Release notes

Last updated 11 January, 2019

New features in tech preview

Documentation for the following features are labeled in the HPE OneSphere docs with the tech preview label. 

There are currently no features in tech preview.

What is a tech preview?

A tech preview allows customers to try out a feature before it is fully supported. When using a tech preview feature, note that:

  • The feature may not be functionally complete and is not recommended for deployment in production.

  • Support is provided by HPE on a best-effort basis without any service level agreement (SLA) and without any indication of a fix or resolution.

  • Deployment and management might involve manual processes or other workarounds.

  • API or other parts of the feature might change before it is fully supported, therefore backward compatibility is not guaranteed.

  • The feature might be withdrawn after the tech preview.

New supported features

The following new features are fully supported in HPE OneSphere.

11 January 2019

  • Create catalog service groups

    Administrators can create a catalog service group that they can associate to specific project(s). This allows the administrator to control the specific catalog items that consumers can deploy.

    See Creating a catalog service group.

  • Project owner onboarding of public cloud providers

    Administrators can enable project owners to connect public providers (Amazon Web Services and Microsoft Azure) and regions to HPE OneSphere.

    See Enabling project owners to add public providers and regions.

  • Deploy a private Docker container image/Helm chart to a Kubernetes cluster in VMware vSphere

    Administrators can register a private catalog of Docker containers and Helm charts that is stored in a location on their private network. Developers can deploy a private Docker container or Helm chart to a Kubernetes cluster deployed on a VMware vSphere cluster in a private cloud zone.

    See Registering a catalog and Deploying a Kubernetes container application to the private cloud.

19 December 2018

  • Check AWS service compliance

    HPE OneSphere includes a set of compliance checks for AWS services that are representative of a broader set of compliance rules and frameworks available from Cloud Technology Partners (a Hewlett Packard Enterprise company). Running compliance checks on your project allows you to monitor your managed services in AWS against compliance frameworks.

    See Checking AWS compliance.

24 October 2018

  • Deploy AWS CloudFormation templates

    CloudFormation templates can be a single virtual machine instance (an AWS service) or a combination of virtual machines, container services, and other AWS services (DNS, load balancing, databases, firewalls, and so on) to deploy a full application stack (AWS App Frameworks).

    See Registering a catalog and Deploying an AWS CloudFormation (CFN) template to AWS.

22 October 2018

  • Deploy Open Service Broker services offered by third-party OSB brokers to AWS

    Open Service Broker is a standard API that allows developers, ISVs, and SaaS vendors a simple way to deliver services to applications running within cloud native platforms. HPE OneSphere enables administrators to register services offered by third party OSB brokers into the OneSphere catalog. OSB services can then be deployed to an AWS public cloud.

    See and Registering a catalog and Deploying an Open Service Broker (OSB) service to AWS.

20 September 2018

  • View and manage cost analytics in a new Insights feature

    HPE OneSphere collects data about costs associated with your public and private provider accounts, and displays them as an interactive dashboard view and as downloadable reports. Both the dashboard view and the reports option allow you to configure data from multiple categories, including provider type, account information, region, date range, and more. Currently, HPE OneSphere only shows costs/rates in US dollars ($).

    The new, improved Insights feature in HPE OneSphere replaces an older version of Insights.

    See Managing and viewing cost analytics (Insights).

  • Deploy a Kubernetes cluster and container apps to a VMware vSphere environment

    HPE OneSphere enables you to deploy a Kubernetes cluster to your private VMware vSphere based cloud. This support includes creating virtual machines on demand, installing all required software on the virtual machines, and orchestrating formation of the cluster. Load balancer capabilities are built into Kubernetes clusters that are deployed from the HPE OneSphere catalog. You can also deploy applications to Kubernetes clusters hosted on VMware virtual machines using publicly available Helm Charts and Docker images through the HPE OneSphere catalog.

    After deployment of the cluster, kube_config is accessible from the HPE OneSphere portal and the cluster can be accessed using the kubectl command from a command line.

    See and Registering a catalog and Deploying virtual machines and containers to the private cloud (VMware vSphere).

  • View private zone cluster resource usage and metadata

    The HPE OneSphere portal displays additional information about each connected private zone (VMware vSphere) cluster, host, and KVM servers. This information includes CPU, Memory, attached data storage and allocated storage size, and the number and names of physical servers that comprise a cluster. The data store usage details will be available only for the enabled. These details provide administrators with information about the type of workloads and the projects that should be supported with a particular private cloud deployment.

    See Managing private cloud providers.

