vRealize Suite Lifecycle Manager 8.6 | 12 October 2021 | Build 18747913 Check for additions and updates to these release notes.

What's in the Release Notes

The release notes cover the following topics:

• What's New
• Recommendations
• Limitations
• Security Updates for Multiple Vulnerabilities
• Resolved Issues
• Known Issues

What's New

Here are the key features and capabilities of vRealize Suite Lifecycle Manager 8.6:

• Cloud Proxy deployment

• VCF enhancements

• Snapshot management enhancements

• Outbound notification integration

• vRealize Operations Manager support improvements

• Technical debt and product improvements

• Marketplace improvements
  • Previously, Marketplace connected with VMware Solutions Exchange to download content in vRealize Suite Lifecycle Manager. VMware Solutions Exchange is now deprecated, so Marketplace fetches the required content from VMware Cloud Marketplace.

• Content Management enhancements
  • The version history is now captured for Orchestrator Action and Orchestrator-ConfigurationElement when capturing the Orchestrator workflow.
  • You can deploy or publish cloud templates and XaaSBlueprints when releasing these content types.

• vRealize Cloud Universal simplification to help our users

• Perpetual and vRealize Cloud Universal licenses in vRealize Suite Lifecycle Manager

Note: You can now provide customer feedback directly to the engineering and product development teams to address product improvement opportunities.

Recommendations

• If the source vRealize Automation has 8.0.0 GA or 8.0.1 GA, ensure that KB 78235 is applied before upgrading to restore expired root accounts.
• When configuring multi-tenancy in vRealize Suite Lifecycle Manager for VMware Identity Manager and vRealize Automation, if you replace VMware Identity Manager certificate, it can cause service downtime on products integrated with VMware Identity Manager. Hence, it is suggested to create SAN certificates with required hostnames for multi-tenancy. To avoid service disruption, use wildcard certificates on VMware Identity Manager.
• To reboot VMware Identity Manager cluster setup, use the Power On and Power Off options in the VMware Identity Manager product actions in vRealize Suite Lifecycle Manager.

Limitations

• vRealize Suite Lifecycle Manager cannot be upgraded using VMware Remote console in Windows VM: During an vRealize Suite Lifecycle Manager upgrade, the ISO filename is truncated after it is mounted in Windows VM. For an upgrade, ensure that you upload the ISO filename in a content library of the vCenter server or upload it to a datastore that the vRealize Suite Lifecycle Manager VM can access. After uploading the ISO filename, attach the ISO to the CD-ROM device of the vRealize Suite Lifecycle Manager VM by editing the hardware configuration from the vCenter inventory of the VM. From the vRealize Suite Lifecycle Manager UI, select CD-ROM based upgrade option, and then click proceed.

• vRealize Automation SaltStack Config cannot be downloaded from My VMware in the vRealize Suite Lifecycle Manager Settings> Binary Mapping> Product Binaries page as the vRealize Automation SaltStack Config product binary is not available in the vRealize Suite download page. For more details and the workaround, refer to KB 82543.

• If a custom form is released without a blueprint at the target vRealize Automation, even if the release is successful on vRealize Suite Lifecycle Manager, the custom form is not visible at the target vRealize Automation instance. To release a custom form, ensure that the associated composite blueprint is released or created first on the target vRealize Automation.

• Content source on vRealize Automation 8.x endpoint: When releasing a blueprint on vRealize Automation 8.x, you must create the content source on the target vRealize Automation 8.x prior to the release.

• vRealize Automation 8.x content types: The vRealize Automation 8.x content types which are renamed must be re-captured from the vRealize Automation endpoints, and then checked in to the source control endpoints. If the content is present in the source control, then you must manually rename the folder in the source control endpoints, and then check-out the content from the source control endpoints.

• Content Migration from 1.3, 2.0 and 2.1 are not supported in vRealize Suite Lifecycle Manager 8.0.1 and later. For more information, see Content Management. 

• Support of content from an earlier version to the latest version depends on the product capabilities: You can capture content from vRealize Automation 7.5 and release to vRealize Automation 7.6. However, if vRealize Automation 7.6 does not support contents captured from older version, it would not work in vRealize Suite Lifecycle Manager.

• vRealize Orchestrator package can scale up to 1000 elements in a package.

• Snapshot for VMs remain in the in-progress state in vRealize Suite Lifecycle Manager: Snapshot for VMs that have device back up are not supported and remain in the in-progress state in vRealize Suite Lifecycle Manager. You cannot take snapshots of VMs that have a device back up in vCenter. vRealize Suite Lifecycle Manager also supports taking snapshots of VMs. However, the vCenter server also supports taking device back up. For such VMs, vRealize Suite Lifecycle Manager snapshot requests would remain in progress.

