On June 24, 2021, VMware released the second minor update to vRealize Automation 8.4. vRealize Automation 8.4.2 adds several updates and includes a few bug fixes as well. The full release notes can be found here: vRealize Automation 8.4.2 Release Notes.
Known Issue During Upgrades
There is a known issue with upgrading to this release. In the previous vRealize Automation 8.4.1 release, VMware made a change to the user permissions within vRealize Automation regarding the Migration Assistant service. Previously, Migration Assistant had its own service permissions, but in 8.4.1 these permissions were migrated into the Cloud Assembly service permissions. After upgrading to 8.4.1 a user would receive a “403 Forbidden” message when attempting to access the migration assistant. While the Migration Assistant service was still listed as a service that could be assigned to a user, assigning these service permissions had no effect. To resolve the “403 Forbidden” error, the user’s permissions needed to be updated to include the permissions listed under the Cloud Assembly Service.
It appears that in 8.4.2, the Migration Assistant service was removed from the available services to be assigned to a user under Identity & Access Management. VMware did not take this change into account during the upgrade process to 8.4.2. The upgrade process will fail to initialize the pods after the virtual appliances reboot if a user is still assigned these legacy permissions. The stated workaround is to ensure that no user is assigned these legacy Migration Assistant service permissions prior to starting the vRealize Automation 8.4.2 upgrade.
vRealize Automation 8.4.2 introduces the following new features:
- Disks added through vRO and extensibility are now reflected on the deployment (topology) diagram
- The Microsoft Azure disk encryption set supports:
- Disk Encryption feature for Microsoft Azure independent disks (independent managed disks) in vRA
- Disk encryption feature for Day 2 action “Add Disk”
- Property groups can now:
- Use vRO workflows for dynamic external values to define properties
- Bind secrets to property groups in order to reuse multiple secrets
- It is now possible for vRA to assign the same IP range coming from internal or external IPAM to multiple networks.
- Provider Events triggered upon tenant resource CRUD
- Introduced a configurable limit for the max number of supervisor namespaces that can be deployed for the project on a given K8s zone.
- The Microsoft Azure disk snapshot management now supports:
- Disk Snapshot Enumeration
- Day 2 action for deleting Disk Snapshot from Machine
- Compatibility for Managed Disk Snapshot – Resource Group, Encryption set, Network policy, Tags as parameters
vRealize Automation 8.4.2 included the following API changes with apiVersion=2021-06-22:
- The Blueprint Service received several changes related to Terraform blueprints.
- The Relocation Service received a new API call that allows for the unregistering of onboarded machines.
- The Identity Service added a new API call allowing for the retrieval of an OAuth client based on a specific ID.
- When a high number of concurrent pipelines are run with FIPS mode enabled, Code Stream pods are restarted because the memory consumption exceeds the preset limit of 2.5GB.
- Deployments fail if a blueprint contains compute tags longer than 256 characters or a key longer than 128 characters.
- Due to an expired root password in the ABX runner container on 8.40 and 8.4.1, ABX actions fail with the error “PAM:Authentication token is no longer valid” - VMware KB 84027
vRealize Suite Lifecycle Manager 8.4.1 Patch 1
Installation/upgrades to vRealize Automation 8.4.2 require that you first deploy or upgrade vRealize Suite Lifecycle Manager to vRealize Suite Lifecycle Manager 8.4.1 Patch 1. This update to vRealize Suite Lifecycle Manager includes the following features and fixes:
- New Features
- vRealize Automation version 8.4.2 and vRealize Automation Salt Stack Config version 8.4.2 are supported with vRealize Suite Lifecycle Manager 8.4.1 Patch 1, along with critical bug fixes.
- vRealize Automation Salt Stack Config version 8.4.2 integrated with VMware Identity Manager and vRealize Automation version 8.4.2 are supported with vRealize Suite Lifecycle Manager 8.4.1 Patch 1. This is a cumulative patch and includes vRealize Suite Lifecycle Manager 8.4.1 PSPAK 1 related changes.
- Resolved Issues
- When connecting vRealize Cloud license to vRealize Cloud Subscription Manager, if vRealize Suite Lifecycle Manager does not have the correct property URL set, the connection fails.
- vRealize Suite Lifecycle Manager does not send data to vRealize Cloud Subscription Manager for HTTP proxy, after the HTTP proxy is set in vRealize Suite Lifecycle Manager.
This update can be downloaded directly within vRealize Suite Lifecycle Manager or if your deployment does not have Internet access, it can be obtained from the VMware Patch Download Center.