Chapter 12. Technical Notes

This chapter contains the summary text for bug fixes and enhancements in Red Hat CloudForms errata advisories. The information and procedures in this chapter are relevant to Red Hat CloudForms administrators.

12.1. RHBA-2016-1488: CFME 5.5.5 Bug Fixes and Enhancement Update

The bugs contained in this section are addressed by advisory RHBA-2016:1488. Further information about this advisory is available at https://access.redhat.com/errata/RHBA-2016:1488.html.

12.1.1. Automate

BZ#1312076

In the previous version of CloudForms Management Engine, VMware_HotAdd_Disk was not working. This was caused due to a regex which was being used to find the appropriate SCSI controller when hot adding a disk. This change validates the xsiType as being the correct type and removes the regex; this resolves the problems the regex created with different localizations.

BZ#1327603

In the previous version of CloudForms, retired instances may be left in suspended state on OpenStack server. As a result, the retired instance could be resumed back to active state from the provider side (OpenStack) and this state was not refreshed back in CloudForms.
This update adds built in policy for event vm_resume. This policy will keep the retired instance in powered off state, even if it is powered on from the OpenStack server.

BZ#1327604

Customer needed to enable automate role in UI zone to which a large number of messages were being queued but not processed. The zone from the code was setting the zone = default which prevented it from getting picked up by workers in a different zone with Automate role.

The code has been updated to clear the zone if automate role is not enabled.

BZ#1327722

In the previous version of CloudForms Management Engine, provisioning with the out of the box admin account was successful but provisioning with an ldap user failed. This was because the logic in the create_provision_request (ultimately the class method from_ws_ver_1_x in miq_provision_virt_workflow.rb) was modified as part of the tenant work to validate the requested user_name value existed in the database so the request could be assigned to the proper user/group/tenant.

This update now uses lookup_by_identity to validate a user parameter and the issue is now resolved.

BZ#1334935

In the previous version of CloudForms, parameters were not being updated with respect to the change in  dropdown list selection in the user interface before submission of service orders. This fix uses the value returned from the server to select the value in the drop down list which has resolved the issue.

BZ#1335583

In the previous version of CloudForms, read_only property was not recognized for all dynamic dialogs. As a result, when the automation code ran for ordering a service and $evm.object['read_only'] was set to false, the element remained as read_only, and did not change to read/write. With this update, read_only property is recognized for all dynamic dialogs and the issue is now resolved.

BZ#1339751

Previously, there were issues with dialogs having auto-refresh set up on any of the fields. When fields changed, it immediately kicked off a trigger to auto-refresh, and that transaction completed before the field change transaction was complete. This was because the state of the form was being handled server side, instead of in the javascript, which caused problems.

This update implements $.when for triggering auto-refresh callbacks and does not attempt to use callback if it does not exist.

12.1.2. C&U Capacity and Utilization

BZ#1333095

Previously, some reports run on virtual machines did not generate any data, and reported an error with the metrics_collector_queue_name method. This problem occurred when a virtual machine was disconnected from the EMS but remained connected to a cluster, and metrics collection continued to be scheduled for that virtual machine. The capture_cloud_targets metric has been rewritten to fix this issue, so that metrics collection only occurs on virtual machines which are both powered on and attached to an EMS.

12.1.3. Control

BZ#1321600

In the previous version of CloudForms, exported service dialogues with tag control items had the tag category_id statically assigned, and could have therefore lost their relationship to the tag imported into another appliance if the ID did not match exactly. As a result, there were tag control issues on service dialogue imports between appliances.
This update ensures that old import files without a category name will still import. Besides, it also exports category name/description so that imports can utilize them.

12.1.4. Providers

BZ#1310115

In the previous version, a resource missing from a stack in an OpenStack environment caused CloudForms to entirely stop collecting data from OpenStack, instead of issuing a warning about the problematic stack. This occurred when the `stack.resources` call issued an API call to OpenStack but bypassed the 404 handler in CloudForms. The code has been fixed to safely load orchestration stack relations, and this no longer occurs.

BZ#1329635

OpenStack Keystone API v3 supports domains as a high level container for projects.
There was need for CloudForms to support this new feature, starting with a new "Domain" field in the OpenStack provider configuration in the GUI, and modifying all the methods related to OpenStack to login with the domain + user + password combination and the Keystone v3 endpoint.

With this release, domain field is now enabled. User added to ManageIQ should be an admin of the domain to be able to list projects inside.

BZ#1331093

Previously in some CloudForms environments, refreshing a SCVMM provider resulted in an error reporting "undefined method `each' for nil:NilClass". This was caused by an issue with snapshot processing. The refresh_parser code has been updated and now returns an empty array if the VMCheckpoints value is nil, rather than returning an error.

BZ#1347797

Previously, event monitor connection refused error using AWS SQS. When terminating a system it showed powering-off state for over an hour. This patch adds proxy_uri to AWS client in eventcatcher which has resolved the issue.

12.1.5. Provisioning

BZ#1291861

In a previous CloudForms version, editing a catalog item after deleting a provider resulted in an error. The error was raised during a check by miq_provision_virt_workflow.rb, which then prevented the user interface from loading the workflow. The code now checks an object's existence before calling a method on it and catalog items can be edited successfully.

12.1.6. Replication

BZ#1354615

Rubyrep replication in CloudForms Management Engine 5.5.3.4 failed in large, multi-region environments. This occurred because Rubyrep opened one transaction per 1000 rows, plus another transaction for each change it replicated. If one transaction failed for any reason, the other transaction would be aborted, because PostgreSQL does not support nested transactions. As a result, the replication process timed out because SQL could not be processed in the aborted transaction. Rubyrep now includes a nested transaction fix, and replication works as expected.

12.1.7. Reporting

BZ#1321604

Previously, running SmartState Analysis on VMware virtual machine volumes produced an empty report. This was caused by the Hardware.Volumes attribute (such as free space, free space %, used space) data not populating, because the 'checkall' expression was used to create the report instead of 'checkany'. With this update, the yaml code has been changed to use 'checkany' in the FIND expression, and volume information is reported correctly.

12.1.8. Web UI

BZ#1291757

In the previous version of CloudForms Management Engine, it was possible to delete the default compute and storage charge back rates, and there was no way to recover the default rates after deletion. This bug was fixed by renaming default rates to sample rates, allowing them to be copied, edited, deleted, and changing code so that any rate that is currently in use can not be deleted. The default compute and storage chargeback rates can no longer be deleted in the new version of CloudForms Management Engine.

