4.0(2f)

August 25, 2021

Updated Recommended FI/Server Firmware - 4.0(x) Releases to indicate UCSM 4.1(3e) is qualified for HX 4.0(2x) releases.

4.0(2f)

August 9, 2021

Updated Recommended FI/Server Firmware - 4.0(x) Releases to indicate UCSM 4.0(4m), and 4.1(3d) are qualified for HX 4.0(2x) releases.

4.0(2f)

June 21, 2021

Added Single Socket support in New Features.

4.0(2f)

June 3, 2021

Created release notes for Cisco HX Data Platform Software, Release 4.0(2f).

4.0(2e)

May 7, 2021

Updated Recommended FI/Server Firmware - 4.0(x) Releases to indicate UCSM 4.0(4l) is qualified for HX 4.0(2x) releases.

HX Servers

HX220c M5

HX220c AF M5

HX240c M5

HX240c AF M5

HX220c M4

HX220c AF M4

HX240c M4

HX240c AF M4

HX240c-M5L

HX240c M5 Edge Short Depth

HXAF240c M5 Edge Short Depth

HX220c M5 Edge

HXAF220c M5 Edge

HX220c M4 Edge

HXAF220c M4 Edge

HXAF220c-M5SN

All NVMe - HXAF220c-M5SN

Not supported with Hyper-V.

HX220c M5

HX220c AF M5

HX240c M5

HX240c-M5L

HX220c M5

HX220c AF M5

HX240c M5

HX240c AF M5

HX240c-M5L

All NVMe - HXAF220c-M5SN

Compute-Only UCS B-Series/C-Series Servers

B200 M5/M4/M3, B260 M4, B420 M4, B460 M4, B480 M5, C220 M5/M4/M3, C240 M5/M4/M3, C460 M4, C480 M5

B200 M5/M4/M3, B260 M4, B420 M4, B460 M4, B480 M5, C220 M5/M4/M3, C240 M5/M4/M3, C460 M4, C480 M5

—

B200 M5/M4/M3, B260 M4, B420 M4, B460 M4, B480 M5, C220 M5/M4/M3, C240 M5/M4/M3, C460 M4, C480 M5

C240 M5, C220 M5, B200 M4, B200 M5

C220 M5,C240 M5, B200 M4, B200 M5

B200 M5/M4/M3, B260 M4, B420 M4, B460 M4, B480 M5, C220 M5/M4/M3, C240 M5/M4/M3, C460 M4, C480 M5

B200 M5/M4/M3, B260 M4, B420 M4, B460 M4, B480 M5, C220 M5/M4/M3, C240 M5/M4/M3, C460 M4, C480 M5,

B200 M5/M4/M3, B260 M4, B420 M4, B460 M4, B480 M5, C220 M5/M4/M3, C240 M5/M4/M3, C460 M4, C480 M5,

Supported Nodes

Converged and Compute-only nodes

HXDP-S Licensed Node Limits

1:1 ratio of HXDP-S to Compute only nodes

(Min—Max)

Converged nodes:3-32 (7.6TB drive configs on HX 240c AF M5 require HX 4.0(2c) release for full scale) Compute only nodes: 0-32

Compute-only nodes: 0-32

Converged nodes:3-16

Compute-only nodes: 0-16

M4 Converged nodes: 3

M5 Converged nodes: 2,3,or 4

Requires HXDP-E License

N/A (requires Enterprise HXDP-P License)

Converged nodes: 3-16

Compute-only nodes: 0-16

Converged nodes: 3-16 (12TB HDD option is not supported for HyperV)

Compute-only nodes: 0-16

N/A (requires Enterprise HXDP-P License)

N/A (requires Enterprise HXDP-P License)

N/A (requires Enterprise HXDP-P License)

HXDP-P Licensed Node Limits

1:2 ratio of HXDP-P to Compute only nodes

(Min—Max)

Converged nodes:3-32 (7.6TB drive configs on HX 240c AF M5 require HX 4.0(2c) release for full scale) Compute only nodes: 0-32 (up to max cluster size)

Compute-only nodes: 0-32

(up to max cluster size)

Converged nodes:3-16

Compute-only nodes: 0-32

Converged nodes: 3

(requires HXDP-E License)

Converged nodes: 3-32

Compute Only nodes: 0-32

(up to max cluster size)

Converged nodes: 3-16

Compute-only nodes: 0-16

Converged nodes: 3-16 (12TB HDD option is not supported for HyperV)

Compute-only nodes: 0-16

Converged nodes: 2-16 per Site

Compute-only nodes: 0-21 per Site

(up to max cluster size)

7.6TB drive configs on HX240c AF M5 require HX 4.0(2c) release for full scale) Compute only nodes: 0-32 (up to max cluster size)

Converged nodes: 2-8 per Site

Compute-only nodes: 0-16 per Site

(up to max cluster size)

Converged nodes: 2-16 per Site

Compute-only nodes: 0-21 per Site

(up to max cluster size)

64

48

3

64

32

32

32 per Site/ 64 per cluster

24 per Site/ 48 per cluster

32 per Site/ 64 per cluster

Max Compute to Converged ratio

2:1*

2:1*

—

2:1*

1:1

1:1

2:1*

2:1*

2:1*

✔

✔

No

✔

✔

✔

✔**

✔**

✔**

4.0(2f)

CSCvy14839

NA

A vulnerability in the logging subsystem of the Cisco HyperFlex System could allow an authenticated, remote attacker to view sensitive information in a system log file which should be restricted.

4.0(2e)

CSCvx36028

CVE-2021-1499

A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device.

For more information, see the related Cisco Security Advisory.

4.0(2e)

CSCvx52126

CVE-2021-1499

A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device.

For more information, see the related Cisco Security Advisory.

4.0(2e)

CSCvx37435

CVE-2021-1498

A vulnerability in the web-based management interface of Cisco HyperFlex HX Installer Virtual Machine could allow an unauthenticated, remote attacker to perform a command injection attack against an affected device.

For more information, see the related Cisco Security Advisory.

4.0(2e)

CSCvx36019

CVE-2021-1497

A vulnerability in the web-based management interface of Cisco HyperFlex HX Installer Virtual Machine could allow an unauthenticated, remote attacker to perform a command injection attack against an affected device.

For more information, see the related Cisco Security Advisory.

4.0(2e)

CSCvx36014

CVE-2021-1497

A vulnerability in the web-based management interface of Cisco HyperFlex HX Installer Virtual Machine could allow an unauthenticated, remote attacker to perform a command injection attack against an affected device.

For more information, see the related Cisco Security Advisory.

4.0(2e)

CSCvv75781

CVE-2017-18269, CVE-2018-11236, CVE-2018-11237, CVE-2018-19591, CVE-2018-6485, CVE-2019-17514, CVE-2019-18348, CVE-2019-18874, CVE-2019-20907, CVE-2019-9169, CVE-2019-9674, CVE-2020-14344, CVE-2020-14422, CVE-2020-14556 ,CVE-2020-14578, CVE-2020-14579, CVE-2020-14583, CVE-2020-14593, CVE-2020-14621, CVE-2020-1751, CVE-2020-2754, CVE-2020-2755, CVE-2020-2756, CVE-2020-2757, CVE-2020-2767, CVE-2020-2773, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2816, CVE-2020-2830,CVE-2020-8492

Multiple vulnerabilities from multiple TPS components.

For more information, see the related Cisco Security Advisory.

4.0(2e)

CSCvv15388

CVE-2020-14422

Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created.

For more information, see the related Cisco Security Advisory.

4.0(2e)

CSCvw50465

NA

Includes updates to address vulnerabilities in multiple third party software packages.

For more information, see the related Cisco Security Advisory.

4.0(2e)

CSCvu95813

CVE-2020-12049, CVE-2019-8457, CVE-2020-13790, CVE-2020-12762, CVE-2018-8740, CVE-2019-19603, CVE-2019-19645, CVE-2020-11655, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2019-17023, CVE-2020-12399, CVE-2019-3689, CVE-2019-1547, CVE-2019-1549, CVE-2019-1551, CVE-2019-1563

napi_get_value_string_*() allows various kinds of memory corruption in node.

For more information, see the related Cisco Security Advisory.

4.0(2c)

CSCvu33080

CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2020-10108, CVE-2020-10109, CVE-2020-8597, CVE-2018-12327, CVE-2017-6350, CVE-2017-6349, CVE-2017-5953, CVE-2019-20079, CVE-2017-11109, CVE-2018-20786, CVE-2017-1110, CVE-2020-10531, CVE-2020-7595, CVE-2019-19956, CVE-2019-19923, CVE-2019-20218, CVE-2019-19925, CVE-2020-9327, CVE-2019-19959, CVE-2019-8457, CVE-2019-13753, CVE-2019-19924, CVE-2019-13734, CVE-2019-13752, CVE-2019-19926, CVE-2019-13751, CVE-2019-13750, CVE-2019-19880, CVE-2019-5188, CVE-2019-5094, CVE-2015-9383, CVE-2019-15796, CVE-2019-15795

Includes updates to address vulnerabilities in multiple third party software packages.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvq63138

CVE-2019-13132, CVE-2019-9924

A vulnerability in the cluster service manager of Cisco HyperFlex could allow an unauthenticated, adjacent attacker to perform a command injection as the root user.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvq71240

CVE-2019-11719, CVE-2019-11727, CVE-2019-11729

A vulnerability in the cluster service manager of Cisco HyperFlex could allow an unauthenticated, adjacent attacker to perform a command injection as the root user.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvr06339

CVE-2019-1125

A vulnerability in the cluster service manager of Cisco HyperFlex could allow an unauthenticated, adjacent attacker to perform a command injection as the root user.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvs06094

CVE-2015-9383, CVE-2018-14498, CVE-2018-20406, CVE-2018-20852, CVE-2019-10160, CVE-2019-13117, CVE-2019-13118, CVE-2019-14287, CVE-2019-14973, CVE-2019-15903, CVE-2019-17546, CVE-2019-18197, CVE-2019-18218, CVE-2019-5010, CVE-2019-5094, CVE-2019-5481, CVE-2019-5482, CVE-2019-9636, CVE-2019-9740, CVE-2019-9947, CVE-2019-9948

A vulnerability in the cluster service manager of Cisco HyperFlex could allow an unauthenticated, adjacent attacker to perform a command injection as the root user.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvp65019

CVE-2017-13168, CVE-2017-18174, CVE-2017-18216, CVE-2018-10876, CVE-2018-10877, CVE-2018-10878, CVE-2018-10879, CVE-2018-10880, CVE-2018-10881, CVE-2018-10882, CVE-2018-10902, CVE-2018-10938, CVE-2018-12233, CVE-2018-12896, CVE-2018-13053, CVE-2018-13094, CVE-2018-13096, CVE-2018-13405, CVE-2018-13406, CVE-2018-14609, CVE-2018-14617, CVE-2018-14633, CVE-2018-14734, CVE-2018-15572, CVE-2018-15594, CVE-2018-16276, CVE-2018-16658, CVE-2018-17182, CVE-2018-17972, CVE-2018-18021, CVE-2018-18690, CVE-2018-18710, CVE-2018-6554, CVE-2018-6555, CVE-2018-9363

A vulnerability in the cluster service manager of Cisco HyperFlex could allow an unauthenticated, adjacent attacker to perform a command injection as the root user.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvo98516

NA

This vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerability by directing a user to an attacker-controlled web page that contains a malicious HTML iframe. A successful exploit could allow the attacker to conduct clickjacking or other client-side browser attacks.

4.0(2a)

CSCvj95584

NA

The vulnerability is due to insufficient authentication for the statistics collection service. An attacker could exploit this vulnerability by sending properly formatted data values to the statistics collection service of an affected device. A successful exploit could allow the attacker to cause the web interface statistics view to present invalid data to users.

