VMware vSphere® Integrated Containers 1.5.1 | 19 FEB 2019

VMware vSphere Integrated Containers Appliance 1.5.1 Build 6995
VMware vSphere Integrated Containers Engine 1.5.0 Build 20723
VMware vSphere Integrated Containers Registry 1.7.1 Build c380652
VMware vSphere Integrated Containers Management Portal 1.5.0 Build ed50127
VMware vSphere Integrated Containers Plug-In for vSphere Client 1.5.0 Build 1462

Check for additions and updates to these release notes.

What's in the Release Notes

These release notes cover the following topics:

About vSphere Integrated Containers

vSphere Integrated Containers is delivered as an appliance, that comprises the following major components:

  • VMware vSphere Integrated Containers Engine, a container runtime for vSphere that allows developers who are familiar with Docker to develop in containers and deploy them alongside traditional VM-based workloads on vSphere clusters. vSphere adminitrators can manage these workloads by using vSphere in a way that is familiar.
  • vSphere Integrated Containers Plug-In for vSphere Client, that provides information about your vSphere Integrated Containers setup and allows you to deploy virtual container hosts directly from the vSphere Client.
  • VMware vSphere Integrated Containers Registry (Harbor), an enterprise-class container registry server that stores and distributes container images. vSphere Integrated Containers Registry extends the Docker Distribution open source project by adding the functionalities that an enterprise requires, such as security, identity and management.
  • VMware vSphere Integrated Containers Management Portal, a container management portal that provides a UI for DevOps teams to provision and manage containers, including retrieving stats and info about container instances. Cloud administrators can manage container hosts and apply governance to their usage, including capacity quotas and approval workflows. When integrated with vRealize Automation, more advanced capabilities become available, such as deployment blueprints and enterprise-grade Containers-as-a-Service.

vSphere Integrated Containers enables VMware customers to deliver a production-ready container solution to their developers and DevOps teams. By leveraging their existing SDDC, customers can run container-based applications alongside existing virtual machine based workloads in production without having to build out a separate, specialized container infrastructure stack. As an added benefit for customers and partners, vSphere Integrated Containers is modular. So, for example, if your organization already has a container registry in production, you can use that registry with vSphere Integrated Containers Engine and vSphere Integrated Containers Management Portal.

What's New

vSphere Integrated Containers 1.5.1 updates the version of runc in the vSphere Integrated Containers OVA appliance, to address a critical vulnerability that allows specially-crafted containers to gain administrative privileges on the host. The version of runc in the dch-photon image on Docker Hub has also been updated. For more information, see CVE-2019-5736.

IMPORTANT: vSphere Integrated Containers virtual container host (VCH) endpoint VMs are not vulnerable to the privilege escalation described in CVE-2019-5736. This issue affected the OVA appliance because it uses a standard container engine to run the vSphere Integrated Containers services. The dch-photon image includes a standard Docker Engine. Container VMs that you deploy by using vSphere Integrated Containers VCHs are not vulnerable to the runc vulnerability.

Localization

vSphere Integrated Containers 1.5.1 is only available in English.

Product Documentation

The vSphere Integrated Containers 1.5.1 documentation includes the following publications:

Installation

For information about installing vSphere Integrated Containers 1.5.1, see Installing vSphere Integrated Containers.

Compatibility

For information about compatibility, see Interoperability of vSphere Integrated Containers with Other VMware Software in Install, Deploy, and Maintain the vSphere Integrated Containers Infrastructure and the VMware Product Interoperability Matrixes.

Upgrading vSphere Integrated Containers

For information about upgrading to vSphere Integrated Containers 1.5.1, see Upgrading vSphere Integrated Containers.

IMPORTANT: Upgrading from 1.5.0 to 1.5.1 fails. VMware is working on a solution. Upgrading from versions prior to 1.5.0 to 1.5.1 works as normal.

Open Source Components

The vSphere Integrated Containers components are licensed under Apache 2 with additional licenses denoted within the vSphere Integrated Containers appliance, Engine, Registry, Management Portal, and vSphere Client plug-in open source repositories.

Resolved Issues

For the lists of issues that have been resolved in vSphere Integrated Containers 1.5.1, see the Github open-source project pages for each component.

Known Issues

Upgrading from 1.5.0 to 1.5.1 fails with the error Detected old appliance's version as unknown. Upgrade from this version is not a supported upgrade path. VMware is working on a solution. Upgrading from versions prior to 1.5.0 to 1.5.1 works as normal.

For the lists of known issues in vSphere Integrated Containers 1.5.1, see the Github open-source project pages for each component.

check-circle-line exclamation-circle-line close-line
Scroll to top icon