Cloud Services

Enterprise Marketplace

Enterprise Marketplace known issues
Published On Jun 13, 2024 - 10:25 AM

Enterprise Marketplace known issues

This page covers the known issues currently available in Enterprise Marketplace.
The current Enterprise Marketplace release contains the following known issues.

General issues

Memory issues
GraphQL queries cause slowdowns
: The common reporting framework that uses GraphQL performs synchronous API calls to the backend to generate reports. This can cause slowdowns, especially for long running or expensive reporting operations that involve aggregation of results from multiple collections or if the operations involve getting live data from external data sources and aggregating them. Caching query results can in some scenarios alleviate the problem, but GraphQL queries are very dynamic in nature which makes in-memory caching very difficult and less desirable.
Pod memory limitations cause crashes
: Pod memory limitations of micro-services can cause memory intensive reporting jobs running on a pod to crash if sufficient memory is not allocated to the pods. For example, ops-inventory-service runs only with 512MB of RAM, compared to 4GB of RAM being used in ECAM for the pods running the reporting jobs.
Ordering SOC components causes slowdowns
: Performance is slow when ordering SOC components for Day2Ops on the Ordered Services page.
Quotes feature issues
Quote details supported
: When creating the quote, only the parameters required for pricing are displayed and supported for Amazon Web Services (AWS) using the latest template for AWS provider services. When the parameters are converted to cart while creating the quote, all the remaining configuration can be entered as the system does not allow the user to edit the service to complete the configuration.
Pricing rule issues
The pricing rules are applied on the totals
: The total line items are only considered causing a mismatch when summing up the bill of materials (BOM) items if prices are present.
Multiple providers issue
Policy-based approval
: When using policy-based approval, items in the cart should belong to the same provider. If they belong to multiple providers, the policy must exist including all the providers present in the cart.
User interface issues
For V3 authorization method only, users cannot see the
Transfer service
option in the
Actions
menu for stacks on the
Ordered Services
page.
On the
Ordered Services
page, the
Actions
menu on the
Service Offering Component
tab does not open.
Response delay
: When Enterprise Marketplace is deployed in bridge mode for a multi-tenant environment, customers may experience a longer-than-expected response time of up to 25 seconds on certain pages.
Team role limitation
: The team role mapping user interface is not functional.  Workaround: Use APIs for team role mapping instead.
API key issue
Revoked API keys
: When API keys are revoked for any user type, the respective key owners are not being notified.
Audit log issues
Audit log creation
: No audit logs are created for approving and denying orders. Additionally, creating, editing, and deleting policies do not generate audit logs.
Budget issue
Amount mismatch
: Orders with the same service instance but different budgetary units can retrieve inconsistent amounts withheld from or released to budgetary units. Multiple budgets within the same budgetary unit are not affected.
Catalog discovery issues
Email notifications
: In some deployments, running catalog discovery might result in the following email notifications:  When no service provider service is present or the wrong credentials have been used, the notification shows the "discovery service count" as "-1" instead of "0".  Imported service count and import failed count are not required when they are not showing any value. A message prompting the customer to log in to view discovered services displays after the discovery process completes, even when the discovery has failed.
Catalog versioning issue
The links between inventory and catalog templates are not found
: Previously imported service offerings might not have the latest service offering version in the Inventory table.
Workaround: To enable previously imported and old inventory to see the current service offering version, Buyer roles with SERVICE_OFFERING_INSTANCE and CRUD permissions must trigger migration using the
POST {host}/icb/inventory/v5/migration/start
API with the following payload:
{ "MigrationKey": "add_current_version_to_old_docs", "MigrationValue":"0" }
Context issues
Viewer role unable to view Quotes details
: User with just the Viewer role are unable to view the
Quotes
page.
Order Administrator unable to view Order pages
: Users with only the Order Administrator role are unable to see the Order related pages and orders that they should have access to regardless of Access Group or Access Tags. Only the Order Admininstrator has access to call the Orders Listing API that determines what is displayed based on access tags:
GET /v5/api/admin/orders
.
Unable to edit the shopping cart context
: The shopping cart shows all contexts, not just applicable contexts. During order placement, the right credential mgiht not be selected if the buyer context and credential do not match.  A context mismatch causes order submission to fail whenever an operator edits and submits a successfully fulfilled non-compute order submitted by a Buyer.
  • Example 1: Context of the Buyer John is set to TeamA and ProjectA. Context of the credential C1 is set to TeamA and Project_All. C1 is not selected as the credential when John places an order for a service.
  • Example 2: Context of the Buyer John is set to TeamA and ProjectA. Context of the credential C1 is set to TeamA and ProjectA. C1 is selected as the credential when John places an order for a service.
Dependency settings incorrectly displayed
: When mapping a role to a team, dependent context types display values without reflecting the dependency settings. Workaround: Use APIs for such mapping.
Sourced contexts
: Context values management does not support externally sourced contexts.
Organization configuration
: When associating only custom contexts for Approver roles, you must to specify Organization as All Organization.
Buyer role
: The buyer role can only have one set of context values associated for a specific team.
Currency conversion issues
System time mismatch
: When using the currency conversion, the system time sets to midnight UTC, rather than local user time. Therefore, the currency conversion might start ahead of or later than local time. If currency is used for provisioning or during ingestion, the required currency might not be available if the date is set for today. 
Workaround: Use a day in the past for a start date and a day ahead for the end date.
Managed Service import issue
SOI import limitation
: Importing an existing Service Offering Instance (SOI) with a managed service offering attached to it
Provisioning message issue
Unable to view order fulfillment status
: The View Messages link available during order provisioning displays only an In Progress message instead of the order's fulfillment status. The issue occurs because the adapter cannot receive additional status messages
Reboot issue
Unable to reboot
: Reboot function is broken across all roles.
Roles issue
After a Buyer successfully submits a non-compute order, the Operator cannot edit the order or submit it.

IBM Cloud Pak for Multicloud Management Issues

Cloud Pak issues
Unable to edit the SOI or CPU order
: Edit SOI Change memory or CPU order is failing with error "Error: Memory Hot-Add not enabled".
Infrastructure management issues
Infrastructure Management (Cloudform) support
: Cloudform has only been tested in Amazon Web Services and VMWare. For any additional provider support, the customers/delivery team needs to update the provider SOC types in the operation definition.
Edit/Reconfigure requirement
: The virtual machine must be turned off before editing a service.
Remove confirmation message
: Virtual Machine requests are intermittently marked as a success before the virtual machine is actually retired/deleted.
Catalog creation support
: Catalog creation using Ansible Playbook is not supported.
Terraform Automation issues
Terraform Automation
: A blank page is displayed while navigating the Terraform Automation from the Microsoft Chrome browser by clicking on a link.
Kyndryl Modern Operations Applications page
: Users are redirected to the Kyndryl Modern Operations Applications home page when trying to access Kyndryl Modern Operations Applications pages for the first time from the Microsoft Chrome browser. Additionally, when a user tries to access the identity and access management page from Kyndryl Modern Operations Applications, the correct Kyndryl Modern Operations Applications page is not displayed.
Workaround: Go to the specific Kyndryl Modern Operations Applications URL to access the identity and access management page.
Canceling Discovery messages
: The error message: "Discovery cannot be canceled at this time" is displayed after canceling the Discovery. The status of "Cancelsubmitfailed" is displayed in the history. However, Discovery is successfully canceled after few seconds. This is an intermittent error.
Stop Terraform Automation operation
: Unable to stop the operation for VM resources from Google Cloud Platform and Microsoft Azure, but Enterprise Marketplace shows the "stop" operation for those resources.

IBM Cloud Automation Manager issues

IBM Cloud Automation Manager integration and application issues
Unable to restore IBM Cloud Manager
: The IBM Cloud Automation Manager version cannot be restored after attempting to upgrade the version, causing the service instance in Enterprise Marketplace to not function properly.