4.0(2a)

CSCvp24343

CVE-2018-15380

The vulnerability is due to insufficient CSRF protections for the web UI on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvq19949

CVE-2019-11834, CVE-2019-11835

Vulnerabilities with a version of cJSON identified by CVE-2019-11834 and CVE-2019-11835.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvr54398

CVE-2018-12207, CVE-2019-11135

HX ESXi image patches for MCEPSC and TAA vulnerabilities with VMware ESXi identified by CVE-2018-12207 and CVE-20190-11135.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvq19546

CVE-2019-11477, CVE-2019-11478, CVE-2019-11479

CP networking vulnerabilities affecting the Linux kernel identified by CVE-2019-11477, CVE-2019-11478, CVE-2019-11479.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvr54399

CVE-2018-12207, CVE-2019-11135

Qualification of Microsoft security patches for vulnerabilities with Microsoft Hyper-V hypervisor identified with CVE-2018-12207, CVE-2019-11135.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvp76463

CVE-2016-10708, CVE-2018-20685, CVE-2019-6109, CVE-2019-6111

OpenSSH vulnerabilities identified by CVE-2019-6111.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvp66679

CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2109, CVE-2016-2176, CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6305, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, CVE-2016-7055, CVE-2016-8610, CVE-2017-3731, CVE-2017-3732, CVE-2017-3735, CVE-2017-3736, CVE-2017-3737, CVE-2017-3738, CVE-2018-0495, CVE-2018-0732, CVE-2018-0734, CVE-2018-0735, CVE-2018-0737, CVE-2018-0739, CVE-2018-12384, CVE-2018-12404, CVE-2018-5407, CVE-2019-1559

Multiple vulnerabilities associated with OpenSSL and LibNSS.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvp66555

CVE-2016-10087

libpng vulnerability identified by CVE-2016-10087.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvp34586

CVE-2014-9092, CVE-2016-3616, CVE-2017-15232, CVE-2018-11212, CVE-2018-11213, CVE-2018-11214, CVE-2018-1152, CVE-2018-13785

Vulnerabilities associated with libjpg and libpng.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvp31207

CVE-2018-16428, CVE-2018-16429

Vulnerabilities associated with Glib identified by CVE-2018-16428 and CVE-2018-16429.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvr36903

CVE-2019-15133, CVE-2019-15903, CVE-2019-5010, CVE-2019-5481, CVE-2019-5482, CVE-2019-9636, CVE-2019-9740, CVE-2019-9947, CVE-2019-9948

Multiple vulnerabilities associated with curl, expat, python 2.7, python 3.5, 3.6 and 3.7, freetype and giflib.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvq92032

CVE-2019-14379, CVE-2019-12384, CVE-2019-14439

Multiple third party software vulnerabilities.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvq43250

CVE-2018-16062, CVE-2018-16402, CVE-2018-16403, CVE-2018-18310, CVE-2018-18520, CVE-2018-18521, CVE-2019-7149, CVE-2019-7150, CVE-2019-7665

Vulnerabilities associated with elfutils.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvq43230

CVE-2017-5953, CVE-2019-12735

Vulnerabilities associated with vim.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvq43213

CVE-2016-6153, CVE-2017-10989, CVE-2017-13685, CVE-2017-2518, CVE-2017-2519, CVE-2017-2520, CVE-2018-20346, CVE-2018-20505, CVE-2018-20506, CVE-2019-8457, CVE-2019-9936, CVE-2019-9937

Vulnerabilities associated with sqlite3.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvq43209

CVE-2018-20843

Vulnerabilities associated with glib2.0.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvq43205

CVE-2018-20843

Vulnerabilities associated with expat.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvq43194

CVE-2016-3189, CVE-2019-12900

Vulnerabilities associated with bzip2.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvq10694

CVE-2018-12115, CVE-2018-0734, CVE-2018-5407, CVE-2018-12120, CVE-2018-12121, CVE-2018-12122, CVE-2018-12123, CVE-2018-12116, CVE-2019-5737, CVE-2019-5739

Multiple Vulnerabilities associated with NodeJS.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvq10388

CVE-2019-10906, CVE-2016-10745

Vulnerabilities associated with Pallets Jinja str.format_map and identified by CVE-2019-10906 and CVE-2016-10745.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvq09178

CVE-2014-8501, CVE-2014-9939, CVE-2015-9262, CVE-2016-10087, CVE-2016-2226, CVE-2016-4487, CVE-2016-4488, CVE-2016-4489, CVE-2016-4490, CVE-2016-4491, CVE-2016-4492, CVE-2016-4493, CVE-2016-6131, CVE-2018-10963, CVE-2018-13785, CVE-2018-17100, CVE-2018-17101, CVE-2018-18557, CVE-2018-18661, CVE-2018-7456, CVE-2018-8905

Multiple Security Vulnerabilities.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvq07568

CVE-2019-9893

Vulnerabilities associated with libseccomp.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvq06755

CVE-2017-12447

Vulnerabilities associated with gdk-pixbuf.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvp93817

CVE-2018-6594

Vulnerabilities associated with python-crypto.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvp86721

CVE-2018-20483, CVE-2019-5953

Vulnerabilities associated with wget.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvp66748

CVE-2018-6594

Multiple vulnerabilities associated with Python Crypto.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvp66734

CVE-2017-17512

Vulnerabilities associated with sensible-utils.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvp66689

CVE-2018-1000030

Multiple vulnerabilities associated with Python.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvp66672

CVE-2016-10713, CVE-2018-1000156, CVE-2018-6951

Multiple patch vulnerabilities identified by CVE-2016-10713.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvp66664

CVE-2016-10165, CVE-2018-16435

Vulnerabilities associated with Little CMS identified by CVE-2016-10165.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvp64746

CVE-2011-5325, CVE-2016-7076, CVE-2017-1000368, CVE-2019-11068

Vulnerabilities associated with Tenable Scan identified by CVE-2011-5325/CVE-2019-11068/CVE-2016-7076,CVE-2017-1000368.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvp34792

CVE-2016-9318, CVE-2017-16932, CVE-2017-18258, CVE-2018-14404, CVE-2018-14567

Vulnerabilities associated with libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products and identified by CVE-2016-9318.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvp29266

CVE-2018-10916

Vulnerabilities associated with LFTP Remote File Names Unauthorized Access Vulnerability and identified by CVE-2018-10916.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvo34097

CVE-2018-7750

Vulnerabilities associated with CryptographyDeprecationWarning: signer and verifier have been deprecated.

For more information, see the related Cisco Security Advisory.

4.0(2a)

CSCvr39793

CVE-2019-16056

Multiple Vulnerabilities in python 2.7, 3.5.

For more information, see the related Cisco Security Advisory.

4.0(1b), 3.5(2g)

CSCvq24176

CVE-2018-15380

A vulnerability in the cluster service manager of Cisco HyperFlex could allow an unauthenticated, adjacent attacker to execute commands as the root user.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting to the cluster service manager and injecting commands into the bound process. A successful exploit could allow the attacker to run commands on the affected host as the root user.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

For more information, see the related Cisco Security Advisory.

4.0(1b), 3.5(2g)

CSCvj95606

CVE-2018-15380

A vulnerability in the cluster service manager of Cisco HyperFlex could allow an unauthenticated, adjacent attacker to perform a command injection as the root user.

The vulnerability is due to an unprotected listening interface. An attacker could exploit this vulnerability by connecting to the listening interface and injecting commands to the bound process. An exploit could allow the attacker to run commands on the affected host as the root user.

For more information, see the related Cisco Security Advisory.

4.0(1b)

CSCvo88997

CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10078, CVE-2017-10081, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10111, CVE-2017-10115, CVE-2017-10116, CVE-2017-10118, CVE-2017-10135, CVE-2017-10176, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388, CVE-2017-3509, CVE-2017-3511, CVE-2017-3526, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544, CVE-2018-2579, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678, CVE-2018-2783, CVE-2018-2790, CVE-2018-2794, CVE-2018-2795, CVE-2018-2796, CVE-2018-2797, CVE-2018-2798, CVE-2018-2799, CVE-2018-2800, CVE-2018-2814, CVE-2018-2815, CVE-2018-2952, CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3150, CVE-2018-3169, CVE-2018-3180, CVE-2018-3183, CVE-2018-3214, CVE-2019-2422

The vulnerabilities associated with the JVM 1.8U121 memory leak found during VC alarms (concurrent 40 calls using REST API).

4.0(1b)

CSCvm58031

NA

Tomcat and Nginx logs are not being collected in the support bundle generated through HX Connect in Release 3.5.

4.0(1a)

CSCvn35119

CVE-2018-18584

CVE-2018-18585

The vulnerabilities associated with the libmspack software package version included in Cisco HX Data Platform.

4.0(1a)

CSCvn82282

CVE-2018-14719

CVE-2018-14720

CVE-2018-1000873

CVE-2018-14721

CVE-2018-19360

CVE-2018-19362

CVE-2018-19361

CVE-2018-14718

The vulnerabilities associated with FasterXML Jackson-Databind Time Value Field Denial of Service.

4.0(1a)

CSCvo05054

CVE-2013-3587

The vulnerabilities associated with the OpenSSL Protocol software package version included in Cisco HX Data Platform.

4.0(1a)

CSCvo27818

CVE-2018-16487

CVE-2018-19361

The vulnerabilities associated with Third-Party Software Denial of Service.

3.5(2a)

CSCvm53149

CVE-2018-1092

CVE-2018-7492

CVE-2018-8087

CVE-2018-1068

CVE-2018-8781

The vulnerabilities associated with Linux kernel for Ubuntu 17.10.

CSCvy07797

HX upgrade to release 4.0(2e) fails with Checking if pre-upgrade has been completed on the nodes. Next on empty iterator.

4.0(2e)

4.0(2f)

CSCvy03362

HyperFlex release 4.0(2b) to 4.0(2e) vib upgrade fails due to special characters in hxuser password.

4.0(2e)

4.0(2f)

CSCvx01406

Frequent APD hits.

4.0(2d)

4.0(2e)

CSCvv88204

An ESXi OpenSSH Interoperability Issue exists with HXDP 3.5(2) and 4.0(2a-d). Starting with 6.7 P04 and later, the following functional areas of HX will be impacted including:

• Fresh cluster creation (may fail with Algorithm negotiation fail)

• Cluster expansion (may fail with Algorithm negotiation fail)

• Cluster reregistaration (stcli cluster reregister may fail with "Algorithm negotiation fail")

• System information page in HX Connect

• Upgrades may fail with "Failed to Establish SSH Connection to host" or "Errors found during upgrade"

3.5(2e)

4.0(2e)

CSCvr31746

1. If the impacted node had the Zookeeper Leader process running, it can potentially terminate multiple Zookeeper sessions leading to storfs restarts on multiple nodes and eventually an APD.

2. The stalling may cause Zookeeper client running on the impacted node to timeout and the session could expire leading to storfs process on that node to restart. This will result in a temporary unhealthy event.

3. The stalling may cause storfs process to observe a high IO latency on one or more drives with active IO requests pending on those drives. This could lead to drives being marked as blacklisted and the cluster would become unhealthy until the drives are auto-repaired.

3.5(2e)

4.0(2e)

CSCvv19737

On some Hyperflex Edge clusters, when registering with Smart Licensing they will consume the "Cisco SP HyperFlex HX Data Platform SW v2.0" license instead of the "HyperFlex Data Platform Edge Edition Subscription"

4.0(2c)

4.0(2e)

CSCvv59521

You may see the following error message during a HyperFlex install or expand using the local OVA installer:

4.0(2c)

4.0(2e)

CSCvt35006

HyperFlex datastores may report high IO latency during CRM Master failover.

If current CRM Master node reboots, the new CRM Master initialization can take more time and results in IO latency.

3.5(2h)

4.0(2e)

CSCvv21905

If RO user is not created at the install time (this happens if the installation done using Intersight), then when the user goes to the encryption page, an Authenticate UCSM button is shown. When user clicks that button, it fails with invalid CSRF token.

4.0(2a)

4.0(2e)

CSCvv09832

Replication not working after Cluster Expansion between new node and remote site. Network Tests fails.

4.0(2b)

4.0(2e)

CSCvt16158

Please see below KB and blog from VMware. Starting with new 6.5 and 6.7 ESXi releases, HX clusters with certain ESXI build numbers won't be able to do a direct ESXi upgrade to 6.5, 6.7 and 7.0 versions. If the build number is older, a two step upgrade will be required to get to the latest 6.5, 6.7 and 7.0 ESXi builds.

See the following VMware KB: https://kb.vmware.com/s/article/76555

See the following VMware blog: https://blogs.vmware.com/vsphere/2020/01/vsphere-signing-certificate-expiry-what-you-need-to-know.html

4.0(2a)

4.0(2e)

CSCvq15478

VM network performance degraded and/or Poor HyperFlex storage performance.

Significant and incrementing rx_no_buf errors seen on HyperFlex Storage Data VNIC's which correlate to the above statement.

3.5(2a)

4.0(2e)

CSCvq59999

Call-home notifications generated when a node is placed into MM during known maintenance activity and/or during an upgrade.

3.5(2f)

4.0(2e)

CSCvp79511

HX Upgrade to release 3.0(1i) was allowed while vCenter and ESXi were both on version 6.0u2 while Release Notes and version check require version 6.0u3.

4.0(1a)

4.0(2e)

CSCvv13773

During upgrade, the disks get marked as IGNORED.

4.0(2b)

4.0(2e)

CSCvx09397

Following a full cluster power outage, in rare situations the cluster may not recover on its own.

4.0(2a)

4.0(2e)

CSCvp09978

stcli cluster information shows Smart call home enabled, even though disabled.

3.5(2b)

4.0(2e)

CSCvw84976

When Replication is configured on the Cluster, replication network tests(inter and intra cluster) fails due to missing replIpSettings in the nodes inventory.