  • Connect a vSphere Distributed Switch (VDS)-based VMware vSphere environment to HPE OneSphere

    HPE OneSphere adopts Neutron, an OpenStack networking framework that is actively developed and supported by the OpenStack community, as the underlying networking framework.

    HPE OneSphere discovers and imports the networks and components attached to the vSphere Distributed Switch specified in the HPE OneSphere Connect application. Project administrators can then assign the discovered networks to projects within HPE OneSphere and deploy resources to it through the HPE OneSphere portal and API.

    A hybrid vSphere Distributed Switch (vDS) and vSphere Standard Switch (vSS) configuration is supported. In this configuration, VM networking for VM deployments is configured on vDS. The network segment configuration for the HPE OneSphere Controller can be on vDS or vSS, and VMkernel services (for example management and vMotion) and other networks can remain on vSS.

    See Connecting to HPE OneSphere for the first time and Issues and suggested actions.

16 August 2018

  • Enable Ceph storage consumption capability for KVM virtual machines

    HPE OneSphere includes Ceph configuration capability for consumption by KVM clusters. After deploying and configuring SUSE Ceph in your environment, you can attach persistent volumes to KVM workloads, which enables you to deploy Enterprise class KVM applications in your HPE OneSphere private cloud.

    See Configuring Ceph storage.

30 July 2018

  • Deploy virtual machine images to connected VMware vSphere private zones using OpenStack APIs/CLIs

    HPE OneSphere now enables project consumer to use native OpenStack APIs in addition the HPE OneSphere portal to deploy virtual machine images to VMware private zones using the OpenStack API and CLI.

    See Using the OpenStack CLI with HPE OneSphere.

  • Attach persistent block storage volumes to VMware virtual machines in connected private zones using OpenStack APIs/CLIs

    HPE OneSphere now enables project consumers to attach persistent block storage volumes on the virtual machines running in their VMware vSphere clusters in a connected environment using the OpenStack API and CLI.

    See Using the OpenStack CLI with HPE OneSphere.

20 July 2018

22 June 2018

  • Onboard Microsoft Azure subscriptions as a public cloud provider

    HPE OneSphere expands its public cloud capabilities to include Microsoft Azure in addition to Amazon Web Services. You can now onboard your existing Microsoft Azure accounts and subscriptions to connect them to HPE OneSphere, which allows you to view usage based costs, resource availability, and a performance summary for each Microsoft Azure provider resource.

    See Managing Microsoft Azure public providers.

8 June 2018

  • Onboard an Amazon Web Services (AWS) public billing account and member account

    The AWS public cloud provider onboarding experience has been changed to provide additional flexibility in managing AWS account information. You can now add a public billing account (that corresponds to an AWS payer account) from the Settings > Public Billing Account screen in the HPE OneSphere portal. You add AWS public cloud accounts (that correspond to AWS member accounts) from the Projects > Public Accounts screen.

    See Managing Amazon Web Services public providers.

  • Deploy a Kubernetes cluster to a connected Amazon Web Services provider

    Includes creating virtual machines on demand, installing all required software on the virtual machines, and orchestrating formation of the cluster. After deployment of the cluster, kube_config is accessible from the UI and the cluster can be accessed using the kubectl command from a command line.

    In addition, Kubernetes cluster environment capacity, security, and high availability is expanded with support for managing the deployment of Kubernetes clusters directly within the AWS Autonomous Zone hosting the clusters. This provides improved integration between HPE OneSphere Kubernetes lifecycle management and the container-based workload deployments.

    See Deploying virtual machines and containers.

  • Deploy a Docker container image/Helm chart to a Kubernetes cluster in AWS

    Includes deploying selected container image/Helm charts from the HPE OneSphere catalog, performing updates, viewing deployment status and deleting the container/helm chart.

    See Deploying virtual machines and containers.

  • Generate, store, and access operational audit logs

    This feature enhances auditing of the HPE OneSphere management service to include improved tracking of events on customer's multi-cloud infrastructure, details about users' activities, and historical tracking of user administrative actions completed through the HPE OneSphere portal or REST API. Customers can request a copy of the audit logs by raising a case with HPE OneSphere support.

    See Engaging HPE Pointnext Cloud CoE Support.

  • Improved monitoring and alarm management

    Monitoring and alerting updates provide a scalable and highly available architecture for managing monitoring operations in the application hosting environments both in the publicly hosted clouds and private infrastructures managed through HPE OneSphere.


The limitations in HPE OneSphere supported features are listed in this section.

See the Scale limitations in the Support Matrix for additional important information.

