VMware

VMware vCloud Automation Center® 6.0 Release Notes

vCloud Automation Center 6.0 | 10 DEC 2013 | Build 1445145

Updated on: 9 JAN 2014

What's in the Release Notes

The release notes cover the following topics:

What's New

  • Unified Service Catalog for Infrastructure, Desktop, and Application Services
    • In addition to its support for heterogeneous infrastructure, vCloud Automation Center now offers a single catalog for publishing and consuming application services. Users can browse the same catalog to request and provision single- or multi-node applications, just as they do for infrastructure and desktop services.
    • Catalog requests are now governed by a more flexible and powerful approval policy engine. Approval policies can be based on request criteria, support multiple levels of approvers (requiring one or all approvers at each level), and be enforced both before and after services are provisioned. Furthermore, administrators can set up policies that allow approvers to override specific request fields (for example, the lease duration).
  • Enhancements to Application Deployment and Updates (formerly "Application Director")
    • Users can request applications from the Service Catalog and monitor their overall deployment status.
    • Application enhancements: Users can now roll back failed updates to restore the system. They can also significantly reduce the time to update an application by reusing update profiles that store frequently used update scripts and properties. This enables the promotion of changes across Deployment Environments to facilitate Release Automation, and scale-in of clustered applications to save unused resources.
    • External services: Users can reduce time to deliver workload by connecting to an external or existing service such as a load balancer, an existing database with pre-configured schema, SaaS applications such as Salesforce, an LDAP server, an SSO server and so on.
    • Policy-based provisioning: Administrators can enforce policies across different deployment environments by blacklisting application services or enforcing mandatory services. They can also facilitate policy-based provisioning by setting number of Total Instances (VMs) limits across all nodes in a deployment. Compliance View shows policy violations against currently active and effective policies on deployments and application updates.
    • Puppet integration: In this release, support for reuse of Puppet content to build application blueprints in Application Director allows application architects to accomplish the following goals:
      • Model multi-tier applications using Puppet modules.
      • Mix-and-match Puppet and non-Puppet content in application blueprints.
      • Import both Puppet Open Source and Puppet Enterprise Modules
      • Manage the application update life cycle while maintaining multi-node dependencies, property bindings, and diverse content types.
      • Leverage vCloud Automation Center Service Catalog to publish and request Puppet applications.
  • Extensibility to any IT Service
    • In addition to out-of-the-box services, customers can now more easily extend vCloud Automation Center to publish any kind of IT service to the common service catalog. Whether it's storage-as-a-service, backup-as-a-service, or something as simple as letting users add capacity to their e-mail account, the new Advanced Service Designer lets service architects design rich user forms and provisioning workflows in a matter of minutes.
    • Like out-of-the-box services, custom services leverage the same entitlement and approval policy engine, enabling organizations to enforce a consistent governance layer.
  • Integration with IT Business Management Standard Edition
    • Provides visibility into the cost and usage of on-premise virtual infrastructure and public cloud infrastructure, including benchmarking capabilities.
    • Supports "what-if" cost analysis to determine the best infrastructure type and placement options
    • Includes capacity, cost, and budget analysis capabilities for proactive planning
  • Improvements in Infrastructure as a Service
    • Support for VMware vCloud Hybrid Service: vCloud Automation Center now provides the ability to provision and perform basic administrative tasks on virtual machines deployed in vCloud Hybrid Services.
    • Support for OpenStack: In addition to vSphere, vCloud Director, Amazon Web Services, Hyper-V, Kernel-based Virtual Machine, Citrix XenServer, and various physical server management interfaces, vCloud Automation Center now provides support for provisioning and performing administrative actions on machines managed by OpenStack.
      • Supports RedHat OpenStack 3.0 (Grizzly)
      • Supports static IP and floating IP
      • Supports attach to VNC console
      • Support for Linux kickstart and WIMimage
    • Log in to vSphere machines from the service catalog: After a vSphere virtual machine is provisioned, a user can now access it via the VMware Remote Console.
    • Continued integration with vCNS: In previous versions, vCloud Automation Center provided support for placement in existing VXLANs, load balancers and security groups. This release adds support for the dynamic creation of isolated and routed networks and load balancers.
    • Support for vSAN as a datastore: vCloud Automation Center now supports storage clusters and allows the selection of a vSAN as a data store for a reservation.
    • Enhanced vSphere support:
      • vCloud Automation Center supports Storage DRS (SDRS): SDRS clusters and volumes are discovered as individual storage paths.
      • vCloud Automation Center supports storage clusters and recognizes a Storage DRS-enabled storage cluster as a datastore.
      • vCloud Automation Center automatically consumes the changes at the next data collection as datastores are added or removed from the storage cluster.
      • vCloud Automation Center supports Storage DRS automated mode.
      • vCloud Automation Center allows the selection of a cluster, standalone datastore, or a cluster member (datastore from a cluster) in the same reservation. All selections have the same priority and are accessed via round-robin.
  • Improved Administration Capabilities
    • Support for LDAP services: In addition to Microsoft Active Directory, vCloud Automation Center now provides support for LDAP-based directory services.
    • Improvements in multi-tenancy: vCloud Automation Center administrators can easily create multiple tenants with dedicated directory services, service catalog, and portal branding.
    • New verb-oriented RESTFUL APIs (BETA): New programmatic interfaces provide a more secure and easier way for external systems to interact with the vCloud Automation Center service catalog and cover operations such SSO authentication, submitting a service request, approving a request, listing provisioned items, and so on. These APIs are available for BETA testing and are expected to evolve in the next vCloud Automation Center release. Older vCloud Automation Center 5.x APIs are still available and have received minor updates for feature enhancements.

