BOM)

The Cloud Foundation software product is comprised of the following software Bill-of-Materials (BOM). The components in the BOM are interoperable and compatible.

VMware Response to Apache Log4j Remote Code Execution Vulnerability: VMware Cloud Foundation is impacted by CVE-2021-44228, and CVE-2021-45046 as described in VMSA-2021-0028. To remediate these issues, see Workaround instructions to address CVE-2021-44228 & CVE-2021-45046 in VMware Cloud Foundation (KB 87095).

Software Component Version Date Build Number
Cloud Builder VM 4.3 24 AUG 2021 18433963
SDDC Manager 4.3 24 AUG 2021 18433963
VxRail Manager 7.0.202 15 JUN 2021 n/a
VMware vCenter Server Appliance 7.0 Update 2c 24 AUG 2021 18356314
VMware NSX-T Data Center 3.1.3 22 JUL 2021 18328989
VMware vRealize Suite Lifecycle Manager 8.4.1 15 MAY 2021 18067607
Workspace ONE Access 3.3.5 20 MAY 2021 18049997
vRealize Automation 8.4.1 27 MAY 2021 18054500
vRealize Log Insight 8.4 15 APR 2021 17828109
vRealize Log Insight Content Pack for NSX-T 4.0.2 n/a n/a
vRealize Log Insight Content Pack for vRealize Automation 8.3+ 1.0 n/a n/a
vRealize Log Insight Content Pack for Linux 2.1.0 n/a n/a
vRealize Log Insight Content Pack for Linux - Systemd 1.0.0 n/a n/a
vRealize Log Insight Content Pack for vRealize Suite Lifecycle Manager 8.0.1+ 1.0.2 n/a n/a
vRealize Log Insight Content Pack for VMware Identity Manager 2.0 n/a n/a
vRealize Operations Manager 8.4 15 APR 2021 17863947
vRealize Operations Management Pack for VMware Identity Manager 1.3 n/a n/a
  • VMware ESXi and VMware vSAN are part of the VxRail BOM.
  • You can use vRealize Suite Lifecycle Manager to deploy vRealize Automation, vRealize Operations Manager, vRealize Log Insight, and Workspace ONE Access.
  • vRealize Log Insight content packs are installed when you deploy vRealize Log Insight.
  • The vRealize Operations Manager management pack is installed when you deploy vRealize Operations Manager.
  • VMware Solution Exchange and the vRealize Log Insight in-product marketplace store only the latest versions of the content packs for vRealize Log Insight. The Bill of Materials table contains the latest versions of the packs that were available at the time VMware Cloud Foundation is released. When you deploy the Cloud Foundation components, it is possible that the version of a content pack within the in-product marketplace for vRealize Log Insight is newer than the one used for this release.

Documentation

Limitations

The following limitations apply to this release:

  • vSphere Lifecycle Manager (vLCM) is not supported on VMware Cloud Foundation on Dell EMC VxRail.
  • Customer-supplied vSphere Distributed Switch (vDS) is a new feature supported by VxRail Manager 7.0.010 that allows customers to create their own vDS and provide it as an input to be utilized by the clusters they build using VxRail Manager. VMware Cloud Foundation on Dell EMC VxRail does not support clusters that utilize a customer-supplied vDS.
  • VMware Cloud Foundation on Dell EMC VxRail does not support ESXi lockdown mode.

Upgrade Information

When you deploy the management domain, VxRail Manager 7.0.202 deploys vCenter Server 7.0 Update 2b (build 17958471). However, the VMware Cloud Foundation 4.3 BOM requires vCenter Server 7.0 Update 2c (build 18356314). Until you upgrade vCenter Server, you will not be able to deploy a VI workload domain. To upgrade vCenter Server, download and apply the upgrade bundle. See Download VMware Cloud Foundation on Dell EMC VxRail Bundles.

You can perform a sequential or skip level upgrade to VMware Cloud Foundation 4.3 on Dell EMC VxRail from VMware Cloud Foundation 4.2.1, 4.2, 4.1.0.1, or 4.1. If your environment is at a version earlier than 4.1, you must upgrade the management domain and all VI workload domains to VMware Cloud Foundation 4.1 and then upgrade to VMware Cloud Foundation 4.3.

IMPORTANT: Before you upgrade a vCenter Server, take a file-based backup. See Manually Back Up vCenter Server.

Resolved Issues

The following issues have been resolved:

  • A host with upper case letters in its name fails to be added to SDDC Manager
  • Upgrading VMware Cloud Foundation on Dell EMC VxRail fails for an AVN VxRail environment with a single vSphere Distributed Switch

Known Issues

For VMware Cloud Foundation 4.3 known issues, see VMware Cloud Foundation 4.3 known issues. Some of the known issues may be for features that are not available on VMware Cloud Foundation on Dell EMC VxRail.

VMware Cloud Foundation 4.3 on Dell EMC VxRail known issues appear below:

Upgrade Known Issues

  • Async Patch Tool Known Issues

    The Async Patch Tool is a utility that allows you to apply critical patches to certain VMware Cloud Foundation components (NSX-T Manager, vCenter Server, and ESXi) outside of VMware Cloud Foundation releases. The Async Patch Tool also allows you to enable upgrade of an async patched system to a new version of VMware Cloud Foundation.

    See the Async Patch Tool Release Notes for known issues.

check-circle-line exclamation-circle-line close-line
Scroll to top icon