Ok, so I’m just going to call it out straight away, when using wildcard SSL certificates with vRealize Automation 8.0, read the release notes.
I did not, and caused myself quite a few headaches with the deployment, which you can read about further in this post.
Cannot set wildcard certs for certain domain names, specifically those not using a Public Suffix.
vRealize Automation 8.0 supports setting a wildcard certificate only for DNS names that match the content of the Public Suffix List ([https://publicsuffix.org/])
For example, a valid wildcard certificate: you can use a wildcard certificate with DNS name like "*.myorg.com". This is supported because "com" is part of the Public Suffix List.
An invalid wildcard certificate example: you cannot use a wildcard certificate with DNS name like "*.myorg.local".This is not supported because "local" is not part of Public Suffix List.
Workaround: Only use domain names in the Public Suffix List.
The issues caused by using an unsupported wildcard SSL
When deploying vRA 8.0 via vRSLCM, either as part of the easy installer or as part of an existing vRSLCM setup, you will asked to provide an SSL certificate.
This does not validate your certificate is supported for use with the vRA 8.0 deployment. vRSLCM will do some checking on the SSL selected, but is only to ensure the SSL certificate is not about to expire, you will see a Green tick and “healthy” status as below.
Once you hit deploy, you will find your vRA appliance finally stood up, however the initialization tasks will stall.
Error Code: LCMVRAVACONFIG590003
Cluster Initialization failed on VRA.
vRA Initialize Cluster failed on vRA VA - ***Hostname***. Please login to the vRA and check /var/log/deploy.log file for more information on failure.
Continue reading vRealize Automation 8.0 – Wildcard SSL certificate support and deployment issues – LCMVRAVACONFIG590003
When the vRealize 8 products dropped, I was like a kid in a sweet shop, upgrading everything as quick as possible before my customers tried to, so I could encounter any issues first, but also the new features, so I could show them off.
During the upgrade of vROPs, I hit an issue that my Local Admin account in vROPs had expired, but I received no warning when using the vROPs 7.5 instance and logged into the interface using the Admin account.
Before I found the issue;
During the upgrade in vRSLCM, my upgrade task failed with “vROPS upgrade failure”, Error Code: LCMVROPSYSTEM25008, Upgrade.pak_pre_apply_validate_failed.
Continue reading vRSLCM 8.0 – vROPs 7.5 upgrade fails due to Admin password expiry
PSA: The default deployment of vRealize LifeCycle Manager 8 configuration has a storage disk which is too small for the most tasks.
I found this issue after working with Ryan Johnson (https://twitter.com/tenthirtyam), who is working on the next VVD (https://docs.vmware.com/en/VMware-Validated-Design/index.html) update.
Once I migrated to the latest version, I tried to upgrade my vROPs and vRLI deployments to the latest version, to find I hit an odd error.
The first vROPs upgrade failed with “Unknown_System_Error”, below you can see the failed request, and then error message once I click into that request.
Continue reading vRSLCM 8.0 – Default Storage is too small
During my migration from vRSLCM 2.1 patch 2 to the latest version 8 release, I encountered the following error;
Error Code: LCMMIGRATION15102
vRSLCM Migration Failed with SSH is not enabled or Root credential invalid. Please make sure SSH is enabled or porvide the correct root credential by adding the credential to the home page locker app
Pretty obvious error, however the provided root credentials were correct, and I could use putty to connect to my existing LCM instance.
Continue reading VMware LifeCycle Manager – Migration error “SSH is not enabled or invalid” – LCMMIGRATION15102
VMware vRealize LifeCycle Manager 8 released earlier this week, 17th October 2019.
Note the official name and abbreviation, its a long one!
- vRSLCM (vRealize Suite LifeCycle Manager)
You can find the supporting official documentation here;
What's New Blog Link:
What's New Blog Post
The best news about this release is the “easy installer“, which also allows you to migrate from older versions. In this post, I’ve documented the screenshots in steps for you, as I know many of you out there like to see the end to end process before you undergo an update yourself, so you know what to expect.
During this migration process the following will happen;
- New LCM virtual appliance deployed
- New IDM appliance deployed (unless you select to link to an existing environment)
- Existing LCM settings and content will be migrated
Migration Process Screenshots
Continue reading VMware vRealize LifeCycle Manager 8 – Migration Process Screenshots