VMware vCenter Orchestrator 4.1.3 Release Notes

vCenter Orchestrator 4.1.3 | 30 Aug 2012 | Build 15

Check frequently for additions and updates to these release notes.

What's in the Release Notes

The release notes cover the following topics:

Downloading and Installing VMware vCenter Orchestrator 4.1.3

You can install Orchestrator 4.1.3 only on a 64-bit operating system platform. If you have downloaded and installed VMware vCenter Server 4.1.3, Orchestrator is already installed on your system and only needs configuration.

For more information about configuring vCenter Orchestrator see VMware vCenter Orchestrator Installation and Configuration Guide.

Upgrading to vCenter Orchestrator 4.1.3 and Migrating the Orchestrator Configuration Data

If you are running an earlier version of Orchestrator on a 32-bit platform, you can use the data migration tool included in the vCenter Server installation media to back up and restore the existing Orchestrator configuration settings.

See the VMware vCenter Orchestrator Installation and Configuration Guide for step-by-step guidance on migrating the Orchestrator configuration settings.

If you have developed workflows, actions, plug-ins, policies, and so on using an earlier version of Orchestrator, perform the following steps:

  1. Export packages of all the custom workflows, actions, policies, and so on, that you developed under the earlier version of Orchestrator.
  2. Create a new instance of an empty database for Orchestrator 4.1.3.
  3. Install and Configure Orchestrator 4.1.3 by following the instructions of the VMware vCenter Orchestrator Installation and Configuration Guide.
  4. Connect Orchestrator 4.1.3 to the new Orchestrator database.
  5. Import the packages you exported from the older version of Orchestrator.

Top of Page

Internationalization (I18N) Support

vCenter Orchestrator 4.1.3 complies with I18N Level 1. Although Orchestrator is not localized, it can run on non-English operating systems and handle non-English text.

Functionality Caveats

This release provides experimental support for the following:

  • OpenLDAP
  • MySQL
  • PostrgreSQL

For details about enabling OpenLDAP and experimental database providers in the Orchestrator configuration, see Enabling Experimental Support for OpenLDAP, PostgreSQL, and MySQL in VMware vCenter Orchestrator.

Top of Page

How to Provide Feedback

Your active feedback is appreciated. Provide your feedback through the following channels:

  • Support Requests (SRs)
  • Orchestrator Discussion Forum

Support Requests

File all issues that you find as Support Requests (SRs), even if you report them to VMware by other means.

You can find the VMware Support's commitment to SRs filed by customers and instructions on how to file an SR at http://www.vmware.com/support/services/.

Experienced SR users can file support requests at http://www.vmware.com/support/sr/sr_login.jsp.

Use your registered VMware store account to log in.

Include log files in your SRs. To gather log files from Orchestrator:

  1. Go to the Orchestrator configuration interface at http://orchestrator_server_ip_address:8282.
  2. Log in with your user name and password.
  3. Click Logs.
  4. Click Generate log report.
  5. Save the generated ZIP file.
  6. Upload the saved ZIP file to VMware Support.

For Orchestrator configuration issues, include an exported configuration file in your SRs. To export your configuration from the Orchestrator configuration interface:

  1. Go to the Orchestrator configuration interface at http://orchestrator_server_ip_address:8282.
  2. Log in with your user name and password.
  3. Click General.
  4. Click the Export Configuration tab.
  5. Type your password and press Enter.
  6. Save the *.vmoconfig file.
  7. Upload the saved files to VMware Support.

Orchestrator Discussion Forum

View the Orchestrator forum at http://communities.vmware.com/community/vmtn/mgmt/orchestrator. Use your registered VMware store account to log in.

Top of Page

Earlier Releases of vCenter Orchestrator

Features and issues from earlier releases of vCenter Orchestrator are described in the release notes for each release. To review release notes for earlier releases of vCenter Orchestrator, click one of the following links:

Top of Page

Known Issues

The known issues in this Orchestrator release are grouped as follows:

Installation and Upgrade Issues

  • Orchestrator 4.1.3 standalone installer does not detect earlier versions of Orchestrator and completes the installation process, creating a second Orchestrator instance
    If you have an Orchestrator 4.0.1 or 4.1 installation on a 64-bit server and you run the installer for Orchestrator 4.1.3 standalone, two Orchestrator instances are created. However, the upgrade to Orchestrator 4.1.3 is not successful, and you can run only the earlier version of Orchestrator.