Datastores cannot be mapped from the UI.

replIpSettings values can be listed by stcli node list | grep -i -C 7 replIpSettings

4.0(2c)

4.0(2e)

CSCvv03450

HX Installer Password textbox validation logic flags incorrect when password entered is too complex.

3.5(2h)

4.0(2e)

CSCvu69826

stcli cluster reregister command fails with the following error when an HX host has a vVol datastore mounted:

Storage cluster reregistration with a new vCenter failed
java.rmi.RemoteException: VI SDK invoke exception:; nested exception is:
        java.rmi.RemoteException: Exception in WSClient.invoke:; nested exception is:
        java.lang.NullPointerException

3.5(2h)

4.0(2e)

CSCvi35116

Monitoring process for any VC alarms such as APD event, host disconnection, vm memory usages will not be started.

3.0(1a)

4.0(2e)

CSCvv09614

After the SCVM reboots, during the bootup process you will see errors such as:

Waiting for rootfs to become rw:

/usr/share/springpath/storfs-appliance/monitor-bootdev.sh: line 49: cannot create temp file for here-document: Read-only file system

/usr/share/springpath/storfs-appliance/monitor-bootdev.sh: line 20: /var/old-log/stv-bootdev.log: Read-only file system

The SCVM will reboot after completing the boot process (within a few mins).

3.5(2a)

4.0(2e)

CSCvt03880

Panic hits when previous repl CIP is retained changing replication configuration.

3.5(2e)

4.0(2e)

CSCvv16609

Storfs PANIC is observed on a node which has a failed disk that is still discoverable to HX Controller VM but IO requests to the disk do not get any response within 60 seconds.

3.5(2e)

4.0(2e)

CSCvt23930

You might see all servers online in the HX Connect dashboard, however one or more servers can show Hypervisor state as 'Offline' in the Nodes page of HX Connect. Furthermore, the 'hxcli node list' command will report the Hypervisor offline as well and requests to enter HX Maintenance Mode will fail.

/var/log/springpath/stMgr.log from the cluster lead SCVM will show WBEM failing to connect:

"[WBEMException: CIM_ERR_FAILED (Unable to connect)]"

4.0(2a)

4.0(2e)

CSCvv23981

Replication network cleanup triggers panic.

4.0(2b)

4.0(2e)

CSCvv09225

After adding a DNS entry to a HyperFlex system, it is not added to the output of stcli cluster info.

3.5(2g)

4.0(2e)

CSCvw39220

We will see high CPU usage in stctlvm causing storfs performance to be impacted.

4.0(2c)

4.0(2e)

CSCvx01406

Frequent APD hits.

4.0(2d)

4.0(2e)

CSCvx17718

HyperFlex cluster expansion will fail validation step of vCenter and ESXi uniform version check, Cluster 'XXXX' not found in datacenter. Please create the cluster on the targeted datacenter in vCenter"

Installer expects HX cluster object to be in root of datacenter.

4.0(2d)

4.0(2e)

CSCvg81805

DS shows unmounted on the vCenter for one HX host, but ESX CLI shows mounted.

Also this one host is not in the list of hosts on VC web client for the Datastore.

3.5(2d)

4.0(2e)

CSCvq77158

HX DS could become inaccessible due to clock skew when you shutdown and re-start 1 node.

Running the command: ntpd -gq on controller returns with no ntp servers found.

3.0(1a)

4.0(2e)

CSCvt43958

As OOM killer kills the main storfs process on a given controller, the resiliency state of cluster turns to WARNING, but eventually (and automatically) is restored to HEALTHY state.

Under extreme condition, if 2 or more nodes fault simultaneously, the cluster may shutdown, and may have to be restored manually using CLI. There is no data loss, but workload VMs may suffer storage outage (APD - All paths down) for the duration of cluster downtime.

3.5(2g)

4.0(2e)

CSCvs53555

You may see this error message after a failed upgrade or other task such as attempting to enter a node into HX maintenance mode:

getClusterLocalizableMessage(Operation did not complete in expected time and maybe executing in the background.,None,None,Operation did not complete in expected time and maybe executing in the background.,ArrayBuffer())

3.5(2e)

4.0(2e)

CSCvq94466

Node expansion fails due to timeout.

3.5(2d)

4.0(2e)

CSCvs08218

Virtual machine disk consolidation required error after native snapshot removal. Virtual machines flagged with "Virtual Machine disks consolidation is needed".

3.5(2b)

4.0(2e)

CSCvt75978

4-node HXDP version 3.5(2g) loop in snapshot tree causes host to crash.

3.5(2g)

4.0(2e)

CSCvt46022

Cluster stuck in an unhealthy state due to vNode resync being stuck.

3.5(2a)

4.0(2e)

CSCvt49323

For 10-node HX cluster with LAZ configured, HX Connect shows that the zones are unevenly distributed.

3.5(2g)

4.0(2e)

CSCvu52699

User can observe following symptoms after replacing Hyperflex server systemboard.

• Intersight UI - Node is not listed in HyperFlex cluster detailed inventory view page.

• Change of License tier for HyperFlex cluster will fail and reverts back to old value (example - If changing from Base to Essentials, it will fail and remain at Base).

On the intersight UI, user can notice that the hyperflex.Node (server) object has old server serial number and PhysicalServer object has null value.

UCSM, UCSM inventory in Intersight has updated new server details and issue is only with HX inventory in Intersight.

3.5(2h)

4.0(2e)

CSCvr52949

All the ESXi nodes lost connectivity to datastores. They were mounted but unavailable.

3.5(2a)

4.0(2e)

CSCvw69697

Cluster Upgrade validation fails with; Upgrade validations failed. Hosts <node-ip> are not in connected state in the vCenter server.Please make sure all hosts are in connected state.

3.5(2b)

4.0(2e)

CSCvs27184

Upgrade from ESXi versions 6.0 or 6.5 to 6.5 or 6.7 manually, get the error "'Could not find a trusted signer".

3.5(2h)

4.0(2e)

CSCvq38092

When a single node is offline in cluster, 'stcli cluster storage-summary' shows two nodes unavailable.

root@SCVM:~# stcli cluster storage-summary
...
    messages:
        ----------------------------------------
        Storage cluster is unhealthy.
        ----------------------------------------
        Storage nodes 192.168.1.4, 192.168.1.1 are unavailable.

3.5(2a)

4.0(2e)

CSCvq65830

VM corrupted after migrating from one host to another.

3.5(2a)

4.0(2e)

CSCvr83056

HyperFlex Datastore NFS Queue Depth shows as 256, which can lead to performance (including latency) issues.

3.5(2e)

4.0(2e)

CSCvs95434

When the Witness VM is deployed through the ovf template and the password has " (double quotes) in it, the witness vm fails to retain its network config after a reboot or two.

Modified /etc/network/interfaces to include the network config and also copied the same over to /etc/network/eth0.interface

After a reboot, the config in /etc/network/eth0.interface goes back to dhcp.

3.5(2h)

4.0(2e)

CSCvu62527

service_status.sh shows scvmclient status as Running though scvmclient on ESXi is stopped.

3.5(2a)

4.0(2e)

CSCvw39220

We will see high CPU usage in stctlvm causing storfs performance to be impacted.

For workaround details, see Cisco HyperFlex Software Advisory for HX Release 4.0(2c).

4.0(2c)

4.0(2d)

CSCvv05705

HyperFlex Installer VM deployment fails during the task "Installing Software Packages on Storage Controller VM" with the error: "non-zero return code'

Retrying the workflow will not fix the issue and continues to halt with the same error.

4.0(2c)

4.0(2c)

CSCvs86562

On a cluster where VMware EAM manages the controller, VMs upgrade fails with exit maintenance mode step failing. You will see more than 3 attempts to power on CVM fail with the error "No host is compatible with the virtual machine", and CVM gets powered on more than 30 seconds after exit maintenance mode.

4.0(2a)

4.0(2c)

CSCvt73521

When doing a deploy or expansion of Hyperflex from a HX installer, and the setup has more than the default 8 NICs created in UCSM. The HX deploy stage may hang at the following step:

Deploying Storage Controller VM on ESXi Host - Configuring Network (Port Groups) for ESXi and Storage Controller VM.

ESXi host may not be reachable on its assigned management address.

3.5(2d)

4.0(2c)

CSCvn89717

During an upgrade from HX release 3.5.1a to HX release 3.5.2a on a 3 node cluster with M5 hardware, the USB interface was deleted on one of the controller VMs. This resulted in the SED drives locking.

3.5(2a)

4.0(2c)

CSCvu73740

Case generated via Smart Call Home which attaches a SCH CLI Output that only contains the cluster_info.

3.5(2h)

4.0(2c)

CSCvu36042

The Storfs process on Springpath Controller VM will panic in inconsistent Network condition (such as disconnects, varying bandwidth or latency) when replication is forced to reconnect to the destination cluster.

4.0(2b)

CSCvt61403

For HX release 3.5(2g), 5 nodes hit APD with a bad disk in the cluster.

3.5(2g)

4.0(2c)

CSCvr37846

A node in the cluster stopped processing I/Os from clients and other nodes. This caused an All Paths Down timeout in ESX NFS hosts.

3.5(2a)

4.0(2c)

CSCvt22494

An Error occurs while expanding the cluster through classic installer: - The time zone name '<NAME>' was not found on the computer.

Applicable to Hyper V environment only.

4.0(2a)

4.0(2c)

CSCvu58631

HX release 3.5(2h) SED stretch cluster expansion failed as the converged node is not listed in server selection page.

3.5(2h)

4.0(2c)

CSCvu58785

Performing an API call for a token refresh fails on HyperFlex. The clusters encounters a failure response.

4.0(2a)

4.0(2c)

CSCvt21961

NTP FQDN resolution fails due to search domain being appended to NTP FQDN.

3.5(2h)

4.0(2c)

CSCvt51128

When eth1 is shut on ZK follower (or leader) on 2N Edge, the cluster reports healthy on it.

4.0(2a)

4.0(2c)

CSCvu08247

Repeated High Memory usage alarms may be seen in HyperFlex Connect after deployment or upgrade on to HX release 3.5(2g)/4.0(2a) where enhanced monitoring was first implemented.

3.5(2g)

4.0(2c)

CSCvu27654

Sometimes, the Witness VM fills up the volume containing Zookeeper logs and transactions. This may lead to Zookeeper service misbehaving within the Witness VM and could also potentially result in an unresponsive Zookeeper service. Also, filling up the folder prevents Zookeeper from logging any further.

3.5(2h)

4.0(2c)

CSCvu50471

vCenter URL is missing in ZK randomly during cluster creation. Day2 operations like upgrade is impacted when vCenter is empty.

3.5(2g)

4.0(2c)

CSCvt43958

As OOM killer kills the main storfs process on a given controller, the resiliency state of cluster turns to WARNING, but eventually (& automatically) is restored to HEALTHY state.

Under extreme conditions, if two or more nodes fault simultaneously, the cluster may shutdown, and may have to be restored manually using CLI. There is no data loss, but workload VMs may suffer storage outage (APD - All paths down) for the duration of cluster downtime.

3.5(2g)

4.0(2c)

CSCvt41200

When using Mgmt IP Address change, we may hit - Unsupported KEX algorithm "diffie-hellman-group1-sha1".

4.0(1b)

4.0(2c)

CSCvu07906

Upgrade fails in post upgrade task with error:

post upgrade task failed: Creating dynamic Certificate

The stMgr.log file has the following exception:

ERROR c.s.s.c.http.HttpDownStreamService - Unable to put the content to the downstream, url: /securityservice/v1/certificate?option=dynamic Error Response: com.twitter.util.TimeoutException: 35.seconds

DEBUG c.s.s.c.h.HttpDownStreamService$HttpDownStreamServiceUtil$ - putCall operation timed out)

com.twitter.util.TimeoutException: 35.seconds

at com.twitter.util.Future.$anonfun$within$1(Future.scala:1638) ~[util-core_2.12-17.10.0.jar:17.10.0]

at com.twitter.util.Future$$anon$2.apply$mcV$sp(Future.scala:1686) ~[util-core_2.12-17.10.0.jar:17.10.0]

at com.twitter.util.Monitor.apply(Monitor.scala:46) ~[util-core_2.12-17.10.0.jar:17.10.0]

at com.twitter.util.Monitor.apply$(Monitor.scala:41) ~[util-core_2.12-17.10.0.jar:17.10.0]

at com.twitter.util.Future$MonitoredPromise.apply(Future.scala:175) ~[util-core_2.12-17.10.0.jar:17.1

4.0(2a)

4.0(2c)

CSCvs08218

Virtual machine disk consolidation required error after native snapshot removal. Virtual machines flagged with Virtual Machine disks consolidation is needed.

3.5(2b)

4.0(2c)

CSCvt27376

BackUp Vendor REST API session timeouts on upgrade to HX 4.0(2a), due to rate limit of Authentication requests.

