check-circle-line exclamation-circle-line close-line

vCloud Director 9.7.0.1 for Service Providers Release Notes

vCloud Director 9.7.0.1 for Service Providers | 16 MAY 2019 | Build 13635483 (installed build 13634630)

Check for additions and updates to these release notes.

What's in the Release Notes

The release notes cover the following topics:

 

System Requirements and Installation

For more information about system requirements and installation instructions, see vCloud Director Installation and Upgrade Guide.

Documentation

To access the full set of product documentation, go to VMware vCloud Director for Service Providers Documentation.

Previous Releases of vCloud Director 9.7.x for Service Providers

vCloud Director 9.7 for Service Providers Release Notes

Resolved Issues

  • After upgrading vCloud Director with an external Microsoft SQL database to version 9.7, registering or synchronizing a vCenter Server might fail

    After upgrading a vCloud Director installation with an external Microsoft SQL database, if you try to register or sync a vCenter Server instance that contains opaque networks, the following error might occur:

    Violation of UNIQUE KEY constraint 'uq_opaq_netw_inv_vc_id_net_id'. Cannot insert duplicate key in object 'dbo.opaque_network_inv'.

    The opaque networks appear if a vCenter Server instance is associated with an NSX-T Manager and networks are created in that NSX-T Manager.

     

  • Accessing vCloud Director 9.7 with FQDN fails with an SSL version error

    Accessing vCloud Director 9.7 with FQDN results in an error: ERR_SSL_VERSION_OR_CIPHER_MISMATCH because the SSL certificate keystore on the vCloud Director cell is shared by the HTTPS engine and PostgreSQL. The shared SSL certificate cannot process HTTPS requests that come in to the FQDN due to additional security measures applied by the Server Name Indication (SNI) extension of the TLS protocol.

     

  • Adding an affinity rule for a VM with multiple disks fails if the virtual machine disks don't use the same storage policy

    Adding a VM affinity rule fails with a PlacementException NO_FEASIBLE_PLACEMENT_SOLUTION error message if the virtual machine disks don't use the same storage policy.

     

  • Adding a virtual machine hard disk might fail with an error message that a required property for storage pod selection is not set

    If the existing hard disks of a VM are placed on a storage pod (SPOD) and you attempt to place a new virtual hard disk on a datastore, adding the hard disk might intermittently fail with error StoragePlacementSpec required property podSelectionSpec not set.

     

  • After promoting one of the standby cells to become the new primary cell, vCloud Director cells might incorrectly connect to the old failed primary database

    The reconfigure-database command runs periodically in the background and might incorrectly set vCloud Director cells in the server group to point to the original failed or inaccessible primary cell. As a result, the vCloud Director cells are unable to service any UI or REST API calls.

     

  • Cannot create more than one vApp network as an organization administrator

    As an organization administrator, you cannot create more than one vApp network and you cannot fence or unfence vApps by using the HTML5 tenant portal. The problem occurs when you have an existing fenced network connected to an organization VDC network, and you try to create a new one.

     

  • Importing a vSphere VM to an organization as a vCloud Director vApp converts shared organization VDC networks to vApp networks

    If you import a vSphere VM, the import is successful, but the connected shared organization VDC networks convert to vApp networks. Powering on the VM fails with error: The VDC associated with this vApp does not have the required network resources to start this vApp.

     

  • Importing a vSphere VM to an organization fails if the VM computer name has more than 15 characters

    Importing a virtual machine from vSphere fails if the computer name of the virtual machine contains more than 15 characters.

     

  • The list of virtual machines on the My Cloud tab of the tenant portal does not display any VMs

    On the My Cloud tab, when you select VMs, the Virtual Machines tab does not display a list of the VMs in the organization and the Flex UI stops responding.

     

  • The vCloud Director WebMKS console sends incorrect Ctrl+Alt+Delete input to the guest OS

    The vCloud Director WebMKS console sends incorrect codes to the guest OS when you send the Ctrl+Alt+Delete input.

     

  • If you use the vCloud Director HTML5 user interface, you cannot configure message digest for IPSec VPN tunnels in your NSX Data Center for vSphere 6.4.X environment

    If you use the vCloud Director HTML5 UI, you cannot configure message digest for IPSec VPN tunnels in your NSX Data Center for vSphere 6.4.X environment. If you enable SHA-256 hashing in NSX, vCloud Director overwrites it with the default SHA-1 hash.

     

  • Enabling SSL connection to database fails after unsuccessful renewal of certificates on the vCloud Director appliance cell

    When you attempt to import certificates to the vCloud Director appliance cell, if the new certificate Common Name is the same as the previous Common Name, the import fails. As a result, when you attempt to enable SSL connection to the vCloud Director database, the database configuration fails with the following exception: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed.

Known Issues

  • New Cell startup fails intermittently

    An intermittent race condition in the cell causes startup failure with the following error message in the cell-runtime.log file:

    com.vmware.cell.heartbeat.NonFatalHeartbeatException: org.hibernate.NonUniqueResultException: query did not return a unique result

    Workaround: None.

  • New The vCloud Director appliance management user interface Promote button and appliance console repmgr commands stop working

    This issue occurs when the postgres user password has expired on one or more vCloud Director appliances. As a result, the vCloud Director appliance management user interface Promote button fails to update the selected standby to become the new primary node in a database HA cluster. Some replication manager (repmgr) tool commands fail with errors such as: Nodes unreachable via SSH. Upon startup, the appliance OS console displays error messages, such as [FAILED] Failed to start User Manager. The postgres user password is set to expire on July 9, 2019.

    Workaround:

    Set the postgres user account password to never expire. You must run the commands on all appliances individually.