Synchronization between Enterprise Marketplace and IBM Cloud Automation Manager
: Services unretired from Enterprise MarketPlace are not automatically unretired in IBM Cloud Automation Manager.
Unable to delete deprecated services
: Deprecated services in Enterprise MarketPlace cannot be deleted if any associated service instances exist in IBM Cloud Automation Manager.
Virtual Machine customs operations
: Custom operations cannot be stopped for ICP provider, Google Cloud Platform (GCP), and Azure services from the virtual machine.
Tagging limitation
: Tagging is not supported for IBM Cloud Automation Manager service with GCP and vSphere Terraform template.
Canceling message
No error message displays in Enterprise Marketplace when a canceling fails while provisioning a service.
Display in Enterprise Marketplace checkbox
: The Display in Enterprise Marketplace checkbox is not functional when editing an IBM Cloud Automation Manager service in Enterprise Marketplace. The service shows all the configurations, even when some configurations are not selected.
Map & List Data Types configuration does not support callback
: Values for Map and List type parameters do not update in the user interface when a user changes the plan.
Taint/Untaint custom operation supports
: The taint custom operation is only supported in the following instances:
VMs
  • azurerm_virtual_machine
  • google_compute_instance
  • bm_compute_vm_instance
  • pureapp_instance
  • openstack_compute_instance
AWS
  • aws_internet_gateway
  • aws_key_pair
  • aws_route_table
  • aws_route_table_association
  • aws_security_group
  • aws_subnet
  • aws_vpc
  • aws_ami
  • null_resource
  • tls_private_key
Azure
  • azurerm_network_interface
  • azurerm_network_security_group
  • azurerm_public_ip
  • azurerm_resource_group
  • azurerm_storage_account
  • azurerm_storage_containe
  • zurerm_subnet
  • azurerm_virtual_network
  • random_id
Stop operation not supported
: The Stop operation in Enterprise MarketPlace is only supported for Azure and Google Cloud Platform (GCP) VM resources.
Shutdown error message
: When the shutdown operation fails for an IBM Cloud VM on Enterprise Marketplace, Enterprise Marketplace does not display an error message.
Catalog discovery process
: When a Catalog Admin tries to perform a catalog discovery, discovery fetches all services. The job status may remain in an in-progress state, even if the job completes.
Workaround: Use the following API to resolve this issue:
  • URL: https://<host>/msgsubscription/v1/subscriber/catalog_service_response_inventory
  • Method: DELETE
  • Headers:
    • username: <username>
    • apikey: <apikey>
    • Content-Type: application/json
    • hard-delete: True
Note:
This API is applicable only when IBM Cloud Automation Manager is an endpoint.
Users visibility
: Users see all services from IBM Cloud Automation Manager regardless of their namespaces.
View Log erroneously displayed:
The View Log option is visible in Enterprise Marketplace even though Enterprise Marketplace does not support logs for type service action Day2 Operation orders.
Terraform templates
: Services containing Terraform templates (other than AWS, GCP, Azure, and IBM Cloud) cannot be ordered.
Duplicate names
: When a service with same name is created in two different namespaces in IBM Cloud Automation Manager, only one of the services displays in the Enterprise Marketplace Catalog.
Deprecated services still available in Enterprise MarketPlace
: The retired service status cannot be synchronized across IBM Cloud Automation Manager and Enterprise Marketplace and therefore continue to show as Work In Progress, Draft, or Published in Enterprise Marketplace. When a service from Enterprise Marketplace is retired, it continues to display in a Completed state in IBM Cloud Automation Manager.
Log out synchronization
: A logged-out Enterprise Marketplace user can still access IBM Cloud Automation Manager.
Unable to rename provider accounts
: Provider accounts should not be renamed or deleted after an IBM Cloud Automation Manager service is completed or provisioned with that provider account.
Catalog display on the Enterprise Marketplace Catalog Admin page
The catalog discovery is visible for the ICP provider, even though the feature is disabled for Kyndryl Modern Operations Applications. No error message displays in Enterprise Marketplace for the unsupported discovery.
Services in draft status
: A Catalog Admin can publish a service in Enterprise Marketplace even if the service is in a Draft state in IBM Cloud Automation Manager.
Service creation in namespace A
: If a Service Designer creates a service in Namespace A in IBM Cloud Automation Manager (Team A in Enterprise Marketplace), users from other teams cannot order the service. If they try to order the service, they will get the following error: derived config error : no config found.
IBM Cloud Automation Manager catalog discovery disabled in the Enterprise Marketplace environment
: When services are being created and published in IBM Cloud Automation Manager, these are updated in Enterprise Marketplace.
Roles provision
: Users with Enterprise Marketplace Service Designer or Buyer roles need to have IBM Cloud Automation Manager Editor or IBM Cloud Automation Manager Operator roles to provision or order an IBM Cloud Automation Manager service in Enterprise Marketplace.
Handle IBM Cloud Automation Manager
: The Enterprise Marketplace Catalog Admin can only publish or edit IBM Cloud Automation Manager services in Enterprise Marketplace when they are in a Work in Progress (WIP) state.
Provider account for IBM Cloud Automation Manager roles
: Enterprise Marketplace teams assigned IBM Cloud Automation Manager roles must have at least one provider account assigned to them. A provider account should belong to a single team.
Service design composition
: When a Service Designer composes a service, the Namespace selected should be Global.
Service design composition using Terraform
: When a Service Designer composes a service using a Terraform template, the cloud connection must be defined as a Link Connection only.

Public cloud issues

Amazon Web Services (AWS) issues
For SAS, the pricing line item is displayed for the default nodepool even when another nodepool has been assigned.
Custom Day2Ops are not loading on the Ordered Services page.
Integration with Red Hat OpenShift Cluster v4.7 has these known limitations
  • This service offering only provisions required AWS infrastructure and not the complete OpenShift installation.
  • The Edit operation is not supported.
  • The AMI used is specific to OpenShift 4.7 and might not work properly for other OpenShift versions.
Only Standard storage pricing is considered while provisioning the S3 Service
There is no way to define the storage class while provisioning service. Other storage classes are:
  • One Zone - Infrequent Access
  • Reduced Redundancy
  • Standard - Infrequent Access
Amazon Elastic Kubernetes Service (EKS) issues
  • IAM Roles:
    The system cannot 100% filter IAM roles specific for EKS cluster and EKS Nodegroup.
  • Instance Type:
    The Instance type list cannot be sorted according to the AMI type selected. Therefore, if an unsupported instance type is selected, then the order will fail.
  • Min, Max, and Desired Size:
    Max size and Min size for the number of instances cannot be aligned with the desired size
Amazon RDS specific limitations
  • Default Value Based on Engine:
    Changing the default value based on the selected engine is not supported for the following fields:
    • Storage Type
    • IOPS
    • Allocated Storage
    • Backup Retention Period
  • DB Engine Version:
    The naming for DB Engine version on MCMP dashboard is not similar to the one on the AWS console.
  • DB Instance Identifier:
    Validation to check if DB Instance Identifier already exists is not supported.
  • Fetch Values Based on Engine:
    The following values cannot be fetched based on the selected engine because filter support is not available in AWS SDK:
    • DB Instance Class
    • DB Parameter Group
  • MasterUserPassword:
    Edit is enabled for these templates to keep in sync with AWS console. In AWS console this field is not mandatory during the Edit operation. On the MCMP dashboard the user must edit the password every time for Edit operation
Sort key for DynamoDB
: For DynamoDB, the Sort key is a mandatory field on the Enterprise Marketplace dashboard.
Known issues for integration with Amazon MSK (Apache Kafka)
  • The number of broker nodes must be a multiple of Availability Zones in the Client Subnet(s) parameter or the order will fail.
  • Version downgrade during edit will fail the order.
  • The alias name for the field Customer managed CMK is not getting displayed in the dropdown list because that type of UI is not supported.
  • There is no SDK support to filter keys that are in Disabled or Pending Deletion state.
  • Storage and instance pricing here for Kafka have the exact same line item names.