BZ#1296646

In a previous version of CloudForms, a template's group ownership could not be set to "No Group", even though the option was available in the user interface. This happened because CloudForms requires a template to belong to at minimum one group, and would thus assign the tenant's default group to a template. With this fix, the "Select a Group" dropdown menu no longer contains "No Group" as an option. Only groups and tenants are listed and available to be assigned.

BZ#1322419

Previously, although when NetApp storage was enabled, the storage tab was not displayed. This was because the permission store was being set to a null store that always returned true in test environment but on appliance it read from `vmdb/config/permissions.yml`. This was causing storage tab to not be visible on the appliance as it was missing from permissions.yml

This patch adds the missing "Storage" main tab to permissions.yml and after a restart the storage tab is now shown.

BZ#1332297

In the previous version of CloudForms, the user interface allowed a blank space to be accepted in the IP, FQDN, and user dialogs when adding a provider. This fix updates the detect_spaces directive, which has resolved the issue.

BZ#1343748

Previously, the edit and remove toolbar options for a custom provisioning dialog were disabled after clicking on a default dialog. As a result, users were unable to edit or remove custom provisioning dialogs. This was caused by an incorrect condition in the code which has been fixed, and the edit/remove toolbar options now work as expected after clicking on a default dialog.

12.2. RHSA-2015-2551: CFME 5.5.0 Bug Fixes and Enhancement Update

The bugs contained in this section are addressed by advisory RHSA-2015:2551. Further information about this advisory is available at https://access.redhat.com/errata/RHSA-2015:2551.html.

12.2.1. API

BZ#1127780

As there was a need for an ability to modify tags outside of the user interface, this enhancement enables tag management such as (add, delete, list etc) through web services similar to the functionality a user would have through the user interface. This is now available via REST API.

BZ#1202556

The new version of CloudForms Management Engine adds the ability to import reports using both the command line and the REST API. This feature addresses the need to import reports without using the CloudForms Management Engine user interface.

BZ#1238268

The new version of CloudForms Management Engine adds the capability to retrieve Reporting reports with RESTapi. The reports are returned in the JSON format in response to port standard RESTapi inventory calls.

BZ#1257748

The new version of CloudForms Management Engine adds the ablity to change a user's password using the REST API. This feature was added to address the need to change the CloudForms Management Engine's administrator's password during deployment from the Red Hat Cloud Infrastructure product.

12.2.2. Appliance

BZ#1124520

The new version of CloudForms Management Engine adds the ability to dynamically update the virtual machine hardware reconfiguration dialog box based on the limits defined by the lowest virtual machine hardware definition. The hardware definitions were hard coded in the previous version limiting the ability to reconfigure a virtual machine's memory to a maximum of 16GB. The user is now able to reconfigure virtual machine memory as desired.

BZ#1159009

There was a need to provide users the ability to change from one v2_key to another.  This need arose as a customer has a development and production environment with different encryption keys.  After exporting and importing an automate model, the new database could no longer access these keys. Previously, the keys could be deleted, but there was a need for a way to migrate the data from being encrypted with one key into another.

With this enhancement, fix_auth now converts old v2 keys.

BZ#1170760

The new version of CloudForms Management Engine adds the ability to disable the admin user after adding LDAP as a user authentication mechanism. This feature adds the ability to protect the admin account from brute force attacks via the web user interface, as password constraints cannot otherwise be enforced for the admin account.

BZ#1174458

In the previous version of CloudForms Management Engine, the password of the administrative user used to setup a trusted Active Directory forest would be logged to the evm log when saving the settings for the trust. This bug was a result of faulty programming logic, and was fixed by correcting the code. The administrative user's password is no longer logged when setting up a trusted Active Directory forest in the new version of CloudForms Management Engine.

BZ#1180768

The appliance image for the new version of CloudForms Management Engine adds separate mount points for the /var, /var/log, /var/log/audit, /home and /tmp directories. This enhancement allows CloudForms Management Engine implementations to remain compliant with STIG (Security Technical Implementation Guide) requirements.

BZ#1182644

The new version of CloudForms Management Engine adds the ability to run the CloudForms appliance console as a non-root user. This ability allows the implementation to remain compliant with STIG (Security Technical Implementation Guide) requirements.

BZ#1183092

The new version of CloudForms Management Engine no longer changes, deletes or overwrites the /etc/init/control-alt-delete.override and /var/www/miq/system/LINK/etc/init/control-alt-delete.override files. Any change to these files would result in breaking STIG (Security Technical Implementation Guide) compliance. This ability allows the implementation to remain compliant with STIG requirements.

BZ#1183094

In the previous version of CloudForms Management Engine, it was not possible to use an OCSP responder to serve CRLs as the Apache http server shipped in that version did not support OCSP. This resulted in a high administrative overhead. This issue was fixed by upgrading the Apache http server to version 2.5 in the new version of CloudForms Management Engine.

BZ#1206666

The new version of CloudForms Management Engine removes the requirement to pass the LOCK_CONSOLE=false environment variable when starting the applicance console as the root user over a SSH connection. This makes it easier to start the console when operating in the Open Stack environment.

BZ#1221760

The new version of CloudForms Management Engine adds the ability to do a full tree search when looking for users under a LDAP directory branch. This feature was added as the default configuration was not able to do a sub-tree search to find all users from the LDAP directory branch. This feature is available as a configuration option in the new version of CloudForms Management Engine.

BZ#1222591

In Red Hat CloudForms 3.2 (CloudForms Management Engine 5.4) and above, the cloud-init function blocks SSH access for the root user to virtual machines hosted in Red Hat Enterprise Virtualization 3.4 environments. Note that this issue only occurs in Red Hat Enterprise Virtualization 3.4, and that cloud-init functions correctly for Red Hat Enterprise Virtualization 3.3 and Red Hat Enterprise Virtualization 3.5. This issue will be addressed in a future release.

BZ#1227426

While migrating from the previous version of CloudForms Management Engine, some users would be deleted but the dashboard definitions for the users were not deleted from the database. This would result in the admin user's inability to generate widgets for groups containing these users. This bug was fixed by checking for and skipping over the residual data for deleted users. The admin user is able to generate widgets as expected in the new version of CloudForms Managetment Engine.