4.0(2a)

4.0(2c)

CSCvt90065

Running the custom workflow that configures IPs in the background (after encountering errors earlier which left the system in a partially configured state), the HX installer may raise an Error - the existing IP addresses already provisioned on the servers as Duplicate IPs.

4.0(2b)

4.0(2c)

CSCvs97460

When the cross data-center replication link bandwidth varies from value set by the user in the HX UI pane for replication during pairing, Springpath controllers do not auto-tune the rate of transmission. This leads to missing heartbeats and failure to replicate the data across the cluster. Replication failures are seen at the UI layer. In addition, in low bandwidth and high latency networks, large number of failures occur due to the non-adaptive nature of the replication rate. This enhancement supports varying link bandwidth and a bandwidth drop in link of up to 50% of configured replication bandwidths in HX by automatically controlling the rate of transmission.

4.0(2a)

4.0(2c)

CSCvt36374

/var/stv folder in Controller VM may become full.

3.5(2g)

4.0(2b)

CSCvs70967

stcli services dns remove should remove the DNS server info from the interface files.

2.5(1d)

4.0(2b)

CSCvt10522

HX 4.0(1b), new deployment from Intersight production cloud.

User receives following error while enabling CSI (Kubernetes integration).

Failure occurred during volume_access_enable, Error was: Nonzero exit code 1

4.0(1b)

4.0(2b)

CSCvt13947

Receive the following alert/event in HX Connect: HX Controller VM {HOSTNAME} one or more configured DNS servers not responding.

4.0(2a)

4.0(2b)

CSCvt14914

API, UI, CLI show few Drive slots Empty after upgrade to 4.0.2a.

The drives are seen in the sysmtool, lsscsi and stcli command outputs.

The cluster is healthy with no errors.

4.0(2a)

4.0(2b)

CSCvs69154

After successfully changing the DNS server on the HX controller, we still can see the original DNS entry that was added during the deployment.

3.5(2d)

4.0(2b)

CSCvs30080

HyperFlex Connect and VCenter show APD alarms for HX and non HX datastores. This implies there is an issue with HyperFlex when there may not be.

3.5(2e)

4.0(2b)

CSCvs74286

An issue where all the disks in the node get locked after rebooting the node.

We successfully unlocked using sed-client.sh -U command, but wanted to test with another reboot, and drives locked again.

4.0(2a)

4.0(2b)

CSCvt13929

When running "stcli license..." commands on HyperFlex, the following error is seen:

root@SpringpathController:/tmp# stcli license show all

Show smart licensing failed:

Smart Agent is not ready, please wait a minute and try again

4.0(2a)

4.0(2b)

CSCvt20144

After upgrading to HX 4.0(2a) the first Robo/Edge node that gets rebooted, then ignores persistent drives PID:HX-HD24TB10K4KN

Cluster will be in degraded state and have reduced capacity.

4.0(2a)

4.0(2b)

CSCvs21562

Zookeeper fails to start while Exhibitor is running, however echo srvr returns nothing.

3.5(2b)

4.0(2b)

CSCvs91787

When performing an HyperFlex upgrade a validation warning may occur due to the host not having Enterprise Plus or Enterprise hypervisor licensing.

Upgrade Validation Warning:

ESXi host esx1.lab.test should be configured with VMware Enterprise license for upgrade to continue.

4.0(2a)

4.0(2b)

CSCvs69317

Cluster expansion fails at Config Installer stage when the root and admin password for the storage controller (SCVM) are different.

3.5(2g)

4.0(2b)

CSCvt06983

Panic while upgrading ESXi.

3.5(2g)

4.0(2b)

CSCvs54285

A cluster node running may hang in the Linux kernel. This is classified as an oops and a deviation from the expected behavior.

4.0(2a)

4.0(2b)

CSCvs69007

Rebalance failing on 10+10 node HX 3.5(2g) stretch cluster.

3.5(2g)

4.0(2b)

CSCvr54687

The cluster becomes inaccessible to the IOVisor.

3.5(2d)

4.0(2b)

CSCvt61297

Panic on the storage controller.

4.0(2a)

4.0(2b)

CSCvt63306

The size of support bundle is very large when collected with storfs-support command.

4.0(2a)

4.0(2b)

CSCvt72807

storfs crash associated with FileSystemUsageWarningEvent or FileSystemUsageAlertEvent due to high usage of /var/stv above 80%.

4.0(2a)

4.0(2b)

CSCvo39912

In normal scenarios, HX upgrade gets pending ACK after updating service profile. In this case, UCS only upgrade was stalled because after updating service profile HX upgrade was not getting pending ACK, and it was always waiting state.

3.5(2d)

4.0(2a)

CSCvh80044

Hyper-V:HX Connect UI allows creation of a datastore by duplicating an existing datastore name that differs only in case. For example, Ds3, ds3, dS3 are allowed as valid datastore.

3.0(1a)

CSCvq39471

When using motherBoardReplace-1.2 to clean ZK from old stNode/pNodes resulted in unmounted datastore and making the size of the Hyperflex Datastores 0 resulting in all VMs in the cluster going offline.

3.5(1a)

4.0(2a)

CSCvm77294

Upgrading cluster and getting error:

Failed upgrade validations : Checking vCenter configuration. Reason: Upgrade validations failed. DRS Fault: Insufficient resources to satisfy configured failover

2.6(1e)

4.0(2a)

CSCvo70650

The cluster expand fails on a node with DR replication configured.

When a HX cluster which has DR replication configured is expanded we see the installer UI pulling in the replication VLAN information instead of the management VLAN information. Even if we change that information to the correct mgmt VLAN id and name it , it does not seem to work as the node is configured with the VLAN of the replication VLAN in ESXi. This leads to the failure of the node add with the host unreachable error.

3.5(2a)

4.0(2a)

CSCvo91624

Customer reported that, server didn't complete the firmware upgrade automatically one by one.

The user manually needs to put the host into maintenance mode and they manually acknowledged the pending requests to finish the UCS firmware upgrade.

Maintenance policy is set to default (User-ack) as per the design.

3.5(1a)

4.0(2a)

CSCvo93017

When the cluster is in "Failed" state and stcli node remove is attempted, the output shows successful though the node failed to get removed from the cluster.

3.5(1i)

4.0(2a)

CSCvp31021

HyperFlex cluster upgrade may fail during validation with a DRS Validation failed error.

3.5(1a)

4.0(2a)

CSCvp58318

HX cluster expansion will fail with the following error message:

MAC address pool configuration failure 150[ErrorDescription]: bad address block range definition collision.

3.5(2b)

4.0(2a)

CSCvp36220

If you perform an "stcli node add" and it exceeds 15 mins, you get a message indicating "Failed to add nodes", and "time out".

3.5(2a)

4.0(2a)

CSCvq34873

Memory usage by carbon cache.

3.5(2b)

4.0(2a)

CSCvr03240

Upgrading ESXi cluster fails with error "Node maintenance mode failed".

3.5(2g)

4.0(2a)

CSCvr88978

storfs process does not automatically start on Exit HX Maintenance Mode or other tasks which restart Storage Controller.

3.5(2e)

4.0(2a)

CSCvp10707

Post install script fails with message:

Failed to execute ipmitool on HX node.

3.5(2a)

4.0(2a)

CSCvp46539

HyperFlex expansion workflow doesn't pull VLAN name correctly.

4.0(1a)

4.0(2a)

CSCvq45087

During HX cluster deployment - Validate Cluster Creation phase - HX Installer might fail with the error:

*** from
\var\log\springpath\stDeploy.log
*** 

3.5(2a)

4.0(2a)

CSCvq91380

HX Installer fails to login to the SOL for configuring ESX hosts.

3.5(2b)

4.0(2a)

CSCvr44222

If DRS is enabled with configuration parameters other then fully automated i.e. manual or partially automated than this will change to fully automated during cluster expansion.

3.5(2d)

4.0(2a)

CSCvp82175

One of the validation task name has a typo. The task name is "Validating node for mixed of SED and non-SED disks".

It should be "Validating node for mix of SED and non-SED disks".

3.5(1a)

4.0(2a)

CSCvo12359

This combination of using smaller NVMe drives is not supported in expand operation. For example, if the drives are only 375GB and they cannot be added to an existing cluster with larger caching SSD.

3.0(1i)

4.0(2a)

CSCvp66679

HyperFlex includes a version of OpenSSL that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures:

CVE-2018-0495

3.5(1a)

4.0(2a)

CSCvo00511

SDK invoke exception when taking a native snapshot on a VM with GPU pci passthrough attached.

3.0(1e)

4.0(2a)

CSCvo62867

Node replacement script fails due to EAM error.

3.0(1i)

4.0(2a)

CSCvo79760

While pairing a cluster (HX release >= 3.5) and cluster (HX release < 3.5), remote replication network test fails on the cluster (HX release < 3.5).

3.5(1a)

4.0(2a)

CSCvo87061

Fixed the issue in the latest support-workflow bundle. This should not be hit anymore.

3.0(1b)

4.0(2a)

CSCvo87080

On a 3 node cluster the MbReplace script fails as the script looks for "HEALTHY" cluster status.

3.5(2a)

4.0(2a)

CSCvp12359

MbReplace script (tar) hangs when running on 3.5.2b or 4.0.

3.5(2a)

4.0(2a)

CSCvp63958

HX replication cleanup failing with error NA 3.5(2a) - INFO:DR state is not clean.

3.5(2a)

4.0(2a)

CSCvp66277

The check_stig_parameters API incorrectly shows the compliance state of the cluster as not STIG compliant.

4.0(1a)

4.0(2a)

CSCvq06952

The snapshot creation on CBT enabled VM fails with error "Failed in vmreparent vmkfstools clone1".

3.5(2c)

4.0(2a)

CSCvo60587

HyperFlex GUI, when setting up remote DR-replication partner/peer, should show remote replication partner TCP port reachability test results.

This will provide quick upfront connectivity results, that frequently takes customer a while to manually check and confirm.

If reachability tests fail, an info window and HX alert should trigger that list the destination peer IP and the specific port(s) that could not be reached.

3.5(2a)

4.0(2a)

CSCvr67130

If you have more than one IP pool configured for a replication network and local replication network tests are failing, you might be running into this issue.

3.5(2b)

4.0(2a)

CSCvp05204

Skip task option in MBreplace and Software redeploy scripts. The scripts should have the option to skip tasks as user inputs and not by modifying the json file.

3.5(2a)

4.0(2a)

CSCvq34357

Error noticed on SCVM Console "print_req_error: I/O error, dev fd0, sector 0" on HyperV.

It doesn't come up on SSH session.

4.0(1a)

4.0(2a)

CSCvk36222

The VM Network switch is already created as part of the install process.

Ideally the ip address assignment should be done during the initial install process as well. No post install steps should be required, alternatively it could be done as part of a post install script.

3.0(1d)

4.0(2a)

CSCvg53223

storfs service impacted during HX upgrade from HX 2.1(1) to 2.5(1c)

HX node which is not being upgraded storfs service stopped causing outage.

2.5(1c)

4.0(2a)

CSCvp37536

HX Stretch Cluster Witness VM reverts to DHCP on reboot.

3.5(1b)

4.0(2a)

CSCvp46578

HyperFlex Stretch Cluster Witness does not get programmed with an NTP server.

3.5(2b)

4.0(2a)

CSCvr18528

HyperFlex cluster does not heal after maintenance on node/server.

3.5(2b)

4.0(2a)

CSCvr97089

High percentage of packet loss on the eth1 data interface 9K MTU.

4.0(2a)

4.0(2a)

CSCvr16760

The HyperFlex cluster healing state is stuck at 87% and is unable to progress.

3.5(2f)

4.0(2a)

CSCvq22898

In some circumstances, two replications can occur for the same VM.

From the GUI, the replication status for this VM will show stuck in an "In Progress" state, but there are no jobs stuck in replication layer. Subsequent Replications should succeed.

4.0(2a)

4.0(2a)

CSCvp13990

After an unexpected power outage the hyperflex cluster is unable to come up correctly.

All processes are running, time is synced, and all nodes can vmkping each other as required.

3.5(2a)

4.0(2a)

CSCvp33657

When specifying IP address, instead of node ID, stcli node maintenanceMode commands fail.

4.0(1a)

4.0(2a)

CSCvr31573

2 node edge cluster, if experiencing Intersight/arbitrator connectivity issues, should NOT allow HX Maintenance mode to initiate, as this will bring the cluster down.

4.0(1a)

4.0(2a)

CSCvr89066

Old files in /var/support/ZKTxnlog are not purged with the daily zklog-cleanup cron job.

3.5(2c)

4.0(2a)

CSCvo86431

When a node is in Maintenance Mode, any disk removal or replacement will be reflected in UI only after the node is brought back from maintenance mode. This is because storfs is not running on the node in maintenance, and will not be able to detect disk activities until it is brought out of Maintenance Mode.