For more information about new features and capabilities in vCloud Automation Center 6.0, see the What's New in VMware vCloud Automation Center 6.0 technical white paper.

System Requirements and Installation

For information about supported host operating systems, databases, and Web servers, see the vCloud Automation Center Support Matrix.

For additional prerequisites and installation instructions, see vCloud Automation Center Installation and Configuration.

Documentation

To access the full set of vCloud Automation Center 6.0 documentation, go to the VMware vCloud Automation Center Documentation page.

Known Issues

The following known issues have been discovered through rigorous testing and will help you understand some behavior you might encounter in this release.

  • ViewPort display is truncated on some monitors
    ViewPort display is truncated on monitors with a screen resolution of 1024x768 or lower. For this reason, some tabs on the IT Business Management Standard Edition home screen like Public and Reports are hidden.

  • Workaround: Press CTRL-- to reduce the ViewPort display so that everything appears in the screen.

  • The characters @ / \ are not supported in user names and group names
    User names or group names containing @ / \ (the "at" sign, forward slash, and backslash) can prevent a user from logging in or being managed by an administrator.

  • Workaround: Do not use the @ / \ characters in user names or group names.

  • Incorrect currency symbol appears for locale in Requests Page under Requests tab
    The currency symbol is always the currency symbol used by the operating system (OS) of the server machine. If the server machine is running a Chinese OS it uses the Chinese OS currency symbol. Similarly, a server machine running a Japanese OS uses the Japanese OS currency symbol. The currency symbol does not change with the browser settings.

  • Incorrect currency symbol appears on Cost Profiles page under Infrastructure tab
    The currency symbol will always be the currency symbol used by the operating system (OS) of the server machine. If the server machine is running a Chinese OS it uses the Chinese OS currency symbol. Similarly, a server machine running a Japanese OS uses the Japanese OS currency symbol. The currency symbol does not change with the browser settings.

  • vCloud Automation Center does not support multiple hosts in the system with the same name
    Data collection updates hosts based upon the host name. If two endpoints have identically named hosts, there will be contention between the endpoints over ownership of the host.

  • Workaround: Ensure that all host names are unique.