BZ#1238423

While migrating from the previous version of CloudForms Management Engine, a process id out of range error would be displayed after the evmserverd service was started. This error was a result of invalid text being written to the evm pid file by the upgrade process. This error was fixed by verifying the content of the pid file before passing it to ps. The process id out of range error is no longer seen in the new version of CloudForms Management Engine.

BZ#1238443

Migrating to the previous version of CloudForms Management Engine would fail with a DB:migrate failure error while un-installing rubyrep. This would happen as the replication workers had the VMDB password stored encrypted with the old key. This bug was fixed by ensuring that legacy keys were loaded before un-installing rubyrep, so the task could complete. Migrating to the new version of CloudForms Management Engine now succeeds as expected.

BZ#1247298

Multi-tenancy provides a mechanism to group or isolate resources and identity via a single instance of the software serving multiple client organizations (tenants). It enables sharing of resources and costs across a large pool of users to allow for:
-Centralization of infrastructure in locations with lower costs (e.g. real estate, electricity)
-Peak-load capacity increases (users need not engineer for highest possible load-levels)
-Utilization and efficiency improvements for systems that are often only 10-20% utilized

BZ#1262984

The new version of CloudForms Management Engine no longer ships with the outdated /var/www/miq/vmdb/certs/ca.cer certificate authority file. This file is no longer in use. Additionally, all references to the file in documentation have been removed.

BZ#1270148

The new version of CloudForms Management Engine adds the ability to create tag names containing up to 50 characters. The previous version limited tag names to 30 characters. This increase in maximum tag name size was done to allow creation of tag names based on Cloud and OpenStack tenant names.

BZ#1278202

Previously, there were permission denied errors when logging in with non-root users. This patch fixes the cfme-gemset RPM spec by separating the parts of the enable script that are for one-time setup into a setup script, and calling the setup script from the kickstart.

12.2.3. Automate

BZ#1126934

There was a need to have a quota rule using the space actually consumed by the template, rather than enforce quota on space allocated. This enhancement consolidates quota code to help facilitate resolution. Quota can now be enforced based on used space.

BZ#1215990

The new version of CloudForms Management Engine enhances the Automate engine to allow the on_entry and on_error methods of a state machine to advance to the next state under valid conditions. For on_entry methods, it checks if the method is required to run. For on_error methods, it handles and recovers from errors.

BZ#1227045

The new version of CloudForms Management Engine adds the ability to filter service catalog items during deployment. The new deployment model allows the service designer to factor in the dynamic nature of the deployment process, where the user can select a sub-set of services. Automate will exclude all other catalog service items during deployment.

BZ#1236174

The new version of CloudForms Management Engine enhances the Automate engine to support multiple state machines to be executed in a single workspace. This allows for one state machine to call another state machine in the same workspace. If any one of the state machines in the chain ends with a retry or error, all the state machines end with a retry or error correspondingly.

BZ#1238391

In the previous version of CloudForms Management Engine, providing a root password in the Customize tab while provisioning a virtual machine resulted in the password being logged in clear text to the evm log. This was because the method used to dump object data did not define the filters for sensitive data. This bug was fixed by adding the filter options to the object dump method. The root password is no longer logged while provisioning a virtual machine in the new version of CloudForms Management Engine.

BZ#1254953

There was a need to manage tags via Automate. This enhancement adds a new class method 'categories' to return an array of MiqAeService::MiqAeClassification objects, and exposes the entries method in the MiqAeService::MiqAeClassification to access the entries in a category.
Automate methods can now access categories and entries.

12.2.4. Control

BZ#1248848

The new version of CloudForms Management Engine removes the user interface and code that provided support for Ruby expressions in conditions. This was done to enhance security of the CloudForms Management Engine appliance.

12.2.5. Performance

BZ#1204108

In the previous version of CloudForms Management Engine, a user could experience long delays in switching between tabs when provisioning virtual machines. This delay was due to the time taken to log debug session data. This bug was fixed by logging debug session data only when running in debug mode. Switching tabs when provisioning is a lot faster in the new version of CloudForms Management Engine.

12.2.6. Providers

BZ#1140191

The previous version of CloudForms Management Engine would fail to collect inventory from an OpenStack provider if accessing OpenStack security groups returned a HTTP 404 error due to the No-Op firewall operating in Neutron on OpenStack. This bug was fixed by changing code in the OpenStack connection library to handle HTTP 404 errors correctly. The new version of CloudForms Management Engine recovers correctly from not being able to collect security group information from OpenStack.

BZ#1218746

The new version of CloudForms Management Engine adds multi-tenant support for orchestrating stacks. This feature adds the ability to collect stack information from all tenants during an orchestration refresh, adds the option to select the tenant in the orchestration provisioning dialog and the ability to operate the stack on the selected tenant.

BZ#1223536

The previous version of CloudForms Management Engine had a bug in the OpenStack inventory gathering code, which limited its ability to find OpenStack server instances to a maximum of 1000 instances. The bug was a result of the inventory code not supporting paginated queries for OpenStack server instances. This bug was fixed by adding pagination support to the query for OpenStack server instances. The new version of CloudForms Management Engine is able to list all OpenStack server instances for an OpenStack provider.

BZ#1234871

The previous version of CloudForms Management Engine would report an undefined method error when discovering virtual machines on a Microsoft system center virtual machine manager (SCVMM) provider, if it found a disk-less virtual machine. This bug was a result of the virtual machine storage discovery code always expecting virtual machines to have disks. This bug was fixed by changing the code to handle the case of disk-less virtual machines gracefully. Virtual machine discovery on SCVMM providers completes successfully in the new version of CloudForms Management Engine.

BZ#1250202

In the previous version of CloudForms Management Engine, heat templates could be found only in the admin tenant, and no other tenant. This bug was caused by an outdated Fog gem. This bug was fixed by updating the Fog gem version available on the appliance. Heat templates are now found in all tenants in the new version of CloudForms Management Engine.

BZ#1260196

The new version of CloudForms Management Engine collects and stores inventory information about disks available for flavours on cloud providers.

BZ#1263744

Cloud tenants description field length limit causes inventory collection to fail when OpenStack tenant description is over 255 characters. As a result, during the initial discovery of an Openstack environment, CloudForms receives 404 error responses for different instances causing the inventory collection to fail.

