VMware is actively working to address a recently discovered issue wherein an incremental backup becomes a full backup when backing up Windows 2008 (or higher) virtual machines with VSS-based application quiesced snapshot.
This recent CBT (Changed Block Tracking) issue does not cause any data loss or data corruption.
This issue is well understood and VMware engineering is actively working on a fix.
For more details on this issue and latest status on resolution, please refer to KB article: After upgrading to ESXi 6.0 Build 3825889, incremental virtual machine backups effectively run as full backups when application consistent quiescing is enabled (2145895)
Subscribe to the rss feed for the KB article to ensure you do not miss any update by using this link.
An issue recently causing a few calls into our support lines happens after installing or upgrading to vCenter Server 6.0. The issue also impacts the vCenter appliance and is not specific to Windows. The issue occurs in the vSphere Web Client due to caching within the VMware Inventory Service.
- When browsing inventory under Host and Clusters, some or no object are displayed
- When using the Search function in the vSphere Web Client the object is found
- The Issue does not occur in the vSphere Client
- When browsing inventory under Related Objects at multiple levels you see this message:
no object found
If you suspect you have run into this head on over to KB: In the vSphere Web Client 6.0 inventory objects fail to display (2144934) for more details on what to check in your logs and what can be done about it.
We’ve recently noticed a number of cases where vSphere administrators become locked out of their accounts or receive reports of incorrect passwords in the vCenter Server Appliance. If you find yourself in this position, here are two articles that address these issues:
When attempting to log into the VMware vSphere 5.1, 5.5, or 6.0 Web Client you observe the following symptom: “User account is locked. Please contact your administrator.” This often occurs if the wrong password was entered multiple times. Waiting the default 15 minutes lockout period will allow to attempt the login again. If after multiple attempts, you are still not successful, you may need to reset the password.
When attempting to log into the vCenter Server 5.5 and 6.0 Appliance, you experience symptoms where the root account is locked out. This often occurs because the vCenter Server appliance has a default 90 password expiration policy. Steps on how to modify the password expiration policies and to unlock the password.
SSLv3 Protocol Disabled by Default
Across the industry, enterprise software products and solutions are dropping use of and support for the SSLv3 protocol. The Internet Engineering Task Force (IETF) officially deprecated the SSLv3 protocol in RFC 7568 due to its obsolescence and inherent unfixability. Instead, IETF recommends the latest version of TLS.
VMware is therefore dropping support for SSLv3 on both the server side and the client side in vSphere. The release of vSphere 5.5 Update 3b from VMware disables SSLv3 by default to meet current standards and compliance.
Disabling SSLv3 by default also brings some restrictions with respect to installation, upgrading, and compatibility. This blog summarizes these limitations which are also documented in detail in the respective release notes and KB articles.
Below are some of the key aspects that you should be aware of when you upgrade to vSphere 5.5 Update 3b
- Upgrade sequence: As recommended in KB 2057795 you must upgrade vCenter Server to 5.5 Update 3b first and then update the hosts to ESXi 5.5 Update 3b.
Earlier releases of vCenter Server won’t be able to manage ESXi 5.5 Update 3b. As a workaround, you can re-enable SSLv3 protocol on ESXi by following the configuration described in KB 2139396. However, VMware strongly recommends against re-enabling the SSLv3 protocol.
- Upgrade both vCenter Server and ESXi to 5.5 Update 3b: In order to disable SSLv3 completely in your vSphere environment, we recommend that you update both vCenter Server and ESXi to vSphere 5.5 Update 3b.
- View Composer earlier than version 6.2 will have connection failures with ESXi 5.5 Update 3b. Refer to KB 2121021
- SSLv3 can be re-enabled by the configuration described in KB#2139396. Re-enablement of SSLv3 protocol has to be consistent across all ESXi and vCenter Server services and require mandatory service restart. However, VMware strongly recommends against re- enabling the SSLv3 protocol.
Note: Hostprofile will be able to capture SSLv3 protocol enablement configuration changes for all the services except Hostd service in ESXi.