    Workaround: To install Orchestrator 4.1.3, perform the following steps:

    1. Export the existing configuration settings.
    2. Uninstall the Orchestrator instance.
    3. Install Orchestrator 4.1.3.
    4. Import the configuration settings.
  • After you upgrade to Orchestrator 4.1.3, you can log in to the Orchestrator configuration interface with the default password
    If you change the default password in Orchestrator 4.0.x or 4.1.x configuration interface and you upgrade Orchestrator to version 4.1.3, your password is reset and you must use the default password to log in to the Orchestrator instance.
  • You cannot install Orchestrator in a custom location containing underscore in the path name
    When you install Orchestrator 4.1.3, both with the vCenter Server installer or with the standalone installer, you can select to install Orchestrator in a custom location. If the custom installation path you select contains underscore characters, the installation fails.

    Workaround: Use custom installation paths without underscore characters.

  • Restarting the Orchestrator server service after reinstalling plug-ins adds Java exceptions to the logs
    In the Troubleshooting tab of the Orchestrator configuration interface, if you reinstall plug-ins by clicking Reset current version and then restart the Orchestrator server, several Java exceptions are written to the Orchestrator server logs.
  • Orchestrator registry keys remain after you uninstall Orchestrator by using Windows Control Panel
    If you uninstall Orchestrator using the Windows Control Panel, some Orchestrator registry entries are not removed.

    Workaround: To remove the Orchestrator entries manually:

    1. Click Start > Run.
    2. Type regedit and press Enter.
    3. In the Registry Editor, click File > Export to back up the current registry settings.
    4. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\VMware.
    5. Right-click the Orchestrator entries and select Delete.

Internationalization Issues

  • You might not be able to configure the LDAP settings if your LDAP password contains non-ASCII characters
    When you try to configure the LDAP settings in the Orchestrator configuration interface and the LDAP password that you type contains non-ASCII characters, the process of configuring might fail with an error message of the type Unable to connect to LDAP Server. This issue appears under the following conditions:
    • When the LDAP password contains characters such as € and ÿ in German and French locales.
    • When the LDAP password contains any native characters in Japanese, Korean, and Simplified Chinese locales.
  • Problems handling non-ASCII characters in certain contexts
    Using non-ASCII characters in input parameters results in incorrect behavior in the following contexts:
    • If you run the SCP put or SCP get workflows from the SSH folder on a file with a name that contains non-ASCII characters, the workflow runs, but name of the resulting file on the destination machine is garbled.
    • If you try to insert non-ASCII characters into attribute names, the characters do not appear. The issue occurs for Web view attributes, workflow attributes, and action attributes.

Configuration Issues

  • Orchestrator does not work with forest and external trusts in Active Directory

    Multiple domains that have a two-way trust, but are not in the same tree, are not supported and do not work with Orchestrator. The only configuration supported for multi-domain Active Directory is domain tree. Forest and external trusts are unsupported.

  • Windows XP SP2 and earlier cannot connect to Orchestrator 4.1.3
    Orchestrator does not allow connecting with Windows XP SP2 and earlier, because of restrictions in the SSL cipher suites that can be used.

    Workaround: Upgrade to Windows XP SP3.

  • SSL server certificate is overwritten if no new SSL server certificate has been installed
    When you upgrade to Orchestrator 4.1.3, the SSL server certificate is overwritten in case you have not created a new self-signed certificate, or if you have not installed a certificate signed by a Certificate Authority. The certificate is overwritten with a newly generated certificate. For more information about replacing and installing certificates, see the VMware vCenter Orchestrator Installation and Configuration Guide.
  • You might not be able to configure your server certificate in the Orchestrator Configuration interface
    If you attempt to import a server certificate with wrong values, you receive a validation message that your server certificate is not signed by a root authority.