Since OpenStack allows a tenant description value larger than 255 characters, CFME OpenStack inventory collection now supports tenant descriptions larger than 255 characters and inventory collection succeeds without any errors.

12.2.7. Provisioning

BZ#1216889

After provisioning a virtual machine with more than 4 GB memory from CloudForms Management Engine 3.1, a virtual machine could not be powered on automatically. This happened because the memory reservation was larger than the allocated virtual machine memory. CloudForms 4.0 now validates memory reservation and reports an error message if it is larger than the allocated virtual machine's memory.

BZ#1234904

Previously, the Virtual Machine Manager (VMM) server was  not loaded into the shell for Microsoft's System Center 2012 SP1 Virtual Machine Manager, causing virtual machine provisioning from templates to fail on System Center 2012 SP1 Virtual Machine Manager. System Center 2012 SP1 VMM environments now load the VMM server into the shell, and provisioning from a template succeeds.

BZ#1235822

Previously, virtual machines on Red Hat Enterprise Virtualization Manager started slowly, and as a result the virtual machines could not run because they were in Powering Up status during the autostart_destination phase. This has been fixed by adding a loop in the code for the host to requeue a virtual machine's boot request. The virtual machine will automatically raise an error to fail the provisioning if it has not started after 120 attempts.

12.2.8. Reporting

BZ#1238287

Previous CloudForms Management Engine versions did not report a high watermark for the number of virtual machine sockets on a provider's hypervisors over a one-month period. This functionality has been added to the current version of CloudForms Management Engine. A report can now be queued to collect watermark information for sockets on each hypervisor per provider.

BZ#1243695

Previously, the chargeback report editor did not save the time zone selected in the Chargeback Interval field. This error in the chargeback report editor has been fixed, and a local time zone can now be saved in reports.

12.2.9. SmartState Analysis

BZ#1095243

Previously, SmartState Analysis failed on Red Hat Enterprise Virtualization virtual machines that were stopped, returning the following error message: "no eligible proxy". This happened because the SmartState Analysis code involved hosts, while SmartState Analysis in Red Hat Enterprise Virtualization does not. The SmartState Analysis code now factors out proxies4job and related methods, implements Red Hat Enterprise Virtualization-specific versions, and ignores host affinity. As a result, SmartState Analysis on Red Hat Enterprise Virtualization stopped virtual machines performs correctly.

BZ#1202895

In Red Hat Enterprise Virtualization 3.5, virtual machine OVF files no longer all reside on the master storage domain. As a result, performing SmartState Analysis on Red Hat Enterprise Virtualization 3.5 virtual machines residing on NFS storage domains failed due to a file not found error. The SmartState Analysis logic has been updated and it now runs successfully on those virtual machines.

12.2.10. Web UI

BZ#1095468

There was a need for a feature to display NTP Settings on Zone Summary page for the ease of use when setting up Appliances. This has been implemented in this release - Description, SmartProxy Server IP, and NTP Servers displayed are visible for the zone under zone summary page.

BZ#1095470

Previously, when editing a catalog configuration, the form offers an "Assign Buttons" box. This was caused because text was set incorrectly for the button. The display text for the button has been fixed and the form now correctly says “Assign Catalog Items”.

BZ#1193652

Previously, the report editor handled tags on entities incorrectly, which produced reports based on EVM groups that did not display the correct tags. This caused custom tags such as 'vms.managed.department' and 'miq_templates.managed.department' to be stripped to 'managed.department' form before being added to col_order. This fix allows tags on entities to be saved correctly by the report editor.

BZ#1234465

Previously, automate exports used Windows line endings. This was caused because 'textarea' form element added \r\n characters in the data for the newline characters.

With this release, 'miqSerializeForm' JS method was changed to replace '%0D%0A' with '%0A' in the serialized form data which has now fixed the issue and export is done correctly.

BZ#1234588

Previously, there was an undefined method error when looking at bottlenecks under optimize using IE browser. This was caused due to double render issue of the bottlenecks page.
This patch fixes the double render issue caused by partial_bottlenecks_tl_detail.html.haml being rendered directly as well as indirectly via _bottlenecks_tabs.html.haml

BZ#1248039

Previously, when using the Automate Import / Export, if there was another domain available, user was unable to import into a new empty domain.  This was because there was no option to import into the same name domain.

This patch allows importing into a new domain with the same name as importing from which fixes the issue.

BZ#1252976

Previously, Service Dialog Import / Export wasn't importing All of the Service Dialogs and required importing two to three times before dialogs got imported.

Added SlickGrid plugins related to selections and checkboxes. SlickGrid uses an auto-adaptive display, where if the screen is too small or if the dataset is too large, it removes/re-adds rows to the table as you scroll. This was causing the issue where some of the items in the table weren't being selected to import. The fix was to use SlickGrid's built in plugins for handling row selection, and then serializing the data from the grid itself instead of from the form which has now resolved the issue.

BZ#1256674

Previously, when using the remote console, there were two mouse cursors, one inside and the other outside of the VM moving at different rates. This was due to the styling in HTML5 console canvases.
Disabling styling for HTML5 console canvases has resolved the issue as the cursors now move together at the same rate.

BZ#1263326

Previously, clicking on "Migrate Selected Items" under lifecycle dropdown routed to an incorrect config screen. The caller method did not render flash message for sublist screens.

This patch fixes respective 'button' methods to render flash message partially when tasks (clone, migrate, publish) are not supported for selected items. This is when user tries to perform these tasks from a list view of VMs through relationships. Thereby, the correct screen displays and the issue is now resolved.

BZ#1278463

Datastore scans are only supported against datastores belonging to a VMware provider. However, in the previous CloudForms release, the scan option in the web user interface displayed for datastores from all sources. As a result, initiating a SmartState Analysis scan on a non-VMware datastore returned an error.

With this release, code was added to only allow SmartState Analysis for VMware storage records in the web user interface. As a result, the SmartState Analysis button now only shows when using a VMware datastore.

BZ#1280278

Previously, there was no scrollbar in the group switcher list. Therefore, if a user was a member of many groups, one could not see all groups.
With this release, a scrollbar has been added to the group switcher list. As a result, one can now see all groups.