• vRealize Operations upgrade failed at application upgrade task after completing the OS upgrade task and the cluster is not online:
  When Cassandra fails in one of the vRealize Operations nodes, this causes the vRealize Operations cluster to be offline.

Security Updates for Multiple Vulnerabilities

vRealize Suite Lifecycle Manager 8.6 has the following CVEs addressed.

Photon OS Components	Fixed Versions	CVEs Addressed
gnutls	gnutls-3.6.15-3	CVE-2021-20232
nginx	nginx-1.16.1-4	CVE-2021-23017
libxml2, libxml2-devel, libxml2-python	libxml2-2.9.11-2, libxml2-devel-2.9.11-2, libxml2-python-2.9.11-2	CVE-2021-3517, CVE-2021-3518, CVE-2021-3537
glibc, glibc-i18n, glibc-iconv, glibc-lang	glibc-2.28-15, glibc-i18n-2.28-15, glibc-iconv-2.28-15, glibc-lang-2.28-15	CVE-2021-35942, CVE-2021-33574
linux	linux-4.19.198-2	CVE-2021-33909
python-cryptography	python-cryptography-2.8-2	CVE-2020-36242
nss, nss-libs	nss-3.44-6, nss-libs-3.44-6	CVE-2020-12403
bindutils	bindutils-9.16.15-1	CVE-2021-25214, CVE-2021-25215, CVE-2021-25216
curl, curl-libs	curl-7.78.0-2, curl-libs-7.78.0-2	CVE-2021-22945, CVE-2021-22946, CVE-2021-22947

 

Resolved Issues

• VCF Enabled Password Error After Upgrading vRealize Suite Lifecycle Manager

  When you upgrade from vRealize Suite Lifecycle Manager version 8.2.1 to a later  version but prior to version 8.6, and then perform an inventory sync of the environment, you may not be able to edit passwords from Locker. You may receive the following error message:

  The Password edit is not allowed for VCF enabled environment

  Workaround: If you upgrade from vRealize Suite Lifecycle Manager version 8.2.1 to a later version but prior to version 8.6.0, ensure that you reimport the environments of the vRealize Suite Lifecycle Manager inventory.

• vRealize Suite Lifecycle Manager user interface not accessible post upgrade

  When upgrading vRealize Suite Lifecycle Manager, if VMware Identity Manager API does not respond, the upgrade fails with the following error:

  SYSOUT/SYSERR CAPTURED:  -- org.springframework.web.client.
  ResourceAccessException: I/O error on GET request for "https://[vIDM hostname]/SAAS/API/1.0/REST/auth/token":
  Connection reset; nested exception is java.net.SocketException: Connection reset”.
  This can be verified by looking at logs available under /var/log/vmware_vrlcm.log.

  Workaround:

  1. Revert snapshot.
  2. Ensure that VMware Identity Manager responds through vRealize Suite Lifecycle Manager and the VMware Identity Manager inventory sync is successful, prior to an upgrade.

Known Issues

• vRealize Operations Manager patch install request fails with an error message

  When the vRealize Operations Manager PAK file is corrupted in vRealize Suite Lifecycle Manager, the vRealize Operations Manager patch install request may fail with the following error message:

  vROPS upgrade failure error with exception Product PAK file null not found.

  Workaround: Perform the following steps.

  1. Delete the vRealize Operations Manager patch install binary mapped in Settings > Binary Mappings > Patch Binary tab.
  2. Map the vRealize Operations Manager patch file with new binary.
  3. Retrigger the vRealize Operations Manager patch install.
• Capturing historical content version VRO 7.5 is not supported

  If we try to capture and release the historical version of the content from VRO 7.5, the content is not captured.

  Workaround: Use the supported version of the historical content from VRO 7.6 and later.

• vRealize Operations deployment fails in vRealize Suite Lifecycle Manager

  After you download the install binaries for vRealize Operations version 8.5 or 8.6 from My VMware in vRealize Suite Lifecycle Manager, the
    installation of vRealize operations may fail with the following error.

  Error Code: LCMVSPHERECONFIG1000087
  Exception occurred while deploying ovf. Invalid argument provided.
  Invalid argument provided for ovf deployment.

  Workaround: Use alternate ways to map the install binary, such as Local or NFS, or enable the content library mapping.

  1. Download the vRealize Operations binaries from My VMware, and place it in a shared location, such as NFS or vRealize Suite Lifecycle Manager VA.
  2. Navigate to Settings Page -> Binary Mapping in vRealize Suite Lifecycle Manager.
  3. To add a binary, select Local or NFS as Location Type in vRealize Suite Lifecycle Manager.
  4. Trigger the vRealize Operations installation.