    Workaround: If a you have never successfully added a server certificate, perform the following steps:

    1. Delete the vmo-keystore row from the Orchestrator database.
    2. Restart the Orchestrator configuration service.
    3. Import the server certificate.
    If you have previously imported a server certificate, and backed up the certificate by exporting the certificate database, you can delete the vmo_keystore row, and import the certificate database. The default name of the certificate file is vmo-server.vmokeystore.
    If you have previously imported a server certificate, delete the vmo_keystore row from the Orchestrator database and import the certificate again.
  • Support for TNSNames missing when you connect to an Oracle database
    You cannot use TNSNames to connect to an Oracle database. You can connect to an Oracle database using an IP address or a DNS name.

    Workaround: Add support for RAC and TNS configuration for Oracle 11g Database instances to vCenter Orchestrator (KB 1022828).

  • SSL certificate is lost when you import configuration from previous installation
    If you import the configuration of a previous installation into the Orchestrator 4.1.3 installation, the SSL certificate from the old installation is not loaded. In the Orchestrator configuration interface the Server Certificate tab shows a red triangle.

    Workaround: You must import the certificate manually.

  • Restricted access to vCenter Server inventory might cause errors if you set Session per user
    If you select the Session per user option on the vCenter Server tab of the configuration interface, accessing the vCenter Server inventory might result in some errors if the connected user has restricted access to inventory objects.
  • No error message is displayed on the Network tab of the Orchestrator configuration interface when a network port is already in use
    The network configuration is saved successfully without errors even when the port numbers that you set are already in use on your host.

    Workaround: Make sure the port numbers you enter on the Network tab are free.

Networking Issues

  • Loss of network connection to vCenter Server 4 might cause workflows to stop
    If Orchestrator loses the network connection to vCenter Server 4 while a workflow is running, and if the workflow attempts to access vCenter Server, that workflow stops and does not attempt to restart. Furthermore, the vCenter Server 4 plug-in flushes its cache if it loses the connection to vCenter Server. Consequently, when the Orchestrator server restarts, it fetches all running objects again from the vCenter Server rather than reloading them from the cache. Fetching the objects again might cause peaks in CPU usage, and increases the load on vCenter Server. An intermittent connection to vCenter Server causes frequent workflow failures. If the network connection to vCenter Server is intermittent, constant fetching of the objects might consume vCenter Server memory, leading to drops in performance.

    Workaround: Ensure that the network connection to vCenter Server is stable.

Miscellaneous Issues

  • When you add a Custom Decision element to a workflow, the Orchestrator client might shut down unexpectedly
    After installing the Orchestrator client on a Windows 7 64-bit machine, if you try to add a Custom Decision element to a workflow, the Orchestrator client might shut down unexpectedly without an error message. This issue occurs when you try to connect the Custom Decision element to the next element that should run in the workflow.
    Workaround: Perform the following steps:
    1. Connect the workflow element that must run before the Custom Decision element to the Custom Decision element.
    2. Connect the Custom Decision element to the next workflow element that you want to run.
  • Importing a package using the Orchestrator client fails occasionally
    Occasionally, when your database is a MySQL database, importing a package using the Orchestrator client results in the error Unable to import a certificate, reason : Unable to save keystore.

    Workaround: Close the error message and attempt the import again.

  • The Used plug-ins tab in the Orchestrator client does not appear at all or does not list the plug-ins associated with the selected package
    You cannot check dependencies between packages because the Used plug-ins tab is either not displayed or not populated with the list of associated plug-ins. If the tab is not displayed and the Orchestrator client is not refreshed, you must click another tab or view.
  • The Orchestrator client stops responding if you use the Used plug-ins tab in edit mode
    When you attempt to insert or remove associated plug-ins on the Used plug-ins tab, the Orchestrator client stops responding.

    Workaround: Restart the Orchestrator client.

  • The Revert option for the parameters table on the Scripting tab of the Edit Actions view does not revert to the last saved state
    When you add a parameter to an action script, you cannot remove it using the Revert option.

    Workaround: Right-click the parameter and click Delete Selected.