12.3. RHBA-2016-0159: CFME 5.5.2 Bug Fixes and Enhancement Update

The bugs contained in this section are addressed by advisory RHBA-2016:0159. Further information about this advisory is available at https://access.redhat.com/errata/RHBA-2016:0159.html.

12.3.1. API

BZ#1290196

Previously, the 'terminate' action was not exposed in the Red Hat CloudForms REST API. This prevented users from integrating CloudForms with external IP process applications to manage the complete life cycle of instances. With this update, this functionality has now been exposed in the REST API.

12.3.2. Appliance

BZ#1290187

In the previous version of CloudForms Management Engine, it was not possible to configure the appliance to authenticate against a Red Hat IPA domain server if the IPA domain name was composed of only a top-level domain name. This was due to validation that required the IPA domain name to contain a sub-domain name and a top-level domain name. This bug was fixed by relaxing the validation rule to allow the IPA domain name to be composed of only a top-level domain name. With this change, it is possible to configure an appliance running the new version of CloudForms Manamgent Engine to authenticate against an IPA domain with a domain name composed of only a top-level domain.

BZ#1290192

In the previous version of CloudForms Management Engine, the wrong time zone and backup start time was displayed when editing the CloudForms Management Engine database backup schedule. This bug was caused by storing the incorrect timezone when creating the database backup schedule. This bug was fixed by correctly saving the timezone when creating the database backup schedule. The correct time zone and backup start time is displayed when editing the database backup schedule in the new version of CloudForms Management Engine.

BZ#1300336

This update adds the activerecord-session_store Ruby gem, which is required for `session_store: sql` functionality. This resolve an issue that caused failures in workers under certain circumstances.

12.3.3. Automate

BZ#1287158

The new version of CloudForms Management Engine now displays the MIQ and Red Hat Automate domain versions in the user interface. This provides an easy way to lookup the MIQ and Red Hat domain versions after updating the CloudForms rpm packages. This is necessary as the admin needs to reset the automate model to update the MIQ and Red Hat domains after the CloudForms rpm package update.

BZ#1289594

The new version of CloudForms Management Engine adds the ability to dynamically assign customization specifications during provisioning. This is done by exposing the customization_specs method that automate scripts can use to retrieve a list of customization specifications from an Enterprise Management system (EMS). The set_customization_spec method was also enhanced to lookup the customization specification by object or string, and dynamically assign the specification when provisioning a virtual machine.

BZ#1291729

In the previous version of CloudForms Management Engine, an implicit null conversion error would be reported if a text box in a service dialog was left empty when calling CatalogItemInitialization. This was because as all text boxes were required to contain a value by the dialog parser code by default. This bug was fixed by changing the dialog parser code to accept empty text boxes in the service dialog. The implicit null conversion error is no longer reported when calling CatalogItemInitialization in the new version of CloudForms Management Engine.

BZ#1292220

In the previous version of CloudForms Management Engine, looking up a virtual machine's network device information in automate methods would result in an error. This was because network association was missing from the vm.hardware.nics network object. This bug was fixed by exposing network information from the hardware service model. It is now possible to use the vm.hardware.nics object in automate methods.

BZ#1296581

In the previous version of CloudForms Management Engine, running a control policy containing an action type that invoked a custom automation always failed with an error that the user_id was not specified in the automation request. This error was caused by missing user id, miq_group_id and tenant_id arguments in the automation request. This bug was fixed by passing the missing user_id, miq_group_id and tenant_id arguments in the automation request. Invoking a custom automation now works as expected in the new version of CloudForms Management Engine.

12.3.4. Providers

BZ#1291812

The new version of CloudForms Management Engine adds the ability to pause and shutdown virtual machines on an OpenStack provider. The ability to start OpenStack virtual machines from a shut down, suspended, or paused state was already available in the previous version of CloudForms Management Engine.

BZ#1291878

The new version of CloudForms Management Engine now collects memory usage statistics from OpenStack Ceilometer, in addition to CPU, disk and network statistics that were being collected in the previous version. The memory usage statistics, along with the CPU, disk and network statistics gives a complete picture of resource utilization on an OpenStack provider.

BZ#1292488

With this update, it is now possible to specify the path to a CA certificate for OpenStack providers to allow SSL connectivity.

BZ#1298969

This update adds the ability to gracefully shut down virtual machines hosted on an OpenStack provider, and shelve the OpenStack instance. This capability was already available for infrastructure providers.

12.3.5. Provisioning

BZ#1290175

In the previous version of CloudForms Management Engine, customization of virtual machines provisioned on a Red Hat Enterprise Virtualization Manager (RHEV-M) provider using cloud-init scripts would not work. This was due to a change in the RHEV-M provisioning API that required an additional option in the provisioning request to enable cloud initialization. Additionally, this cloud initialization option works correctly only in RHEV-M versions 3.5.6.0 and later. Cloud initialization for virtual machines provisioned on Red Hat Enterprise Virtualization providers works as expected in the new version of CloudForms Management Engine.

BZ#1290215

In the previous version of CloudForms Management Engine, editing a catalog item could fail with an undefined method error if a resource pool or EMS folder was removed from the catalog item. This bug was fixed by changing the code to allow for removal of the resource pool or EMS folder from the catalog item. Editing a catalog item no longer fails in the new version of CloudForms Management Engine.

BZ#1293711

In the previous version of CloudForms Management Engine, after choosing a tenant other then the default tenant when ordering a multi tenant orchestration service on an OpenStack provider, the tenant selection list was disabled when attempting to reconfigure the service. This bug was caused by an error in the script that provided the tenant selection list. This bug was fixed by correcting the error in the script that provided the entries for the tenant selection list. The tenant selection list in the orchestration reconfiguration dialog works as expected in the new version of CloudForms Management Engine.

12.3.6. Reporting

BZ#1289689

The new version of CloudForms Management Engine adds the ability to share reports with more than one group. This allows users from multiple groups to see a shared report. This also allows a user in multiple groups to see reports shared with different groups, without having to change groups.

12.3.7. Web UI

BZ#1287755

In the previous version of CloudForms Management Engine, users with only view permission for reports were unable to view saved reports. This was because the Saved Reports accordion only had an option to modify or delete saved reports. If the user did not have those permissions, the user would not be able to view the saved reports. This bug was fixed by adding a View option under the Saved Reports accordion. Users with only view permissions are now able to view saved reports in the new version of CloudForms Management Engine.