3.5(2a)

4.0(2a)

CSCvr01645

Cluster might go offline and stop serving IO requests:

root@cvm:~# stcli cluster storage-summary --detail
Get cluster storage summary failed:
java.net.ConnectException: Connection refused: /192.168.142.100:10207

3.5(2c)

4.0(2a)

CSCvq80340

A stretch cluster deployment fails with a message 'Formatting nodes Node in Use' on the Hyperflex installer and crmZoneType value is seen as 1 in storfs.cfg or /opt/springpath/config/stretch.tunes.

3.5(2d)

4.0(2a)

CSCvq63888

During upgrade we upload the upgrade package downloaded from Cisco.com. Upgrade packages are of file type .tgz hxconnect accepts storfs-packages-4.0.1a-33028.tar file, a different type of compression, and allows upgrade to start and fail, when it cannot decompress the file for bootstrap and scvmclient upgrade on ESXi.

3.0(1c)

4.0(2a)

CSCvr52098

While attempting to install HyperFlex via Intersight the following error is seen:

Failed in Task: 'Add hosts to vCenter Cluster' with Error: 'Try adding hosts manually to vCenter and retry. Failed to get address:Failed to host by name:lookup Hostname.company.com on 0.0.0.0:53: read udp 127.0.0.1:45430->127.0.0.1:53: read: connection refused '.

4.0(2a)

4.0(2a)

CSCvo92952

CoreAPI call may time out for cluster management API while doing cluster create validation.

3.5(2a)

4.0(2a)

CSCvq95460

Validation fails with "Mixed mode expansion check" due to Enhanced vMotion Compatibility Incompatibility when the ESXi version is different.

3.5(2d)

4.0(2a)

CSCvr66309

This failure is seen in installer when custom workflow is used "hypervisor configuration" + "deploy" (clean disk partition=no) at "Installing software packages on storage controller VM".

3.0(1i)

4.0(2a)

CSCvq93831

The HX Installer apparently replaced a comma by semicolon on the VLAN ID range while exporting the configuration to a JSON file.

3.5(2d)

4.0(2a)

CSCvp22693

When using unsupported browsers, HX Connect users will not be able to login. These users see an error indicating unauthorized user.

4.0(1a)

4.0(2a)

CSCvp24343

A vulnerability in the web-based management interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.

The vulnerability is due to insufficient CSRF protections for the web UI on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-hypflex-csrf

4.0(1a)

4.0(2a)

CSCvq22844

Add message to HX Connect Progress flow to not Acknowledge Pending Activities and reboot the servers on UCSM.

HX Connect is doing a controlled rolling server upgrade in the background.

3.5(2d)

4.0(2a)

CSCvr43786

Compute Node expand operation fails due to incorrect cluster name.

4.0(1b)

4.0(2a)

CSCvp41241

RF-2 cluster shutdown during data resynchronization; after a node failure (non storfs); followed by multiple disk read failures; and a HardBlacklist of a disk.

2.6(1e)

4.0(2a)

CSCvo13143

HyperFlex Edge nodes do not properly set the ESXi hostname during deployment.

4.0(1a)

4.0(2a)

CSCvs28167

In order to install or complete a node replacement on Cisco HyperFlex, customers need to download an HX Installer OVA (Open Virtual Appliance) file; in order to deploy a stretched cluster, customers additionally need to download a Witness OVA. All of the code posted on CCO prior to the posting of release HX 3.5(2g) was discovered to have expired certificates as of 11/26/19. Cisco has re-signed and re-posted OVA files associated with HX releases 3.5(2e), 3.5.2(f), 3.5.2(g), 4.0(1a) and 4.0(1b) with updated certificates. For other releases, attempts to deploy an OVF template with an expired OVA will fail with the following error message: “The OVF package is signed with an invalid certificate”.

Conditions:

If customers are deploying HX 3.5(2e), 3.5.2(f), 3.5.2(g), 4.0(1a) or 4.0(1b), Cisco has re-signed and re-posted OVA files and customers will not experience the problem if they use the patched OVA files. Look for a “p1” suffix in the OVA filenames, which indicates that OVA file has been fixed:

File Name Examples:

HX 4.0(1b) patched OVA file for Cisco HyperFlex Data Platform Installer for VMware ESXi:

Cisco-HX-Data-Platform-Installer-v4.0.1b-33133p1-esx.ova

Cisco HyperFlex Data Platform Stretched Cluster Witness:

HyperFlex-Witness-1.0.4p1.ova

Customers using the OVA files for other HX releases, refer to the following workaround.

Workaround

There are two options to move forward after failing to deploy with an OVA file that is affected (applies to the installer and witness OVA files).

Option A - Remove the local manifest file.

The manifest file can be deleted so vCenter does not check the validity of the certificate.

1. Download and extract the OVA file to a local directory.

2. Remove the .mf file

3. Add the remaining files to a new archive and change the file extension from '.tar' to '.ova'

4. Proceed to deploy that newly created OVA file using “Deploy by OVF Template” in vCenter. vCenter will show the file as not having a certificate. This is expected and the deployment should continue without issue.

Option B - Remove the local manifest file.

Manually deploy with ovftool – Use VMware's ovftool to deploy the OVA while bypassing the certificate check. The ovftool can be downloaded and run on customer's computer. The ovftool also comes pre-installed on HX Controller VMs. This is helpful for node replacements and cluster expansions.

1. Use ovftool to deploy the OVA file to a datastore while raising the --skipManifestcheck switch. For example,

   root@SpringpathControllerABCDEFGH:~# ovftool --skipManifestCheck -ds=datastore http://<path to
           ova>/Cisco-HX-Data-Platform-Installer-v3.5.2c-31725-esx.ova vi://root@<IP of management ESX
           host>/

2. The OVA should be deployed and present in vCenter on the ESXi host previously specified.

3. Power on the VM and console into it

4. Login to the VM with the default username/password combination of root / Cisco123

5. Set the IP of the VM statically by issuing: vi /etc/network/eth0.interface

6. Change 'iface eth0 inet dhcp' to 'iface eth0 inet static'. Each of the following needs to be on their own line and tab indented

   address <desired ip address of installer>

   netmask X.X.X.X

   gateway X.X.X.X

   <esc> :wq

7. After the file is reviewed and saved, restart the VM. The VM should now boot with the desired IP address

8. The first login via the WebGUI (still using default username/password combination) will have the user change the password.

9. After the password change the user can begin the desired install/expand/node replacement activity.

2.6(1e)

4.0(1b)

CSCvp64140

While running the HyperFlex installer with Windows Server Hyper-V, cluster creation process fails with the error: "Failure occurred during Cluster Creation process: Unable to post the content to the downstream". This symptom is encountered while deploying HyperFlex cluster with HyperFlex nodes configured/ordered with Cisco VIC 1457 MLOM (PID : HX-MLOM-C25Q-04) and Windows Server Datacenter or Core with Hyper-V version 2016 or 2019.

4.0(1a)

4.0(1b)

CSCvo69067

Adding Micron 5200 drive to a cluster fails to increase cluster capacity.

3.5(2b)

4.0(1b)

CSCvs28167

In order to install or complete a node replacement on Cisco HyperFlex, customers need to download an HX Installer OVA (Open Virtual Appliance) file; in order to deploy a stretched cluster, customers additionally need to download a Witness OVA. All of the code posted on CCO prior to the posting of release HX 3.5(2g) was discovered to have expired certificates as of 11/26/19. Cisco has re-signed and re-posted OVA files associated with HX releases 3.5(2e), 3.5.2(f), 3.5.2(g), 4.0(1a) and 4.0(1b) with updated certificates. For other releases, attempts to deploy an OVF template with an expired OVA will fail with the following error message: “The OVF package is signed with an invalid certificate”.

Conditions:

If customers are deploying HX 3.5(2e), 3.5.2(f), 3.5.2(g), 4.0(1a) or 4.0(1b), Cisco has re-signed and re-posted OVA files and customers will not experience the problem if they use the patched OVA files. Look for a “p1” suffix in the OVA filenames, which indicates that OVA file has been fixed:

File Name Examples:

HX 4.0(1a) patched OVA file for Cisco HyperFlex Data Platform Installer for VMware ESXi:

Cisco-HX-Data-Platform-Installer-v4.0.1a-33028p1-esx.ova

Cisco HyperFlex Data Platform Stretched Cluster Witness:

HyperFlex-Witness-1.0.4p1.ova

Customers using the OVA files for other HX releases, refer to the following workaround.

Workaround

There are two options to move forward after failing to deploy with an OVA file that is affected (applies to the installer and witness OVA files).

Option A - Remove the local manifest file.

The manifest file can be deleted so vCenter does not check the validity of the certificate.

1. Download and extract the OVA file to a local directory.

2. Remove the .mf file

3. Add the remaining files to a new archive and change the file extension from '.tar' to '.ova'

4. Proceed to deploy that newly created OVA file using “Deploy by OVF Template” in vCenter. vCenter will show the file as not having a certificate. This is expected and the deployment should continue without issue.

Option B - Remove the local manifest file.

Manually deploy with ovftool – Use VMware's ovftool to deploy the OVA while bypassing the certificate check. The ovftool can be downloaded and run on customer's computer. The ovftool also comes pre-installed on HX Controller VMs. This is helpful for node replacements and cluster expansions.

1. Use ovftool to deploy the OVA file to a datastore while raising the --skipManifestcheck switch. For example,

   root@SpringpathControllerABCDEFGH:~# ovftool --skipManifestCheck -ds=datastore http://<path to
           ova>/Cisco-HX-Data-Platform-Installer-v3.5.2c-31725-esx.ova vi://root@<IP of management ESX
           host>/

2. The OVA should be deployed and present in vCenter on the ESXi host previously specified.

3. Power on the VM and console into it

4. Login to the VM with the default username/password combination of root / Cisco123

5. Set the IP of the VM statically by issuing: vi /etc/network/eth0.interface

6. Change 'iface eth0 inet dhcp' to 'iface eth0 inet static'. Each of the following needs to be on their own line and tab indented

   address <desired ip address of installer>

   netmask X.X.X.X

   gateway X.X.X.X

   <esc> :wq

7. After the file is reviewed and saved, restart the VM. The VM should now boot with the desired IP address

8. The first login via the WebGUI (still using default username/password combination) will have the user change the password.

9. After the password change the user can begin the desired install/expand/node replacement activity.

2.6(1e)

4.0(1a)

CSCvk17250

Cluster instability when disks of different sector size placed in HX node.

3.0(1d)

4.0(1a)

CSCvo36198

3.5(1a)

4.0(1a)

3.5(2c)

CSCvk38003

3.0(1d)

4.0(1a)

3.5(2b)

CSCvm90352

2.5(1c)

2.5(1d)

4.0(1a)

3.5(2a)

3.0(1i)

CSCvn02151

2.6(1c)

CSCvo90713

3.5(2b)

CSCvn17787

The cluster creation/cluster expansion workflow stops with the following error message at the validation step.

FIRMWARE-Check UCSC-SAS-M5HD

FIRMWARE-Check UCSC-SAS-M5HD : Required: 00.00.00.29,00.00.00.32,00.00.00.35,00.00.00.50, Found: 00.00.00.58;

Action Needed: Update the Controller Firmware to Required Version

3.5(2a)

CSCvn51562

CSCvo48463

Cisco HX Data Platform plugin fails to load in Windows vCenter Web Client 6.7 U1. The issue is not seen with VMware VCSA.

3.5(2a)

4.0(1a)

CSCvn73127

3.0(1d)

3.5(2b)

CSCvk46364

2.6(1b)

3.5(2a)

CSCvi59119

Duplicating an existing datastore name that differs only in letter case might result in unknown behavior.

3.0(1a)

4.0(1a)

CSCvh80044

Hyper-V: HX Connect UI allows creation of a datastore by duplicating an existing datastore name that differs only in case. For example, Ds3, ds3, dS3 are allowed as valid datastore.

3.0(1a)

4.0(1a)

CSCvc62266

CSCvm16157

After an offline upgrade, due to a VMware EAM issue, sometimes all the controller VMs do not restart. The stcli start cluster command returns an error: "Node not available".

2.0(1a)

4.0(1a)

CSCvn28721

3.5(2a)

CSCvn54300

3.5(2a)

CSCvn60486

While upgrading a Hyper-V cluster, on account of a rare race condition between the stUpgradeService and Zookeeper servers, the upgrade orchestration throws an upgrade validation error, and the upgrade process is aborted.

3.5(2a)

CSCvs41324

Enabling K8/iscsi stack in HX cluster.

1. After upgrade enable iscsi as per steps in CSCvs41324

2. Delete the existing and new pod deployments only and recreate them.

4.0(2e)

CSCvq38279

When replicated DC was used, then during install time Windows failover cluster was not created successfully.

Clean up fail over cluster and recreate the fail over cluster. No need to touch HX storage cluster.

