To resolve the listed issues, install the latest vRealize Automation 7.5 patch with the instructions below.
Note: If you wish to deploy this patch using vRealize Suite Lifecycle Manager, you will need to use the properly "wrapped" patch file and not the one listed within this article. To obtain the wrapped patch for vRealize Automation, follow the instructions here: Download Broadcom products and software.
Prerequisites
For successful patch deployments, perform these prerequisite steps on the target vRealize Automation cluster:
- If Database tab within the 5480 VAMI clustering is set to SYNC, convert to ASYNC
- Ensure that the virtual appliance(s) have their timezone set to UTC
- Remove old / obsolete nodes from the Distributed Deployment Information Table. For detailed steps, see Remove a Node from the Distributed Deployment Information Table section of vRealize Automation documentation.
- Ensure that VMware vCloud Automation Center Management Agent is the latest 7.5 version and is running on all IaaS cluster nodes.
- Ensure 16GB of freespace is available for each virtual appliance participating in the cluster for the /dev/sdd1 partition.
- Ensure at least 1024 MB free on 'C:\' for each IaaS node.
- VMware vCloud Automation Center Management Agent service account requirements:
- Ensure "Log on as a service account" is enabled.
- Local Administrator
- Required username format should be in down-level domain format: domain\username, e.g. "vra\administrator".
- On each vRA Virtual Appliance nodes, open the /etc/hosts file and locate the entry IPv4 loopback IP Address (127.0.0.1). Ensure that the Fully Qualified Domain Name of the node is added immediately after 127.0.0.1 and before localhost.
For example: 127.0.0.1 FQDN_HOSTNAME_OF_NODE localhost
-
Verify that you have taken a snapshot of the vRealize Automation system while it is shut down. This is the preferred method of taking a snapshot. See the recommendation below:
Shutdown and Startup Order for Snapshots:
Shutdown
|
Startup
|
Proxy Agents
|
Primary appliance
|
Distributed Execution Managers
|
Secondary appliance
|
Secondary Manager service
|
Primary Web node
|
Primary Manager Services
|
Secondary Web node
|
Secondary Web node
|
Primary MS
|
Primary Web node
|
Secondary MS
|
Secondary appliances
|
Distributed Execution Managers
|
Primary appliance
|
Agents
|
- If your environment uses load balancers for high availability, disable traffic to secondary nodes and disable service monitoring until after installing or removing patches and all services are showing REGISTERED.
- Obtain the files from below and copy it to the file system available to the browser you use for the vRealize Automation appliance management interface.
Note! If you attempt to install or remove a patch without all nodes running, the vRealize Automation appliance management interface might become unresponsive. If that happens, contact technical support. Do not attempt to manage patches through other means or use vRealize Automation until you resolve the issue.
Installation Procedure
All Patch downloads have moved to Customer Connect.
- Download the file from the above link and verify the checksum.
- Log in to the vRealize Automation appliance management interface (https://vrealize-automation-appliance-FQDN:5480) as root.
- Upload the patch by clicking vRA Settings > Patches > Patch Management > New Patch > Upload
- After the patch uploads successfully, log out of the current browser session.
- If the previously applied patch version is lower than Patch 9, then perform the below steps, else move to step #6:
- SSH into the primary virtual appliance that the file was just uploaded to.
- Execute this command:
sh /usr/lib/vcac/patches/repo/contents/vRA-patch/patchscript.sh
- Wait for the command to complete.
- If it throws an error, fix the error and re-run Step #5.2
- Clear browser cache and login to the primary node appliance management interface again.
- Navigate to vRA Settings > Patches > Patch Management > New Patch
- A new pre-check box appears. Click Run Pre-check and wait for it to complete
- Once the pre-checker is green, click Install
- Select Done
- Once the installation is complete and successful, ensure all the services are running.
Verification of successful patch installation
- The Installed Patches tab shows a successful installation
Note: The following curl command can be run to find the latest applied patch:
curl -k -X GET --header 'Accept: text/plain' --header 'Authorization: Basic randomtokenID' 'https://vRAFQDN:5480/config/patch-last-applied-patch'
Adding new nodes to an existing patched vRealize Automation environment
To add new nodes to an existing patched vRealize Automation cluster requires re-running the patch to update the newly added node.
- Keep the environment in Async replication mode.
- Deploy a fresh appliance for the environment, click on Cancel when the Installation wizard pops after logging into the 5480 appliance management interface page.
- Re-join the new node to the primary from the Cluster tab
- From the Patch tab on the appliance management page of the primary node, re-initiate the installation of the patch.
Troubleshooting
service horizon-workspace start
Note: Wait until the service is started and then execute the next command.
service vcac-server restart
- When rolling back Patch 20 to Patch 2, vRealize Automation services might not be started within the Services / Cluster tab of appliance management interface (VAMI):
- Stopped Infrastructure-as-a-Service (IaaS) services:
- Login to the Windows guest operating system hosting the IaaS Components:
- Run [win + r] services.msc. Find and start all vRA related services:
- VMware DEM-Orchestrator - DEM-O1
- VMware DEM-Worker - DEM-W1
- VMware vCloud Automation Center Agent – vCenter[-x]
- VMware vCloud Automation Center Management Agent
- VMware vCloud Automation Center Service
- Run [win + r] inetmgr, under Connections find the system name then click start.
- Make sure that “Repository”, “vcac” and “WAPI” under Sites -> Default Web Site are started,
- In the event "Patch bundle upload is already in progress", perform the following:
- SSH into primary appliance
- rm opt/vmware/share/htdocs/service/cafe/patch_upload.lock
Known Issues
- XaaS forms with multi-tabs, whether dynamic or static, are grayed out while filling out the form.
Workaround: Click on the previous button then next. The previously grayed out button will be available.
- If vcac services fail to register upon successful application of the patch check the permissions of the following file: /usr/lib/vcac/tools/config/repo/vcac-config-cli-7.5.0-SNAPSHOT.jar. Permission should read as -rw-r-r- or 644. If not then correct them by running below command and restarting the vcac services:
- chmod 644 /usr/lib/vcac/tools/config/repo/vcac-config-cli-7.5.0-SNAPSHOT.jar
- service vcac-server restart