Month: March 2023

Upgrading VMware Aria Operations for Logs from 8.6.2 to 8.10.2 using VMware Aria Suite Lifecycle 8.10.0

By Lerpong Intaraworrapath | March 27th, 2023

In this article, we will demonstrate you how to upgrade VMware Aria Operations for Logs (formerly vRealize Log Insight) version 8.6.2 to 8.10.2 using VMware Aria Suite Lifecycle (formerly vRealize Suite Lifecycle Manager) version 8.10.0.

Prerequisite.

The VMware Aria Suite Lifecycle version must be supported in order to upgrade of VMware Aria Operations for Logs to version 8.10.2.

VMware vRealize Suite Lifecycle Manager 8.10.x Release Notes
https://docs.vmware.com/en/VMware-vRealize-Suite-Lifecycle-Manager/8.10.x/rn/vmware-vrealize-suite-lifecycle-manager-810x-release-notes/index.html

VMware vRealize Suite Lifecycle Manager 8.10.x Product Support Pack Release Notes
https://docs.vmware.com/en/VMware-vRealize-Suite-Lifecycle-Manager/8.10.x/rn/vmware-vrealize-suite-lifecycle-manager-810x-product-support-pack-release-notes/index.html

As suggested by the support pack, you must upgrade pack for VMware Aria Suite Lifecycle to pack 6 (alternatively you may update to the most recent support pack).

Noted: Whenever possible, we recommend upgrading the pack to the newest version.

Noted: In this article, we had upgraded VMware Aria Suite Lifecycle to 8.10.0 Pack7

We can see from the upgrade path that VMware Aria Operations for Logs 8.6.2 requires an update to 8.8.2 and subsequently to version 8.10.2.
(8.6.2->8.8.2->8.10.2)

https://interopmatrix.vmware.com/Upgrade?productId=88&isHidePatch=true

vRealize Log Insight 8.10.2 Release Notes

https://docs.vmware.com/en/vRealize-Log-Insight/8.10.2/rn/vrealize-log-insight-8102-release-notes/index.html

To reduce the upgrading procedure and internet connection from VMware Aria Suite Lifecycle, we downloaded 2 ISO images for VMware Aria Operations for Logs versions 8.8.2 and 8.10.2.

https://customerconnect.vmware.com/downloads/details?downloadGroup=VRLI-882&productId=938

https://customerconnect.vmware.com/downloads/details?downloadGroup=VRLI-8102&productId=1351

Step-by-Step instruction how to upgrade VMware Aria Operations for Logs

1.After downloading VMware Aria Operations for Logs iso images for versions 8.8.2 and 8.10.2. We transferred the image to the /data/temp directory of the VMware Aria Suite Lifecycle appliance.
Note: VMware recommends SCP protocol to transfer the file to the appliance. Tools such as winscp can also be used to transfer the file to the appliance.

2.Login to VMware Aria Suite Lifecycle, click “Environment” and then pick “vRealize Log Insight” to verify the version.

3.Choose “Setting” then “Binary Mapping” to confirm the product appear in the Binary Mapping list.

4.Click “ADD BINARIES“.

5.Choose “Local” as the location type. Enter “/data/temp” in the base location and press “DISCOVER“.

6.The list of product binaries will show below. Tick the box next to “VMware-vRealize-Log-Insight-8.8.2-20056468.pak” and type “upgrade” and then click “ADD“.

7.You can see the status of product mapping request by “Click here“.

8.Step 4 should be repeated to include “VMware-vRealize-Log-Insight-8.10.2-21145187.pak” and enter “upgrade”.

9.There will be 2 files in binary mapping upgrade for VMware Aria Operations for Log.

10.Log in to VMware Aria Operations for Log to check the version and the status of the cluster (3 nodes’ statuses must be displayed as connected.).

11.Back to VMware Aria Suite Lifecycle and, after choosing “Environment,” click “VIEW DETAILS” in vRealize Log Insight.

12.Choose “Trigger Inventory Sync” by clicking the 3 dots.

13.Wait until the sync is complete.

14.Back to VMware Aria Suite Lifecycle and, after choosing “Environment,” click “VIEW DETAILS” in vRealize Log Insight.

