vRA patching: clearing the patch tab from a failed patch

Symptoms: vRA patching failed and is now stuck with a patch in the repository, the remove button does not do anything, the retry button is grayed out:

Note: Its always recommended that you take a powered off snapshot of all the nodes before patching and before performing the below:

  • Take a powered off  snapshot of all the vRA nodes and the IAAS nodes, Take an IAAS DB (sql db backup) (power everything down and take a snapshot, not a rolling power off)
  • Power them back up in order, once the services are up and registered proceed with the below: 
  • on every vcac (vra) nodes, Delete the contents of /usr/lib/vcac/patches folder (rm -rf /usr/lib/vcac/patches/*)
  • Check if the file “/opt/vmware/share/htdocs/service/cafe/patch_upload.lock” is present, if yes delete.
  • go back to vami and confirm if it allows uploading the patch, upload and then patch

Clean up vcac DB:

su postgres
/c vcac

delete from hf_execution_cmd;
delete from hf_patch_execution;

delete from hf_patch_nodes;
delete from hf_patch;

Usage Meter 4.x picks up vRops although vRops no longer exist on the environment

usage meter 4.x picks up vRops from vCenter mob. after adding the vCenter , UM does dynamic discovery.  if for any reason, vRops extension is left stale behind on vCenter, UM will continue to think the product exists. 

To resolve this,
log in to the vCenter mob and remove com.vmware.vrops and com.vmware.vcops 

Instructions to remove the extensions can be found here: https://kb.vmware.com/s/article/1025360 , Kindly ensure that you remove only com.vmware.vrops and com.vmware.vcops.

Once the extension is removed, remove and re-add the product: vCenter (all vCenter’s referenced by this vRops)  back on to usage meter. you should no longer see vRops. 

reuse a previously used password on photon/VMware appliances?


If for some reason the password had to be reset to the original, the below config file can be changed to allow re-using passwords

edit /etc/pam.d/system-password

vi /etc/pam.d/system-password

change remember=5 to remember=1 and reboot the appliance

Once the appliance boots up, set the password using

passwd root

EDIT: The above does not work with the newer versions of VIDM!

adding a webhook to vRA-Code Stream fails

adding a webhook to vRA-Code Stream fails with error:

java.lang.IllegalArgumentException: 400 BAD_REQUEST "Unable to create webhook at Git server. Request failed with : 422"

browser console:

{timestamp: 1622639483332, path: "/codestream/api/git-webhooks", status: 400, error: "Bad Request",…}
@type: "com.vmware.codestream.exception.CodestreamException"
error: "Bad Request"
message: "400 BAD_REQUEST \"Unable to create webhook at Git server. Request failed with : 422\""
path: "/codestream/api/git-webhooks"
requestId: "929b7098-102300"
status: 400
timestamp: 1622639483332

Symptoms: Gitlab is installed on the same network as of vRA/Codestream

Cause: Gitlab does not allow connections to create a webhook from local subnet by default.

Resolution :Allow requests to the local network from web hooks and services


  • On gitlab, go to admin area:
  • On the left hand, navigate to settings> Network
  • enable Allow requests to the local network from system hooks, also add the codestream FQDN (or *) in the URL

Now Go back to codestream and add the webhook: success!!