vCloud Director 184.108.40.206 for Service Providers | 16 MAY 2019 | Build 13635483 (installed build 13634630)
Check for additions and updates to these release notes.
What's in the Release NotesThe release notes cover the following topics:
- System Requirements and Installation
- Previous Releases of vCloud Director 9.7.x for Service Providers
- Resolved Issues
- Known Issues
For more information about system requirements and installation instructions, see vCloud Director Installation and Upgrade Guide.
To access the full set of product documentation, go to VMware vCloud Director for Service Providers Documentation.
- After upgrading vCloud Director with an external Microsoft SQL database to version 9.7, registering or synchronizing a vCenter Server might fail
After upgrading a vCloud Director installation with an external Microsoft SQL database, if you try to register or sync a vCenter Server instance that contains opaque networks, the following error might occur:
Violation of UNIQUE KEY constraint 'uq_opaq_netw_inv_vc_id_net_id'. Cannot insert duplicate key in object 'dbo.opaque_network_inv'.
The opaque networks appear if a vCenter Server instance is associated with an NSX-T Manager and networks are created in that NSX-T Manager.
- Accessing vCloud Director 9.7 with FQDN fails with an SSL version error
Accessing vCloud Director 9.7 with FQDN results in an error:
ERR_SSL_VERSION_OR_CIPHER_MISMATCHbecause the SSL certificate keystore on the vCloud Director cell is shared by the HTTPS engine and PostgreSQL. The shared SSL certificate cannot process HTTPS requests that come in to the FQDN due to additional security measures applied by the Server Name Indication (SNI) extension of the TLS protocol.
- Adding an affinity rule for a VM with multiple disks fails if the virtual machine disks don't use the same storage policy
Adding a VM affinity rule fails with a
PlacementException NO_FEASIBLE_PLACEMENT_SOLUTIONerror message if the virtual machine disks don't use the same storage policy.
- Adding a virtual machine hard disk might fail with an error message that a required property for storage pod selection is not set
If the existing hard disks of a VM are placed on a storage pod (SPOD) and you attempt to place a new virtual hard disk on a datastore, adding the hard disk might intermittently fail with error
StoragePlacementSpec required property podSelectionSpec not set.
- After promoting one of the standby cells to become the new primary cell, vCloud Director cells might incorrectly connect to the old failed primary database
reconfigure-databasecommand runs periodically in the background and might incorrectly set vCloud Director cells in the server group to point to the original failed or inaccessible primary cell. As a result, the vCloud Director cells are unable to service any UI or REST API calls.
- Cannot create more than one vApp network as an organization administrator
As an organization administrator, you cannot create more than one vApp network and you cannot fence or unfence vApps by using the HTML5 tenant portal. The problem occurs when you have an existing fenced network connected to an organization VDC network, and you try to create a new one.
- Importing a vSphere VM to an organization as a vCloud Director vApp converts shared organization VDC networks to vApp networks
If you import a vSphere VM, the import is successful, but the connected shared organization VDC networks convert to vApp networks. Powering on the VM fails with error:
The VDC associated with this vApp does not have the required network resources to start this vApp.
- Importing a vSphere VM to an organization fails if the VM computer name has more than 15 characters
Importing a virtual machine from vSphere fails if the computer name of the virtual machine contains more than 15 characters.
- The list of virtual machines on the My Cloud tab of the tenant portal does not display any VMs
On the My Cloud tab, when you select VMs, the Virtual Machines tab does not display a list of the VMs in the organization and the Flex UI stops responding.
- The vCloud Director WebMKS console sends incorrect Ctrl+Alt+Delete input to the guest OS
The vCloud Director WebMKS console sends incorrect codes to the guest OS when you send the
- If you use the vCloud Director HTML5 user interface, you cannot configure message digest for IPSec VPN tunnels in your NSX Data Center for vSphere 6.4.X environment
If you use the vCloud Director HTML5 UI, you cannot configure message digest for IPSec VPN tunnels in your NSX Data Center for vSphere 6.4.X environment. If you enable SHA-256 hashing in NSX, vCloud Director overwrites it with the default SHA-1 hash.
- Enabling SSL connection to database fails after unsuccessful renewal of certificates on the vCloud Director appliance cell
When you attempt to import certificates to the vCloud Director appliance cell, if the new certificate Common Name is the same as the previous Common Name, the import fails. As a result, when you attempt to enable SSL connection to the vCloud Director database, the database configuration fails with the following exception:
sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed.
- New Cell startup fails intermittently
An intermittent race condition in the cell causes startup failure with the following error message in the
com.vmware.cell.heartbeat.NonFatalHeartbeatException: org.hibernate.NonUniqueResultException: query did not return a unique result
- New The vCloud Director appliance management user interface Promote button and appliance console repmgr commands stop working
This issue occurs when the
postgresuser password has expired on one or more vCloud Director appliances. As a result, the vCloud Director appliance management user interface
Promotebutton fails to update the selected standby to become the new primary node in a database HA cluster. Some replication manager (repmgr) tool commands fail with errors such as:
Nodes unreachable via SSH. Upon startup, the appliance OS console displays error messages, such as
[FAILED] Failed to start User Manager. The
postgresuser password is set to expire on July 9, 2019.
postgresuser account password to never expire. You must run the commands on all appliances individually.
