Ops Manager v2.10 Release Notes

Page last updated:

This topic contains release notes for Ops Manager v2.10.

Ops Manager v2.10 is the long-term supported (LTS) version of Ops Manager. For more information, see Long-Term Support for Ops Manager v2.10.

For the feature highlights of this release, read the blog post VMware Tanzu Application Service 2.10 Adds New CLI, Eases Upgrades with More Flexible Control Plane or see New Features in Ops Manager v2.10.

Ops Manager is certified by the Cloud Foundry Foundation for 2020.

Read more about the certified provider program and the requirements of providers.


Releases

v2.10.1

Release Date: September 1, 2020

  • [Feature]: If you click the Support link in the Ops Manager UI, information about expired certificates appears in the Platform Information Bundle.
  • [Bug Fix]: The regenerate API endpoint does not exclude any leaf certificates from rotation.
  • [Bug Fix]: Ops Manager does not crash after you change the LDAP authentication group.
  • [Bug Fix]: The Support Bundle downloads successfully for deploy records that do not have timestamps.
  • [Bug Fix]: TKGi users can deploy Ops Manager v2.10 with the BOSH metrics server feature enabled.
  • [Bug Fix]: The Revert Changes button does not appear when there are no pending changes.
  • [Bug Fix]: If you have a tile that is not configured and you apply changes, you receive a warning message but changes to other configured tiles are applied. In earlier patches, the apply changes failed. This only happened on vSphere environments.
  • [Bug Fix]: For Redis for VMware Tanzu v2.4 and later, certificates can be rotated by CredHub Maestro.
  • [Bug Fix]: When the Enable additional System Metrics checkbox is cleared on the tile UI, the loggr-system-metrics-agent and loggr-system-metrics-agent-windows jobs of the system-metrics release are removed from the product tile.
  • [Bug Fix]: For the hm_emailer_options.recipients key, the PUT /api/v0/staged/director/properties endpoint accepts the format used by GET /api/v0/staged/director/properties endpoint for this key in addition to the existing format accepted.

Ops Manager v2.10.1 uses the following component versions:

Component Version
Ops Manager2.10.1-build.69*
Stemcell621.82*
BBR SDK1.18.0
BOSH Director271.2.0*
BOSH DNS1.24.0*
Metrics Server0.1.0*
System Metrics2.0.11
CredHub2.8.0
CredHub Maestro8.0.1
Syslog11.6.1
Windows Syslog1.0.3
UAA74.5.18
BPM1.1.9*
Networking9
OS Conf22.1.0*
AWS CPI81
Azure CPI37.3.0*
Google CPI30.0.0
OpenStack CPI44
vSphere CPI54.1.0
BOSH CLI6.3.1
Credhub CLI2.8.0*
BBR CLI1.7.2
Telemetry1.1.1
* Components marked with an asterisk have been updated.

v2.10.0

Release Date: July 31, 2020

Ops Manager v2.10.0 uses the following component versions:

Component Version
Ops Manager2.10.0-build.48
Stemcell621.77
BBR SDK1.18.0
BOSH Director270.11.1
BOSH DNS1.21.0
Metrics Server0.0.24
System Metrics2.0.11
CredHub2.8.0
CredHub Maestro8.0.1
Syslog11.6.1
Windows Syslog1.0.3
UAA74.5.18
BPM1.1.8
Networking9
OS Conf22.0.0
AWS CPI81
Azure CPI37.2.0
Google CPI30.0.0
OpenStack CPI44
vSphere CPI54.1.0
BOSH CLI6.3.1
Credhub CLI2.7.0
BBR CLI1.7.2
Telemetry1.1.1

How to Upgrade

To upgrade to Ops Manager v2.10, see Upgrading Ops Manager.

New Features in Ops Manager v2.10

Ops Manager v2.10 includes the following major features:

Long-Term Support for Ops Manager v2.10

Ops Manager v2.10 is the long-term supported (LTS) version of Ops Manager. Ops Manager v2.10 will be supported through April 2024.

Over the lifecycle of Ops Manager v2.10, VMware will release security patches that occasionally include feature enhancements and maintenance updates.

The migration period for upgrading to Ops Manager v2.10 is from August 2020 to March 2021. To accommodate this migration and provide customers with additional time to upgrade to Ops Manager v2.10, Ops Manager v2.7 will be supported through March 31, 2021.

For more information about Ops Manager v2.10 LTS, please reach out to your Account Team.

BOSH Director Manifest Overrides

In Ops Manager v2.10, you can use the /api/v0/staged/director/overrides Ops Manager API endpoint to override properties in the BOSH Director manifest. With this endpoint, you can only override properties that appear in the instance groups and networks sections of the manifest.

You must be in Advanced Mode to use this feature.

For more information about this feature, see Overriding Manifest Properties in Advanced Mode.

For information on the Ops Manager API endpoints related to this feature, see Advanced Manifest Configuration in Ops Manager API Documentation.

Override Runtime Config Properties

In Ops Manager v2.10, you can override the runtime config properties for BOSH DNS and System Metrics.

You must be in Advanced Mode to use this feature.

