About this release

SovLabs 2018.1.x is a full quarterly release that includes enhancements and fixes to existing modules as well as new modules.


vRA 7.4 Notice

The minimum SovLabs Plug-in version required for VMware’s vRA 7.4 is 2018.1.4.


Please note that the vRO js-io-rights.conf file (at /etc/vco/app-server) is reset anytime the vRO Configurator service restarts.  The proper configuration of the js-io-rights.conf file is a prerequisite to an Install/Upgrade.  Prior to performing any subsequent upgrades on vRA 7.4, please validate that the js-io-right.conf is updated appropriately.  Please reference our documentation.

To prevent the js-io-rights.conf file from reverting, please follow the steps below:

  1. SSH as root to vRO server
  2. Stop Control Center.  Type in: service vco-configurator stop
  3. Make the changes.  Follow steps via: docs.sovlabs.com
  4. Execute the CLI command to apply the changes to the latest configuration which is going to be replicated.  Type in: /var/lib/vco/tools/configuration-cli/bin/vro-configure.sh sync-local
  5. Start Control Center.  Type in: service vco-configurator start

vRA 7.3 Notice

There is a vRA 7.3 hotfix from VMware that fixes an issue with form field validations that affects all of SovLabs’ provided XaaS forms.   This hotfix must be applied to your vRA 7.3 before upgrading to SovLabs 2018.1.x or earlier.

There is also a vRA 7.3 vRO CAFE plug-in patch that fixes a CAFE bug related to VMware vRA plug-in for vRO. This patch must be installed on vRO before upgrading to SovLabs 2017.3.2.3 or above.

There is also a vRA 7.3 vRO CAFE plug-in patch that fixes a CAFE bug related to VMware vRA plug-in for vRO. *Affects SovLabs version 2017.3.2.3 and above.

**The vRA 7.3 hotfix and the vRO CAFE plug-in update are provided and supported by VMware. Please refer to VMware’s support channels for any questions about the installation or functionality of these updates.


What’s New?

ServiceNow Connector
With the ServiceNow Connector by SovLabs, it’s now possible to import, consume and manage vRealize Automation catalog items natively within ServiceNow.  ServiceNow administrators can customize the catalog and request process directly within the ServiceNow platform, without any need for custom coding or intimate knowledge of the vRealize Automation API.  End-users can request and manage vRA catalog items and inventory directly within ServiceNow.  Coupled with the SovLabs ServiceNow CMDB Module, organizations can now fully realize the full potential of both vRealize and ServiceNow platforms.
Lifecycle Components Toolkit
The SovLabs Lifecycle Components Toolkit was developed to:
  • Create a construct in vRA where all these SovLabs and custom components and scripts and the order in which they run can be contained in a profile
  • Provide a simple way to define custom scripts without writing custom vRO workflows

SovLabs Lifecycle Components Toolkit (LCT) allows administrators to fine-tune provisioning for different types of builds and maintain those profiles independently without touching the default vRA Event Broker subscriptions for existing SovLabs integrations.


SovLabs vRA EBS Priority Updates

EBS State
Machine Requested PRE
Prior to this release:
  • Naming: 1100
  • Property Toolkit: 1200

For this release:

  • Property Toolkit: 1100
  • Lifecycle Components Toolkit: 1200
  • Custom Naming: 1300


Updated all Configuration label helpers in vRA forms text to:

No spaces, periods, nor special characters except underscore (_) and dash (-).

Added ability to skip PTR record validation in DNS Machine Building PRE and DNS Machine Disposing PRE lifecycle phases if vRA property SovLabs_SkipValidateDnsPtr  is set.
Infoblox DNS and/or IPAM
Added support for Infoblox version 8.x
ServiceNow CMDB
Added support for Kingston
Added support for configuring a non-authenticating Proxy to pass ServiceNow Calls out of vRO to the internet. Configured in the ServiceNow Endpoint. **Proxies which require authentication are not supported at this time.
Backup as a Service for Rubrik
Added support for Rubrik versions 3.2.x and 4.0.x
Red Hat Satellite
Added support for RH Satellite version 6.2
Added support for using Capsule Servers
Puppet Enterprise
Added support for Puppet Enterprise 2017.3
Puppet Open Source with Foreman
Added support for Foreman 1.16/Puppet Open Source 5.3.4
Ansible Tower
Added support for automated Dynamic Inventory Configuration
  • User can access via Add Ansible Tower Inventory Profile for new inventory profiles
  • User can access via Configure Ansible Tower Inventory Profile – Day2 for existing inventory profiles

Added support for Ansible Tower CM Framework

Inventories all data from F5 endpoints (used to only inventory health monitors)
Updated /reorganized F5 Virtual – SovLabs Modules form:
  1. VIP tab
    • Allows for different client/server profiles, SNAT and Persistence Profiles
  2. Pool tab
    • New tab, will show or hide depending on whether ‘Create VIP?’ is checked yes
  3. Member tab
    • New tab – allows for defining member node values tied to the particular VIP
    • replaces the Property Group previously used to define Member properties

Updated SovLabs RESTipe to have versioning.