  • Edit is allowed even though it is not supported from the AWS console (add-on feature from Enterprise Marketplace).
  • Cluster name should must be updated during every edit operation or the  edit operation will fail.
Known issues for integration with DocumentDB
  • Number of instances to be deployed in the cluster is not supported because no cloudFormation support is available.
  • Log exports isnot supported because templates only support simple configurations and adding log exports is complex.
  • For maintenance window, no preference field is added because the Backup window and maintenance window can cause conflict.
Known issues for integration with Amazon Elastic Kubernetes Service (EKS)
  • The system cannot 100% filter IAM roles specific for EKS cluster and EKS Nodegroup.
  • Instane type list cannot be sorted by the AMI type selected.
  • The Max size and Min size for number of instances cannot be aligned with desired size.
Known issues for integration with Amazon Keyspaces (for Apache Cassandra)
:
  • No SDK method is available to describe the SOC output params.
  • The current native template does not support Collection column types such as list, map, set, and tuple.
  • One dynamic section is fixed for columns because one or more partition keys are required for the table.
  • Pricing line item names are exactly the same for read and write capacity units in provisioned capacity mode.
Known issues for integration with RDS
:
  • The following fields available on the AWS Console are not present on the CBS Dashboard because they are not currently supported by CloudFormation:
    • Confirm Password
    • IAM DB Authentication
    • Microsoft SQL Server Windows Authentication Failover
    • Backtrack
    • Log Exports
  • The naming for DB Engine version in Enterprise Marketplace might not be similar to the one on the AWS console.
  • Validation to check if DB Instance Identifier already exists is not supported.
  • In AWS console the password field is not mandatory during the Edit operation. In Enterprise Marketplace, the password must be entered for every Edit operation or the operation cannot proceed.
  • The DB Instance Identifier name must be updated during every edit operation or the edit operation will fail.
Template max count parameter restriction
: The Monitoring field has been removed from the EC2 template due to the template's max count parameter restriction.
Security group option disabled
: When editing the AWS EC2 service, the Security group option is disabled when the user selects Create new security group.
KMS service limitations
:
  • No support for the custom key store (CloudHSM) option.
  • JSON formatted policy documents cannot be shown in the View component.
  • No support for copying and downloading a public key with an Asymmetric key type.
  • No support for enabling or disabling the key as part of inventory action.
  • No support for uploading or downloading a keyMaterial (External key) as part of an inventory action.
  • Users do not have to acknowledge understanding the implications in External Key before proceeding to the next action.
  • Key administrators
    and
    This account
    do not show columns for additional details for users and roles.
  • In Edit Policy of KMS, no user interface validation exists to check whether the KMS Policy field contains valid JSON content. If the JSON content is invalid, the order provisioning fails.
Pricing warning
: A pricing warning displays when performing custom operations to attach or detach a network interface to or from an AWS EC2 instance.
For the EC2 service in the the Root Device config group, these limitations apply:
  • All fields are optional to support backward compatibility of EC2 services.
  • No validation error messages display for these conditions:
    • When the root device size is lower than the size of the snapshot because that kind of validation support is not currently available.
    • When AMI is encrypted and the selected root volume encryption type is
      Not Encrypted
      .
The user interface does not hide the dynamic section component despite being dependent on other parameter selections.
When a customer selects the
Create new security group
option while provisioning an EC2 instance, the default value for SG rule is SSH (port 22). To edit the default protocol or port, the customer user must select the
+Rule
button. For Windows images, select RDP (port 3389) for instance connectivity.
IMI support
: Delegate access IMI support is not available for AWS.
If Custom Operation Template (COT) for SOC view of a specific resource type is incorrectly configured, the customer will be unable to see the record for that resource type when the service instance is expanded.
New provision in AWS services
: When true is selected for "enableTerminationProtection", newly provisioned AWS services in Enterprise Marketplace cannot be deleted or updated. The resulting status is DELETE_FAILED.
Workaround: Disable "terminationProtection".
CloudWatch Alarm update
: The operation fails when the edited order is submitted.
Classic Load Balancer
: The classic load balancer fails during service editing.
Servicification tool does not recognize special characters
: Do not use special characters in custom template file names because the Servicification tool does not recognize them.
If the Template Storage Location field is not available in the
AWS Asset Account
View Details
page, run the script "setup_purposes_and_providers.sh" from the repository
cb-core-auth/cb-core-bootstrap
to fix it.
For AWS Lambda service:
  • In the Advance Configuration tab, the
    Concurrency
    field is disabled during edit operations.
  • No filter criteria displays for the Lambda-specific KMS key for the property
    KMS Key To Encrypt In Rest
    .
For AWS Route53 Recordset service:
  • The customer must enter a
    yes
    value in the
    Alias Target
    field in the
    Create Record Set
    tab. Valid values can be an S3 Website endpoint, load balancer, CloudFront distributions, VPC endpoints, API gateways, and more.
  • No validation exists for record types MX, SRV, SPF, NAPTR, and CAA.
On the AWS Datapipe Line service's
Schedule
page, no dynamic mapping exists between the
Run every
and
Run every type
fields.
In Classic Load Balancer, at least one listener should be selected. In the case of multiple listeners, the load balancer port should be unique.
In Classic Load Balancer, UI is not provided if the user selects the instance protocol like HTTPS to enter instance-level authentication. In the current implementation, changing protocol does not reflect the change in default port.
In AWS Key Pair Service, the key pair can be download from the user-selected S3 bucket. The bucket information displays in the Inventory's
Service Details
window instead of the
View Component
window.
Users need to purchase a license before using some of the AWS-Marketplace images. Make sure you have the required license of Marketplace images, if applicable. Not having the required prerequisite results in EC2 resource launch failure.
The Image Search and Image Description filters on the Configure InstanceType section for EC2 service support are case-sensitive searches only. No API support is available for case-insensitive searches. Customers get the proper AMI search results when the search text is entered in the correct case.
To get better results in an AMI search, enter 7 to 8 characters in the
Image Search
field. When too many AMIs match the search criteria, a
No Results Found
message displays. This message might also display when only the letters
ami
are used as search criteria in the
Image Search
field. Retry this search by entering more characters in the
Image Search
field.
Some images available on AWS do not have Name, Description, or Owner Alias defined. These images do not display in EC2 AMI image searches result in EC2 AMI search when searched by Name, Description, or Owner Alias. For example, if there is no image available with with a
microsoft
owner alias, no image displays as a result of a
microsoft
owner-alias search.
Microsoft Azure issues
Custom Day2Ops are not loading on the
Ordered Services
page.
When duplicating an ordered service from the SAS Azure catalog, the API key and secret must be reentered or the order will fail due to process timeout.
Configurations that do not support pricing for the storage account
: Pricing for the storage account is not available with configurations such as Storage v2 account kind, standard performance, and LRS as redundancy.
The following are known issues for Windows Virtual Machine Scale Set:
  • Support for Azure Hybrid Benefits is not provided (Bring Your Own License).
  • Support to attach only a single NIC (Azure portal provides a maximum of two NICs).
  • No Customer Managed Key Encryption for Data Disk.
  • Automatic OS Upgrade.
  • Day2Ops are not supported.
The following are known issues for Linux Virtual Machine Scale Set:
  • Support to attach only a single NIC (Azure portal provides a maximum of two NICs).
  • No Customer Managed Key Encryption for Data Disk.
  • Automatic OS Upgrade.
  • Day2Ops are not supported.
Currently, the price for Linux VM Scale Set and Windows VM Scale Set is only shown when the spot VM option is not selected because the rate card API does not accept the
meterIDs
for spot VMs.
Creation of Azure Virtual Desktop fails when user selects an existing NSG. This behavior also occurs on the Azure portal.
The following are the known issues for Azure Firewall Policies:
  • Multiple rules inside a collection are allowed. Multiple rule collections are not allowed.
  • Separate rule collections for the Allow and Deny rules are supported. Other named collections are not supported.
  • IP Groups are not supported while creating Firewall rules. However, the user can define as many IPs for a rule as required.