Network configuration for the private cloud (VMware vSphere)

  • Managing one subnet per network

    You can manage only one subnet per network in HPE OneSphere. By default, the IPAM is set to Provider DHCP for all imported subnets. HPE OneSphere can show multiple subnets, but it does not support editing more than one subnet.

    If you want to change the provider DHCP to static IP for an imported network where virtual machines are present, configure it with the same CIDR of the existing virtual machines. Ensure that you have reserved an IP address pool for virtual machines.

Deploying to the public cloud (Amazon Web Services)

  • Deploying containers and Helm charts that require security privileges to be enabled in the Kubernetes cluster is not supported

    The deployment will fail with the error "securityContext.privileged: Forbidden: disallowed by cluster policy".

  • HPE OneSphere does not support deploying Kubernetes clusters to the following AWS regions. 

    • us-east-2 (Ohio)

    • eu-west-2 (London)

    • eu-west-3 (Paris)

    • ap-northeast-2 (Sydney)

    • ap-south-1 (Mumbai)

    This limitation is caused by the unavailability of the required server Ubuntu OS images for the listed regions except for eu-west-3. For eu-west-3, the limitation is caused by the Terraform version used in HPE OneSphere, which does not support deploying to the region.

    For a list of AWS regions, see "Regions and Availability Zones" in the Amazon EC2 documentation.

  • A maximum of 10 combined AWS regions and private zones are supported in your HPE OneSphere management service. If you require more than the limit, contact HPE support so that the limit can be increased for your environment.

    Each unique AWS region, VMware private zone, and KVM private zone that are enabled in HPE OneSphere counts as one zone. If you enable the same region in multiple AWS accounts, it counts only once against this limit. For example, if you have AWS Account 1 and AWS Account 2 with us-west-1 enabled, it will count as a single increment against the limit.

  • Virtual machine deployments to AWS using Windows AMIs are not supported from HPE OneSphere

Creating and attaching volumes to virtual machines

  • You can connect only one volume to a virtual machine deployed to AWS

  • A volume that you plan to connect to a virtual machine in AWS can have a minimum size of 1 GB and a maximum size of 1 TB

  • You cannot connect or disconnect a storage volume from a suspended or powered off virtual machine deployed to AWS

Issues and suggested actions

The issues and suggested actions in this release of HPE OneSphere are listed in this section.

For detailed troubleshooting information, see the Knowledge Articles available from the HPE OneSphere Docs portal at

HPE OneSphere Connect

  • When creating a zone after running HPE OneSphere Connect, the system may appear unresponsive.

    Action: Wait until the operation completes. HPE OneSphere takes up to an hour to create the initial zone. While this is underway, the system will appear unresponsive.

  • If you select DHCP and your IP address allocation is not automatic (the IP address is assigned later if, for example, you are using a product such as Infoblox to manage your IPAM environment), HPE OneSphere Connect eventually times out after returning the error Waiting for vCenter and zones to be connected.

    Action: Configure the MAC address allocation settings in vCenter Server to allocate the MAC address to the deployed virtual machines in the specified range. Then, in the Infoblox IPAM, set that specified range of MAC addresses to automatically allow the DHCP lease.

    See Change to or Adjust Range- or Prefixed-Based Allocations in VMware documentation.

  • When you are selecting the vCenter to connect in your private cloud provider, HPE OneSphere cannot find the clusters on remote sites.

    Action: Make sure that the vCenter is not configured with linked mode, or select a different vCenter to connect.

  • After connecting to your private cloud, existing virtual machines are imported into HPE OneSphere. In the private cloud zone, clicking on the virtual machine icon below its name displays "Service Not found: {UUID}" in red.

    Action: Ignore this error, which will be corrected in a future release.

Network configuration for the private cloud (VMware vSphere)

  • Renaming a VDS in VMware vSphere after a VMware environment is connected

    If you change the name of a vNetwork Distributed Switch (VDS) after connecting HPE OneSphere to a VMware vSphere environment, HPE OneSphere cannot import networks from the VDS and the zone cannot be used, so you will not be able to deploy virtual machines. (Imported networks are displayed on the Providers > Private Zones > Project Networks screen.)

    Action: Contact HPE Support to request restarting HPE OneSphere services to enable the changed VDS.

  • Renaming a port group in VMware vSphere after a VMware environment is connected

    If you change the name of a port group in vSphere, a new network with the changed name is added in HPE OneSphere, and the existing network is not changed or removed.

    Action: Manually delete redundant networks through the OpenStack API in HPE OneSphere after renaming port groups in vSphere.