4.0(2e)

CSCvs62854

Upgrade failed at Enter Platform Maintenance Mode step on a HX 4.0(2a) cluster if the cluster expanded with new converged nodes.

1. Update VMUUID in /etc/springpath/secure/hxinstall_inventory.json to upper case for new nodes.

2. Restart hxSvcMgr

Repeat above procedure on all nodes.

4.0(2e)

CSCvu52699

The following symptoms can be observed after replacing HyperFlex server system board:

1. Intersight UI - Node is not listed in Hyperflex cluster detailed inventory view page.

2. Change of License tier for HyperFlex cluster fails and reverts back to old value (example - if changing from Base to Essentials, it fails and remains at Base) .

From API, the HyperFlex node (server) object has old server serial number and physical server object has null value.

UCSM inventory in Intersight has updated new server details and issue only with HX inventory in Intersight.

HXDP Zookeeper is not updated with correct (new) Serial Number.

NA

3.5(2h)

CSCvq94466

Node expansion fails due to timeout.

NA

3.5(2d)

CSCvt35006

HyperFlex datastores may report high IO latency during CRM Master failover.

If current CRM Master node reboots, the new CRM Master initialization can take more time and results in IO latency.

None, need to upgrade to fixed version.

3.5(2g)

CSCvu85439

HyperFlex Cluster may remain online, but datastores are not available and VM's become inaccessible.

Contact Cisco TAC.

If issue is confirmed, TAC can stop storfs service on affected node to restore service.

3.5(2d)

CSCvt10849

Error initiating upgrade:

hxmanager.log

2020-02-18-07:38:29.937 [opID=865cc7297abb7] Got response 200 in 84.18382ms for GET https://localhost/rest/job?jobtype=check_cluster_upgrade_validations

2020-02-18-07:38:29.938 Completed 200 OK in 84.845132ms

2020-02-18-07:38:39.962 Started GET /hx/api/clusters/1/upgrade/clusterValidations

2020-02-18-07:38:39.963 [opID=6a028ec40c797] Request URL GET https://localhost/rest/job?jobtype=check_cluster_upgrade_validations

2020-02-18-07:38:40.025 [opID=6a028ec40c797] Got response 200 in 62.57042ms for GET https://localhost/rest/job?jobtype=check_cluster_upgrade_validations

2020-02-18-07:38:40.026 Completed 200 OK in 63.237634ms

2020-02-18-07:38:42.061 Started POST /hx/api/clusters/1/upgrade

2020-02-18-07:38:42.061 [opID=7575f932578db] Request URL POST https://localhost/rest/upgrade/cluster

2020-02-18-07:38:42.107 [opID=7575f932578db] Got response 500 in 46.104743ms for POST https://localhost/rest/upgrade/cluster

2020-02-18-07:38:42.107 [opID=7575f932578db] Error code 500 | <nil> | /rest/upgrade/cluster

2020-02-18-07:38:42.107 [error] 500|{"message":"Upgrade in progress","messageId":806}|/rest/upgrade/cluster

2020-02-18-07:38:42.107 Completed 500 Internal Server Error in 46.356043ms

Cleaned up previous upgrade process using "stcli cluster upgrade --components hxdp" and then reinitiated.

2. Upgrade was stuck for 24hours with no progress.

stMgr.log:-

2020-02-18-06:31:37.969 [] [opId=000e5553e678cf9f, operationId=000e5553e678cf9f.000e5553e678cf9f<:000e5553e678cf9f] [pool-2-thread-21] DEBUG c.s.s.s.StMgrImpl$StMgrAPIWrapper$ - checkforUpgrade failed) {}

java.io.FileNotFoundException: /tmp/hxupgrade_bundle.tgz (No such file or directory)

Manually copied hxupgrade_bundle.tgz file to the affected node /tmp file from the other node and restart stMgr from the CMIP node.

4.0(1b)

CSCvr95936

HyperFlex TLS/SSL Server supports the use of Static Key Ciphers.

NA

4.0(1b)

CSCvu92384

root@HyperFlex-Installer-4.0.2b:~# post_install

Select post_install workflow:

1. New/Existing Cluster

2. Expanded Cluster (for non-edge clusters)

3. Generate Certificate

By Generating this certificate, it will replace your current certificate.

If you're performing cluster expansion, then this option is not required.

Selection: 2

Expanded Cluster workflow selected

Logging in to controller xx.xx.xx.xx

HX CVM admin password:

Getting ESX hosts from HX cluster...

WARNING:root:Unable to fetch the deploymentMode from stcli. Will retry with fallback mechanism.

vCenter URL: xx.xx.xx.xx

Enter vCenter username (user@domain): administrator@vsphre.local

vCenter Password:

Found datacenter xxx

Found cluster xx-xx

post_install to be run for the following hosts:

hx4

Enter ESX root password:

Enter vSphere license key? (y/n) n

Enable HA/DRS on cluster? (y/n) n

Disable SSH warning? (y/n) y

Add vmotion interfaces? (y/n) y

Existing cluster configuration for reference

--------------------------------------------

Netmask Vlan-Id IP-Address

--------------------------------------------

255.255.255.0 vmotion xx.xx.xx.231

255.255.255.0 vmotion xx.xx.xx.232

255.255.255.0 vmotion xx.xx.xx.233

--------------------------------------------

Enter Expanded node configuration-

Netmask for vMotion: 255.255.255.0

VLAN ID: (0-4096) 3093

Expanded node configuration should match with existing cluster configuration. Kindly check the above reference information and retry.

Netmask for vMotion: 255.255.255.0

VLAN ID: (0-4096) 3093

Expanded node configuration should match with existing cluster configuration. Kindly check the above reference information and retry.

NA

4.0(2b)

CSCvt22567

HXDP 3.5(2b) - Default VMware tools location change caused storfs restart.

Disable polling for update of VMware tools in VMX.

3.5(2g)

CSCvu29049

8-node cluster with SED enabled - upgrading from HX 3.5(2b) to 3.5(2h) - Auto-bootstrap failed, so manual bootstrap tried but still it was giving error.

Make sure the syslog is configured properly on storage controller VMs. If there are syslog configuration customizations done please revert them and try the upgrade again.

3.5(2h)

CSCvu07899

During post upgrade task, vCenter reregistration fails with unknown host message if the specified host name format is https://<ip>.

Re-registration workflow can be retried again by specifying valid host name format using command stcli cluster reregister.

4.0(2a)

CSCvu93214

Recover page in HX Connect shows error, but the recovery of VM operation is successful in the backend and displayed in the Activity tab.

Please check the Activity page for the status of the submitted operation.

4.0(2c)

CSCvu83071

If this is happening, you might see the deploy phase of the expand operation fail out with network connectivity related error messages. You will also see the VLAN ID set to 0 on the storage data port groups of the new server. If this defect has been triggered and the SCVM deploy phase is successful, the cluster expand phase will fail to mount HX datastores to the new host.

Watch the host port group configurations in vCenter while the deploy is running. If you add the VLAN IDs to the port groups fast enough each time the installer changes them to null then the expand will work without failing.

If you are using this custom workflow on an HX release earlier than 4.0(2a), you can prevent the bug by only using one workflow option at a time:

1. "I know what I'm doing" > Configure Hypervisor.

2. Start the installer over > "I know what I'm doing" > Deploy HX Software.

3. Start the installer over > "I know what I'm doing" > Expand Cluster.

3.5(2h)

CSCvt55712

When EAM service is not running, vCenter registration is failing.

Start/restart EAM service in vCenter.

4.0(2a)

CSCvt45344

HyperFlex Stretch Cluster saw poor application performance due to write latency, cluster remained unhealthy and rebalance was stuck.

This defect is currently being used for investigative purposes.

Contact Cisco TAC if you believe you are seeing similar conditions.

3.5(2a)

CSCvt36374

/var/stv folder in Controller VM may become full.

Remove log files from /var/log/springpath folder when the log files are not getting rotated. Stop the relevant service, remove large log files from /var/log/springpath folder and restart the service.

3.5(2g)

CSCvt89709

In a Cluster configured with DR network, StMgr may not get initialized and stuck in a deadlock while enabling the IPTable rules (can be verified from the stMgr.log).

Restarting the stMgr will initialize it again.

4.0(2b)

CSCvv21905

UCSM Read-Only user missing error in the encryption page on HX Connect UI. Later while authenticating UCS-M with credentials, it throws an error of invalid CSRF token.

Run the following commands:

3.5(1a)

CSCvx49418

HX converged servers deployed using HX Installer prior to HX release 4.0(2a), will have their storage data traffic going to Fabric Interconnect A as active and Fabric Interconnect B as standby. Expanded nodes using HX Installer 4.0(2a) or later will have their storage data traffic going to FI B as active and FI A as standby. Since HX storage traffic is not going to the same FI, the traffic needs to go to the upstream switch. This may lead to storage performance impact.

In a rolling fashion, update the storage vSwitch NIC teaming so that storage B NIC as active and storage A as standby for nodes deployed prior to HX 4.0(2a). Make sure the cluster is healthy before you begin this process and that the cluster returns to healthy state before moving on to the next node to perform the NIC teaming change.

Powershell to update the active / standby of the team -

Set-NetLbfoTeamMember -Name storage-data-b -AdministrativeMode Active

Set-NetLbfoTeamMember -Name storage-data-a -AdministrativeMode Standby

4.0(2a)

CSCvs75553

When the user recovers a VM protected in a group, it along with other VMs in the group, move to "recovering" state in standalone mode. The selected VM should move to "recovered" state.

Click "recover" for the selected VM again under the standalone mode. This will move the VM to recovered state.

4.0(2a)

CSCvq38279

Hyper-V: When replicated DC was used, then during install time, Windows failover cluster was not created successfully.

Clean up the fail over cluster and then recreate the fail over cluster. No need to touch the HX storage cluster.

3.5(2e)

CSCvs74286

All the disks in the node got locked after rebooting the node.

We successfully unlocked using 'sed-client.sh -U' command, but wanted to test with another reboot, and drives locked again.

NA

4.0(1b)

CSCvs93245

After enable encryption ,HX connect encryption status showing Caution, but all of the disks enable encryption successful.

-"Self Encrypting Drives Service ",is running on all of the nodes.

-There is no error message of encryption.

- USB0 interface is up.

-All SED disks showing "supported": 1, "enabled": 1, "locked": 0,

To recover the VM, copy over the data disks and attach them to the new VM.

3.5(2g)

CSCvs54285

A cluster node running HX release 4.0(1b), may hang in the Linux kernel. This is classified as an oops and a deviation from the expected behavior.

Enable kernel.panic_on_oops as a persistent configuration. This will cause the node to panic and reboot immediately.

4.0(1b)

CSCvs41324

Enabling K8/iscsi stack in Hx cluster.

Steps to enable K8 on HX cluster.

Perform following steps on ALL the controller VMs:

1. Update "/etc/init/scvmclient.conf" to enable tune "iscsiEnable" to "true".

   # sed -ie "s/iscsiEnable=false/iscsiEnable=true/" /etc/init/scvmclient.conf

2. Run following initctl command to reload configuration:

   # initctl reload-configuration

3. Restart scvmclient process.

   # stop scvmclient; start scvmclient

4. Run following initctl command to mount SYSTEM DS.

   # initctl emit --no-wait system-datastore-created

5. Verify that "iscsiEnable" tune is set to "true" using the following command.

   # ps -eaf | grep scvmclient | grep -v grep

   root 6241 1 1 Dec06 ? 01:40:07 /opt/springpath/storfs-core/scvmclient -T logEnabled=false -T logSyslogEnabled=true -T logEchoToScreen=false -T statLoggingToFile=false -T statLoggingToSyslog=true -T logDir=/var/log/springpath -T nfsBackendServerList=10.107.48.100 -T iscsiEnable=true -T iscsiUseAsync=true -T iscsiConfigFilePath=/nfs/SYSTEM/istgt.conf# ps -eaf | grep scvmclient | grep -v grep

4.0(2a)

CSCvr83056

HyperFlex Datastore NFS Queue Depth shows as 256, which can lead to performance (including latency) issues.

Following procedure can be used to check NFS Queue Depth and increase if needed:

root@HXESXI1] vsish -e get /vmkModules/nfsclient/mnt/[DATASTORE]/properties | grep -i maxqdepth maxQDepth:256 <- Low value [root@HXESXI1] vsish -e set /vmkModules/nfsclient/mnt/[DATASTORE]/properties maxQDepth 1024 [root@HXESXI1] vsish -e get /vmkModules/nfsclient/mnt/[DATASTORE]/properties | grep -i maxqdepth maxQDepth:1024 <- Optimal value

This requires an ESXi host reboot to take effect.

Please place the node in Hyperflex Maintenance Mode and gracefully reboot the node for the changes to be applied.

