vCenter Server 7.0 Update 3d | 29 MAR 2022 | ISO Build 19480866

Check for additions and updates to these release notes.

What's in the Release Notes

The release notes cover the following topics:

IMPORTANT: If your source system contains the ESXi 7.0 Update 2 release (build number 17630552) or later builds with Intel drivers, before upgrading to vCenter Server 7.0 Update 3d, see the What's New section of the VMware vCenter Server 7.0 Update 3c Release Notes, because all content in the section is also applicable for vSphere 7.0 Update 3d. Also, see the related VMware knowledge base articles: 86447, 87258, and 87308

What's New

Earlier Releases of vCenter Server 7.0

Features, resolved and known issues of vCenter Server are described in the release notes for each release. Release notes for earlier releases of vCenter Server 7.0 are:

For internationalization, compatibility, installation, upgrade, open source components and product support notices, see the VMware vSphere 7.0 Release Notes.
For more information on vCenter Server supported upgrade and migration paths, please refer to VMware knowledge base article 67077.

Patches Contained in This Release

This release of vCenter Server 7.0 Update 3d delivers the following patch:

For a table of build numbers and versions of VMware vCenter Server, see VMware knowledge base article 2143838.

Patch for VMware vCenter Server Appliance 7.0 Update 3d

Product Patch for vCenter Server containing VMware software fixes, security fixes, and third-party product fixes.

This patch is applicable to vCenter Server.

Download Filename VMware-vCenter-Server-Appliance-7.0.3.00500-19480866-patch-FP.iso
Build 19480866
Download Size 7384.3 MB
md5sum 2d688096865b896b8788f565f96cb04f
sha256checksum 929f1af250a763771f184b65ea2110b38905ad8020ab8f6b036be089f4e47fd8

Download and Installation

To download this patch, after you log in to VMware Customer Connect, select VC from the Select a Product drop-down menu and select 7.0.3 from the Select a Version drop-down menu.

  1. Attach the VMware-vCenter-Server-Appliance-7.0.3.00500-19480866-patch-FP.iso file to the vCenter Server CD or DVD drive.
  2. Log in to the appliance shell as a user with super administrative privileges (for example, root) and run the following commands:
    • To stage the ISO:
      software-packages stage --iso
    • To see the staged content:
      software-packages list --staged
    • To install the staged rpms:
      software-packages install --staged

For more information on using the vCenter Server shells, see VMware knowledge base article 2100508.

For more information on patching vCenter Server, see Patching the vCenter Server Appliance.

For more information on staging patches, see Stage Patches to vCenter Server Appliance.

For more information on installing patches, see Install vCenter Server Appliance Patches.

For more information on patching using the Appliance Management Interface, see Patching the vCenter Server by Using the Appliance Management Interface.

Resolved Issues

The resolved issues are grouped as follows.

vSAN Issues
  • NEW PR 2865872: Hosts in a vSAN stretched cluster lose CNS volume-to-datastore mapping during site partition

    When a vSAN stretched cluster has a network partition between sites, a delay in the vSAN health service detecting the partition might cause CNS applications to remove volume-to-datastore mappings in the cache. As a result, attempts to attach such volumes to pods, or run any operations on the volume such as update or delete, fail until CNS volume-to-datastore mappings are restored after the partition is fixed.

    This issue is resolved in this release.

Networking Issues
  • Deploying a virtual machine by using an OVF template might fail on a cluster with VMware NSX-T Data Center

    Deployment of virtual machines by using an OVF template on a cluster with VMware NSX-T Data Center might fail due to a compatibility check. During OVF template deployments, vCenter Server performs compatibility checks on randomly selected ESXi hosts, and if such a host uses an NSX Distributed Virtual port group, the check might fail due to a missing prerequisite for NVDS to CVDS migration, which in the case of OVF deployments is not necessary.

    This issue is resolved in this release. The fix removes compatibility checks for prerequisites for NVDS to CVDS migration in case of OVF deployments.

  • When you use the VMware Remote Console, the envoy service might intermittently fail

    An issue with the envoy service specific to the VMware Remote Console might lead to intermittent failures of the service. As a result, the vCenter Server Management Interface or vCenter Server APIs might also become unavailable. 

    This issue is resolved in this release.

Server Configuration Issues
  • Adding ESXi hosts to an Active Directory Domain by using the VMware vSphere Authentication Proxy service might fail

    Due to some additional permission checks from the vSphere Authentication Proxy service, adding an ESXi host to an Active Directory domain might fail. The issue is specific for vSphere Authentication Proxy configurations where some users do not have Domain Admins privileges on the Active Directory.

    This issue is resolved in this release. The fix reduces the user access checks by the vSphere Authentication Proxy service to only the required minimum.

vSphere HA and Fault Tolerance Issues
  • You do not see an alarm when the secondary VM in a vSphere Fault Tolerance (FT) pair cannot power on

    In the vSphere Client, even though you set a vCenter cannot start the Fault Tolerance secondary VM alarm, you do not see the alarm when the secondary VM that duplicates a mission critical virtual machine protected by FT fails to start.

    This issue is resolved in this release. 

Miscellaneous Issues
  • During OVF exports by using the vSphere Client you might see a pop-up window with the error HTTP Status 503 - Service Unavailable

    OVF export operations by using the vSphere Client complete successfully, but while running, you might see a pop-up window with the error HTTP Status 503 - Service Unavailable. The issue occurs because an export task might be initiated twice. As a result, one of the tasks completes, but the other ends with a 503 error.

    This issue is resolved in this release.