  • Exceeding the vCloud Automation Center server maximum header size causes performance problems
    The maximum header size for vCloud Automation Center server HTTP requests is 8K and cannot be increased in the current version. When a header exceeds this maximum size, the system is often unable to fulfill HTTP requests. This 8K limit can be exceeded in the following situations:

    • The logged-in user belongs to a large number of SSO groups (more than 75 groups) or belongs to groups with large group names. A large number of groups or large group names increases the size of the SAML token.
    • A third-party service or component accesses vCloud Automation Center services using a delegated SAML token, which also contains the certificate chain of the signing certificate.
    Because the SAML token is always included in the request header, this additional data can cause the header size to exceed 8K.

  • Internet Explorer cannot connect to virtual machines or vApps after VMware Remote Console (VMRC) is installed

  • Cannot connect to a vSphere or vApp provisioned system with Internet Explorer. When you connect to a vSphere- or vCloud Director-provisioned resource with Internet Explorer, an error message appears indicating that the virtual machine is not powered on or is not available on the network.

    Workaround:

    1. Log in to the Internet Information Services (IIS) machine as administrator, navigate to C:\Program Files (x86)\VMware\vCAC\Server\Website\VMRC folder, and open vmrc.js with a file editor.
    2. Search the file to find the following line: var startup = function (modes, msgMode, advancedConfig) {
    3. Add two lines that define modes and msgMode so that it looks like this:
    4. var startup = function (modes, msgMode, advancedConfig) {
              modes = 2;
              msgMode = 2;
    5. Save and close the file.
    6. Restart the IIS machine.

  • Actions on provisioned machines are marked complete before they finish
    Actions such as reprovision or power off appear with a status of Complete on the Requests page when the operation might still be in progress. The actual status of the machine is reflected on the Items page.

  • Hyper- V System Center Virtual Machine Manager (SCVMM) data collection fails on Windows 2012
    Data collection fails using the Microsoft System Center Virtual Machine Manager (SCVMM) on an installation of Windows 2012 that has been enabled for Infrastructure as a Service (IaaS).

  • Machine disposing process stops if a call to a load balancer or web tier fails
    When vCloud Automation Center is behind a load balancer service, an interrupted disposal process leaves a virtual machine in an unknown state and the disposal process is unable to finish. This problem is not specific to vCloud Networking and Security or to VMware NSX Virtual Network. This problem is also not specific to the load balancer service that is consumed by a multi-machine blueprint.

  • Workaround: Under the Infrastructure tab, use the menu option Unregister to complete the disposing process.

  • Malformed security token error seen when user suspends and restores client machine
    When a client machine is suspended and then restored after 7 or 8 hours of inactivity, an error message about a malformed security token shell appears.

  • Workaround: Reload the application to restore functionality.

  • Attempting to perform an action based on newly acquired permissions causes a system error
    If users are granted permission to perform a new task, they may find that they are unable to complete the task.

  • Workaround: After being granted new permissions, log out and then log back in to confirm the change.

  • Access denied error appears when a fabric administrator attempts to destroy a cross-tenant physical machine or a vApp
    When a fabric administrator attempts to destroy a cross-tenant physical machine or a vApp, an Access Denied error appears in Infrastructure > Recent Events.

  • Workaround: Log in as a fabric administrator in the tenant where the machine resides, and destroy the physical machine or the vApp.

  • Failed to create a virtual machine with vCloud Automation Center running on Windows 2012
    With vCloud Automation Center running on Windows 2012, the guest agent cannot retrieve the self-signed certificate, which results in vCloud Automation Center not being able to run as a virtual machine.

  • Workaround: Do not install vCloud Automation Center on Windows 2012 using a self-signed certificate.

  • A tenant administrator cannot reclaim a machine
    The Change Lease action does not appear to tenant administrators when they attempt to reclaim a machine.

  • Workaround: The tenant administrator must also be a business group manager of the machine.

  • The "Snapshot creation failed. Please see the log for more details" message appears if an edge machine snapshot is requested when a linked clone blueprint is being created
    An edge machine incorrectly appears as a machine that can be selected when a tenant administrator or a business user creates a linked clone blueprint. A standalone virtual machine or a multi-machine services virtual machine is the only machine that can be selected when creating a linked clone blueprint.