15.Select “UPGRADE“.

16.Click “PROCEED“.

17.Choose version 8.8.2 from the drop down menu.

18. Click the box to take a snapshot and then click “NEXT“.

19.Click “RUN PRECHECK“.

20.Read the “PRECHECK” report to check if there are any warnings or errors (you may download the report).

21.Read the upgrade summary and then click “SUBMIT“.

22.Upgrade in progress and wait from stage 1 to stage 10.

23.Login to VMware Aria Operations for Logs to view status and version.

24.Following the completion of the upgrade from 8.6.2 to 8.8.2, the next stage will be to upgrade from 8.8.2 to 8.10.2.

25.Repeat the step 15 and proceed to choose version 8.10.2.

26.Login to VMware Aria Operations for Logs to view status and version.

Guidance and Technical Recommendations.

vRealize Log Insight provides intelligent log management for infrastructure and applications in any environment. This highly scalable log management solution delivers intuitive, actionable dashboards, sophisticated analytics, and broad third-party extensibility across physical, virtual, and cloud environments. Update to the newest version to take advantage of new features, improve security, and get support for a new product.

VMSA-2022-0034 | Fixed version for VMware vRealize Operations (vROps) 8.6.x by KB90232

By Lerpong Intaraworrapath | March 7th, 2023

VMware issued a security alert for VMware vRealize Operations (vROps) due to the VMSA-2022-0034 severity. According to the advisory, VMware vRealize Operations (vROps) updates address privilege escalation vulnerabilities (CVE-2022-31707, CVE-2022-31708).

Solution

To remediate CVE-2022-31707 apply the fixes listed in the ‘Fixed Version’ column of the ‘Response Matrix’ below.

ProductVersionRunning OnCVE IdentifierCVSSv3SeverityFixed VersionWorkaroundsAdditional Documentation
VMware vRealize Operations (vROps)8.10AnyCVE-2022-31707, CVE-2022-317084.4, 7.2Important8.10.1N/AN/A
VMware vRealize Operations (vROps)8.6.xAnyCVE-2022-31707, CVE-2022-317084.4, 7.2ImportantKB90232N/AN/A

In this article, we will demonstrate how to apply patching from KB90232 in VMware vRealize Operations version 8.6.4.

Important: Take snapshots of each of the vRealize Operations nodes before applying the Hot Fix by following How to take a Snapshot of vRealize Operations.

Step-by-Step Instructions for Applying a Patch

1.Take a snapshot of the vROps node to which we want to apply the patch (How to take a Snapshot of vRealize Operations.).

2.Download the vRealize Operations 8.6 Hot Fix 8 PAK file from the VMware Patch Portal.

https://customerconnect.vmware.com/group/vmware/patch#search

3.You will proceed to the “Product Patches” page.

4.Choose the product and version, then press the “Search” button.

Product: vRealize Operations Manager
Version: 8.6

5.The “vROps-8.6-HF8” will be shown. Verify and validate the KB90232 patch file, then click “DOWNLOAD NOW.”.

6.Once the file download and snapshot have been completed, Log in to the vRealize Operations Manager administration interface

https://master-node-name-or-ip-address/admin.

7.Click “Software Update“.

8.Click “Install a Software Update“.

9.Go through the pack file you already downloaded.

10.Click “UPLOAD” after you’ve browsed the pack file.

11.The pack file had been uploaded. Click “NEXT”.

12.To accept the EULA, tick the box, then click “NEXT“.

13.After reading the release notes, click “NEXT”.

14.To install software, Click “INSTALL”.

15.The Administrator interface logs you out. Return to the primary node Administrator interface. In the left side, click Software Update. The update patch status will be shown.

16.Waiting for the pack to be installed.

17.Refresh the page. The cluster status is changed to Online.

18.Once the upgrade is finished, delete the snapshots you took prior to the software update.

Guidance and Technical Recommendations.

VMware security advisory with critical security severity for VMware vRealize Operations was released. A major vulnerability was discovered in VMware vRealize Operations. Using administrator rights in the vROps application, a malicious actor can get root access to the underlying operating system. We advise applying the patch or upgrading to the patched version to preventing a malicious attacker from accessing critical information in the vROps.