BZ#1292574

In the previous version of CloudForms Management Engine, a saved report file name would include the current date when downloaded, rather then the date on which the report was saved. This was because the time stamp in the report footer, from which the file name was derived, was set to the current time when downloading. This bug was fixed by changing the time stamp in the report footer to the time when the report was last run. Saved report file names now include the report saved date upon downloading in the new version of CloudForms Management Engine.

BZ#1296160

The previous version of CloudForms Management Engine had a user interface bug in Automate's custom service dialog editor where the user was not able to drag or remove existing elements in a service dialog. This bug was caused by errors in the drag and drop mechanism code. This bug was fixed by correcting the code errors. Users are now able to edit Automate service dialogs as expected in the new version of CloudForms Management Engine.

BZ#1297953

This update adds support for dynamic fields in service dialogs, making it possible to order services with dynamic fields in the Self Service Portal.

BZ#1298968

This update resolves an issue that prevented users from creating service dialogs for dynamic drop-down list element types by making it possible to save a DialogFieldDropDownList without values when it is dynamic.

12.4. RHBA-2016-0616: CFME 5.5.3 Bug Fixes and Enhancement Update

The bugs contained in this section are addressed by advisory RHBA-2016:0616. Further information about this advisory is available at https://access.redhat.com/errata/RHBA-2016:0616.html.

12.4.1. API

BZ#1302443

Previously, the REST API could not filter resources using the name parameter. This was because all filter attributes were constructed into a SQL query regardless of whether they represented column names, and thus filtering by virtual attributes would result in a database error. The code now checks for non-column attributes before making the query, and filters by these attributes in Ruby after the results are returned.

BZ#1309746

Virtual machines previously could not be retired directly using an API call. While service retirement could as well trigger virtual machine retirement via an API call, without a service, it was necessary to use an Automate model to retire a virtual machine through the Automate APIs. This release adds a REST API retire action so that virtual machine retirement can be triggered directly.

12.4.2. Appliance

BZ#1289200

Upgrading to the previous version of CloudForms Management Engine from an earlier version could result in a database replication failure with a  duplicate key present error on the master appliance. This error was a result of id numbers from the incorrect region being assigned to host storage records. This bug was fixed by removing the records with the incorrect ids and resetting the replication triggers to the correct region. Database replication completes successfully in the new version of CloudForms Management Engine.

12.4.3. Automate

BZ#1297499

Previously, the CloudForms Management Engine used a custom mechanism to cache objects sent as references to the Automate methods. However, some of the objects were not cached by the mechanism, resulting in Distributed Ruby (DRb) recycled object errors. DRb has a built-in caching mechanism based on TimerIdConv, so this release of Red Hat CloudForms will use DRb's caching mechanism instead to avoid these errors.

BZ#1301149

Previously, virtual machines provisioned using a version of Red Hat CloudForms 3.0 could not be retired using Automate methods. This was caused by the retirement state machine requiring either the miq_provision parameter or tags, which were not present in all versions of CloudForms 3.0 provisioned virtual machines. This has been fixed by removing the requirement for miq_provision and tags from the remove_from_provider code in the retirement state machine.

BZ#1301660

When provisioning from an ISO in Red Hat CloudForms 4.0, the automation state machine previously exited with an oVirt error reporting locked disks. This was caused due to the destination_image_locked? method only being called on native Red Hat Enterprise Virtualization provisioning. This release adds a destination_image_locked? check for all Red Hat Enterprise Virtualization ISO and PXE provisioning.

BZ#1303086

Methods and instances copied from an older domain into a new one continued to attempt calling the previous domain, even after it was deleted. This occurred due to inheritance retention from the deleted domain. This inheritance has been removed from the code and now only objects from the new domain are called.

BZ#1303096

Previously, when service retirement was executed in the CloudForms Management Engine Appliance from a zone without the Automate role enabled, the request was queued in the wrong zone. This prevented the virtual machine and service from being retired. Now, when retiring a service, the zone parameter is cleared if the Automate role is not enabled, and retirement executes in the correct zone regardless of Automate configuration.

BZ#1312047

Although virtual machine retirement events were detected by the Automate engine, they did not trigger retirement warning emails. This was caused by a missing vm_retire_warn event instance in the Automate engine. With this release, this has been added to the code and consequently, pending virtual machine retirement events now send a warning email to the administrator.

12.4.4. Providers

BZ#1303122

Previously, there was an issue with the Azure API version in that the resource type 'locations/vmSizes' could not be found in the namespace. This was caused due to the outdated azure-armrest gem. This fix updates azure-armrest gem to 0.1.0 -- removed outdated comment regarding color gem. This has now resolved the issue.

BZ#1306362

Previously, CloudForms inventory failed when an OpenStack cinder volume contained no 'device' directive in the attachments property.  This was caused because the mountpoit of a volume went missing after some operations. This fix ignores the missing volume mountpoint, and logs a warning. As a result, the inventory now succeeds.

BZ#1310245

Previously, the AMQP connection did not recover after rabbitmq-server restart. This was because the previous Bunny gem couldn't handle a reconnect when AMQP service got restarted. This patch updated the Bunny gem and the AMQP connection now recovers as expected.

BZ#1312024

The previous version of CloudForms Management Engine was unable to list EC2 Public AMIs, even after enabling the attribute 'get_public_images' to true in the EVM server configuration. This was caused due to provider refreshers not correctly retrieving VMDB configuration options. This patch fixes the provider refreshers to correctly retieve VMDB configuration options.

BZ#1314835

Feature request to add proxy support to azure-armrest as there was no way to specify a proxy for http requests in the azure-armrest gem. Accordingly, http_proxy support has been added for authenticating to Azure.

12.4.5. Provisioning

BZ#1308705

Previously, while provisioning VM in VMware infrastructure provider and attempting to pass placement attributes' details in JSON request, the VM was not getting provisioned and placement attributes' details showed as NULL.

With this fix, a host will no longer required to be in a cluster to determine which datacenter the host is in. As a result, VM will get provisioned and it will be placed under host which is specified in placement attributes.

BZ#1318436

In the previous version of CloudForms Management Engine, the VM booted up for PXE install with missing PXE boot entry. This was because when PXE provisioning a VM, we wrote the PXE boot files, boot the VM, then wait for it to power off. The power off signified that the installation was complete and the installer shut down the guest. Sometimes providers are slow enough that we can request the power on, refresh the provider (a very heavy operation for collecting the power state of the new VM), and the VMs power state is off because it has not yet powered on. The state machine logic has changed to now only look at the power state on the provider (much faster), and sit in a loop waiting for the VM to boot before moving on to the next "wait_for_power_off" state.