3.5(2e)

CSCvq38092

When a single node is offline in cluster, 'stcli cluster storage-summary' shows two nodes unavailable

root@SCVM:~# stcli cluster storage-summary

...

messages:

----------------------------------------

Storage cluster is unhealthy.

----------------------------------------

Storage nodes 192.168.1.4, 192.168.1.1 are unavailable.

This is cosmetic. The error will go away once the cluster returns to healthy status.

4.0(1b)

CSCvs69317

Cluster expansion fails at Config Installer stage when the root and admin password for the storage controller (SCVM) are different.

Modify both the root and admin password for the SCVMs to be the same.

stcli security password set -u admin

3.5(2g)

CSCvs69154

After successfully changing the DNS server on the HX controller, we still can see the original DNS entry that was added during the deployment.

NA

3.5(2d)

CSCvs53555

You may see this error message after a failed upgrade or other task such as attempting to enter a node into HX maintenance mode:

Customers are strongly encouraged to work with TAC in order to identify and remediate this issue:

1. Change 'getcluster' from 2m to 8m in /opt/springpath/storfs-mgmt/stMgr-1.0/conf/application.conf on all nodes.

2. Restart stMgr on all nodes.

3.5(2e)

CSCvt13947

Receive the following alert/event in HX Connect: HX Controller VM {HOSTNAME} one or more configured DNS servers not responding.

Run the following command on each storage controller VM as root:

grep -i "monitor_dns_servers" /opt/springpath/hx-diag-tools/watchdog_config.json && sed -ie 's/"monitor_dns_servers": true/"monitor_dns_servers": false/' /opt/springpath/hx-diag-tools/watchdog_config.json && grep -i "monitor_dns_servers" /opt/springpath/hx-diag-tools/watchdog_config.json && restart watchdog

4.0(2a)

CSCvs21562

Zookeeper fails to start while Exhibitor is running, however echo srvr returns nothing.

Delete any empty (Size 0) log files under /var/log/zookeeper/version-2 OR /var/log/zookeeper/standalone/version-2.

3.5(2b)

CSCvv21905

UCSM Read-Only user missing error in the encryption page on HX Connect UI. Later while authenticating UCS-M with credentials, it throws an error of invalid CSRF token.

Run the following commands:

3.5(1a)

CSCvs02466

M.2 boot disk is missing from server inventory after upgrade to server firmware 4.0(4e). As a result server fails to boot to OS installed in the M.2 disk. The issue persists after re-acknowledgement as well as de-commission and re-acknowledgement of the server.

• Upgrade the server into fixed version with HUU.

• No need to change server to standalone mode.

• For more information see, https://tinyurl.com/vqnytww.

1. De-commission the server

2. Power drain the server - REMOVE BOTH POWER CORDS ON THE BACK OF THE SERVER FOR 10 SECONDS, THEN REINSERT POWER CORDS.

3. Re-commission the server.

4.0(4e)

CSCvq38279

[Hyper-V] When replicated DC was used, then during install time Windows failover cluster was not created successfully.

Clean up fail over cluster, and then recreate the fail over cluster. There is no need to touch the HX storage cluster.

3.5(2e)

CSCvq54992

Upgrade from release HX 3.5(2a) to 3.5(2x), 4.X does not upgrade scvmclient. Recovery point may not work.

Manually install / upgrade scvmclient VIB and make sure that it matches with HXDP version.

3.5(2b)

CSCvj22992

VM shows up on multiple nodes.

To recover the VM, copy over the data disks and attach them to the new VM.

3.0(1b)

CSCvm96629

Cluster experienced an APD due to incorrect network configuration.

Ensure all network configurations, including jumbo packet based end-to-end connectivity through top-of-rack switch is validated. May need to restart the controller VM for any changes to take effect, if the changes were made after the system is up and running.

3.5(1a)

CSCvp23718

A cluster with 8TB or 12TB disk drives, may experience I/O stalls for several minutes after another node fails in the cluster.

After the installation (for new deployments) or after an upgrade to 4.0.1a (for existing deployments), perform the following steps on all Controller VMs:

/opt/springpath/config/lff.tunes

cleanerEnableSegSummaryCleaning

3. After editing the above tune files:

a. SSH in to all the Controller VMs;

b. Run " storfstool -- -Z"

c. Run the below command and check the values. Tune value should be true

# cat /tmp/stprocfs/system/tune/cleanerEnableSegSummaryCleaning

cleanerEnableSegSummaryCleaning=true

d. Type below commands and applied the tunes changes dynamically

# echo false > /tmp/stprocfs/system/tune/cleanerEnableSegSummaryCleaning

e. Verify that tune values are changed. Run below command. Value should be false.

# cat /tmp/stprocfs/system/tune/cleanerEnableSegSummaryCleaning

cleanerEnableSegSummaryCleaning=false

f. umount /tmp/stprocfs

4.0(1a)

CSCvq53058

For Witness VMs with high RTT times (>50ms) to any of the stretch cluster sites, there is a possibility under heavy transaction load for failover or failback times to be impacted.

NA

3.5(2a)

CSCvp36364

This product includes Third-party Software that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

CVE-2016-0762, CVE-2016-6797, CVE-2016-6816, CVE-2016-8735, CVE-2017-5647, CVE-2017-12615, CVE-2017-12616, CVE-2017-12617, CVE-2017-7674, CVE-2018-1304, CVE-2018-8014, CVE-2018-1336, CVE-2018-8034, CVE-2018-11784, CVE-2019-0232

NA

4.0(1a)

CSCvq11456

stcli cluster info command needs to provide UCSM VIP address. Currently it shows ucsm-host.com

NA

3.5(2d)

CSCvq32530

HyperFlex upgrade validation failed because cluster has extraneous stNodes in internal database.

No workarounds currently. The stale entries do not affect the day to day operations of HyperFlex.

3.5(2a)

CSCvo86431

When a node is in Maintenance Mode, any disk removal or replacement will be reflected in UI only after the node is brought back from maintenance mode. This is because storfs is not running on the node in maintenance, and will not be able to detect disk activities until it is brought out of MM.

Bring node out of Maintenance Mode.

3.5(2a)

CSCvq39471

When using motherBoardReplace-1.2 to clean ZK from old stNode/pNodes resulted in unmounted datastore and making the size of the Hyperflex Datastores 0 resulting in all VMs in the cluster going offline.

Run the stcli datastore mount command, to remount the datastore.

3.5(2b)

CSCvq66245

Currently HyperFlex installs on Hyper-V do not contain the "stcli security whitelist" commandset.

NA

4.0(1a)

CSCvv21905

UCSM Read-Only user missing error in the encryption page on HX Connect UI. Later while authenticating UCS-M with credentials, it throws an error of invalid CSRF token.

Run the following commands:

3.5(1a)

CSCvp64140

During Cluster Creation, the following error occurs on installer: Failure occurred during Cluster Creation process: Unable to post the content to the down stream

1. Set Jumbo frame in Windows/Hypervisor for incoming node:

Get-NetAdapter storage-data-a | Get-NetAdapterAdvancedProperty -RegistryKeyword *JumboPacket | Set-NetAdapterAdvancedProperty -RegistryValue 9014

Get-NetAdapter storage-data-b | Get-NetAdapterAdvancedProperty -RegistryKeyword *JumboPacket | Set-NetAdapterAdvancedProperty -RegistryValue 9014

2. Verify all interfaces are set correctly to support Jumbo frames:

Get-NetAdapter *storage* | Get-NetAdapterAdvancedProperty | ? RegistryKeyword -match "jumbo" | ft -auto

You should receive the following message:

Name DisplayName DisplayValue RegistryKeyword RegistryValue

---- ----------- ------------ --------------- -------------

vswitch-hx-storage-data Jumbo Packet 9014 Bytes *JumboPacket {9014}

storage-data-b Jumbo Packet Bytes 9014 *JumboPacket {9014}

storage-data-a Jumbo Packet Bytes 9014 *JumboPacket {9014}

3. Reboot only the incoming node or the node being expanded.

4. Retry Cluster Expansion in installer (from the point where it errored out previously).

4.0(1a)

CSCvp12241

Two node HyperFlex Edge cluster may not failback successfully and return to healthy. This can occur if connection to Intersight is highly impaired (e.g. transaction latencies exceeding 100ms).

Confirm that both nodes are up and running and you have given it some time to heal (a few hours) before attempting the workaround. If not healed and failed-back, run the following command on both controller VMs (preferably simultaneously on both nodes) to restart: restart hxRoboController.

4.0(1a)

CSCvp20102

Datastore create/delete fails when VC is not available for ESXi HX cluster (regular or stretch or 2N robo).

Ensure VC is available before performing DS operations.

4.0(1a)

CSCvk23212

Emergency cluster shuts down in HX 3.0(1b) after exiting host from HX Maintenance Mode and storfs panic on other node.

Avoid removal and re-insertion of drives that are regarded as 'good'. If you have performed testing that has removed and reinserted 'good' drives, contact Cisco TAC for further instructions.

3.0(1b)

3.5(1a)

CSCvm55176

During Hyper-V installation, if you choose to perform constrained delegation later, sometimes it takes an excessive amount of time to reflect on HX Connect UI.

Wait at least 30 minutes for the AD policy to take effect. If the issue is not resolved, reboot 1 host at a time using maintenance mode.

3.5(1a)

CSCvq04252

HX 3.5(2b) installer fails on the hypervisor configuration step with no visible error.

UCSM configuration completes, but Hypervisor Configuration seems to not start.

Use the I know what I'm doing workflow for hypervisor configuration, deploy HX software, and cluster creation.

3.5(2a)

CSCvp17427

Stcli cluster storage-summary takes a long time to return on 16+ node cluster when one node reboots.

Please wait for cluster to heal and re-run command.

3.5(2b)

3.5(1a)

CSCvm53679

HX Hyper-V installation fails and HXBootstrap.log contains the following message:

Unable to find a default server with Active Directory Web Services running

This error indicates that Windows failed to find a domain controller. Please add a specific IP of Domain Controller in the Advanced input of HXInstaller.

3.5(1a)

3.0(1e)

CSCvp97422

After the network partition heals, the datastore on one of the nodes remain unavailable for some time.

NA

4.0(1a)

CSCvp21417

Deploy of EMC RecoverPoint fails with error: "Failed finding repository device in the vRPA view".

If upgrading to 3.5(2b) or 4.0I(1a), enabling the RecoverPoint feature may require you to perform a rolling, node by node HX Maintenance Mode in the cluster. Ensure that the cluster is healthy and can tolerate one node failure (for 3 or 4 node clusters) and 2 node failures (for 5 or greater than 5 node clusters).

3.5(2b)

CSCvo89507

In the event of adding unsupported Micron 5200 drives to an HX cluster, and then upgrading HX to a release that supports them, the drives could get locked if the cluster has remote security enabled (during certain cases like continuous reboot of controller VMs).

Remove the Micron 5200 drives from the system. Upgrade to Release 3.5(2b), then, follow disk-add expansion workflow.

4.0(1a)

3.5(2b)

CSCvo83276

VM powers off during backup VM snapshot.

Retake the snapshot.

3.5(1a)

CSCvn11045

HX node keeps crashing after node is restarted.

1. Verify if the interface is up and if you can ping the loopback interface:

2. Bring up the loopback interface: ip link set lo up

3. Check that the service is running:status scvmclientstatus storfs

4. Start the following services:start scvmclientstart storfs

3.5(1a)

3.0(1e)

CSCvp09978

Cluster info shows Smart call home is enabled, even though it is disabled.

Use the command stcli services sch show instead.

3.5(2b)

CSCvv21905

UCSM Read-Only user missing error in the encryption page on HX Connect UI. Later while authenticating UCS-M with credentials, it throws an error of invalid CSRF token.

Run the following commands:

3.5(1a)

CSCvq41985

When attempting to install ESXi 6.5 or 6.7 from a CIMC mounted ISO with an embedded kickstart file, the installation may fail when reading the embedded KS.CFG file. In the ESXi installer, a popup error will state: "Could not open file <path>/KS.CFG"

Cisco IMC 4.0(1a)

Open

4.0(2f)

August 25, 2021

Updated Recommended FI/Server Firmware - 4.0(x) Releases to indicate UCSM 4.1(3e) is qualified for HX 4.0(2x) releases.

4.0(2f)

August 9, 2021

Updated Recommended FI/Server Firmware - 4.0(x) Releases to indicate UCSM 4.0(4m), and 4.1(3d) are qualified for HX 4.0(2x) releases.

4.0(2f)

June 21, 2021

Added Single Socket support in New Features.

4.0(2f)

June 3, 2021

Created release notes for Cisco HX Data Platform Software, Release 4.0(2f).

4.0(2e)

May 7, 2021

Updated Recommended FI/Server Firmware - 4.0(x) Releases to indicate UCSM 4.0(4l) is qualified for HX 4.0(2x) releases.