  • Workaround: Do not select an edge machine when creating a linked clone blueprint.

  • Issues with the service blueprint form in the vCloud Automation Center User Interface
    When service architects create a service blueprint by using Advanced Service Designer, they might experience some problems with the service blueprint form.

    Workaround: See Service Blueprint Presentation Issues in Advanced Service Designer (KB 2065129).

  • All items to which a user is entitled do not appear on the Entitled Items tab
    A tenant administrator cannot see all the items to which the user is entitled when viewing the Entitled Items tab on the User Details page. The administrator is limited to see no more than 30 items. Any additional items that appear after the first page are not available.

  • Workaround:

    1. Navigate to Administration > Catalog Management > Entitlements.
    2. Edit an entitlement by clicking on the name or in the Actions column, click the down arrow and click Edit.
    3. Verify that the user belongs to the Users and Groups on the Details page.
    4. Navigate to the Items and Approvals tab to find the lists of entitled items to determine if the user is entitled.

  • Pre-defined data collection fails after a security group is deleted in vCloud Networking and Security
    Data collection fails after a security group is assigned to a multi-machine blueprint or a reservation and is then deleted in vCloud Networking and Security.

  • Workaround: Unassign the deleted security group from the blueprint or reservation and run the data collection again.

  • Guest agent file SCCMPackageDefinitionFile.sms needs to be updated
    Guest agent file SCCMPackageDefinitionFile.sms contains outdated information about name and publisher. This does not affect functionality.

  • Provisioned resources might not be deleted from your Items list
    This applies to custom resources created in the Advanced Service Designer. Deleting provisioned resources from the Items list depends on the Orchestrator plug-in implementation. There is no guarantee that a provisioned resource will disappear from the Items list after you run a delete action. Most of the times, the problem occurs when the plug-in implements caching.

    Workaround: If the provisioned resources are not immediately deleted from the Items list because the plug-in enables caching, you can create a wrapper workflow for the delete operation. After running the original deletion workflow the wrapper workflow waits for X seconds, where X depends on the plug-in itself. If the resources are provisioned by using an external Orchestrator plug-in, you can modify the plug-in so that the plug-in does not use any caching and all delete operations invalidate the Orchestrator inventory object.

  • Adding an identity store using the same name for the domain and domain alias causes connection to fail
    When you create an identity store where the domain name is the same as the domain alias name, an error message appears saying that there was a connection failure.

  • Workaround: Fix the connection to the identity store by giving the domain alias a different name. Another workaround is not to specify an alias.

  • Access Denied for fabric administrator destroying cross-tenant Physical, Application Service
    Fabric Administrators will receive an "Access Denied" when destroying cross-tenant Physical, Application Service.

  • Workaround: Log-in as fabric administrator under fabric group in the tenant where the machine resides when attempting to destroy it.

  • Machines are not properly destroyed in the provisioning platform when prematurely destroyed in vCloud Automation Center
    If you start provisioning a machine in vCAC, and before it is completely provisioned you destroy it, the machine may be destroyed and deleted from vCloud Automation Center without any errors or warnings. In some cases the machine is provisioned in the provisioning platform although it is not under vCloud Automation Center management.

  • Workaround: To resolve this issue, you must manually remove the machine from the infrastructure source, such as vCenter or another provisioning platform.

  • An access denied message appears when administrator clicks the logout link after configuring system
    Clicking on the logout link multiple times without waiting for the session to finish causes an access denied message to appear. If this happens, the only option is to wait for the session to timeout (30 min) or clear the cookies related to the session.

  • Workaround: Click the logout link once and wait for the session to end.

  • The Windows Preinstallation Environment (WinPE) builder fails to build if the ISO name or path contains high or extended ASCII characters for German and French locales.
    The error message, "The WinPE ISO failed to build. Please ensure there is enough disk space available for the build." appears if the ISO name or path contains high or extended ASCII characters required for German and French locales. The resulting file name contains characters that cannot be read.