This fix changes the code to wait for the VM to be powered on in the provider. As a result, we now wait for the VM to boot and shut down before cleaning up the PXE files.

12.4.6. Reporting

BZ#1296582

In the previous version of CloudForms Management Engine, checks for last created `BottleneckEvent` failed for hosts. Old BottleneckEvents were not purged. This, as a result, led to many BottleneckEvents created or accumulated in the VMDB, and UI worker was getting killed with "memory exceeded" whenever a user tried to open bottleneck page.

This update deletes obsolete BottleneckEvents and ensures BottleneckEvents are only generated once every 24 hours which resolves the issue.

BZ#1304003

Previously, attempting to queue a report created to list all VMs with thin provisioned disk, threw an error. This was caused because has_many through association was breaking the reporting.

This patch fixes has_many through association that broke the reporting and the issue is now resolved.

12.4.7. Security

BZ#1302062

Previously, when the system was binding with CloudForms, the password was being logged in plain text. This fix encrypts LDAP bind password when queuing to MiqQueue. As a result, the password is now logged encrypted.

12.4.8. SmartState Analysis

BZ#1306416

Previously, there was a SmartState error, "Unable to mount filesystem. Reason:[No root filesystem found.]” The issue was caused because the internal structure of the filesystem used 64 bit group descriptors.

This patch changes the logic to decide the size of group descriptor based on INCOMPAT_64BIT flag and s_desc_size from superblock. As a result, the issue is now resolved and SmartState analysis is successful.

12.4.9. Web UI

BZ#1291809

The previous version of CloudForms Management Engine web console showed authentication errors when being accessed from the Microsoft Internet Explorer 8 browser. This bug no longer applies to the new version of CloudForms Management Engine as the Microsoft Internet Explorer browser is no longer supported for access to the CloudForms Management Engine console.

BZ#1291810

In the previous version of CloudForms Management Engine, when a custom documentation URL was configured, clicking on the About submenu item of the Configure menu option when logged in as a user in a role other than super administrator resulted in the console displaying an empty product assistance box. In the new version of CloudForms Management Engine, the code handling the About sub menu item has been fixed to display the product assistance box correctly.

BZ#1297432

In the previous version of CloudForms Management Engine, switching user groups from the user interface could result in disabling the virtual machine console buttons. This bug was a result of clearing the session hash variable as a part of switching user groups, which invalidated the browser version and operating system information stored in the session variable. This bug was fixed by saving and restoring critical session variable keys when switching users. Console buttons work as expected in the new version of CloudForms Management Engine.

BZ#1300736

In the previous version of CloudForms Management Engine, attempting to copy a condition in a control policy would result in renaming the existing condition to the name intended for the duplicate, instead of creating a copy. This bug was fixed in the policy controller code to correctly handle the creation of duplicate conditions. Conditions can be copied as expected in the new version of CloudForms Management Engine.

BZ#1304785

In the previous version of CloudForms Management Engine, filtering the list of virtual machines by their hosts did not work if the virtual machines also had group tags. This bug was fixed by correcting the filtering code to handle group tags correctly. Virtual machines with group tags can be filtered as expected in the new version of CloudForms Management Engine.

BZ#1306699

In the previous version of CloudForms Management Engine, the file name of a saved report would be set to the download date, instead of the report creation date. There was no way to tell when the report was saved from the downloaded report. This bug was fixed by saving the report creation date in the report footer, and using the saved date in the downloaded report file's name. Saved reports have the expected file name in the new version of CloudForms Management Engine.

BZ#1306813

The self service user interface in the new version of Red Hat CloudForms Management Engine adds the ability to allow users to switch groups. This allows users of the self service user interface to get behaviour and privileges assigned to different groups.

BZ#1316137

In the previous version of CloudForms Management Engine, copying a custom alert to create a new custom alert would result in replacing the existing alert with the new alert instead. This was due to a bug in the alert code logic which mistook the copy request as an edit request. This bug was fixed by correcting the logic to handle copying custom alerts correctly. Creating new custom alerts by copying existing custom alerts works as expected in the new version of CloudForms Management Engine.

12.5. RHBA-2016-1101: CFME 5.5.4 Bug Fixes and Enhancement Update

The bugs contained in this section are addressed by advisory RHBA-2016:1101. Further information about this advisory is available at https://access.redhat.com/errata/RHBA-2016:1101.html.

12.5.1. Appliance

BZ#1326460

The way in which the appliance previously handled the subscription organization for Red Hat Satellite 6 caused the organization name to be saved incorrectly. As a result, an exception was silently raised against Satellite 6.1 at registration, preventing the ability to subscribe the appliance to updates from Satellite 6. This is fixed in this release by creating a new form key which stores the organization display name.

BZ#1334743

In the previous version of CloudForms Mangement Engine, logrotate failed due to a reported insufficient space condition. CFME log_rotate_freespace_check.sh used incorrect value to determine volume freespace causing logrotate to fail.

This patch changed the logrotate free space check script to read free space correctly which has now fixed the issue.

12.5.2. Automate

BZ#1324985

In the previous version of CloudForms Management Engine, service provisions were being executed in the wrong zone and triggered an error - "Terminating non responsive method with pid 19690".

This patch adds option to turn off calling Rbac in MiqRequestWorkflow and the issue is now resolved.

BZ#1335530

Previously, after an upgrade from CloudForms Management Engine 5.5.2 to 5.5.3, there was an error with "retire_now" for an existing service.

This fix adds #tenant_identity to OrchestrationStack which has now resolved the issue.

12.5.3. Performance

BZ#1325405

Previously, the Capacity and Utilization metrics processor worker fetched all historical performance data to report metrics, causing the query to fail due to the extremely large amount of data to process. This has been fixed in the code by only loading recent performance state records. As a result, the process no longer times out and the Capacity and Utilization metrics are reported successfully.