  • The Cloud Service origin type is not supported.
  • CDN Profile service offering configurations cannot be loaded on Safari browsers at release time. Fixes are underway.
The following are the known issues for SQL Database:
  • SQL Defender Option is only available when creating a new SQL Server.
  • The Basic, Standard, and Premium Purchasing plans are available. vCore-based options are not available.
  • User cannot configure SQL Database with Current Client IP Address.
  • Backup is not part of the current service offering.
  • The Default Maintenance Window is opted for all the orders.
The following are the known issues for Cosmos DB Account:
  • The user must calculate copies of data retention period manually.
  • Only Service-Managed Key is supported for dataEncryption.
  • The Networking parameter cannot be modified.
  • For some locations the order is failing for geo-redundancy and availability zones. This is an Azure API issue and is intermittent.
The following are the known issues for Cosmos DB Database:
  • Azure has a maximum limit for RU/s per subscription. If this amount is exceeded, the order will fail.
  • Analytical Store is not supported.
  • No additional information is available from API, so the user does not see the SOI for this component.
The following are the known issues for Record Set:
  • The Record Name must be unique across DNS Zone.
  • Edit flow is not supported.
  • Adding Alias record set for Azure resource or Zone record set for A, AAAA, and CNAME types is not supported.
The following are the known issues for integration with Azure Kubernetes Service (AKS):
  • The "Node VM size" should be more than two cores and 4 GB memory because these series sizes are not supported. Dynamic validation is not supported for this.
  • Adding multiple node pool feature is not currently supported.
  • Dynamic Validation is not supported.
Azure LAMP Stack is only supported for Ubuntu OS versions 12.04.5-LTS and 14.04.5-LTS.
The following are the known issues for integration with Hyperscale (Citus) server group:
  • Dynamic Validation is not supported.
  • The network connectivity method supports only 'No Access'.
If you edit a partially deleted order, the system will redeploy all the resources that were originally part of that order. In such a scenario, the order might fail if resources with the same name exist. Therefore, do not edit partially deleted orders.
There is a known issue when editing a Azure Windows Virtual Machine or Linux Virtual Machine service instance. When changing
NIC Network Security Group
from
Basic
to
Advanced
, a fixed section item is automatically shown for the
Inbound Security Rule
section of the next group (
Inbound Security Rule Parameters
). The
Inbound Rule Name
field in this initial section is disabled and the fixed section data does not get sent during submission.
Workaround:
Remove this initially added fixed section item and add it back using the
Remove section
and
Add section
buttons.
The Host Group service is failing for different locations with different fault count domain due to an Azure issue. To check the list of supported counts, issue the following Azure CLI command:
az vm list-skus --resource-type availabilitySets --query '[?name==
Aligned
].{Location:locationInfo[0].location, MaximumFaultDomainCount:capabilities[0].value}' -o Table.
.
In a multi-quantity order, if existing disks are used, then only one order will be completed and rest will fail because one disk can only be attached to a single VM. Other orders will fail with the following error:
Error occured{ "error": { "code": "ConflictingUserInput", "message": "A disk with name already exists in Resource Group and is attached to VM 'Name' is an optional property for a disk and a unique name will be generated if not provided.", "target": "" } }
An availability set provisioned using the out-of-the-box template will not be available as part of the existing Virtual Machine (VM) availability set.
Workaround:
Avoid using the existing availability set. Instead, create the availability set as part of the VM.
The Azure API causes the Enterprise Marketplace user interface to show all values as enabled for the SKU/Pricing Tier when editing Azure services. Customers should always upgrade the SKU/Pricing Tier while editing.
The Edit Order function fails when downgrading the SKU/Pricing Tier. The failure occurs because Azure does not support downgrading the SKU/Pricing Tier for a service.
When editing a Windows or Linux Virtual Machine (VM), the boot diagnostics storage account parameter can only be changed from
Disabled
to
Enabled
, not vice versa.
Enterprise Marketplace does not support multiple versioning of templates, which might cause orders put in progress before the upgrade to fail.
Azure Load Balancer service currently does not support adding a VM or VM Scale Set to the backend pool. Also, VM, VM Scale Set, and Availability Set cannot be added to an inbound rule.
Azure Linux VM and Windows VM services do not support adding a new backend pool to the Load Balancer.
If a service definition is updated for a service that is part of an order that is pending approval, the order might fail during provisioning after the order is approved. This is due to the mismatch between the new service definition and the parameters previously collected during order configuration.
Upgrading Enterprise Marketplace causes new deployment and pod creation for cb-azure-catalog-int and cb-azure-prov-adapter. The logs for these pods are not available to the upgraded deployment.
Workaround:
Backup cb-azure-catalog-int and cb-azure-prov-adapter pod logs before upgrading to a new Enterprise Marketplace release.
When deleting a Virtual Machine (VM), the virtual network associated with the VM is also being deleted. The network is deleted even when it is used by a different storage account.
Workaround:
When creating a VM or storage account, create a new virtual network.
In the upgraded environment, templates containing nested resource types that are not present as parent resource types must be deleted and uploaded again. For example, in
notification hub service (CB_AZ_ARM_NH_S00)
, "notification hub" is the nested resource, but is not present in the main resource section.
Users can import Azure Linux or Windows VM Services to Enterprise Marketplace using the Import SOI feature. However, Enterprise Marketplace's editSOI feature does not support editing imported Azure Linux or Windows VM Services SOIs.
Enterprise Marketplace shows replication type ZRS for a few Azure regions no longer supported due to recent changes in Azure Portal, but APIs show ZRS support in those regions.
The Enterprise Marketplace user interface does not support validating unique resource names for the following Azure templates:
  • Public IP Address
  • Cosmos DB
  • Load Balancer
  • Managed Disk
  • Azure Image
  • Recovery Service Vault
  • Windows Virtual Machine
  • Key Vault
  • Web App
  • App Service Plan
  • Linux Virtual Machine
  • Network Interface
  • File Storage
  • Container Instance
  • Table Storage
  • DDoS Protection Plan
  • Redis Cache
  • Proximity Placement Group
  • AKS
  • Host Group
  • Dedicated Host
  • Queue Storage
  • Red Hat IAAS
  • Virtual Network
  • Virtual Network Gateway
Enterprise Marketplace does not support matching credentials strings or sub-strings for
Login User
and
Login Password
parameters for the following services:
  • Azure Database for MariaDB servers
  • Azure Database for SQLServer
  • Azure Database for PostgreSQL servers (Single server)
  • Hyperscale (Citus) server group
  • SQL Database
  • SQL Server
  • Linux Virtual Machine
  • Windows Virtual Machine
  • Redhat Linux 3-tier Stack
Linux and Windows VMs with Boot Diagnostics enabled and New Storage Account Required marked as
Yes
fail when the customer edits the configuration and does not change the storage account name. Failure occurs because a storage account with same name already exists. The VM component is not visible in the service instance because of a storage account name conflict on Azure.
Workarounds:
To keep the same storage account when editing the configuration:
  1. In the
    Identity and Monitoring
    Group Sequence, select
    New Diagnostics Storage Account Required → No
    .
  2. From the
    Existing Diagnostics Storage Account
    list, select the same storage account that was created at the time of new deployment.
The other option is to create a new storage account with a different name.
When any service is provisioned for the first time with newly created dependent resources, all those dependent resources are visible in the service instance as its components. When the service is edited, if the user modifies the resources to either new or existing, the details of the earlier created resources vanish from the service instance. This is because Cloud tracks the service instance components by deployment IDs. If a user updates the services while editing, the deployments in that deployment ID get updated. After the deployment IDs are updated, the old resources become zombies, and cannot be tracked by the updated deployment IDs. 
Workaround:
Users can record the details of the old resources before making resource modifications and reenter those resources when making the resource updates. Or users can delete the zombie resources from Azure when they no longer appear in Cloud.
Issues with OS images with virtual machines:
  • Azure provides partial pricing details on Red Hat Enterprise Linux (RHEL) VM because RHEL offers only partial pricing with Cloud.