    1. Log in directly or SSH to the vCloud Director appliance OS as root.

    2. Set the postgres user account and password to never expire by running this command:

    chage -M -1 -d 1 postgres 

    3. To confirm that your settings are applied, run the command chage --list postgres .

    The system output should confirm that the postgres user account and password are set to never expire.

  • New During the database restore process, the reconfigure command fails with an error

    The create-db-backup script does not include the new etc/truststore file.  As a result, during the database restore process, the reconfigure command fails with a keystore error: Could not read or write the configuration file: Keystore was tampered with, or password was incorrect.

    Workaround: Contact VMware Global Support Services (GSS) for assistance with the workaround for this issue.

  • New Updating the properties of a shared direct organization VDC network in the tenant portal H5 UI causes it to be unshared if not in use by a VM or vApp, or causes it to fail, if in use by a VM or vApp.

    When trying to update the name or description of a shared direct organization VDC network on the tenant portal H5 UI, if the network is shared and not in use, it becomes unavailable to other VDCs in the organization. If the network is in use, it fails with an error message saying that the network is in use. This is because the UI is not sending the shared flag and triggers an unsharing operation.

    Workaround: Update properties of a direct organization VDC network through the Flex UI.

  • New Existing organization VDC networks that are operational are showing non-operational status in the vCloud Director tenant portal.

    If you upgrade to vCloud Director 9.7.0.1 and you have organization VDC networks that you have not modified in the last month, the networks show a red operational status instead of green.

    Workaround:

    • Isolated and routed organization VDC networks: Update the description in the UI or perform an operation on it every month. 
    • Direct networks: Update the description through the flex UI every month.
  • Creating a vApp in the vCloud Director Web Console for the first time after an upgrade from vCloud Director 9.1.0.3 to vCloud Director 9.7.0.1 might fail

    Attempting to create a vApp in the vCloud Director Web Console (Flex-based UI) for the first time after an upgrade from vCloud Director 9.1.0.3 to vCloud Director 9.7.0.1 fails if you are using a Microsoft SQL Server database.

    Workaround: Create the vApp using the HTML5-based Tenant UI or retry to create it using the vCloud Director Web Console.

  • Promoting a standby cell to become a primary cell in a high availability cluster might result in an Nginx error screen

    If a primary or a standby cell is offline at the moment when you attempt to promote a standby cell to become the new primary cell using the appliance management user interface, this might result in the following error message in your browser:  "An error occurred. Sorry, the page you are looking for is currently unavailable. Please try again later. If you are the system administrator of this resource then you should check the error log for details. Faithfully yours, nginx."

    Workaround: Refresh your browser.

  • Cannot configure the system to use a SAML identity provider by using the vCloud Director Service Provider Admin Portal

    After you configure your system to use a SAML identity provider by using the vCloud Director Service Provider Admin Portal, you cannot log in again to the vCloud Director Service Provider Admin Portal.

    Workaround: Configure your system to use a SAML identity provider by using the vCloud Director Web Console.

  • vCloud Director 9.7 supports only a list of input parameters of vRealize Orchestrator workflows

    vCloud Director 9.7 supports the following input parameters of vRealize Orchestrator workflows:

    • boolean
    • sdkObject
    • secureString
    • number
    • mimeAttachment
    • properties
    • date
    • composite
    • regex
    • encryptedString
    • array

    Workaround: None

  • Cannot access an SDDC proxy if vCloud Director uses legacy self signed certificates

    After the upgrade to vCloud Director 9.7, connecting to an SDDC proxy might fail with the error message: verify error:num=20:unable to get local issuer certificate. This issue happens if you generated the self signed certificates by using the cell management tool in vCloud Director 9.5 or earlier.

    Workaround: After the upgrade to vCloud Director 9.7, regenerate and update the self signed certificates.

  • After the upgrade to vCloud Director 9.7 (vCloud API v.32.0), custom links that you added by using branding OpenAPI calls are removed

    In vCloud API v.32.0, type UiBrandingLink that is used for custom links is replaced by type UiBrandingMenuItem. These types have different elements. This change is backward incompatible. As a result, API calls from versions 31.0 or earlier that attempt to process or set customLinks within a UiBranding object fail.

    Workaround: Update your API calls to the new data type.

  • Changing the compute policy of a powered on VM might fail

    When trying to change the compute policy of a powered on VM, if the new compute policy is associated with a provider VDC compute policy that has VM Groups or Logical VM Groups, an error occurs. The error message contains: Underlying system error: com.vmware.vim.binding.vim.fault.VmHostAffinityRuleViolation.

    Workaround: Power off the VM, and retry the operation.

  • When using the vCloud Director Service Provider Admin Portal with Firefox, you cannot load the tenant networking screens

    If you are using the vCloud Director Service Provider Admin Portal with Firefox, the tenant networking screens, for example, the Manage Firewall screen for an organization virtual data center, might fail to load. This issue happens if your Firefox browser is configured to block Third-Party cookies.

    Workaround: Configure your Firefox browser to allow third-party cookies.

  • A fast-provisioned virtual machine created on a VMware vSphere Storage APIs Array Integration (VAAI) enabled NFS array, or vSphere Virtual Volumes (VVols) cannot be consolidated

    In-place consolidation of a fast provisioned virtual machine is not supported when a native snapshot is used. Native snapshots are always used by VAAI-enabled datastores, as well as by VVols. When a fast-provisioned virtual machine is deployed to one of these storage containers, that virtual machine cannot be consolidated .

    Workaround: Do not enable fast provisioning for an organization VDC that uses VAAI-enabled NFS or VVols. To consolidate a virtual machine with a snapshot on a VAAI or a VVol datastore, relocate the virtual machine to a different storage container.