  • When you try to log in to the vSphere Client, you get an error that you cannot connect to the vCenter Single Sign-On server

    If a user in your environment belongs to many Active Directory groups, either nested or not, the Security Token Service (STS) server might take long to issue a SAML token. As a result, login to the vSphere Client of such user might time out and fail. In the vSphere Client, you see a message such as Cannot connect to vCenter Single Sign-On server https://<vcfqdn>/sts/STSService/vsphere.local..

    This issue is resolved in this release. The fix makes sure that logins to the vSphere Client succeed. However, the fix does not prevent login timeouts due to STS delayed response for a SAML token. As a result, in some environments where a user belongs to many Active Directory groups, you might log in to the vSphere Client, but still not be able to connect to a vCenter Server instance.

Security Issues
  • vCenter Server 7.0 Update 3d provides the following security updates: 
    • cURL is updated to version 7.79.1.

    • Eclipse Jetty is upgraded to version jetty-9.4.43.v20210629.

    • The Oracle (Sun) JRE package is updated to version 1.8.0_311.

    • The Apache Tomcat server is updated to versions 8.5.68 and 9.0.50.

    • The OpenSSL library is updated to version 1.0.2za.

    • The SQLite database is updated to version 3.36.0.

    • Apache log4j is updated to version 2.17.1.

    • Apache Struts is updated to version 2.5.28.3.

Upgrade Issues
  • Incremental patches of vCenter Server 7.x fail with Exception occured in postInstallHook error

    Due to an issue with the execution of the expand scripts of the vCenter Server database, incremental patches of vCenter Server 7.x, such as vCenter Server 7.0 Update 2c to VMware vCenter Server 7.0 Update 2d, might fail. In the vSphere Client, you see the error Exception occured in postInstallHook. In the log files, such as /var/log/vmware/applmgmt/vcdb_patch.err and /var/log/vmware/applmgmt/vcdb_patch.out, you see the error vcdb:Patch ERROR vmware_b2b.patching.executor.hook_executor Patch hook 'vcdb:Patch' failed..

    This issue is resolved in this release.

vCenter Server and vSphere Client Issues
  • NEW: You cannot refresh storage provider certificates from the vSphere Client

    In the vSphere Client, when you navigate to Configure > Storage Providers, you see the option Refresh certificate dimmed.

    This issue is resolved in this release.

Known Issues

The known issues are grouped as follows.

Upgrade Issues
  • You do not see a precheck error when patching to vCenter Server 7.0 Update 3d by using CLI

    Due to the name change in the Intel i40en driver to i40enu and back to i40en, vCenter Server 7.0 Update 3d and later add an upgrade precheck to make sure that ESXi hosts affected from the change are properly upgraded. In some cases, if such hosts exist in your system, patching from a vCenter Server version earlier than 7.0 Update 3 to a version later than 7.0 Update 3 by using CLI might fail with the error Installation failed. Retry to resume from the current state. Or please collect the VC support bundle.. However, instead of this error, you must see the precheck error message. 

    Workaround: If you do not see the precheck error and patching your system to vCenter Server 7.0 Update 3d fails, make sure all ESXi hosts are upgraded to ESXi 7.0 Update 3d, by using either a baseline created from an ISO or a single image, before upgrading vCenter Server. Do not use patch baselines based on the rollup bulletin. You can find additional debug log information at /var/log/vmware/applmgmt. For more details, see VMware knowledge base articles 87319 and 86447.

Miscellaneous Issues
  • You cannot paste by right clicking in the vi editor

    If you use the vi text editor on a vCenter Server Appliance instance, you cannot paste previously copied content by right clicking. Instead, the vi editor changes mode to Visual.

    Workaround: From the vCenter Server Appliance shell, run the command/usr/bin/sed -i.bak -E '2alet skip_defaults_vim=1' /etc/vimrc.

vSphere Lifecycle Manager Issues
  • You cannot use an ESXi image with OEM content to create clusters by using vSphere Lifecycle Manager workflows after an update

    When you update an ESXi image with OEM content, for example Dell ESXi 7.0 Update 2a to Dell ESXi 7.0 Update 3d, some reserved VIBs, such that are present in the VMware base image but overridden by async VIBs packaged by the OEM, might be deleted. The same issue might occur after updating your system by using a non-critical baseline and then update to a higher version by using an ESXi image with OEM content. For example, if you update to 7.0 Update 2 by using a non-critical baseline and then update to 7.0 Update 3 by using a Dell ESXi 7.0 Update 3 image, reserved VIBs might also be deleted. As a result, you cannot use ESXi hosts with the updated version to create a vSphere Lifecycle Manager cluster managed by a single image. The operation fails and in the backtrace, you see errors such as:
    2021-11-24T09:42:49Z lifecycle: 2101166: HostSeeding:956 ERROR Extract depot failed: ('VMW_bootbank_bnxtroce_216.0.58.0-23vmw.703.0.0.18644231', 'Failed to add reserved VIB VMW_bootbank_bnxtroce_216.0.58.0-23vmw.703.0.0.18644231: not found in the reserved VIB cache storage')
    2021-11-24T09:42:50Z lifecycle: 2101166: imagemanagerctl:373 ERROR Extract depot failed.
    021-11-24T09:42:50Z lifecycle: 2101166: imagemanagerctl:152 ERROR [ReservedVibExtractError] ('VMW_bootbank_bnxtroce_216.0.58.0-23vmw.703.0.0.18644231', 'Failed to add reserved VIB VMW_bootbank_bnxtroce_216.0.58.0-23vmw.703.0.0.18644231: not found in the reserved VIB cache storage')

    Workaround: Use interactive or scripted upgrade instead of vSphere Lifecycle Manager workflows. 

Known Issues from Prior Releases

To view a list of previous known issues, click here.

check-circle-line exclamation-circle-line close-line
Scroll to top icon