You use the /api/v0/staged/director/runtime_configs/overrides endpoint in the runtime configs to override properties:

Runtime Config Names Add-on Names
ops_manager_dns_runtime
  • bosh_dns
  • bosh_dns_windows
ops_manager_system_metrics_runtime
  • system_metrics_agent
  • system_metrics_agent_windows

For example, although you cannot change the log level for the BOSH DNS logs through the Ops Manager UI, you can change the log level using the /api/v0/staged/director/runtime_configs/overrides endpoint. Increase the log level to DEBUG for more information or decrease the level for less verbose logs.

For more information, see:

View Certificates in the Ops Manager UI

The Ops Manager UI introduces a new page called Certificates. This page displays all the certificates listed by the /api/v0/deployed/certificates endpoint, as well as the following details:

  • Certificate name: The name of the certificate.
  • Product GUID: The product for which the certificate is issued, such as BOSH or MySQL.
  • Location: Whether the certificate is stored in Ops Manager or CredHub.
  • Type: Whether the certificate is a leaf certificate or a certificate authority (CA).
  • Configurable: Whether the certificate is configurable.
  • Valid until: The expiration date of the certificate and the number of days before expiration.

For more information, see Using the Ops Manager Interface.

CredHub Maestro Runs Safety Checks During Certificate Rotation

CredHub Maestro v8.0, which is included in Ops Manager v2.10, performs basic safety checks when rotating certificates to prevent unsafe operations.

The Ops Manager API invokes the CredHub Maestro CLI when rotating certificates. If an Ops Manager API certificate rotation command is out-of-order or unsafe, CredHub Maestro stops the command and returns one or more safety violation errors.

To observe this feature in Ops Manager v2.10 certificate rotation API calls, you must have Pivotal Application Service (PAS) v2.8.2 and later or TAS for VMs v2.9 and later installed, and you must not have any version of Tanzu Kubernetes Grid Integrated Edition (TKGI) installed. If you are using an earlier version of PAS or have any version of TKGI installed, Ops Manager still runs safety checks, but they are not as comprehensive as CredHub Maestro safety checks.

For more information, see Troubleshooting CredHub Maestro Safety Violations During Certificate Rotation, Rotating Certificates, and Advanced Certificate Rotation with CredHub Maestro.

Breaking Changes in Ops Manager v2.10

Ops Manager v2.10 includes the following breaking changes:

CredHub Maestro Removes the “update-transitional latest” Command

Ops Manager v2.10 includes CredHub Maestro v8.0. In this version of CredHub Maestro, the maestro update-transitional latest command is removed.

If you have scripts that rely on the maestro update-transitional latest command, remove references to the command before you upgrade to Ops Manager v2.10.

In CredHub Maestro v8.0, you run maestro regenerate ca to regenerate a certificate authority (CA) and mark the latest version of the CA as transitional. This command performs both actions, while previous versions of CredHub Maestro use a separate command for each task.

For information about rotating CAs and certificates using CredHub Maestro, see Advanced Certificate Rotation with CredHub Maestro.

Metrics Server Configuration Causes BOSH Director Deployment to Fail During Upgrade

During an upgrade to Ops Manager v2.10, the BOSH Director deployment and subsequent upgrade may fail due to the default enablement of the metrics-server job.

The cause of this upgrade failure is the presence of a tile, such as any version of Tanzu Kubernetes Grid Integrated Edition (TKGI), that is incompatible with Ops Manager v2.10 due to its default metrics-server enablement.

To work around this issue, see the BOSH Director fails with non-running job during upgrade to Ops Manager 2.10 Knowledge Base article.

Known Issues

Ops Manager v2.10 includes the following known issue:

Metrics Server Configuration Causes BOSH Director Deployment to Fail During Upgrade

During an upgrade to Ops Manager v2.10, the BOSH Director deployment and subsequent upgrade may fail due to the default enablement of the metrics-server job. An error similar to the following appears in the metrics-server logs.

Required property 'networks' was not specified in object ({"vm_extensions"=>[{"cloud_properties"=>{"vmx_options"=>{"disk.enableUUID"=>"1"}}, "name"=>"disk_enable_uuid"}, {"cloud_properties"=>{"upgrade_hw_version"=>true}, "name"=>"set_version_hardware"}]}) (Bosh::Director::ValidationMissingField)

The cause of this upgrade failure is the presence of a tile, such as any version of Tanzu Kubernetes Grid Integrated Edition (TKGI), that is incompatible with Ops Manager v2.10 due to its default metrics-server enablement.

To workaround this issue, see the BOSH Director fails with non-running job during upgrade to Ops Manager 2.10 Knowledge Base article.

This issue is resolved in Ops Manager v2.10.1.

Increased Logging Slows Platform Functions

If your Loggregrator does not have sufficient memory to handle the increased system metrics emitted in Ops Manager v2.8 and later, you may experience dropped logs and slow consumers. This can impact platform functions.

To solve this issue, do the following:

  • If you have TAS for VMs, scale Loggregrator to handle the increased volume. See Scaling Up TAS for VMs.

  • In Ops Manager v2.9 or later, you can disable these system metrics if you don’t need them. To do this, disable Enable additional System Metrics in the Director Config pane of the BOSH Director tile. For a list of metrics collected, see System Metrics Agent in GitHub.

For more information on this feature, see All Platform VMs Emit System Metrics.