1. Log in directly or SSH to the vCloud Director appliance OS as
2. Set the
postgresuser account and password to never expire by running this command:
chage -M -1 -d 1 postgres
3. To confirm that your settings are applied, run the command
chage --list postgres.
The system output should confirm that the
postgresuser account and password are set to never expire.
- New During the database restore process, the reconfigure command fails with an error
create-db-backupscript does not include the new etc/truststore file. As a result, during the database restore process, the reconfigure command fails with a keystore error:
Could not read or write the configuration file: Keystore was tampered with, or password was incorrect.
Workaround: Contact VMware Global Support Services (GSS) for assistance with the workaround for this issue.
- New Updating the properties of a shared direct organization VDC network in the tenant portal H5 UI causes it to be unshared if not in use by a VM or vApp, or causes it to fail, if in use by a VM or vApp.
When trying to update the name or description of a shared direct organization VDC network on the tenant portal H5 UI, if the network is shared and not in use, it becomes unavailable to other VDCs in the organization. If the network is in use, it fails with an error message saying that the network is in use. This is because the UI is not sending the shared flag and triggers an unsharing operation.
Workaround: Update properties of a direct organization VDC network through the Flex UI.
- New Existing organization VDC networks that are operational are showing non-operational status in the vCloud Director tenant portal.
If you upgrade to vCloud Director 220.127.116.11 and you have organization VDC networks that you have not modified in the last month, the networks show a red operational status instead of green.
- Isolated and routed organization VDC networks: Update the description in the UI or perform an operation on it every month.
- Direct networks: Update the description through the flex UI every month.
- Creating a vApp in the vCloud Director Web Console for the first time after an upgrade from vCloud Director 18.104.22.168 to vCloud Director 22.214.171.124 might fail
Attempting to create a vApp in the vCloud Director Web Console (Flex-based UI) for the first time after an upgrade from vCloud Director 126.96.36.199 to vCloud Director 188.8.131.52 fails if you are using a Microsoft SQL Server database.
Workaround: Create the vApp using the HTML5-based Tenant UI or retry to create it using the vCloud Director Web Console.
- Promoting a standby cell to become a primary cell in a high availability cluster might result in an Nginx error screen
If a primary or a standby cell is offline at the moment when you attempt to promote a standby cell to become the new primary cell using the appliance management user interface, this might result in the following error message in your browser:
"An error occurred. Sorry, the page you are looking for is currently unavailable. Please try again later. If you are the system administrator of this resource then you should check the error log for details. Faithfully yours, nginx."
Workaround: Refresh your browser.
- Cannot configure the system to use a SAML identity provider by using the vCloud Director Service Provider Admin Portal
After you configure your system to use a SAML identity provider by using the vCloud Director Service Provider Admin Portal, you cannot log in again to the vCloud Director Service Provider Admin Portal.
Workaround: Configure your system to use a SAML identity provider by using the vCloud Director Web Console.
- vCloud Director 9.7 supports only a list of input parameters of vRealize Orchestrator workflows
vCloud Director 9.7 supports the following input parameters of vRealize Orchestrator workflows:
- Cannot access an SDDC proxy if vCloud Director uses legacy self signed certificates
After the upgrade to vCloud Director 9.7, connecting to an SDDC proxy might fail with the error message:
verify error:num=20:unable to get local issuer certificate. This issue happens if you generated the self signed certificates by using the cell management tool in vCloud Director 9.5 or earlier.
Workaround: After the upgrade to vCloud Director 9.7, regenerate and update the self signed certificates.
- After the upgrade to vCloud Director 9.7 (vCloud API v.32.0), custom links that you added by using branding OpenAPI calls are removed
In vCloud API v.32.0, type
UiBrandingLinkthat is used for custom links is replaced by type
UiBrandingMenuItem. These types have different elements. This change is backward incompatible. As a result, API calls from versions 31.0 or earlier that attempt to process or set
Workaround: Update your API calls to the new data type.
- Changing the compute policy of a powered on VM might fail
When trying to change the compute policy of a powered on VM, if the new compute policy is associated with a provider VDC compute policy that has VM Groups or Logical VM Groups, an error occurs. The error message contains:
Underlying system error: com.vmware.vim.binding.vim.fault.VmHostAffinityRuleViolation.
Workaround: Power off the VM, and retry the operation.
- When using the vCloud Director Service Provider Admin Portal with Firefox, you cannot load the tenant networking screens
If you are using the vCloud Director Service Provider Admin Portal with Firefox, the tenant networking screens, for example, the Manage Firewall screen for an organization virtual data center, might fail to load. This issue happens if your Firefox browser is configured to block Third-Party cookies.
Workaround: Configure your Firefox browser to allow third-party cookies.
- A fast-provisioned virtual machine created on a VMware vSphere Storage APIs Array Integration (VAAI) enabled NFS array, or vSphere Virtual Volumes (VVols) cannot be consolidated
In-place consolidation of a fast provisioned virtual machine is not supported when a native snapshot is used. Native snapshots are always used by VAAI-enabled datastores, as well as by VVols. When a fast-provisioned virtual machine is deployed to one of these storage containers, that virtual machine cannot be consolidated .
Workaround: Do not enable fast provisioning for an organization VDC that uses VAAI-enabled NFS or VVols. To consolidate a virtual machine with a snapshot on a VAAI or a VVol datastore, relocate the virtual machine to a different storage container.