During upgrades, user can now choose to replace the F5Config-default RESTipe with the latest during SovLabs Configuration > Update

Backup as a Service for Veeam
Improved performance of Recover Files and Folders and Recover VM forms

Added a Veeam FLR Cleanup scheduled task

  • Cleans up old Veeam Cache data (when user abandons Recover Files and Folders form or Recover VM form)
  • Cleans up Veeam FLRs that were created by SovLabs that did not clean up naturally within the timeout minutes
  • Runs every ten minutes


Resolved Issues

Resolved Issue(s)
Fixed issue with MS DNS where if the Network field was left blank in the SovLabs DNS Configuration, the PTR Record was not created even if checked.
Red Hat Satellite
Fixed issue in Deprovisioning where Nodes were not removed from Content Hosts when name was an FQDN.
VM Tagging
Fixed issue where VMWare Tagging workflow was timing out after 5 minutes when processing large numbers of tags or categories.

Improved performance with tag and category processing.

Fixed issues with scale out for nested components in vRA blueprints

Fixed issue where provisioning of multiple VMs in a single request was failing during Provision Machine and Add VIP in vRA 7.3.

Improved logic for looping through only the most recent requests to find the parent-child relations in multi-VM and Nested blueprints containing F5 VIPs.

Fixed inconsistencies with rollback after errors.


Known Issues

Known Issue(s)
For vRA 7.4, js-io-rights.conf file reverts any time the vRO Configurator service is restarted.
For vRA 7.4, js-io-rights.conf file reverts any time the vRO Configurator service is restarted.


  1. SSH as root to vRO server
  2. Stop Control Center.  Type in: service vco-configurator stop
  3. Make the changes.  Follow steps via: docs.sovlabs.com
  4. Execute the CLI command to apply the changes to the latest configuration which is going to be replicated.  Type in: /var/lib/vco/tools/configuration-cli/bin/vro-configure.sh sync-local
  5. Start Control Center.  Type in: service vco-configurator start
All that generate a vRA Property Group
Unable to rename a Property Group name in vRA 7.x programmatically

Workaround: Any forms that generate a vRA Property Group will no longer allow updating the “Configuration label” (e.g. Add Naming Standard/Update Naming Standard)

Custom Naming
Unable to rename deployments in vRA 7.x due to vRA Platform limitation.

The deployment name defaults to the blueprint name appended by a dash and an auto-generated 8-digit number (e.g. blueprintName-12345678)

Workaround: The deployment name can be influced by adding a vRA Custom Property at the composite blueprint level (versus at the machine component in the blueprint) with:

  • Name: _deploymentName
  • Value: Unique value utilizing the SovLabs Template Engine

*Note: Using the same property value will result in deployments with the same name

Manage Credentials for Puppet Open Source with Foreman
Unable to update a credential that is tied to Puppet Open Source with Foreman

Workaround: Update the Foreman Master or Foreman Agent and create a new credential directly inline and submit.

A nested vRA blueprint with the F5 virtual component in the child vRA blueprint that defines the value for Pool Health Monitors field fails with a: Status Code 400 ‘The value for the ‘poolHealthMonitors’ field should be among the permitted value’ for vRA 7.2.  This issue does not occur for vRA 7.3 nor for a single (non-nested) blueprint.

Workaround: Do not define (pin) the value for Pool Health Monitors (or any field that is Array/String) on the F5 Virtual component in the child blueprint for a nested blueprint.

vRA 7.4, 2018.1.4
During provisioning for vRA 7.4, vRO server.log will log errors when the SovLabs RESTipe executes a vRO workflow. The error logs are benign and can be ignored. vRO workflows are executed successfully via SovLabs RESTipes.

vSphere Snapshot Management
If using vSphere Snapshot Management with any of the Backup as a Service modules (Cohesity, Rubrik, Veeam) may result in an email notification of a Backup as a Service snapshot.

If the Backup as a Service snapshot lives beyond deletion time set in Snapshot Configuration, will get deleted.

Lifecycle Component Toolkit
Issue: For Add/Update Lifecycle Profiles, the vRA forms may timeout.