  • Marketplace Images are not deployed with Cloud because the Azure API does not support deployment with an Azure Resource Manager.
IBM Cloud issues
Redis feature known issues:
  • Locations are currently statically populated in the service.
  • There is a selectOne type for defined templates whose values have been hard-coded in the Terraform template for provisioning purposes. If these values are updated from the UI, the Terraform template also needs to be updated. This can be done using custom templates.
Kubernetes for Classic Infrastructure has these known issues:
  • If the cluster is not created within 1 hour 30 minutes, the order fails.
  • The BareMetal machine type is not supported due to a Terraform limitation.
  • VLANs cannot be filtered.
  • VLANs only show Router IDs instead of their complete names.
  • The Infrastructure permissions checker feature on Portal cannot be implemented because it has no Terraform support.
  • For MultiZone clusters, if the same zones are selected then the pricing for Multizone LoadBalancer is not shown. Instead, the system considers it single-zone only.
  • Private VLAN, if present, is a mandatory field. If it not selected, the order will fail with the error “You must specify a private VLAN for worker node connectivity.“,type”:“BadRequest”.
  • Unique zones must be selected while creating the cluster or the order will fail with the error “The zone is already part of the worker pool.“,”type”:“Provisioning”,“recoveryCLI”:“Choose a different zone or a different worker pool to add the zone to.“.
  • The custom operation Resize Pool is not supported.
Cloudant has these known limitations:
  • The Dedicated environment type is not supported due to a Terraform limitation.
  • The Starting Capacity cannot be displayed because it requires dynamic arithmetic calculations.
  • The Region values for the Standard on Transaction Engine plan type are hardcoded for the Dallas and Frankfurt regions.
  • The
    Authentication method
    dropdown in the IBM Cloud portal is not supported due to a lack of Terraform support.
  • Regions are currently statically populated for the service.
  • A pricing discrepancy is present for the Standard on Transaction Engine Plan of Cloudant. This discrepency also exists in the IBM Cloud portal.
Output values in template will only support string as a return value.
For Multi-VLANs, if a previously selected datacenter is exhausted or previously selected PODs are removed after provisioning, they will not be available in the dropdown menu during editing. This is expected behavior because these fields cannot be edited.
Kubernetes Cluster with VPC service intermittently fails with a timeout issue when it takes more than 90 minutes to provision.
RedHat Openshift Service for VPC with Cloud Pak intermittently fails with a timeout issue when it takes more than 90 minutes to provision.
RedHat Openshift Service for VPC intermittently fails with a timeout issue when it takes more than 90 minutes to provision.
If users select Availability for Multi Zone, they must select unique Zones.
For Triple zone, if two of the same zones are selected, then a Dual zone will be provisioned but pricing on MCMP will be shown for three zones.
For Dual zone, if the same zones are selected, then a Single zone will be provisioned in which case the number of worker zones is set to 1 and provisioning will fail. However pricing will be shown for two zones.
The worker pool name is not available because it is not available in Terraform.
The IBM Cloud Baremetal Monthly Service needs to be re-uploaded for existing tenants using
readTemplate.sh
.
These issues occur with Kubernetes with VPC and Red Hat Openshift with VPC:
  • If the user selects Availability for Multi Zone, they must select unique Zones:
    • For Triple zone, if two of the same zones are selected, then dual Zone will be provisioned. However, pricing will be shown for three zones.
    • For Dual zone, if two same zones are selected, then a single zone will be provisioned in which case number of the worker zone set to 1 will fail the provisioning. In addition, the pricing will be shown for two Zones.
  • The worker pool name is not available because it is not available in Terraform.
When using Kubernetes Server with existing tenants, the pricing template must be re-uploaded from https://github.kyndryl.net/MCMP-Integrations/cb-provisioning-template/tree/master/IBMCLOUD/PricingTemplate/ibm_container_cluster.json. New tenants will have the updated template.
Invalid configuration values resulting in a "Pricing Warning" will not block the user from generating a quote.
Invalid configuration values resulting in a "Pricing Warning" will not block the user from submitting an order. The combination might subsequently fail during provisioning.
The following are the known issues for integration with PostgreSQL, ElasticSearch, DB Etcd, and Redis:
  • The
    Initial CPU Allocation
    ,
    DB version
    , and
    Endpoint
    fields are not supported in the MongoDB database service.
  • Only the ‘us-south’ location is supported as Database-location. Provisioning of service fails for any other location.
  • If provisioning of service fails , it fails with “Internal Server Error”. The proper reason for the failure is not displayed.
The following are the known issues for integration with RabbitMQ and DB2:
  • Only the ‘us-south’ location is supported as Database-location. Provisioning of service fails on any other location.
  • If provisioning of service fails , it fails with “Internal Server Error”. The proper reason for the failure will not be displayed.
The following are the known issues for integration with Event Streams:
  • Only Lite and Standard plans are supported.
  • When Event Stream service is provisioned for any location other than ‘us-south’, then the tags are not reflecting on the ibmcloud portal.
  • Pricing warning will be displayed for some invalid combinations.
  • If provisioning of service fails , it fails with “Internal Server Error”. The proper reason for failure is not displayed.
For integration with SQL Query, if provisioning of service fails, it fails with “Internal Server Error”. The proper reason for the failure is not displayed.
The following are the known issues for integration with Cloudant:
  • Only the Multi-tenant environment is supported.
  • Only the ‘us-south’ location is supported as Database-location. Provisioning of service fails for any other location.
  • If provisioning of service fails, it fails with “Internal Server Error”. The proper reason for the failure is not displayed.
  • Legacy authentication is not supported.
If any changes are made on the provider side to configuration values while an order is being created in the Cart, the Pricing Details might not be available and Order Submission might fail.
Worker pool operations for IBM Kubernetes Service resource fail intermittently.
The IBM Cloud Network Gateway Appliance service is no longer supported and needs to be ‘Retired’ from Catalog.
The IBM Cloud Django App Service is no longer supported and needs to be ‘Retired’ from Catalog.
The IBM Kubernetes Cluster service intermittently fails with a timeout issue when it takes more than 90 minutes to provision.
Enterprise Marketplace no longer supports the Hardware Firewall (Dedicated) service. This service must be retired from the Catalog Admin page after the existing attached SOIs are removed.
The IBM Cloud API Key in the IBM Cloud Provider Asset Account is now a mandatory field for configuring the resource. It will be marked as “required” on the UI in the next releases.
The IBM Cloud Registry Service is no longer supported. The user can no longer provision this resource. Change the service state to
RETIRED
using the
Catalog Admin
page.
The IBM Cloud CICD Pipeline Service is no longer supported. The user can no longer provision this resource. Change the service state to
RETIRED
using the
Catalog Admin
page.
Provisioning is not supported for the IBM Cloud Dedicated Host resource.
The Content Delivery Network service does not allow updating the Performance Configuration parameter. General Web Delivery is the only option supported.
IBM Cloud has discontinued support for the Swift type of object storage account. Enterprise Marketplace has also discontinued this support.
IBM Cloud and Enterprise Marketplace no longer provide local Load Balancer Service.
When the Auto Scale Policy Trigger service on the Enterprise Marketplace Inventory page is expanded, it shows the both the Auto Scale Policy and Auto Scale Policy Trigger using the same component name. This situation occurs because no separate resource is available for Auto Scale Policy Trigger, which uses the same resource available for Auto Scale Policy.
When two interdependent items are added to the cart and the order is approved, provisioning might not succeed because of the order in which the Terraform Engine processes the two resources.
Workaround:
Provision each resource individually and provisioning works as expected.
IBM Cloud dedicated virtual server only supports up to two additional disks.
Bluemix Kubernetes service has the following issues:
  • Additional validation is invoked for the Private VLAN field when the Cluster Type is Free, due to portable storage and dependent config callback issues.
  • MultiZone Worker Zones are not presently supported.
  • The Tags field is not currently supported.
