VMware vRealize Automation 8.6 | 12 OCT 2021

Check for additions and updates to these release notes.

Release Versions

VRealize Automation 8.6 | 12 October 2021
  • vRA Easy Installer (ISO) build 18747964
  • vRA Product (appliance) build 18747096
  • SaltStack Config build 18703476

Updates made to this document

Date Description of update Type
10/12/2021 Initial publishing.
10/19/2021 Upgrading to vRA 8.5.1 from vRA 8.5 fails with an error "Upgrade terminated due to critical error" Known Issue
10/19/2021 Upgrading from 8.5.0 may fail to complete Known Issue

About vRealize Automation 8.6

vRealize Automation 8.6 complements vRealize Automation 8.5.1 capabilities, focusing on XaaS improvements, Azure and puppet and new VCD endpoint integration.

Before you begin

Familiarize yourself with the supporting documents.

After installing vRealize Automation and setting up your users, you can use the Getting Started and Using and Managing guides for each of the included services. The Getting Started guides include an end-to-end proof of concept. The Using and Managing guides provide more in-depth information that supports your exploration of the available features. Additional information is also available in vRealize Automation 8.6 product documentation.

For information on vRealize Orchestrator 8.5 features and limitations, refer to the vRealize Orchestrator 8.6 Release Notes.

vRealize Suite Lifecycle Manager 8.6 supports the installation of vRealize Automation 8.6. For information on vRealize Suite Lifecycle Manager 8.6, see the VMware vRealize Suite Lifecycle Manager 8.6 Release Notes. For information on installing and upgrading vRealize Automation using vRealize Suite Lifecycle Manager, see the vRealize Suite Lifecycle Manager Installation, Upgrade, and Management Guide.

What's New

The many benefits of vRealize Automation 8.6 include:

VCD Organizations can be added as a Cloud Account in vRA

Customers and partners with existing investment in VCD are now able to leverage vRA for modern template, catalog, pipeline, extensibility, multi-cloud management and governance capabilities while continuing to utilize VCD’s multi-tenanted infrastructure capabilities. VCD Organization owners will add their Org as a cloud account in vRA, map VCD OrgVDCs to vRA Cloud zones and continue to provision and manage IaaS resources into the OrgVDCs. Learn more about using a VCD cloud account.

Support Puppet Enterprise for machines without a public IP address

You can register machines without a public IP address.

Ability to configure name of Azure NIC interfaces

You can use the new API to configure a name of NIC for a VM running on Azure. Learn more about using extensibility actions to configure a NIC name.

Note: This is only supported using API and not using VCT.

Resource Quota policy additional day 2 governance

In this release, vRealize Automation Cloud includes Resource Quota Policy enhancements that add additional support for Day2 actions. Quotas now properly account for Day2 actions that affect allocations including disk and machine resizes. Learn more about resource quota policies.

Ability to add External validation to a custom day2 action

You can apply a complex validation to the user inputs on the custom day2 request form. The validation is run externally as a vRealize Orchestrator action and prevents you from submitting the request form until the validation is complete. Learn more.

New VMware Salt Modules Available

We are pleased to announce the release of Salt modules for vSphere/ESXi, NSX, and VMC. These modules were developed as a collaborative effort between VMware and the Salt Open Community and are available under the Salt GitHub project in 'Salt Extension Modules for VMware'.

API Documentation and Versioning

API documentation is available with the product. To access all Swagger documents from a single landing page, go to https://<appliance.domain.com>/automation-ui/api-docs where appliance.domain.com is your vRealize Automation appliance.

Before using the API, consider the latest API updates and changes for this release, and note any changes to the API services that you use. If you have not locked your API to a version before, you might encounter a change in an API response. As a best practice, use the apiVersion variable to lock your API to the version you want to use. If you do not lock your APIs, the default behavior varies depending upon the API.

  • For Cloud Assembly IaaS APIs, all requests which are executed without the apiVersion parameter will be redirected to the first version which is 2019-01-15. This redirect will allow every user who did not previously specify the apiVersion parameter to transition smoothly to the latest version without experiencing breaking changes.

    NOTE: For the Cloud Assembly IaaS APIs, the latest version is apiVersion=2021-07-15. If left unlocked, IaaS API requests will be redirected to the first version which is 2019-01-15. The first version is deprecated and will be supported for 12 months. To ensure a smooth transition to the new version, lock your IaaS API requests with the apiVersion parameter assigned to 2021-07-15.

  • For other APIs, you can specify the apiVersion parameter to lock your APIs to whatever date you choose.
    • If you want to lock your APIs to the version in effect for vRealize Automation 8.5.1, use apiVersion=2021-09-09.
    • If you want to lock your APIs to the version in effect for vRealize Automation 8.6, use apiVersion=2021-10-12.

