VMware vRealize Suite Lifecycle Manager 8.8 Release Notes

VMware vRealize Suite Lifecycle Manager 8.8 | 28 APR 2022 | Build 19716703

Check for additions and updates to these release notes.

What's New

Here are the key features and capabilities of vRealize Suite Lifecycle Manager 8.8:

vRealize Orchestrator Support

The lifecycle operations of vRealize Orchestrator are supported in vRealize Suite Lifecycle Manager 8.8 release.

vRealize Cloud Connect Support

vRealize Cloud Connect is introduced to migrate your vRealize Network Insight on-premises software to vRealize Network Insight Cloud. For more details, see About vRealize Cloud Connect.

Usability Enhancements

You can now deploy the nodes in multiple datacenters or clusters with the same subset when installing a clustered VMware Identity Manager or when performing a scale-out operation.

Notifications Support

Provides notifications about the licenses and certificates that have expired or will be expiring within a specified time period.

vRealize Automation Enhancements

Cloud Extensibility Proxy (CExP) installation is supported. Also, provides zero-downtime customer experience during maintenance and upgrade.

Content Management Enhancements

An option to delete content files from source control that are removed from source endpoint is now available for vRealize Orchestrator.

Security Updates for Multiple Vulnerabilities

vRealize Suite Lifecycle Manager 8.8 has the following CVEs addressed.

Component	Fixed Version	CVEs Addressed
httpd	httpd-2.4.53-1	CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943
ntp	ntp-4.2.8p14-3	CVE-2016-10195

Component

Fixed Version

CVEs Addressed

httpd

httpd-2.4.53-1

CVE-2022-22719

CVE-2022-22720

CVE-2022-22721

CVE-2022-23943

ntp

ntp-4.2.8p14-3

CVE-2016-10195

Note: A few components are not controlled by vRealize Suite Lifecycle Manager and may report Log4j related vulnerabilities. These components have been handled through scripts, so vRealize Suite Lifecycle Manager is not exploitable by these vulnerabilities.

Recommendations

If the source vRealize Automation has 8.0.0 GA or 8.0.1 GA, ensure that KB 78235 is applied before upgrading to restore expired root accounts.
When configuring multi-tenancy in vRealize Suite Lifecycle Manager for VMware Identity Manager and vRealize Automation, if you replace VMware Identity Manager certificate, it can cause service downtime on products integrated with VMware Identity Manager. Hence, it is suggested to create SAN certificates with required hostnames for multi-tenancy. To avoid service disruption, use wildcard certificates on VMware Identity Manager.
To reboot VMware Identity Manager cluster setup, use the Power On and Power Off options in the VMware Identity Manager product actions in vRealize Suite Lifecycle Manager.

Limitations

vRealize Suite Lifecycle Manager cannot be upgraded using VMware Remote console in Windows VM: During an vRealize Suite Lifecycle Manager upgrade, the ISO filename is truncated after it is mounted in Windows VM. For an upgrade, ensure that you upload the ISO filename in a content library of the vCenter server or upload it to a datastore that the vRealize Suite Lifecycle Manager VM can access. After uploading the ISO filename, attach the ISO to the CD-ROM device of the vRealize Suite Lifecycle Manager VM by editing the hardware configuration from the vCenter inventory of the VM. From the vRealize Suite Lifecycle Manager UI, select CD-ROM based upgrade option, and then click proceed.

vRealize Automation SaltStack Config cannot be downloaded from My VMware in the vRealize Suite Lifecycle Manager Settings> Binary Mapping> Product Binaries page as the vRealize Automation SaltStack Config product binary is not available in the vRealize Suite download page. For more details and the workaround, refer to KB 82543.

If a custom form is released without a blueprint at the target vRealize Automation, even if the release is successful on vRealize Suite Lifecycle Manager, the custom form is not visible at the target vRealize Automation instance. To release a custom form, ensure that the associated composite blueprint is released or created first on the target vRealize Automation.

Content source on vRealize Automation 8.x endpoint: When releasing a blueprint on vRealize Automation 8.x, you must create the content source on the target vRealize Automation 8.x prior to the release.

vRealize Automation 8.x content types: The vRealize Automation 8.x content types which are renamed must be re-captured from the vRealize Automation endpoints, and then checked in to the source control endpoints. If the content is present in the source control, then you must manually rename the folder in the source control endpoints, and then check-out the content from the source control endpoints.