Workaround: Upgrade to 2018.1.4

Issue: machineRequested phase for Lifecycle Component Toolkit fails.

Workaround: Upgrade to 2018.1.4

SovLabs vCenter Endpoint
Version “6.7x” does not show in the dropdown list.

Workaround: Please select “6.5x” from the Version dropdown list.  We have certified vCenter 6.7 in 2018.1.5.

Resolved in 2019.6.0


Important Notes

All that use VMWare tools connection type
The version of VMWare tools on the VM must match the vCenter version.  In other words, if your VM lives on a vCenter 6.5 and VMTools on the VM is from vCenter 5.5, there will be issues using the integrations with the vmware-tools connectivity type.
IPAM (All)
The option to skip in-use IP addresses will reserve the IP address first, then check to see if the IP is in use (responds to ping or DNS lookup).  If that IP appears to be in use,  the workflow will leave the first reservation in the IPAM,  the hostname will be regenerated,  the next IP will be reserved and checked for use.  This will continue until an IP is found that does not appear to be in use.  This will result in the in-use IP addresses being reserved in your IPAM under the hostnames generated during the workflow. It is recommended to turn on the notification option so operations staff can be aware of the discrepancy, and do appropriate clean up.
vSphere 5.5 – End of Support
 The End of General Support (EOGS) for vSphere 5.5 is rapidly approaching. If you’re still on vSphere 5.5, time to start serious planning your upgrade

vSphere 5.5 will end general VMware support on September 19, 2018

Minor Release Notes

VM Tagging
  • Optimization to add createTag and createCategory overlap protection
  • Added loader in TaggingAgent when tags/categories get added/deleted/attached
ServiceNow Connector
  • Fixed error reporting back to ServiceNow


  • Fixed inventory for custom/user created Pool health monitors (Ticket #577)
  • Fixed issue to allow user to select “none” as HTTP Profile and/or HTTP Proxy Connect Profile (Ticket #577)
  • Added back in necessary debug logic for getDependentVms vRO action

SovLabs Template Engine

  • Fixed missing link in SovLabs plugin to point to use correct SovLabs Template Engine


  • Added “ownerNameEmail”, “requestedByEmail”, “requestedForEmail” on vmProperties to be used/referenced (especially for Notifications) (Ticket #570)
Red Hat Satellite
  • Fixed an issue with host pagination and FQDN name searchers
Red Hat Satellite
  • Fixed an issue with Host pagination and FQDN name searchers


  • Fixed an issue where Scale Out would fail when more than 1 VIP component was attached to 1 VM component.  It would also fail to destroy the deployment
  • Fixed an issue if there were more than 10 components on a blueprint, the VIPs were not finding the correct number of dependent VMs to create/use VIP and pool and add nodes to pool

Lifecycle Components Toolkit

  • Fixed issue where Scripts at runtime were not honoring a modified Master Execution JSON (Advanced tab)
  • Fixed issue where Modules at runtime were not honoring a modified Master Execution JSON (Advanced tab)
  • Fixed issue where Add/Update a Lifecycle Profile with only Modules selected (no scripts and no EBS overrides) did not generate the proper Master Execution JSON
  • Fixed issue where Add/Update a Lifecycle Profile and specifying only some EBS Override out of the possible Lifecycle EBS Overrides for that SovLabs Module, it did not generate the proper Master Execution JSON by bringing in the SovLabs default EBS.
Released April 2, 2018
  • Fixed an issue getting data for partitions other than “Common”
  • Fixed issues with rollback during Provision VIP and Add VMs (did not clear Naming Cache and remove Pool if the VIP fails to create
  • Fixed issue not setting SSL Client and Server Profiles
  • Updated RESTipe version to 2018.1.2

Lifecycle Components Toolkit

  • Fixed issue where Ignore SovLabs Defaults were not honored at Master Execution JSON (Advanced tab)
  • Added in validation for invalid Master Execution JSON for Lifecycle Add/Update

ServiceNow Connector

  • Fixed M2M Relationship not working with Requests/CIs
  • Fixed Import Catalog form where de-selecting a field did not clear out values
  • Fixed Modify Catalog form for fields selected to have the correct values selected on the drop-down (previously would select the first option in the drop-down for all fields)
Released April 16, 2018
Ansible Tower
  • Fixed execute Ansible Tower Profile Job Template vRO workflow to bind error exception
  • Updated logic to get the Job Template name based on Job Template name and Organization.  Used to be by Job Template, Organization, and Inventory.
  • Fixed SovLabs Tower Profile not overriding blank Inventory in Job Template when set to Prompt on Launch
  • Fixed SovLabs Tower Profile not overriding non-blank Inventory in Job Template when set to Prompt on Launch
  • Allow vRA tenant name to in Ansible Tower configuration YAML file.
  • Log cleanup
  • Fixed issue when creating an Inventory name with a space in it, the Inventory sync fails with a YAML syntax error