    If left unlocked, you API requests will default to the latest version which is apiVersion=2021-10-12.

For more information about API versioning, see the vRealize Automation 8.6 API Programming Guide.

Service Name Service Description API Updates and Changes
ABX Holds all functionality specific to ABX, including creation and management of actions and their versions and executing actions and flows. No change
Approval Enforce policies which control who must agree to a deployment or day 2 action before the request is provisioned No change
Blueprint Create, validate, and provision VMware Cloud Templates (formerly called Blueprints) No change
CMX When using Kubernetes with vRealize Automation, deploy and manage Kubernetes clusters and namespaces. No change
Content Gateway(content service) Connect to your infrastructure as code content in external content sources such as SCM Providers and VMware Marketplace. No change
Custom Forms (form-service) Define dynamic form rendering and customization behavior in Service Broker and Cloud Assembly VMware services. No change
Deployment Access deployment objects and platforms or blueprints that have been deployed into the system. No change
IaaS Perform infrastructure setup tasks, including validation and provisioning of resources in iterative manner. No change
Migration This service is used to quickly setup a vRA 8 instance based on information in a configuration file a.k.a Zero-Setup No change
Project Holds all functionality specific to creation, management and delete of projects No change
Relocation Define policy and plans for bringing existing VMs from any cloud under management. No change
Catalog Access Service Broker catalog items and catalog sources, including content sharing and the request of catalog items. No change
Catalog Service (Policies) Interact with policies created in Service Broker. No change
Code stream all pipeline-service These API provide access to Code Stream services. No Change
Identity Service A list of identity, account and service management APIs. No change

Resolved Issues

The following issues were resolved in this release.

  • Unexpected state of the policy run upon restarting the vRO after migration

    The policies are not automatically started after migration.

  • Configuration Element XML content in the Version History repository contains the encrypted values of secure types when imported through a Package

    After Export and Import of Configuration element which contains a SecureString type, the Configuration Element XML content in the Version History repository contains the encrypted values of secure types.

  • Azure Enumeration fails for BLOB based snapshots

    With this fix, the failing data collection of snapshots, that were created from vhd blobs, is fixed. Prior to this fix, snapshots on the Azure cloud caused the entire Azure data collection to break.

  • Notification link to deployment

    In the event of "deployment lease expired" and "deployment lease expiring" scenarios, deployment owners receive an email which includes a url linking to the corresponding deployment page.

  • "Open redirect" vulnerability in VMware vRO

    Fixed "Open redirect" vulnerability by removing the redirection function from the application.

Known Issues

The following known issues are present in this release.

  • Upgrading from 8.5.0 may fail to complete

    Starting an iterative upgrade through vRSLCM to vRA 8.5.1 or later on a vRA 8.5.0 system might fail at the vRealize Automation Upgrade/Patch/Internal Network step of Stage 1 about a minute or so after the launch. The previous upgrade, while completed successfully, has not been able to delete its runtime data and leaves the upgrade in an 'in progress' state. Hence, new upgrade cannot be launched.

    Workaround: In this release LCM will make the precheck and notify you for the issue. For information on workaround steps, see KB 85965.

  • Upgrading from vRA 8.5 fails with an error "Upgrade terminated due to critical error"

    Upgrading from vRA 8.5 or vRA 8.5.1 fails with the error "Upgrade terminated due to critical error". Disk space checks show /root at *or near* 100% utilization.

    Workaround: For information on workaround steps, see KB 85864.

  • Incorrectly dropped or placed elements in Cloud Templates break the UI page

    In Firefox, using drag and drop can sometimes redirect the page. When dragging a resource node, dropping it outside of the canvas could also cause page redirection in Firefox.

    Workaround: Drop resource in canvas and delete it instead.

  • Custom Resource Subscriptions not available for Custom resource based on ABX

    Despite the fact the vRA 8.5.1 introduced ABX based custom resources, there are some limitations such as: Cloud admins are still not able to include ABX based resources in event based subscriptions.

  • Timeout exception appears during deployment update of ABX based custom resource

    When you update an ABX based custom resource deployment, you might see a ''504 Gateway Time-out issue" error. The error appears in the event of an ABX read action failure.

  • Exceptions for READ operation are not properly processed

    If a back-end error happens for deployment iterative updates, only a generic error message is shown. From server logs, a detailed error message is shown. However, due to the exception being handled not properly, only a generic error message is displayed in the UI.

  • Request tracker is not working for resource views

    On the All resources page, after selecting a machine and performing any day 2 action, the request tracker does not appear unless a manual refresh is initiated.

Changed and Deprecated Functionality


check-circle-line exclamation-circle-line close-line
Scroll to top icon