Content Migration from 1.3, 2.0 and 2.1 are not supported in vRealize Suite Lifecycle Manager 8.0.1 and later. For more information, see Content Management.

Support of content from an earlier version to the latest version depends on the product capabilities: You can capture content from vRealize Automation 7.5 and release to vRealize Automation 7.6. However, if vRealize Automation 7.6 does not support contents captured from older version, it would not work in vRealize Suite Lifecycle Manager.

vRealize Orchestrator package can scale up to 1000 elements in a package.

Snapshot for VMs remain in the in-progress state in vRealize Suite Lifecycle Manager: Snapshot for VMs that have device back up are not supported and remain in the in-progress state in vRealize Suite Lifecycle Manager. You cannot take snapshots of VMs that have a device back up in vCenter. vRealize Suite Lifecycle Manager also supports taking snapshots of VMs. However, the vCenter server also supports taking device back up. For such VMs, vRealize Suite Lifecycle Manager snapshot requests would remain in progress.

vRealize Operations upgrade failed at application upgrade task after completing the OS upgrade task and the cluster is not online: When Cassandra fails in one of the vRealize Operations nodes, this causes the vRealize Operations cluster to be offline.

Resolved Issues

vRealize Suite Lifecycle Manager user interface not accessible post upgrade
When upgrading vRealize Suite Lifecycle Manager, if VMware Identity Manager API does not respond, the upgrade fails with the following error:
```
SYSOUT/SYSERR CAPTURED: -- org.springframework.web.client. 
ResourceAccessException: I/O error on GET request for "https://[vIDM hostname]/SAAS/API/1.0/REST/auth/token": 
Connection reset; nested exception is java.net.SocketException: Connection reset”. 
This can be verified by looking at logs available under /var/log/vmware_vrlcm.log.
```
Workaround:
1. Revert snapshot.
2. Ensure that VMware Identity Manager responds through vRealize Suite Lifecycle Manager and the VMware Identity Manager inventory sync is successful, prior to an upgrade.
VCF Enabled Password Error After Upgrading vRealize Suite Lifecycle Manager
When you upgrade from vRealize Suite Lifecycle Manager version 8.2.1 to a later version but prior to version 8.6, and then perform an inventory sync of the environment, you may not be able to edit passwords from Locker. You may receive the following error message:
```
The Password edit is not allowed for VCF enabled environment
```
Workaround: If you upgrade from vRealize Suite Lifecycle Manager version 8.2.1 to a later version but prior to version 8.6.0, ensure that you reimport the environments of the vRealize Suite Lifecycle Manager inventory.

Known Issues

Error when scaling out vRealize Automation in vRealize Suite Lifecycle Manager
When scaling out vRealize Automation environment in vRealize Suite Lifecycle Manager, you may get the following error message.
```
vRealize Automation Scaleout is not allowed when appliance is already patched.
```
Workaround: Perform the following steps.
1. Import vRealize Automation in a new environment using the same vRealize Suite Lifecycle Manager instance, and then scale out from the new environment.
2. Perform an inventory sync of the older vRealize Automation environment to update the new node details.
3. Delete the new vRealize Automation environment after retaining the nodes that were created when re-importing from the vRealize Suite Lifecycle Manager inventory.
vRealize Operations Manager patch install request fails with an error message
When the vRealize Operations Manager PAK file is corrupted in vRealize Suite Lifecycle Manager, the vRealize Operations Manager patch install request may fail with the following error message:
```
vROPS upgrade failure error with exception Product PAK file null not found.
```
Workaround: Perform the following steps.
1. Delete the vRealize Operations Manager patch install binary mapped in Settings > Binary Mappings > Patch Binary tab.
2. Map the vRealize Operations Manager patch file with new binary.
3. Retrigger the vRealize Operations Manager patch install.
Capturing historical content version VRO 7.5 is not supported

If we try to capture and release the historical version of the content from VRO 7.5, the content is not captured.

