Producent oprogramowania do wirtualizacji Vmware, udostępnił najnowszą aktualizację dla vCenter Server o oznaczeniu 7.0 3d. Dzięki niej skorygowano wiele błędów, między innymi problem z eksportowaniem OVF za pomocą klienta vSpehere, kłopotliwe wdrażanie maszyn wirtualnych przy pomocy szablonu OVF, poprawiono błędne działanie związane z wykorzystaniem zdalnej konsoli Vmware czy rozwiązano problematyczne logowanie do vSphere z wykorzystywaniem vCenter Single Sing-On. Po więcej szczegółowych informacji, zapraszam do dalszej części artykułu.
If your source system contains the ESXi 7.0 Update 2 release (build number 17630552) or later builds with Intel drivers, before upgrading to vCenter Server 7.0 Update 3d, see the What’s New section of the VMware vCenter Server 7.0 Update 3c Release Notes, because all content in the section is also applicable for vSphere 7.0 Update 3d. Also, see the related VMware knowledge base articles: 86447, 87258, and 87308.
- Deploying a virtual machine by using an OVF template might fail on a cluster with VMware NSX-T Data CenterDeployment of virtual machines by using an OVF template on a cluster with VMware NSX-T Data Center might fail due to a compatibility check. During OVF template deployments, vCenter Server performs compatibility checks on randomly selected ESXi hosts, and if such a host uses an NSX Distributed Virtual port group, the check might fail due to a missing prerequisite for NVDS to CVDS migration, which in the case of OVF deployments is not necessary.This issue is resolved in this release. The fix removes compatibility checks for prerequisites for NVDS to CVDS migration in case of OVF deployments.
- When you use the VMware Remote Console, the envoy service might intermittently failAn issue with the envoy service specific to the VMware Remote Console might lead to intermittent failures of the service. As a result, the vCenter Server Management Interface or vCenter Server APIs might also become unavailable.This issue is resolved in this release.
- Adding ESXi hosts to an Active Directory Domain by using the VMware vSphere Authentication Proxy service might failDue to some additional permission checks from the vSphere Authentication Proxy service, adding an ESXi host to an Active Directory domain might fail. The issue is specific for vSphere Authentication Proxy configurations where some users do not have Domain Admins privileges on the Active Directory.This issue is resolved in this release. The fix reduces the user access checks by the vSphere Authentication Proxy service to only the required minimum.
vSphere HA and Fault Tolerance Issues
- You do not see an alarm when the secondary VM in a vSphere Fault Tolerance (FT) pair cannot power onIn the vSphere Client, even though you set a vCenter cannot start the Fault Tolerance secondary VM alarm, you do not see the alarm when the secondary VM that duplicates a mission critical virtual machine protected by FT fails to start.This issue is resolved in this release.
- During OVF exports by using the vSphere Client you might see a pop-up window with the error HTTP Status 503 – Service UnavailableOVF export operations by using the vSphere Client complete successfully, but while running, you might see a pop-up window with the error
HTTP Status 503 - Service Unavailable. The issue occurs because an export task might be initiated twice. As a result, one of the tasks completes, but the other ends with a
503 error.This issue is resolved in this release.
- When you try to log in to the vSphere Client, you get an error that you cannot connect to the vCenter Single Sign-On serverIf a user in your environment belongs to many Active Directory groups, either nested or not, the Security Token Service (STS) server might take long to issue a SAML token. As a result, login to the vSphere Client of such user might time out and fail. In the vSphere Client, you see a message such as
Cannot connect to vCenter Single Sign-On server https://<vcfqdn>/sts/STSService/vsphere.local..This issue is resolved in this release. The fix makes sure that logins to the vSphere Client succeed. However, the fix does not prevent login timeouts due to STS delayed response for a SAML token. As a result, in some environments where a user belongs to many Active Directory groups, you might log in to the vSphere Client, but still not be able to connect to a vCenter Server instance.
- vCenter Server 7.0 Update 3d provides the following security updates:
- cURL is updated to version 7.79.1.
- Eclipse Jetty is upgraded to version jetty-9.4.43.v20210629.
- The Oracle (Sun) JRE package is updated to version 1.8.0_311.
- The Apache Tomcat server is updated to versions 8.5.68 and 9.0.50.
- The OpenSSL library is updated to version 1.0.2za.
- The SQLite database is updated to version 3.36.0.
- Apache log4j is updated to version 2.17.1.
- Apache Struts is updated to version 220.127.116.11.
- Incremental patches of vCenter Server 7.x fail with Exception occured in postInstallHook errorDue to an issue with the execution of the expand scripts of the vCenter Server database, incremental patches of vCenter Server 7.x, such as vCenter Server 7.0 Update 2c to VMware vCenter Server 7.0 Update 2d, might fail. In the vSphere Client, you see the error
Exception occured in postInstallHook. In the log files, such as
/var/log/vmware/applmgmt/vcdb_patch.out, you see the error
vcdb:Patch ERROR vmware_b2b.patching.executor.hook_executor Patch hook 'vcdb:Patch' failed..This issue is resolved in this release.
Notatki producenta: VMware vCenter Server 7.0 Update 3d
Bezpieczeństwo w biznesie