  • In
    Inventory
    View Component
    , Worker Num is only displayed for values greater than 1.
  • Validations are not applied on the
    Worker Node
    field.
  • The Enterprise Marketplace Catalog calculates the BOM based on 31 days per month. The Bluemix Console, however, displays the pricing for only 30 days per month. Therefore, a marginal difference exists between the two sets of pricing.
  • The
    Machine Type
    field does not display the actual configuration name as seen in the Bluemix Console.
Hardware firewall (dedicated) orders in Inventory do not contain their associated rules.
When editing a virtual service, the
Modify Window
field (which shows the time the system will be down to perform the update) is missing in Enterprise Marketplace.
Attribute values in IBM Cloud APIs might not validate, causing pricing warnings on the
Review Order
page. An example of this situation would be when Citrix Netscaler VPX does not show validation for an invalid data center.
IBM Cloud servicification issues
Power operations are not supported for servicified Virtual Machines using Terraform version 12.
In case of provisioning failure of servicified services imported using Terraform version 11, the failure reason will be “Internal Server Error”.
Some fields that are mandatory when provisioning via IBM Cloud APIs might be optional in Terraform resources. When provisioning converted templates, the IBM Cloud API displays an error for the missing field.
Workaround:
Add the required data and republish the template to the Catalog.
Certain services' attributes cannot be specified as integer or boolean; they must be specified as string. Subnet resource attributes must be specified as string.
Terraform tf files containing provider, output, or data sections cannot be converted because files containing this information are not supported.
Terraform files should validate and run directly via Terraform. Invalid tf files display the following error message: "Template Validation Failed".
Terraform files containing attributes with special characters such as
user_metadata = "{\"value\":\"newvalue\"}"
are not supported.
Float type values for certain attributes, such as iops in Block and File Storage, do not automatically display in Enterprise Marketplace. Those values need to manually added.
Terraform resources containing no keys cannot be converted to a CBS Format such as
object_storage_account
.
All attributes in the Terraform tf file are by default converted into freeText type fields in CBS. For any field that requires another type of input, change the freeText type in the
xxx_config.json
file and publish the service again. An example might be an SSL certificate resource having a CSR field that needs a textArea input type to store the entire value.
When the customer applies the terraform plan command, Terraform does not display validation errors in the format required for Enterprise Marketplace processing. Errors do not indicate that order processing failed. Instead, the error returned onscreen is "Error Applying Plan. The failed order processing error is recorded in the system log".
Google Cloud Platform (GCP) issues
The following compute-core-memory combinations are not supported with Compute Engine:
  • 40 / 961 GB
  • 80 / 1922 GB
  • 96 / 1433.6 GB
  • 160 / 3844 GB
The user must upload the GCP service template again on existing tenants to enable the Quotation functionality.
For existing tenants, the user must wait for the next execution of the GCP Pricing scheduler job to enable the Quotation functionality for imported services.
Services like BigQuery and VPC will not display region values as name along with code. User needs to delete these services and re-upload them. This is only applicable for existing tenants.
GCP pricing data will be downloaded in the next iteration of the scheduled job after accounts are onboarded. If the user wants to trigger pricing data download immediately after account onboarding, trigger it using the API /gcp/cloudbilling/v1/services/skus from the Developer Console.
The user needs to re-upload the compute engine and disk templates because the wrapped customer supplied key functionality will not be supported. This is a BETA feature.
The user needs to re-upload all GCP templates to support multi quantity as a non-editable field except multi-quantity compute engine and compute disk.
The user needs to re-upload Compute Engine and Persistent Disk templates to avoid the exposure of the customer-supplied encryption key.
Multiple reconfiguration (edit) actions for the same Compute Engine/Persistent Disk (with Customer-Supplied Encryption) will fail.
User must re-upload Compute Engine powerOff template, to get the proper error message for turnoff operation. This is only applicable if the local-ssd disk is attached to compute engine.
User needs to re-upload the Compute Engine template to get the correct price for preemptible customized machines.
User needs to re-upload the Cloud Compute Engine template when adding the SSH key to Compute Engine while provisioning
User needs to re-upload the Compute Engine template to enable the option Preemptibility = Keep On
User needs to re-upload the Cloud Spanner templates to get correct multi-regions.
User needs to re-upload the CloudSQL template to get correct pricing.
Customers must re-upload the Compute Engine (Single / Multi Quantity) and Cloud Spanner templates to get correct pricing.
Customers must re-upload the TCP/UDP Load Balancing template for the 200513 release to ensure the correct
failoverRatio
displays.
A pricing warning displays when you perform a custom operation to add a recordset for a cloud DNS.
When customizing a machine type, the default CPU value might be left unassigned.
Workaround:
Upload the template again. The template has not been changed, but the logic for parsing the template has been updated. Reapplying the template fixes this issue.
To get pricing for cloud storage (regional/multi-regional class), you must re-upload the Cloud Storage template.
When customizing a compute engine machine type, you might have issues with the default value of CPU platform field if the field was previously unassigned.
Workaround:
Re-upload and apply the template, which enables new template parsing logic. The template requires no changes.
Servicification limitations on services uploaded using the servicification tool
Enterprise Management supports resource-based pricing for the following items:
  • Cloud SQL (instance)
  • Compute instance
  • DNS
  • HTTP/HTTPs Proxy
  • Forwarding Rule
  • Persistent Disk
  • Pub/Sub
  • Spanner
  • Storage
  • VPC
  • VPN
Resource-based pricing is not available or supported for the following services and resources:
  • Address
  • Auto-Scaler
  • Backend Service
  • Backend bucket (storage)
  • Cloud SQL (database and user)
  • Firewall
  • Router
  • Sub-network
  • URL map
  • VPN gateway
Customers must provide predefined values for certain attributes when creating servicification templates. Please check the official Google service documentation for allowed values for attributes.
Google APIs cause a price mismatch between Google Price Calculator and Google Service pricing for the us-west2 region.
Google APIs cause a price mismatch between Google Price Calculator and Google Service pricing for the following services:
  • Cloud SQL services
  • Compute engine (n1standard: pre-defined machine configurations, n1highmem, and n1highcpu)
  • Forwarding rules
Pricing is not yet available for most Google services.
Resource-based discounts are not yet available in Google Price APIs.
Newly added asia-northeast3 region pricing requires customers to perform the steps described in Creating, adding, and enabling Google Cloud Platform (GCP) pricing API.
Google Calculator is rounding to the second decimal and Enterprise Marketplace pricing is based on Google pricing SKUs.
Google Cloud DNS with Private Zone Type does not allow recordset creation or deletion for DNS peering or for forwarding queries to another server.
GCP edit order submission fails with the error "Error occured while creating EDIT configs : Missing Required config : customSubnet_SecondaryIPrange,customSubnet_rangeName".
GCP Compute Engine edit order fails with error "KeyError: 'selectedMachine' Resource: CB_GCP_DEPMGR_COMPUTE_ENGINE_S00.py Resource: config".
Google Cloud DNS with Private Zone Type does not allow recordset creation or deletion for Options DNS Peering. This setting does not allow queries to be forwarded to another server. Cloud DNS Add and Delete Recordset custom operations need to be shown or hidden based on DNS options in private mode. Because the show/hide option is not supported , when the customer submits a recordset for the above options, the order is submitted, but fails with the following error message :
400 - {"error":{"code":400,"message":"Resource record sets for the zone 'zone1' cannot be modified because it is a forwarding zone.","errors":[ {"message":"Resource record sets for the zone 'zone1' cannot be modified because it is a forwarding zone.","domain":"global","reason":"forwardingChangesDisallowed"} ]}}"
When trying to delete a recordset, the customer can see the operation, but cannot proceed further to submit the order. This is because no recordset is present in this mode for DNS so the recordset dropdown list is empty.
Enterprise Marketplace does not support privately forwarding queries when a new Private DNS zone has been created and
Forward queries to another server → Private Forwarding
is selected. Private query forwarding is also not reflected in GCP.