Workaround: Use the supported version of the historical content from VRO 7.6 and later.
vRealize Operations deployment fails in vRealize Suite Lifecycle Manager
After you download the install binaries for vRealize Operations version 8.5 or 8.6 from My VMware in vRealize Suite Lifecycle Manager, the installation of vRealize operations may fail with the following error.
```
Error Code: LCMVSPHERECONFIG1000087
Exception occurred while deploying ovf. Invalid argument provided.
Invalid argument provided for ovf deployment.
```
Workaround: Use alternate ways to map the install binary, such as Local or NFS, or enable the content library mapping.
1. Download the vRealize Operations binaries from My VMware, and place it in a shared location, such as NFS or vRealize Suite Lifecycle Manager VA.
2. Navigate to Settings Page -> Binary Mapping in vRealize Suite Lifecycle Manager.
3. To add a binary, select Local or NFS as Location Type in vRealize Suite Lifecycle Manager.
4. Trigger the vRealize Operations installation.
Note: See vRealize Suite Lifecycle Manager documentation for different ways in which binaries can be mapped in vRealize Suite Lifecycle Manager. You can also see KB 86088 for more details.
vRealize Suite Lifecycle Manager and vRealize Log Insight integration error

If you attempt to integrate vRealize Suite Lifecycle Manager and vRealize Log Insight without Secure Socket Layer (SSL), the integration may fail.

Perform the vRealize Suite Lifecycle Manager and vRealize Log Insight integration with SSL.
Test connection for vRealize Operations Manager endpoint fails

When vRealize Operations Manager is configured with VMware Identity Manager using vRealize Suite Lifecycle Manager, if you perform a test connection in content management when adding the vRealize Operations Manager endpoint, the connection fails.
Workaround: Log in with your username in the following format:
```
domain@vidmauthsource
 For example; configadmin@System
```
vRealize Suite Lifecycle Manager upgrade stops responding when downloading packages

When upgrading earlier versions of vRealize Suite Lifecycle Manager, the system upgrade stops responding, and the packages cannot be downloaded.
Workaround:

You can perform one of the following steps:
- Revert snapshot, and then retry the upgrade.
- Remove the upgradeprogress file, and then retry the upgrade.
For more details, refer to KB 81402.
The retry inputs provided in the failed deployment request is not saved.

The retry inputs provided in the failed deployment request is not getting saved and the next task in the deployment request fails again with the old input provided during the deployment.

Workaround: Provide the retry inputs for each failed task in the deployment request or you should to re-deploy the environment with correct inputs.
VRCS_CUSTOM tagged workflow does not appear in the post and pre stub present under the Settings page.

None of the existing workflows appears in the drop-down (tagged with the VRCS_CUSTOM ) post-selection of external vRO endpoint in the pre-post stub.

Workaround: Rename the existing tag of the workflow (VRCS_CUSTOM) in the vRO endpoint with "vRSLCM_CUSTOM". This displays all the workflow in the drop-down menu.
Tenant Association Error

When there are multiple vRealize Automation products selected during the tenant creation, if there is a failure in the tenant association with a particular vRealize Automation instance, then you cannot manage the entire tenant.
Workaround:

Perform one of the following workarounds:
1. Retry the failed tenant creation request after fixing the tenant creation failure.
2. Skip the tenant creation for specific vRealize Automation, in the retry request.
Retry for all products specified in the tenant creation request until the tenant creation request is successful. After the create tenant request is successful, you can click the tenant in the Tenant Management page, and then perform further operations.
While replacing VMware Identity Manager certificate after the vRealize Suite Lifecycle Manager upgrade to 8.1 or above, the product associations does not list all products.

While replacing VMware Identity Manager certificate after vRealize Suite Lifecycle Manager upgrade to 8.1 or above, the product associations does not list all products present in vRealize Suite Lifecycle Manager that are integrated with VMware Identity Manager.

Workaround:

After the vRealize Suite Lifecycle Manager upgrade to 8.1 or above, run the inventory sync of the products that are integrated with VMware Identity Manager, and then try replacing the certificate in VMware Identity Manager to reflect all the product associations listed in Replace Certificate wizard.
The vRealize Suite Lifecycle Manager UI crashes when navigating to certain pages

The vRealize Suite Lifecycle Manager UI crashes or does not reflect specific operations when navigating to certain pages. It displays an unexpected error message to check connectivity to the server and try again.
Workaround:

Perform one of the following workarounds:
- Clear the browser cache.
- Open the vRealize Suite Lifecycle Manager UI in an incognito mode to reset the browser cache.