  • Workaround: Do not use high or extended ASCII characters in the ISO name or path.

  • The vCloud Automation Center database cannot be installed to a custom directory by using the installation wizard
    In a distributed (custom) installation, the installer ignores changes you make to the default database and log directory. The database and logs are created in the default directory.

  • Workaround: To install your database to a non-default location, install the database using the DBinstall scripts before installing the vCloud Automation Center.

  • Secure Shell (SSH) connection fails to connect without a fully qualified domain name (FQDN)
    Making an SSH connection without a specified FQDN fails.

  • Workaround: Include the FQDN when making an SSH connection.

  • The tenant administrator of the default tenant can configure the vCenter Orchestrator server for all tenants
    By default, system administrators can configure the vCenter Orchestrator server for all tenants and tenant administrators can configure the vCenter Orchestrator server for their own tenants only. If a system administrator configures vCloud Automation Center to use a specific Orchestrator server, and the tenant administrator of the default tenant configures vCloud Automation Center to use another Orchestrator server, the settings which the tenant administrator configures are applied to all tenants that use the default Orchestrator server.

  • Provisioning of multi-machine blueprint fails if security group is specified as custom property
    When working with multi-machine services, you cannot add machines to a security group if the security group name is specified as a custom property in the multi-machine blueprint. If you add a machine to a security group whose name is specified as a custom property in the multi-machine blueprint and attempt to provision the machine, the following error message appears: Request Failed: (machine name): Failed to assign one or more network and security settings.

  • Workaround: Under the Network tab, assign the security group by checking the box next to the appropriate security group name. If you must use the custom property, add the custom property to the multi-machine component blueprint, not the multi-machine master blueprint.

  • Error message appears when minimum storage is incorrect on Windows Imaging Format (WIM) provision
    If the proper amount for minimum storage is not set, the following error message appears: "Machine (machine ID): SetupOS : Failure executing script '20_extractimage.bat' - Error applying the WIM.

  • Lease dates can be changed to fall outside of the Approval Policy value
    Lease dates can be changed by using the Change Lease resource action to a date that is later than the maximum lease range specified on the blueprint.

  • Incorrect network setting displayed for virtual multi-machine component in vCloud Automation Center after network reconfigured in vCenter
    In this release, you cannot reconfigure the vCloud Networking and Security or NSX network of a virtual multi-machine component in vCloud Automation Center. Instead, you must use the vSphere client to reconfigure the network in vCenter. Note that some network settings for the virtual multi-machine component will not display correctly in vCloud Automation Center as a result.

  • Workaround: Update the network in vCenter to restore proper network settings.

  • Virtual machine reconfiguration is not supported by VMware vCloud Networking and Security
    Virtual Network and IP address are lost after reconfiguring any of the following:

    • storage
    • cpu
    • memory
    • network

  • Workaround: After one or more virtual machine characteristics are reconfigured, use vSphere to perform the following steps to restore the former virtual network settings.

    1. Use Edit Settings/Network Adapter/ Network label to return original virtual network.
    2. Power OFF and Power ON virtual machine to return the original IP address.
    3. If necessary, run VSphere Inventory Data Collection.
  • Imported machines cannot be assigned to users who are not explicitly added to a business group
    When an administrator imports a machine using the Infrastructure Organizer and sets the owner to a user who belongs to a business group via membership in an identity store group or custom group, the operation returns an error that the selected user does not belong to the group.

  • Workaround: Import machines to an manager in the business group, and then reassign the machines to specific users by editing the machine and changing the owner.

  • Cannot connect to a vApp or vSphere provisioned system with Internet Explorer
    When you try to connect to a vSphere or vApp provisioned resource with Internet Explorer, you see an error message indicating that the virtual machine is not powered on or is not available on the network.