  Note: See vRealize Suite Lifecycle Manager documentation for different ways in which binaries can be mapped in vRealize Suite Lifecycle Manager. You can also see KB 86088 for more details.

• vRealize Suite Lifecycle Manager and vRealize Log Insight integration error

  If you attempt to integrate vRealize Suite Lifecycle Manager and vRealize Log Insight without Secure Socket Layer (SSL), the integration may fail.

  Perform the vRealize Suite Lifecycle Manager and vRealize Log Insight integration with SSL.

• Test connection for vRealize Operations Manager endpoint fails

  When vRealize Operations Manager is configured with VMware Identity Manager using vRealize Suite Lifecycle Manager, if you perform a test connection in content management when adding the vRealize Operations Manager endpoint, the connection fails.

  Workaround: Log in with your username in the following format:

  domain@vidmauthsource
  For example; configadmin@System

• vRealize Suite Lifecycle Manager upgrade stops responding when downloading packages

  When upgrading earlier versions of vRealize Suite Lifecycle Manager, the system upgrade stops responding, and the packages cannot be downloaded.

  Workaround:

  You can perform one of the following steps:

  • Revert snapshot, and then retry the upgrade.
  • Remove the upgradeprogress file, and then retry the upgrade.

  For more details, refer to KB 81402.

• Compatibility version check takes longer time for content from source control

  When performing tests from source control, such as apture+test, capture+deploy, capture+test+deploy or when releasing the content using multi-release or multiple tests functionalities, the version compatibility test using the compatibility check takes longer time when content is from source control.

  Workaround: Select fewer number of content from source control when performing the deployment, which will take lesser time to provide the result of compatible tests.

• The retry inputs provided in the failed deployment request is not saved. 

  The retry inputs provided in the failed deployment request is not getting saved and the next task in the deployment request fails again with the old input provided during the deployment.

  Workaround: Provide the retry inputs for each failed task in the deployment request or you should to re-deploy the environment with correct inputs.

• VRCS_CUSTOM tagged workflow does not appear in the post and pre stub present under the Settings page.

  None of the existing workflows appears in the drop-down (tagged with the VRCS_CUSTOM ) post-selection of external vRO endpoint in the pre-post stub.

  Workaround: Rename the existing tag of the workflow (VRCS_CUSTOM) in the vRO endpoint with "vRSLCM_CUSTOM". This displays all the workflow in the drop-down menu.

• While migrating or upgrading content management, the source control endpoints are required to be mapped to the respective Source Control Servers again. While migrating vRealize Suite Lifecycle Manager 2.0 to 8.0.1 content library configuration in the vSphere setting page will not appear.

  Workaround:

  • Edit the required source control endpoint in the migrated or updated setup. Against the source control server, select the server from the drop-down menu which maps to this endpoint.
  • Similarly, if you are migrating from vRealize Suite Lifecycle Manager 2.0 to 8.0.1, reselect the content library from vSphere setting page within the Lifecycle Manager Environment.
• When there are multiple vRealize Automation products selected during the tenant creation, if there is a failure in the tenant association with a particular vRealize Automation instance, then you cannot manage the entire tenant. 

  Tenant in the Tenant Management page cannot be used when the tenant is created in VMware Identity Manager but failed in vRealize Automation, and the same tenant cannot be used for other configurations.

  Workaround:

  Perform one of the following workarounds:

  1. Retry the failed tenant creation request after fixing the tenant creation failure. 
  2. Skip the tenant creation for specific vRealize Automation, in the retry request.

  Retry for all products specified in the tenant creation request until the tenant creation request is successful. Once the create tenant request is successful, you can click the tenant in the Tenant Management page and perform further operations.

• While replacing VMware Identity Manager certificate after the vRealize Suite Lifecycle Manager upgrade to 8.1 or above, the product associations does not list all products.

  While replacing VMware Identity Manager certificate after vRealize Suite Lifecycle Manager upgrade to 8.1 or above, the product associations does not list all products present in vRealize Suite Lifecycle Manager that are integrated with VMware Identity Manager.

  Workaround:

  After the vRealize Suite Lifecycle Manager upgrade to 8.1 or above, run the inventory sync of the products that are integrated with VMware Identity Manager, and then try replacing the certificate in VMware Identity Manager to reflect all the product associations listed in Replace Certificate wizard.

• The vRealize Suite Lifecycle Manager UI crashes when navigating to certain pages.

  The vRealize Suite Lifecycle Manager UI crashes or does not reflect specific operations when navigating to certain pages. It displays an unexpected error message to check connectivity to the server and try again.

  Workaround:

  Perform one of the following workarounds:

  • Clear the browser cache.
  • Open the vRealize Suite Lifecycle Manager UI in an incognito mode to reset the browser cache.