  • Deleting a network in VMware vSphere is not reflected in HPE OneSphere

    Networks will continue to be displayed on the Providers > Private Zones > Project Networks after they are deleted in vSphere.

    Action: Manually delete networks through the OpenStack API in HPE OneSphere after deleting them in vSphere.

Deploying to the private cloud (VMware vSphere and KVM)

  • Unable to display the status of a deployed virtual machine

    When you select a deployed virtual machine from a project on the Projects screen, the status (Available, Failed to Deploy, and so on) is not shown. (The power status of the virtual machine is shown.)

    Action: Check the status of the virtual machine by logging in to the virtual machine console or by using the API.

  • DV uplink port groups and infrastructure networks are not filtered out of the networks that administrators can make available to projects

    When a new project is created, HPE OneSphere allows administrators to select from a set of available VMware networks that will be made visible to a project. When launching a deployment from that project, project members can select only from the set of networks made visible by the administrator. All pre-created networks, including DV uplink port groups and infrastructure networks (for example, ESXi Management and VSAN networks) will appear in the list of available networks that the administrator can make visible to a project.

    Action: Do not select or associate any infrastructure network or DV uplink port group for a project.

  • After deleting a VMware template from your vSphere environment, launching a deployment using that template displays the error "No valid host was found."

    Action: Wait 30 minutes and try your deployment again. There is a delay between deleting a template in VMware vSphere and its deletion from the HPE OneSphere Catalog screen.

  • Power cycle operations (power on, power off, restart, suspend, and resume) performed on a virtual machine in VMware vSphere take approximately 10 minutes to be reflected on the Deployments screen in HPE OneSphere.

  • Renaming a virtual machine deployment is not reflected in VMware vSphere

    When you rename a virtual machine that was deployed to a VMware vCenter environment (by selecting a project in HPE OneSphere, then selecting a deployment, then clicking Update Deployment), the name of the virtual machine is changed in HPE OneSphere after several minutes, but the name is not changed in VMware vSphere.

    Action: Wait several minutes, then verify that the deployment has been renamed in HPE OneSphere.

Deploying to the public cloud (Amazon Web Services)

  • When deploying a virtual machine or container to AWS, you may see the error "The requested Availability Zone is no longer supported. Please retry your request by not specifying an Availability Zone or choosing <list of available Availability Zones>. Launching EC2 instance failed."

    AWS availability zones are dynamically updated by AWS. When an HPE OneSphere region and zone are created, HPE OneSphere obtains a list of availability zones that AWS is currently reporting as being available. As a result, when you subsequently launch a deployment to AWS and select from a subset of available zones, the selected zone might be an availability zone to which AWS is refusing to allow new deployments.

    Action: Select another AWS availability zone and retry the deployment.

  • Renaming a virtual machine deployment takes up to 10 minutes

    When you rename a virtual machine that was deployed to AWS (by selecting a project in HPE OneSphere, then selecting a deployment, then clicking Update Deployment), it can take up to 10 minutes for the change to be reflected in the project in HPE OneSphere.

    Action: Wait several minutes, then verify that the deployment has been renamed.

  • Synchronization between registered catalogs and HPE OneSphere occurs every 30 minutes.

    Deploying a Docker container or Helm Chart to a Kubernetes cluster in AWS from a registered catalog selection on the Catalog screen may result in an error if there has been a change to the catalog since the last time it was synchronized with HPE OneSphere. For example, if a catalog item was deleted and you select the item for deployment before the catalog is synchronized, the deployment will return the error "Server rejected our request."

    Action: Wait 30 minutes, then retry the deployment.

  • After deploying a Kubernetes cluster, clicking the web console icon on the Projects > Deployments screen using Internet Explorer results in a blank screen.

    Action: Launch HPE OneSphere in a Chrome or Firefox browser, then retry accessing the Kubernetes web console.

  • Docker pods deployed to a Kubernetes cluster are not monitored by HPE OneSphere. If your container goes into the CrashLoopBackOff or other error state, an error is not displayed in HPE OneSphere and the pod appears to be functioning normally.

    Action: Download the kubeconfig from HPE OneSphere. Using the downloaded kubeconfig, you can run kubectl commands to check the actual state of the container.

    See Using the kubectl CLI with a Kubernetes cluster.

  • If you deploy an older Helm chart (ex. Wordpress 0.3.1) to a Kubernetes cluster, Helm charts with a label selector will not be updated.

    Action: Deploy a newer version of the Helm chart that does not use label selector.