ServiceNow CMDB

  • Added Kingston for version list

All Backup as a ServiceFor Day2 actions that enables use of Notifications

  • Fixed issue where the Day2 forms would error with a System Exception the event  an AD user did not have an email specified
Released April 30, 2018
Certified for vRA 7.4 and vCenter 6.7


  • Fixed logic inventorying for Pool Health Monitors on version 11.6.1.
  • Fixed scale out of multiple instances of the same VM component.
  • Note: During provisioning for vRA 7.4, vRO server.log will log errors when the SovLabs RESTipe executes a vRO workflow.  The error logs are benign and can be ignored.  vRO workflows are executed successfully via SovLabs RESTipes.

Lifecycle Components Toolkit

  • Added logic to inventory for Lifecycle Components Toolkit module during Add License.  Otherwise, Lifecycle Components Toolkit would only inventory during an Add/Update of SovLabs Endpoints/Configurations/Profiles.
  • Fixed machineRequested workflow that would fail vRA deployments due to a missing parameter.  Affected since plugin 2018.1.2.
  • Added new Day2 “Advanced Lifecycle Profile” to update the Lifecycle Component JSON.  Add Lifecycle Profile and Update Lifecycle Profile no longer has the Lifecycle Component JSON editable due to form timeout issues.

Backup as a Service for Rubrik

  • Fixed “Recover Files and Folders” Day2 to end in an error if an error occurred.  Previously, would end in success.

ServiceNow CMDB

  • Updated ServiceNow CMDB methods to support Kingston

Released May 14, 2018

SovLabs Configuration
  • Fixed the issue where the SovLabs Configuration workflow would complete successfully even though an issue occurred during Import/Update vRA content.  Now, if an error occurs during that phase, the SovLabs Configuration workflow will fail.

Ansible Tower

  • Updated polling interval to 15 seconds (previously was set to 5 seconds)
  • Updated the polling logic to continue polling in the event an unknown error occurs for a specific Job Template.
  • New Feature: Added ability to use SovLabs Template Engine for Ansible Tower Inventory fields: Inventory and Machine Credential


  • Fixed the issue when allowing requester to select the IPAM Profile at request time for the vRA Catalog, IPAM would fail:
    • Updated vRO action “getAllIpamByTenant” to return Configuration labels for IPAM Profiles instead of the names being prefixed by “tenant_”.
    • Updated vRO workflow IPAM machineBuilding to save the rendered value of the IPAM Profile back onto the VMs properties

Infoblox IPAM

  • New Feature: Added ability to specify the type of reservation (Fixed IP or DNS Host Record) for Infoblox IP reservations.
    • Previously, Infoblox IPAM made Fixed IP reservations.  Now, the user can specify DNS Host Record IP reservations
    • User can specify reservation type when adding/updating a SovLabs Infoblox Endpoint
  • Fixed the ordering of the fields in the Advanced tab of an Add/Update Infoblox Endpoint to be in the same order.

Red Hat Satellite

  • Fixed Manual Provision and Deprovision vRO workflows for quicker troubleshooting
  • Updated Satellite machineDisposing workflow to log the error that occurred.

SovLabs vCenter Endpoint

  • Certified 6.7x vCenter

Backup as a Service for Veeam

  • Fixed Veeam machineDisposing logs to print the Veeam BEM Endpoint.  Previously, the logs would have “undefined” for the endpoint name.



Released May 29, 2018

SovLabs Configuration
  • When running an upgrade from a previous SovLabs Plug-in version to 2018.1.5, the workflow would fail on F5 (if the SovLabs F5 module is licensed).  Remedied in this release to continue for F5, since the SovLabs F5 Component is updated later on.
  • When running an upgrade form a previous SovLabs Plug-in version to 2018.1.5, the workflow would fail on Ansible Tower (if the SovLabs Ansible Tower module is licensed).  Remedied by including the missing vRO actions necessary for a proper update.


  • Fixed VM Properties generated to include businessGroup, guestOS, guestOSFamily and externalReferenceId.