  • Workaround:

    1. Log in to the Internet Information Services (IIS) machine as administrator, navigate to C:\Program Files (x86)\VMware\vCAC\Server\Website\VMRC folder, and open vmrc.js with a file editor.
    2. Save a copy of the file in a save location in case you need to restore it.
    3. Search the file to find the following line: var startup = function (modes, msgMode, advancedConfig) {
    4. Add two lines that define modes and msgMode so that it looks like this:
    5. var startup = function (modes, msgMode, advancedConfig) {
              modes = 2;
              msgMode = 2;
    6. Save and close the file.
    7. Restart the IIS machine.

  • vApps provisioned as identical copies can use networks and storage profiles that are not available in the vCloud Automation Center reservation
    If you clone a vApp template, and the "Make an Identical Copy" option is enabled, provisioning should fail if the storage profile or network specified in the template is not available in the vCloud Automation Center reservation. However, the machine is provisioned successfully. The network and storage are used without their allocation being accounted for in a reservation.

  • Workaround: To avoid having unaccounted reservation allocations, ensure that the storage profile or network specified in the template is available in the vCloud Automation Center reservation prior to selecting the "Make an Identical Copy" option.

  • Provisioning fails when using the VirtualMachine.Host.TpmEnabled custom property set to True
    Provisioning fails when using the VirtualMachine.Host.TpmEnabled custom property set to True in a blueprint that is used to provision vSphere virtual machines on hosts that are TPM-enabled.

  • Workaround: No workaround is available. The vSphere server loses the trust connection with the hosts, and it can only be re-established by removing the hosts and adding the hosts back to the cluster. This issue will be fixed in a future version of vSphere.

  • The Prerequisite Checker does not check HTTP activation for .NET 4.5 when installing on Windows 2012
    If HTTP Activation is disabled, the Prerequisite Checker shows that HTTP Activation is enabled. If HTTP Activation is not enabled, the installation fails.

  • Workaround: Ensure that HTTP Activation is enabled before you install vCloud Automation Center by performing the following steps.

    1. From Server Manager, click Features > Add Features.
    2. Under .NET Framework 4.5 Features, expand WCF Services, and select HTTP Activation.
  • Connect to Virtual Desktop Command Fails to Open the XenDesktop Web Interface Portal
    Selecting Connect to Virtual Desktop machine for XenDesktop machines in vCloud Automation Center should open the Citrix XenDesktop Web Interface Portal in a new window or tab. However, the site is blocked because vCloud Automation Center is trying to connect via HTTP instead of HTTPS.

  • Workaround: Copy the connection URL into a new browser to launch the web interface manually.

  • The Orchestrator server might not start when you join vCloud Automation Center Single Sign-On to an Active Directory domain
    System administrators can configure vCloud Automation Center to use Single Sign-On joined to an Active Directory domain. In this case, when they restart the Orchestrator server, Orchestrator might fail to start.

  • Workaround: Configure vCloud Automation Center to use an external Orchestrator server with basic authentication. System administrators can also configure vCloud Automation Center to use Single Sign-On authentication only when Single Sign-On is not joined to an Active Directory domain.

  • vCloud Automation Center 6.0 does not work with vCenter Virtual Appliance
    vCloud Automation Center 6.0 does not work with vCenter Virtual Appliance as an single sign-on (SSO) provider if the SSO is configured to use native Active Directory (AD).

  • Daily costs for VApps and multi-machine services do not appear in reclamation reports
    vApp and multi-machine container blueprint daily costs are not accounted for in the Infrastructure as a Service reclamation reports. The daily cost values do not appear in the reclamation report savings column.

  • Workaround: Include all cost information in the vApp and multi-machine component machine blueprints. Do not put cost information in the container blueprints.

  • DHCP must be enabled with Private or NAT networks
    If DHCP is not enabled on a Private or NAT network profile within a multi-machine blueprint, the different multi-machine components will not be able to communicate with each other. This is because no auto-generated firewall rule is created on the multi-machine router gateway.

  • Workaround: The administrator should use DHCP for Private or NAT profiles, assuming that they require that the components within the multi-machine service can communicate with each other.