GCP does not support labels for the following services and resources:
  • TCP load balancing
  • UDP load balancing
  • VPC network
In the Google Storage Edit operation, the
Location
field value does not change when the storage class changes from Multi-Regional to Coldline/Nearline. The previous value remains the same (Asia/Europe/United States) instead of changing to Asia (any region)/Europe (any region)/United States (any region).
No discounting is available in Enterprise Marketplace. The user cannot see details like
Sustained Bill Discount
, which is available in the Google Console.
Differences might occur between the monthly price calculated by Enterprise Marketplace and GCP. Enterprise Marketplace calculates prices at 744 hrs/month as standard for all service providers. GCP, however, calculates prices at 730 hrs/month.
Differences might occur between license prices for a few operating systems with or without CPU costs. Google does not have a standard calculation method for license pricing.
The following compute-core-memory combinations are not supported:
  • 40 / 961 GB
  • 80 / 1922 GB
  • 96 / 1433.6 GB
  • 160 / 3844 GB
As per Google implementation documentation, users cannot edit compute instances with local SSDs.
Adding or removing an additional disk is not supported in the Compute Engine edit operation. This feature is yet to be implemented. The user can edit ONLY the Disk Mode and Deletion Rule.
VPC enhancement limitations:
  • Custom subnet does not display when the dropdown menu is selected during subnet creation mode.
  • Dynamic validation (range changes per region) for 'ip address range' and 'secondary ip address range' is not provided. For example, for asia-east1 => 10.140.0.0/20, 10.141.0.0/20 works.
  • Flow log pricing has not been added.
Additional disk encryption limitations:
  • Encrypting the additional disk using customer-managed keys: As per Google documentation, this is the beta release of this feature.
  • Encrypting the additional disk using customer-supplied keys: As per Google documentation, this feature is available for limited set of countries that does not include India. Therefore, the feature is not available in Enterprise Marketplace.
Identity and access management limitations:
  • The drop-down access scopes list for each API is, by default, sorted and displayed alphabetically. For Cloud Source Repositories, the order is as follows:
    1. Full
    2. None
    3. Read Only
    4. Read Write
  • In the GCP console, however, these values are sorted and displayed in the following order:
    1. None
    2. Read Only
    3. Read Write
    4. Full
Multi-quantity compute engine support limitations:
  • Removed selection of existing disk option while adding disk because the same disk cannot be attached to another compute instance.
  • Removed selection of existing disk option while adding boot disk configuration.
The IAM API must be enabled to select the default accounts.
The current D2Ops view component details display as per the data received from Google. This data does not contain any labels to indicate the API name such as Big Query.
For multi-quantity compute engine support, selection of the existing disk option is removed in these situations:
  • Adding a disk because another computing disk cannot be attached
  • Adding a boot disk configuration
For custom operations to run as expected, run a bootstrap script first to load new queues.
Custom operation supports only a simple user interface. No complex or dynamic validations are currently available.
No dynamic validations are applicable and dynamic grouping is not currently supported when adding recordsets to DNS.
Only a text field is provided for the DNS name. Provisioning generates a complete DNS name.
The VPC static list for region does not autopopulate. Instead, it is provided in a custom subnet.
Alibaba Cloud issues
Object Storage Service (OSS) with Versioning has these known limitations:
  • The following features are not yet supported with this service:
    • CORS
    • Logging
    • Scheduled Backup
    • KMS Encryption
  • Provisioning in India region is not supported.
Note:
Encryption is supported with other types of Object Storage Service.
For Security Group, edit of the Inbound and Outbound rule for action (Allow/Deny) is not supported.
Managed Kubernetes Cluster has the following limitations:
  • Cluster Specification Professional is not supported. Only Standard is supported.
  • Container Runtime Containerd and Sandboxed-Container are not supported. Only the default Docker is supported.
  • SLB Network Type Internal is not supported. Only Internet is supported.
  • Add-on Monitoring Agent is not supported.
  • Alerts is not supported.
  • Delete Protection is not supported.
  • Advance options for Worker Configuration (Node Protection, User Data, CPU Node Policy) and Cluster combination (TimeZone, Kube-Proxy mode, Volume Projection, Secret Encryption, Service Access Token) are not supported.
Elastic Compute Service Instance has these known limitations:
  • Provisioning in the Mainland China region is not supported.
  • Multi Quantity is not supported.
  • Disk Encryption is not supported.
  • NAS file system attachment is not supported.
  • Multiple Elastic Network Interface creation is not supported.
  • Dedicated host creation is not supported.
For Security Group, the edit of the Inbound and Outbound rule for action (Allow/Deny) is not supported.
Managed Kubernetes Cluster has the following known limitations:
  • Cluster Specification Professional is not supported (only Standard is supported).
  • Container Runtime Container and Sandboxed-Container are not supported (only the default Docker is supported).
  • SLB Network Type Internal is not supported (only Internet is supported).
  • The Add-on Monitoring Agent is not supported.
  • Alerts is not supported.
  • Delete Protection is not supported.
  • The Advance options for Worker Configuration (Node Protection, User Data, CPU Node Policy) and Cluster combination (TimeZone, Kube-Proxy mode, Volume Projection, Secret Encryption, Service Access Token) are not supported.
Elastic Compute Service Instance (formerly known as Elastic Compute Service) has the following known limitations:
  • Provisioning in Mainland China region is not supported.
  • Multi Quantity is not supported.
  • Disk Encryption is not supported.
  • NAS file system attachment is not supported.
  • Multiple Elastic Network Interface creation is not supported.
  • Dedicated host creation is not supported.
For Elastic IP Address (EIP), consumption-based (estimated) pricing is not supported because support is not provided by Alibaba Cloud.
For Relational Database Service (RDS), only the VPC network type is supported.
For Virtual Private Cloud (VPC), multiple Vswitch cannot be added in a VPC because support in ROS is not present.
ApsaraDB for MongoDB Sharded Cluster has these limitations:
  • Consumption based (estimated) pricing is not supported for ApsaraDB for MongoDB PayAsYouGo (Post paid).
  • Only the VPC network type is supported.
  • Chinese character 核 ("core") is being displayed in Mongo specification, shard specification, and Configserver specification.
  • ConfigServer.Class in pricing represents the resource type config server.
  • Mongos.Class in pricing represents the resource type mongo.
Serverless Kubernetes Cluster has these limitations:
  • The Knative feature is not supported, which is a limitation from ROS.
  • Service Discovery using CoreDNS is not supported, which is a limitation from ROS.
  • Ingress option for SLB Ingress is not supported. Only Nginx Ingress is supported, which is a limitation from ROS.
  • Default internal SLB Instance will be created with no option to have a custom SLB, which is a limitation from ROS.
  • The Time zone feature is not supported, which is a limitation from ROS.
  • Deletion protection is not supported, which is a limitation from ROS.
  • Consumption-based (estimated) pricing is not supported.
Provisioning of Elastic Compute Service (ECS) has the following limitations:
  • ECS provisioning in Mainland China regions is not supported.
  • No option is supported for setting a password later on. The
    Set Later
    option is not provided.
  • Multi quantity and sequential suffix (suffix for ECS name) are not supported.
  • The creation of a dedicated host is not supported.
  • Release with Instance checkbox is not present while adding storage.
  • Disk encryption is not supported.
  • The creation of resource groups is not supported.
  • No option is supported for creating/selecting NAS file systems and snapshots while provisioning the ECS service.
For DNS, the @ character cannot be used in the
Host Name
field.
The following services do not support pricing:
  • Elastic IP (EIP)
  • Autoscaling (AS)
  • Elastic Container Instance (ECI)
  • ApsaraDB for Redis
  • ApsaraDB for MongoDB
  • NAT Gateway
ApsaraDB for MongoDB has these limitations:
  • Sharding database type is not supported.
  • Multizone deployment is not supported.
  • Edit functionality is not supported.
  • Only VPC network type is supported.
The Edit functionality is not supported for NAT Gateway.
SLB names cannot be edited.