Ansible Tower

  • Added a new field to the Add/Update Ansible Tower Inventory Profile called “vRA Property Translation”.  This new field allows the user to: Enter a value of one or more characters that will replace dots (periods) that may occur in certain vRA custom properties, allowing Ansible to properly utilize them.  For example, an underscore _ would translate a vRA custom property named my.dc as my_dc when referenced within an Ansible playbook.
  • Fixed the issue where removing the Inventory Profile would not remove the config and YAML
  • Allowed templated Job Templates to skip if rendered empty.  If the template is required (e.g {{ myJobTemplate | required }}) and it renders empty or does not exist, it will fail during provisioning.

BlueCat DNS

  • Added locking on BlueCat API calls.  Without it, provisioning multiple VM instances would fail while trying to add the VM to BlueCat DNS


  • Fixed failure when user selects “any” as the IP Protocol and selects “none” for the HTTP Proxy Connect Profile during provisioning.

Red Hat Satellite

  • Fixed disposing where it would fail to find the host by ID.  Added logic to find the host by content_host_id for the ID matcher and additional retry logic to try to find the host by hostname if it was not found by ID.


SovLabs Plugin New Install Instructions


SovLabs Plugin Upgrade Instructions

Prior to an upgrade
  1. Update the heap size in vRO Configurator to allow installation of the SovLabs Plugin.  By default, the vRO Configurator heap size is set to 512m.  We recommend setting it to 768m.
    1. Go to Instructions: Increase vRO Max Heap Size
  2. If upgrading from SovLabs Plugin 2017.X or earlier, Delete all license keys
    1. Login to the vRA tenant
    2. Click on the Items tab > SovLabs vRA Extensiblity Modules > SovLabs License
    3. For each SovLabs License item listed, perform the Delete License action
  3. If upgrading from SovLabs Plugin 2017.1.x or earlier, update the SovLabs DNS custom resource in vRA
    1. Login to the vRA tenant
    2. Click on Design > XaaS > Custom Resources
    3. Find and select SovLabs DNS
    4. Edit SovLabs DNS
    5. Update the Name field to be: SovLabs DNS configuration (is case sensitive)
      1. View Screenshot
    6. Click Finish
    7. Repeat for all vRA tenants
  4. Follow the remaining instructions: https://docs.sovlabs.com/vRA7x/2018.1.x/getting-started/sovlabs-plugin/upgrade/


Ansible Tower 

*Only perform if SovLabs Ansible Tower module is licensed and is being upgraded from a previous SovLabs plugin

  1. SSH as root to your Ansible Tower server and add the deprov_workflow_id to the yaml file in your inventory directory:
    1. cd /
    2. ls -l | grep awx
    3. Find the directory that corresponds to to your SovLabs Ansible Tower Inventory Profile in vRA.
    4. cd  /<your_vra_inventory_dir>
    5. Using a text editor (vi),  edit the .yaml file and add the following line at the end of the yaml file:   deprov_workflow_id: 03406239-dd1d-433a-ad69-90ebd680b07b
    6. chmod 644 <your yaml filename>.yaml
    7. chown awx:awx <your yaml filename>.yaml
    8. If you have more than one Ansible Tower Inventory Profile in vRA, repeat for each one.
  2. Replace the custom inventory script for your vRA inventory with the new one for SovLabs 4.x and above:
    1. Log into Ansible Tower as an admin user
    2. Click on Settings > Inventory Scripts
    3. Find the inventory script associated with your vRA inventory.  If you’re not sure, go to Inventories and select your vRA inventory.  Under Groups, click the Edit button, and you’ll see Source is “Custom Script”. Note the name in the  Custom Inventory Script field.  Then go back to Settings > Inventory scripts and edit the inventory script
    4. Edit the inventory script.  thee first few lines should look like this below:#!/usr/bin/env python

      # -*- coding: utf-8 -*-


      VMware VRealize Automation (vRA) Inventory Script


      Retrieve information about virtual machines from a vRA, though a

      vRO ( vRealize Orchestrator ) server.

    5. Replace the entire contents script of the script field with the contents of the new file referenced <here>.
    6. Click Save
    7. Test the new Inventory Script by syncing the Inventory in Ansible Tower.
  • If the inventory sync fails, re-check all the steps above.  If you re-check the steps and inventory sync still fails, please contact SovLabs support.


NOTE: Do not upgrade the vra.py prior to upgrading the plugin as the vra.py is NOT backwards compatible with prior versions of the SovLabs plugin. The vra.yaml however, is backwards compatible with prior versions of the plugin.


Perform a Rollback

*Only if necessary

  1. Download Instructions (same PDF as Creating a backup vRO Package in section Prior to an upgrade – Step 1)


For additional resources, please checkout: docs.sovlabs.com

Recommended Reading