12.5.4. Providers

BZ#1300794

Previously, when a virtual machine moved to another host during a host-targeted External Management System (EMS) refresh, the virtual machine appeared to be deleted from the host. This occurred because the EMS refresh process (ems_refresh) disconnected the virtual machine and deleted it from the EMS, resulting in this error message: "invoking [on_error] method=[update_provision_status(status > [No Cloud/Infrastructure Provider defined]". The issue has been fixed in the code by queueing a targeted refresh on a virtual machine when there is insufficient information available. As a result, virtual machines are no longer deleted by the host EMS, and ems_refresh completes for both the host and the virtual machine.

BZ#1310114

This Red Hat CloudForms update adds the ability to specify the AMQP server IP address for OpenStack providers. As a result, when deploying an undercloud with SSL enabled, the Keystone endpoints are set on a different IP address than the address RabbitMQ uses to bind.

BZ#1322002

Previously, VMware power events and provisioning performed directly in vCenter stopped being received by the CloudForms appliance shortly after an appliance reboot (20-30 minutes). This occurred because using HTTP timeout with the WaitForUpdates call on a vSphere provider caused calls to hang eventually. VMware added the new WaitForUpdatesEx method to vSphere 4.1 to address this issue, which has been updated in this version of CloudForms. The maxWait option in WaitForUpdatesEx controls how long to block in WaitForUpdatesEx without timing out the connection.

BZ#1326461

Previously, when navigating to a VM and attempting to view the disk usage details by clicking on "Number of disks", the details were not reported.

This was caused due to a broken require which was throwing an exception when running
SmartState Analysis on a virtual machine. This caused no XML to be returned for the disks section of VmConfig, so the "Used Size" and "Partitions Aligned"
were always empty for a VM. This patch fixes the broken require and the issue is now resolved.

BZ#1327723

When adding an Azure provider with a custom Linux image, an image parsing issue for Azure caused the refresh status to fail if the container path did not contain "Microsoft.Compute". The operation now takes only the directory name plus the base name, ignores the .vhd and Azure GUID extensions from the Azure image name, and no longer assumes "Microsoft.Compute" is part of the path.

BZ#1329635

OpenStack Keystone API v3 supports domains as a high level container for projects.
There was need for CloudForms to support this new feature, starting with a new "Domain" field in the OpenStack provider configuration in the GUI, and modifying all the methods related to OpenStack to login with the domain + user + password combination and the Keystone v3 endpoint.

With this release, domain field is now enabled. User added to ManageIQ should be an admin of the domain to be able to list projects inside.

BZ#1332665

Previously, on several providers EMS refreshes happened continuously which appeared to break or slow provisioning. If a VimBroker connection was opened for an EMS that is not in the server's zone, the VimBrokerWorker terminated the connection. When the VimBroker terminated the connection, it fired off a
MiqVimRemoved event. The VimBrokerWorker was responding to
this event by automatically re-connecting to that EMS.  Instead
it should check the list of EMSs it is supposed to be connected
to before re-connecting. This patch implements this change which has now resolved the issue.

BZ#1333467

Previously, VMDB cluster entries were being logged as being deleted immediately before a set of hosts were being disconnected (not deleted). The hosts reconnected later (with same host id) and were reconnected to new cluster instances named the same as the ones deleted. However, the tags were lost in the process so provisioning was being impacted.

This patch limits objects returned by initial waitForUpdatesEx. The initial call to waitForUpdatesEx returned every inventory item in one call. With large inventories this bumped up against the 2min HTTP timeout requiring a number of retries and an increasing timeout.  The new WaitForUpdatesEx method allows the caller to specify a maximum number of objects to be returned by any one waitForUpdatesEx call, which allows paging through the initial inventory without needing to increase the timeout.

12.5.5. Provisioning

BZ#1321597

In the previous version of CloudForms Management Engine, attempting to use the post install callback URL to shutdown a virtual machine doing a PXE / ISO install on RHEV and VMware did not work.

This patch updates the post_install_callback logic based on new state and the issue is now resolved.

BZ#1329744

There was a feature need where the security_group defined in provision_request payload should be assigned to the instance. This was because, previously, users were unable to associate a security group while provisioning instances via CloudForms API. The security group details were being sent in the JSON request, however, default security group was getting associated to virtual machine, not the one which was sent through the request. This feature has now been implemented with this release.

12.5.6. Replication

BZ#1324991

Previously, after upgrading CloudForms Management Engine from 5.4.x to 5.5.3.2, replication worked only for a few transactions but then stopped and was unable to continue.

This was caused because ems_events table was renamed to event_streams in 4.0. The migration that did the rename did not remove the old trigger for ems_events. Due to this, the trigger stayed with the new event_streams table after the rename. In addition, the correct trigger was added for the new table name, as it should. This caused pending changes records to be created for both the old table and the new table names when a change occurred to event_streams.

The existence of the pending change entries for the removed ems_events table caused the replication run to raise an internal error while trying to get table information. The error was not properly handled and that prevented a timeout from being reset. This caused the timeout error seen in the output and prevented the process from replicating any changes.

With this release, a script to remove out of date rubyrep triggers was added and the issue is now resolved.

12.5.7. Web UI

BZ#1291859

In the previous version of CloudForms Management Engine, service dialog elements could not be reordered. Attempting to move an unsaved element in a service dialog resulted in an error message on the user interface.

This patch uses item order number instead of record ID (unsaved element doesn't have ID) which has now resolved the issue.

BZ#1321595

Previously, service dialog tag control dropdown rendered but broke when clicked.

This patch fixes miq_observe functionality on selectpickers. This fixes initializeDialogSelectPicker to not assume trigger_auto_refresh by default and calls that instead of miqInitSelectPicker + miqSelectPickerEvent (both are called from initializeDialogSelectPicker) also selectedValue is made optional (because it is already handled by select_tag). Also, the data-miq_observe attribute has been removed from drop_downs, since that functionality is handled by miqSelectPickerEvent for selectpickers.

BZ#1322419

Previously, although when NetApp storage was enabled, the storage tab was not displayed. This was because the permission store was being set to a null store that always returned true in test environment but on appliance it read from `vmdb/config/permissions.yml`. This was causing storage tab to not be visible on the appliance as it was missing from permissions.yml

This patch adds the missing "Storage" main tab to permissions.yml and after a restart the storage tab is now shown.

BZ#1329411

Previously, when scheduling an emailed report, the "To" drop down list showed all users in the logged-in customer's role rather than group. There was a feature need to restrict the list of emails by current user's groups which is now implemented in this release.