4.0(2e)

April 29, 2021

Updated Recommended FI/Server Firmware - 4.0(x) Releases to indicate UCSM 4.1(3c) is qualified for HX release 4.0(2d) and 4.0(2e).

4.0(2e)

April 28, 2021

Added support for Cisco HyperFlex HTML5 Plugin for VMware vCenter version 2.1.0.

4.0(2e), 4.0(2d), 4.0(2c

March 30, 2021

Updated Software Requirements for VMware ESXi to indicate support for VMware vCenter Versions 7.0 U1c through 7.0 U1d builds for HX 4.0(2e), 4.0(2d) and 4.0(2c).

4.0(x)

March 19, 2021

Updated link to indicate UCSM 4.1(2f) is the recommended Host Upgrade Utility (HUU) for M5 for HX 4.0(x).

4.0(2e)

March 17, 2021

Created release notes for Cisco HX Data Platform Software, Release 4.0(2e).

March 11, 2021

Updated Recommended FI/Server Firmware - 4.0(x) Releases to indicate UCSM 4.0(4k) is the recommended release.

4.0(2x)

February 18, 2021

Updated Recommended FI/Server Firmware - 4.0(x) Releases to indicate UCSM 4.1(2c) qualified for HX 4.0(2x).

4.0(2x)

February 10, 2021

Updated Recommended FI/Server Firmware - 4.0(x) Releases to indicate UCSM 4.1(3b) qualified for HX 4.0(2x).

4.0(2c), 4.0(2d)

December 18, 2020

Updated Software Requirements for VMware ESXi - 4.0(x) Releases to indicate limitations for using vCenter 7.0 U1 with a 4.0(2x) HXDP cluster.

Cisco HyperFlex CSI Interoperability Metrics added support for CCP, and Anthos Versions.

4.0(2c)

December 7, 2020

Added support for Kubernetes Version 1.17

4.0(2d)

November 18, 2020

Created release notes for Cisco HX Data Platform Software, Release 4.0(2d).

4.0(2c)

October 29, 2020

Updated New Features with Cisco HyperFlex HTML5 Plugin 2.0.0.

4.0(2c)

October 22, 2020

Updated support for scale limits increase, new drives, and single socket configuration New Features, Cisco HX Data Platform Compatibility and Scalability Details - 4.0(x) Releases.

4.0(1x)

September 30, 2020

HX 4.0(1x) - End-of-Life Cisco HX Data Platform Software Version 4.0(1x) Product Bulletin.

4.0(2c)

September 24, 2020

Updated Recommended FI/Server Firmware - 4.0(x) Releases HyperFlex Software Versions to indicate UCSM 4.1(1e) qualified for HX 4.0(2a), HX 4.0(2b) and HX 4.0(2c) releases.

4.0(2c)

September 14, 2020

Updated CIMC, and Host Upgrade Utility (HUU) for M5 to UCS 4.1(1h) for HX 4.0(2c).

4.0(1b), 4.0(2a), 4.0(2b)

September 4, 2020

Updated Recommended FI/Server Firmware - 4.0(x) Releases HyperFlex Software Versions Recommended FI/Server Firmware and Software Requirements for Microsoft Hyper-V - 4.0(x) Releases to 4.0(4i) for 4.0(1a), 4.0(1b), 4.0 (2a), and 4.0(2b) releases.

4.0(2c)

August 21, 2020

Added support for HyperFlex Edge Short Depth Servers; All-flash (HXAF240c-M5SD) and Hybrid (HX240c-M5SD).

4.0(2c)+

August 11, 2020

• Added column for M4/M5 Qualified FI/Server Firmware. Listed USC-M 4.1(2a) as qualified for HX 4.0(2c), 4.0(2b), and 4.0(1b).

• Added CSCvv21905 to the list of Open Caveats for HX 4.0(2c), 4.0(2b), 4.0(2a), 4.0(1b), 4.0(1a).

4.0(1b)

July 23, 2020

Updated Recommended FI/Server Firmware - 4.0(x) Releases HyperFlex Software Versions starting with Release 4.0(1b): Added qualification for Cisco UCS Manager 4.0(4i), and 4.1(1d).

4.0(2c)

July 21, 2020

Added CSCvv05705 to list of Resolved Caveats for HX 4.0(2c).

4.0(2c)

July 14, 2020

Created release notes for Cisco HX Data Platform Software, Release 4.0(2c).

4.0(2b)

July 1, 2020

Updated Release 4.0(2b) support for ESXi 6.7 3 EP19 and ESX 6.7 U3 EP15. For more information, see Recommended Cisco HyperFlex HX Data Platform Software Releases - for Cisco HyperFlex HX-Series Systems

4.0(2b)

May 11, 2020

Added OTV for Stretched Cluster update in New Features for the 4.0(2b) release.

4.0(2a)

May 5, 2020

Updated Host Upgrade Utility (HUU) for M5 to UCS 4.0(4k) for HX 4.0(2a).

4.0(2b)

April 22, 2020

Created release notes for Cisco HX Data Platform Software, Release 4.0(2b).

4.0(1b)

March 30, 2020

Updated M4 and M5 Recommended FI/Server Firmware to UCS 4.0(4h) for HX 4.0(1b).

4.0(2a)

March 24, 2020

Updated M4 and M5 Recommended FI/Server Firmware to UCS 4.0(4h) for HX 4.0(2a).

4.0(2a)

February 11, 2020

Created release notes for Cisco HX Data Platform Software, Release 4.0(2a).

3.5(2c)

January 15, 2020

Updated release notes for deferred Cisco HyperFlex Release HX 3.5(2c).

4.0(1b)

December 23, 2019

Updated M4 and M5 Recommended FI/Server Firmware to UCS 4.0(4e) for HX 4.0(1b), 4.0(1a), 3.5(2f), 3.5(2e), and 3.5(2d).

4.0(1b)

December 13, 2019

Added CSCvs28167 to the list of Resolved Caveats for HX 4.0(1b) and HX 4.0(1a).

4.0(1b)

November 25, 2019

Added CSCvs02466 to the list of Open Caveats.

4.0(1b)

November 7, 2019

Updated info in the HyperFlex Edge and Firmware Compatibility Matrix for 3.x Deployments.

Updated info in the Storage Cluster Specifications.

4.0(1b)

October 25, 2019

Added CSCvj95606 and CSCvq24176 to the list of Security Fixes.

4.0(1b)

October 8, 2019

Updated Recommended FI/Server Firmware versions.

4.0(1b)

September 30, 2019

Updated HUU/CIMC info in the HyperFlex Edge and Firmware Compatibility Matrix for 4.x Deployments.

4.0(1b)

September 17, 2019

Added CSCvq41985 to new section for "Related Caveats".

4.0(1b)

September 16, 2019

Updated HUU/CIMC info in the HyperFlex Edge and Firmware Compatibility Matrix for 4.x Deployments.

4.0(1b)

September 10, 2019

Updated HUU/CIMC info in the HyperFlex Edge and Firmware Compatibility Matrix for 3.x and 4.x Deployments.

4.0(1b)

August 28, 2019

Updated HUU/CIMC recommended firmware versions for HyperFlex Releases 4.0(1b), 3.5(2e) and 3.5(2d).

4.0(1b)

August 23, 2019

Updated Recommended FI/Server Firmware versions for HyperFlex Releases 3.5(2e) and 3.5(2d).

4.0(1b)

August 21, 2019

Added Cisco IMC version support info in the HyperFlex Edge and Firmware Compatibility Matrix for 4.x Deployments.

4.0(1b)

August 19, 2019

Created release notes for Cisco HX Data Platform Software, Release 4.0(1b).

4.0(1a)

August 8, 2019

Added bullet describing the "Cisco HyperFlex Systems Upgrade Guide for Unsupported Cisco HX Releases" in the Upgrade Guidelines section.

4.0(1a)

August 5, 2019

Added important note indicating HyperFlex does not support UCS server firmware 4.0(4a), 4.0(4b), and 4.0(4c).

4.0(1a)

July 25, 2019

Updated component info for HX220c M5/HXAF220c M5 Cluster to VIC 1457 in "HyperFlex Edge and Firmware Compatibility Matrix for 4.x Deployments section".

4.0(1a)

July 22, 2019

• Added Release 3.5(2e) support for ESXi 6.7 U2, and updated notes for 3.5(2d), 3.5(2c) and 3.5(2b) support for ESXi 6.7 U2 in "Supported VMware vSphere Versions and Editions".

• Added Witness Node Version for Release 3.5(2e).

4.0(1a)

July 5, 2019

Added CSCvq39523 to the list of Open Caveats for Release 4.0(1a).

4.0(1a)

July 1, 2019

• Updated Important Note for SED-based HyperFlex systems in "Supported Versions and System Requirements" section.

• Updated Release 3.5(2b) support for ESXi 6.7 U2 in "Supported VMware vSphere Versions and Editions".

4.0(1a)

June 20, 2019

• Added CSCvp64140 and CSCvp98910 to the list of Open Caveats for Release 4.0(1a).

• Updated HyperFlex Edge and Firmware Compatibility Matrix tables.

4.0(1a)

June 17, 2019

Updated Browser Recommendations.

4.0(1a)

May 31, 2019

Added information indicating 4.0(1a) features are supported on the Intersight Virtual Appliance and on Intersight.com.

4.0(1a)

May 21, 2019

• Updated M4/M5 Recommended FI/Server Firmware for 3.5(2b) and 4.0(1a).

• Added bullet describing recommended use of the Hypercheck Health Check Utility in the "Upgrade Guidelines" section.

4.0(1a)

May 14, 2019

• Added New Feature description for DISA STIG Compliance.

• Updated Storage Cluster Specifications for Hyper-V.

• Added CSCvp66277 to list of Open Caveats.

4.0(1a)

May 8, 2019

• Updated VMware vCenter Versions for 4.0(1a).

• Updated Supported Microsoft Software versions.

4.0(1a)

May 3, 2019

• Added CSCvo36198 and CSCvk38003 to the list of Resolved Caveats.

• Added CSCvp21417 to the list of Open Caveats.

4.0(1a)

April 29, 2019

Created release notes for Cisco HX Data Platform Software, Release 4.0(1a).

Provides an editable file for gathering required configuration information prior to starting an installation. This checklist must be filled out and returned to a Cisco account team.

Provides detailed information about Day 0 configuration of HyperFlex Systems and related post cluster configuration tasks. It also describes how to set up multiple HX clusters, expand an HX cluster, set up a mixed HX cluster, and attach external storage.

Stretched Cluster Guide

Provides installation and configuration procedures for HyperFlex Stretched cluster, enabling you to deploy an Active-Active disaster avoidance solution for mission critical workloads.

Installation Guide on Microsoft Hyper-V

Provides installation and configuration procedures on how to install and configure Cisco HyperFlex Systems on Microsoft Hyper-V.

Provides deployment procedures for HyperFlex Edge, designed to bring hyperconvergence to remote and branch office (ROBO) and edge environments.

Provides information about how to manage and monitor the cluster, encryption, data protection (replication and recovery), ReadyClones, Native snapshots, and user management. Interfaces include HX Connect, HX Data Platform Plug-in, and the stcli commands.

Administration Guide for Hyper-V

Provides information about how to manage and monitor the Hyper-V cluster, encryption, data protection (replication and recovery), ReadyClones, Hyper-V Checkpoints, and user management. Interfaces include Cisco HyperFlex Systems, and the hxcli commands.

Provides information about HyperFlex storage integration for Kubernetes, information on Kubernetes support in HyperFlex Connect, and instructions on how to configure Cisco HyperFlex Container Storage Interface (CSI) storage integration for both the Cisco container platform and the RedHat OpenShift container platform.

Administration Guide for Citrix Workspace Appliance

Provides installation, configuration, and deployment procedures for a HyperFlex system to connect to Citrix Workspaces and associated Citrix Cloud subscription services such as Citrix Virtual Apps and Desktops Services. The Citrix Ready HCI Workspace Appliance program enables a Cisco HyperFlex System deployed on Microsoft Hyper-V to connect to Citrix Cloud.

HyperFlex Intersight Installation Guide

Provides installation, configuration, and deployment procedures for HyperFlex Intersight, designed to deliver secure infrastructure management anywhere from the cloud.

Provides information on how to upgrade an existing installation of Cisco HX Data Platform, upgrade guidelines, and information about various upgrade tasks.

Provides information about HyperFlex Systems specific network and external storage management tasks.

Provides CLI reference information for HX Data Platform stcli commands.

Provides information on how to use the Cisco PowerShell Cisco HXPowerCLI cmdlets for Data Protection.

REST API Getting Started Guide

REST API Reference

Provides information related to REST APIs that enable external applications to interface directly with the Cisco HyperFlex management plane.

Provides troubleshooting for installation, configuration, to configuration, and to configuration. In addition, this guide provides information about understanding system events, errors, Smart Call Home, and Cisco support.

Provides independent knowledge base articles.

Provides information on recommended FI/Server firmware.