Field instance class shows IDs, not names.
Key Management Service (KMS) has these known limitations:
  • Pricing is not supported
  • Edit only description is supported.
Network Attached Storage (NAS) has these known limitations:
  • Pricing is not supported.
  • Edit is not supported.
  • Multiple mount point target is not supported.
  • Encryption Type is not supported.
  • Classic network type is not supported.
  • The Performance NAS storage type is not supported.
RDS does not support creating a service, adding accounts and databases, or creating backups
Cloud enterprise network does not support:
  • Bandwidth packages
  • Routes
For the Object Storage Service (OSS), the ROS template does not support storage class fields, server-side encryption, or real-time query. These fields do not display for OSS in the Enterprise Marketplace Catalog.
Enterprise Marketplace does not support adding groups in Alibaba DNS service.
In Elastic Container Instance (ECI) service, Enterprise Marketplace has these known issues:
  • Supports only public docker hub images, and does not support images from other resources such as ALI_HUB
  • Does not support adding volumes
Red Hat Marketplace issues
For SOI details, output parameters and D2Ops are not supported.
Images with the extension .svg are not supported.
Private cloud issues
Integrated Managed Infrastructure (IMI) Integration Issues
IMI enablement by operation from Inventory is not available for non-MT environment for a resource.
Two different entries for the same resource are visible in the Policy Group Creation list.
In the 190612 release, IMI integration does not work for Azure. IMI integration only works for Amazon Web Services (AWS) and Google Cloud Platform (GCP).
IMI services integration with Enterprise Marketplace supports AWS resources, and Azure and Google VMs. Other Azure and Google Cloud services are currently not supported.
ServiceNow Issues
Performance issues have been encountered during discovery on clusters with larger numbers of tenants.
When resources are deleted, the system sends delete calls for all the resources in deleted registration, not just the recently deleted resources.
Currently, SR is moving to Closed Complete when no valid account is available for common discovery registration. It should send the user an error message.
The Common Discovery data is being fetched in ServiceNow for subscriptions that have not been added in the account/registrations.
Deleting registrations only works when routes in those registrations are reachable. Even though
marked_for_deletion
flag in registration is set to
true
, consumer registration is not being deleted in these cases.
Issues relating to ease of auto registry from ServiceNow:
  • Users cannot select multiple services from same window.
  • After selecting the provider using the check box, the
    Lock
    icon and the
    Search
    icon must be clicked before each service can be selected.
  • When removing a service for a cloud provider, the "X" button can easily be mistaken for the control for closing the expanded window.
  • When users update/delete resources that are already present in the Common Discovery API Swagger registration, the SR transitions to Closed Complete. The user should be notified that the Common Discovery Swagger API registration cannot be modified/deleted.
  • When consumer registrations in Common Discovery Swagger are present, if the
    enable discovery
    flag to
    false
    (SR is Closed Complete), the flow of CD data to ServiceNow is stopped.
Change tasks need to be closed manually in Quickstart.
Support to link the Enterprise Marketplace CIs with discovered CIs using ServiceNow Discovery is not available due to an issue in ServiceNow discovery for domain-separated instance.
Standard D2Ops (Start, Stop, and Reboot) functions are occurring without change task execution. This is a known issue without a workaround. The issue will be resolved in a hotfix.
vRA Issues
For vRA 8.3, MT installation is causing a cert issue due to a bug where the vIDM hostname prefix is expected as an SAN entry in the vRA Certificate.
For vRA 8.1, when catalog discovery is performed from Enterprise Marketplace, only the latest published catalog is pulled from the vRA 8.1 endpoint.
For vRA 8.1, the VM property
'provisionGb'
remains unchanged after updating disk size.
For vRA 8.1, standard operations associated with a XaaS BP do not update the status of a virtual machine.
If a user wants to onboard a service catalog manually by using the Content server API, the versioning must be set to "False". Use the following APIs:
  1. curl -X GET \ '{{apigateway}}/catalog/v3/providers' -H 'apikey: {{apikey}}' \ -H 'username: {{userid}}'
  2. Use this PUT API to update the flag:
    curl -X PUT \ '{{apigateway}}/catalog/v3/providers/{{providercode}}' \ -H 'Content-Type: application/json' \ -H 'apikey: {{apikey}}' \ -H 'username: {{userid}}' \ -d ''
To pull the latest version of a vRA published service in Enterprise Marketplace during discovery, you must unpublish the blueprint you are changing on the vRA console and then publish it again. Otherwise the vRA adapter cannot tell the service has been modified.
A performance issue is caused by the use of new proxy ID for each time wiring was done. This occurs because of an intermittent issue faced when using the same older proxy ID where wsmesh returned an error that it was not able to connect to the proxy. There is currently no API that can be used to delete the older registered proxyIds that are no longer active.
An issue with CORELITE wsmesh causes Discovery and Provision of vRA to fail.
Generating the service token with CORELITE using the init secret and then using the token to call the wsmesh GET Connections API gets a 403 Forbidden error response. This issue prevents the system from communicating with the proxy over the wsmesh.
Because core-auth is upgrading their node version, the SSL keys for Nginx servers in the proxy adapter setup no longer support a key length of 1024 bytes. They must be generated with a length of 2048 bytes. These instructions have been updated in the README of proxy adapter installer as well as the vRA user documentation GitHub repo. Customers upgrading to the 200624 release will need to regenerate their certificates and do the proxy adapter installation again because no backward compatibility is possible.
Customers cannot add disk capacity for web and database servers in the vRA 3Tier catalog service. This issue occurs when the service is applied for Day1 and Day2 (Edit Service) operations.
Tagging has no option for enabling or disabling Shared Resources for a particular vRA version, which means that all or no versions of vRA are tagged.
Catalog Admin page shows duplicate entries for vRA provider names.
Edit SOI requests fail with the error "Too many disk operation in single request". This error occurs only for for 3Tier service blueprints. Single Tier Edit SOI requests work properly.
Users cannot perform bulk Day2 Ops when more than one System & Organization Control (SOC) is selected.
The tenant and user names used in the provider account for vRA are case sensitive. The names entered in Enterprise Marketplace must use the same case as the names in vRA.
When uploading a vRA template to the Enterprise Marketplace content server, only one value can be present in the template file. As per the new design, either
configGroupName:
or
group:
can be part of the template. If both values are present, the template upload does not work.
After editing services, the edited values do not update in the vRA console.
vRA edit order submission fails with the error "Too many disk operations in the same order".
vRA order fails with the error "The data specified within the request is invalid. The total storage that you requested is outside the range specified in the blueprint that was used to provision this machine".
Shared resources tagging is disabled by default. Enabling this option can result in degraded performance.
Tagging can either be disabled or enabled for all the provider accounts. It is set globally for the Enterprise Marketplace environment.
When performing an editSOI task such as adding a disk on a VM, the validation check for the size of the disk does not work because it is not currently implemented. The order fails and the disk addition does not take place because the validation fails at the vRA end.
When adding a disk label is an editSOI task or to a new order, the disk label does not immediately display in the Inventory view. The new disk label appears in Inventory only after Day2 Operations have been performed.
An editSOI change request allows performing only one operation when combining operations while editing a SOI provisioned through vRA. Combined operations might include actions such as add disk, delete disk, and expand disk. Combining operations such as these results in an error.
Pricing for additional disks must be handled based on the
Disk capacity
field in the pricing file. Pricing is not calculated based on the VM's total storage.
vRA services already configured for provisioning in Enterprise Marketplace are displayed in catalog discovery results.
Behavioural Caveats
/
General issues
Application Issues
The addon is only displayed in the View Service details: BOM and addon values are not retrieved on the
View Service Details
page.
The pricing rules are applied by common services: No information is available from common services regarding the rules being applied.
Localization and currency: The quote only supports USD currency and English locale.
Service Offering support: The editing feature for service offering is not supported on the
Catalog Admin
page when using the globalization(g11n)/translation feature.
Do you have two minutes for a quick survey?
Take Survey