  • Characters are accepted as the input value for workflow attributes of number type
    Format validation has been disabled on workflow attributes that are of the number type. Invalid input values are accepted without any warning, and workflows are saved successfully, which might lead to unpredictable results.
  • Changes to input parameter descriptions are not propagated to the presentation
    If you change the description of an input parameter for a workflow, the change is not propagated to the description in the presentation.

    Workaround: Copy the description to the presentation manually.

  • The Convert disks to thin provisioning workflow does not handle virtual machines with snapshots correctly and does not convert the thick-provisioned disks
    On completion, the Convert disks to thin provisioning workflow reports that the thick-provisioned disks of virtual machines with snapshots are successfully converted to thin-provisioned, when they are actually not.

    Workaround: Do not include virtual machines with snapshots in the workflow.

  • Windows Server 2008 automatically renames VMOAPP and DAR files to ZIP causing the application installation and plug-in upload in the Orchestrator configuration interface to fail
    If you are running Orchestrator on Windows Server 2008, the extension of the archives you download is automatically changed to ZIP. When you are installing an application or uploading a plug-in by using the Orchestrator configuration interface, you must use a VMOAPP or DAR file.

    Workaround: Change the ZIP extension back to either VMOAPP or DAR to use the downloaded archive in the Orchestrator configuration interface.

  • Repeatedly publishing and unpublishing Web views might cause memory issues
    Publishing and unpublishing of Web views restarts the Tapestry framework, which regenerates new meta-class information without cleaning up the previous meta-class information. Publishing and unpublishing a Web view by repeatedly calling the methods Webview.enable() and Webview.disable() in a loop in scripts might consume large quantities of memory and eventually leads to performance issues.
  • Adding values to vCenter Server data object properties of type Array is impossible
    When Orchestrator runs scripts, the vCenter Server 4.1 plug-in converts JavaScript arrays to Java arrays of a fixed size. As a consequence, you cannot add new values to vCenter Server data objects that take arrays as property values. You can create an object that takes an array as a property if you instantiate that object by passing it a pre-filled array. However, after you have instantiated the object, you cannot add values to the array.

    For example, the following code does not work:

    var spec = new VcVirtualMachineConfigSpec();
    spec.deviceChange = [];
    spec.deviceChange[0] = new VcVirtualDeviceConfigSpec();

    In the above code, Orchestrator converts the empty spec.deviceChange JavaScript array into the fixed-size Java array VirtualDeviceConfigSpec[] before it calls setDeviceChange(). When calling spec.deviceChange[0] = new VcVirtualDeviceConfigSpec(), Orchestrator calls getDeviceChange() and the array remains a fixed, empty Java array. Calling spec.deviceChange.add() results in the same behavior.

    Workaround: Declare the array as a local variable, as follows:

    var spec = new VcVirtualMachineConfigSpec();
    var deviceSpec = [];
    deviceSpec[0] = new VcVirtualDeviceConfigSpec();
    spec.deviceChange = deviceSpec;

  • Workflow input parameters of type SecureString cannot take a null value
    You cannot start a workflow with a null value if that workflow takes a SecureString as an input parameter, unless you start the workflow from within another workflow. If you start a workflow with a null value when that workflow takes a SecureString as an input parameter, the server loads attributes from the cache rather than from the Orchestrator database, resulting in a null input parameter. If you then change the workflow state to passive by implementing a long-running workflow element, the attributes are reloaded from the database, converting the null value into an empty string. This is the only way you can use a null value to start a workflow that requires a SecureString input parameter.

  • Workflow fails and an error message is displayed
    If the LockingSystem.lockAndWait() API method is called with parameters exceeding 100 characters in length, the current workflow run fails and displays one of the following error messages

    Lock id must be not null and no longer than 100 characters
    Owner must be not null and no longer than 100 characters

    Workaround: Reduce the parameter length using a hash of the original parameter (SHA-1, SHA-256, or MD5)

  • HTML tags used in workflow presentation descriptions or names are not rendered in Web views
    HTML tags used in workflow presentation descriptions or names are not rendered in Web views. This is a security fix preventing potential cross-scripting exploits.