vArchitect Newsletter 040

Hello, everyone, and welcome to the November newsletter. Got lots of new things for you, the customary releases, and a couple items that fell through the cracks last month. Enjoy!
 

New Releases

 
Here are the new and updated releases since last month. With all new releases and updates, be absolutely sure you read the release notes carefully! Of particular note since last newsletter here is the new vRealize Suite 2019 teased at VMworld US 2019.
 

  • vRealize Automation 8.0
    • On-prem packaging of Cloud Automation Services (AKA vRA Cloud)
    • Major replatforming of vRA 7.x
    • Release notes
  • vRealize Operations 8.0
    • Updated what-if planning
    • Continuous workload optimization
    • Troubleshooting Workbench
    • Release notes
  • vRealize Log Insight 8.0
  • vRealize Suite Lifecycle Manager 8.0
  • Container Service Extension (CSE) for vCloud Director 2.5.1
  • vCloud Suite 2019
    • vRealize Business for Cloud integrated into vRealize Operations
    • Release notes
  • NSX Data Center for vSphere 6.4.6

VMware Security Advisory 

  • VMware issued advisory VMSA-2019-0016 which details a broken access control vulnerability in the API of Harbor which could allow for unauthorized accessed. Details can be found here.

 

Product Version Patched version Mitigation/Workaround
VMware Cloud Foundation x.x Patch Pending None
VMware Harbor Container Registry for PCF 1.8.x 1.8.4 None

 

  • VMware issued advisory VMSA-2019-0017 which details a parameter authorization check within the VeloCloud Orchestrator that mistakenly allows enterprise users to obtain information of Managed Service Provider accounts.  Details can be found here.

 

Product Version Patched version Mitigation/Workaround
VeloCloud Orchestrator 3.x 3.3.1 None

 

  • VMware issued advisory VMSA-2019-0018 which details vulnerabilities in the backup and restore functions of the vCenter Server Appliance.  Details can be found here.

 

Product Version Patched version Mitigation/Workaround
vCenter Server Appliance 6.7 6.7u3a None
vCenter Server Appliance 6.5 6.5u3d None

 

  • VMware issued advisory VMSA-2019-0019 which details a denial-of-service vulnerability within VMware ESXi, Workstation and Fusion.  Details can be found here.

 

Product Version Patched version Mitigation/Workaround
ESXi 6.7 ESXi670-201908101-SG VMSA-2018-0025
ESXi 6.5 ESXi650-201910401-SG VMSA-2018-0025
Workstation 15.x 15.5.0 VMSA-2018-0025
Fusion 11.x 11.5.0 VMSA-2018-0025

 

vRealize Operations SSL Certificate Update Required

 
If you are running vRealize Operations in your environment, it’s imperative to review the urgent notice from VMware. Operational issues could occur as soon as November 19, 2019.
VMware Notice: vRealize Operations SSL Certificate Update (v6.x and above)
 

Fling Updates

As usual, we bring you the VMware Flings which saw some updates in October.
 

 

vSphere Assessment Tool

 
vSphere 6.0 will be End of General Support (EOGS) on March 12, 2020: KB Article
VMware provides a free vSphere Assessment Tool (vSAT) to proactively identify hardware challenges prior to a vSphere upgrade. The tool streamlines the assessment process into three easy steps – download, collect, and check.
 

Notable VMware Blogs

 
Here are more of the “best of” VMware blogs since last month.
 
VMware blog that announces the vRealize and vCloud Suites. Loads of additional blogs within the additional resources section.
WSFC with Native Shared Disks on vSAN 6.7U3 Stretched Clusters
 

Sovereign Blogs

 
As usual, we’ve been working on blogs since last month, so here are the ones produced since then.
 
vRealize Automation – Add additional disk using SovLabs Property Toolkit (Johann)
Request and manage vRealize Automation catalog items from ServiceNow (Johann)
Automated PKS Cluster Registration for Rancher (Chip)
Authentication and Authorization in Kubernetes (Chip)
 
 

Pure Storage Plug-in for vRO

 
For those who own Pure Storage and also want to do some orchestration surrounding its use in vSphere, Cody has a good blog (with link to package) that shows how to do this.
 
 

Oracle’s Change of Tune

 
One of the announcements that fell through the cracks from last month was a surprising about face from Oracle in which they stated they will now officially support Oracle on vSphere. If you’ve had the pleasure of dealing with the Oracle darlings in the past, they never offered support (or endorsed) the running of their prized database software on vSphere. This now has changed as of October 9th.
 
 

Importing NSX-T API Docs into Postman

 
If you’ve worked with NSX-T before, you know it’s an API-first, declarative redesign of NSX-V in which code rules. As part of enabling that transformation, VMware have made it so you can import the full API definitions into Postman and begin automating NSX-T. However, for 2.4 and later, this seems to have a hiccup as described by this KB. Use the included Python script to clean up the defs and you should be good.
 

Cloud Provider Reference Architectures

 
VMware have a pretty nice website available for a large collection of reference architectures for cloud providers. So if you’re in the VCPP program and leveraging vCD, you might want to check some of these out as they all come with nice illustrations such as this one for K8s-as-a-Service.
 
 

Hot Fix 2 for vRealize Automation 7.6

 
For those running vRA 7.6, you might recall us telling you about the availability but subsequent removal of the first hot fix some time ago. It seems VMware have rolled out hot fix 2 which encompasses the fixes present in HF1. As with all of these hot fixes, be very, very certain you have good, full backups of all components and you snapshot them before beginning the installation process. And of course follow all directions carefully.