Viewing cloud analytics on the Insights screen

  • After adding an AWS provider account, the provider cost is listed on the Insights screen under the Unknown project in the first 24 hours.

    Action: To see the costs for the account listed under the correct project name, check the Insights screen on the second day after adding an AWS provider account.

  • AWS account cost information is not shown on the Insights screen on the first day or two of the month.

    Action: Check the Insights screen on the second and third day of the month, or note the costs on the last day of the previous month to estimate the costs for the first days of the month.

  • Historical costs for a disabled AWS or Azure account are not shown on the Insights screen.

    Action: Note the costs before disabling an AWS or Azure public account, if they are needed. When this issue is corrected, costs for a disabled account will continue to be shown for the remainder of the current month.

  • Public provider costs are updated every 24 hours. In rare occurrences, a network error or other issue prevents the daily update from occurring.

    Action: Check the Insights screen for updated costs after 48 hours from the last update. An update cannot be manually triggered.

Viewing usage information on the Providers screen

  • Selecting Clusters from the Private Zones screen displays a list of clusters in the zone. Below each cluster name, a number of Cores CPU and amount of Memory is displayed. This information is incorrect.

    Action: Click the cluster name to see the cluster screen. In the Cluster Details section, the correct CPU and Memory information for the cluster is displayed.

Enabling multiple clusters in a private cloud zone

  • When multiple clusters are enabled in a zone, and you disable any cluster, the virtual machines in the cluster continue to appear under the HPE OneSphere Private Zones screen. Performing lifecycle operations on the virtual machines (for example, powering off) results in the Processing state for at least 15 minutes. When the cluster is re-enabled, the last attempted operation is performed on the virtual machines.

  • When there are multiple clusters and datastores in a VMware vSphere zone and the zone is enabled or disabled, HPE OneSphere occasionally cannot load the Private Zones screen. The screen recovers after a period of time.


For information about how security is built into HPE OneSphere, see What is HPE OneSphere? and the HPE OneSphere Security White Paper on the HPE OneSphere Docs portal.

Proactive security vulnerability management is an important aspect of managing the HPE OneSphere underlying infrastructure.

  • See Security patches in theHPE OneSphere Documentation Portal for HPE OneSphere specific security remediation procedures.

  • Check the Product Security Vulnerability Alerts site for security bulletins for Hewlett Packard Enterprise. The security bulletins provide information about security vulnerabilities and the availability of patches or remediation procedures.

  • Use the HPE Support Center for advisories, bulletins, and notices.

Engaging HPE Pointnext for HPE OneSphere support

Support for HPE OneSphere is provided by the HPE Pointnext Cloud Center of Excellence (CoE).

This worldwide operating support team is available 24x7 and support issues are covered using the "follow the sun" model.

HPE OneSphere chat

Customers with an active HPE OneSphere SaaS portal can easily engage the HPE Pointnext Cloud CoE team using the embedded chat feature.

An HPE support agent will respond to your request within a maximum of 2 hours.

To access the support team, click the Chat icon  on the bottom left corner of the HPE OneSphere user interface.

Start chatting by clicking the New Conversation icon:  

HPE Support Center

Online web ticketing is available to all HPE customers with active contracts or warranty.

After the support ticket is created, you can upload log files to the HPE Support Center or e-mail them to the generated ticket.

HPE support will engage back with you within the response time set by the support case severity.

Logging a support ticket by phone

Information to have available on hand

  • Service Agreement ID (SAID) (all numeric digits)

  • HPE Passport account (for HPE Support Center)

    This account is required for login; you can easily create a Passport on the HPE Support Center if you don't have one.

  • Your HPE OneSphere SAAS portal DNS name

  • Log files, screenshots, or screen recordings if available

  • Contact details about the person to engage (name, email and phone number)

Learning about HPE OneSphere

You can use one of the following methods to access HPE OneSphere documentation:

  • In the HPE OneSphere UI, click your User icon. Then, click Learn.

    You will be redirected to the HPE OneSphere Docs website (

  • Go to the Hewlett Packard Enterprise Information Library (

    The Hewlett Packard Enterprise Information Library contains PDF versions of the HPE OneSphere Support Matrix, HPE OneSphere Release NotesHPE OneSphere Security White Paper, HPE OneSphere Technical White Paper and Getting Started with HPE OneSphere.

Documentation feedback

Hewlett Packard Enterprise is committed to providing documentation that meets your needs. To help us improve the documentation, send any errors, suggestions, or comments to Documentation Feedback (

You can also chat with us on Slack ( in the onesphere-docs channel.