check-circle-line exclamation-circle-line close-line

 VMware vSphere Integrated Containers 1.5.2 Release Notes

VMware vSphere® Integrated Containers 1.5.2 | 19 MAR 2019

VMware vSphere Integrated Containers Appliance 1.5.2 Build 7206
VMware vSphere Integrated Containers Engine 1.5.2 Build 20879
VMware vSphere Integrated Containers Registry 1.7.4 Build ce6a623
VMware vSphere Integrated Containers Management Portal 1.5.2 Build 98fcfa7
VMware vSphere Integrated Containers Plug-In for vSphere Client 1.5.2 Build 1500

Check for additions and updates to these release notes.

What's in the Release Notes

These release notes cover the following topics:

About vSphere Integrated Containers

vSphere Integrated Containers is delivered as an appliance, that comprises the following major components:

  • VMware vSphere Integrated Containers Engine, a container runtime for vSphere that allows developers who are familiar with Docker to develop in containers and deploy them alongside traditional VM-based workloads on vSphere clusters. vSphere adminitrators can manage these workloads by using vSphere in a way that is familiar.
  • vSphere Integrated Containers Plug-In for vSphere Client, that provides information about your vSphere Integrated Containers setup and allows you to deploy virtual container hosts directly from the vSphere Client.
  • VMware vSphere Integrated Containers Registry (Harbor), an enterprise-class container registry server that stores and distributes container images. vSphere Integrated Containers Registry extends the Docker Distribution open source project by adding the functionalities that an enterprise requires, such as security, identity and management.
  • VMware vSphere Integrated Containers Management Portal, a container management portal that provides a UI for DevOps teams to provision and manage containers, including retrieving stats and info about container instances. Cloud administrators can manage container hosts and apply governance to their usage, including capacity quotas and approval workflows. When integrated with vRealize Automation, more advanced capabilities become available, such as deployment blueprints and enterprise-grade Containers-as-a-Service.

vSphere Integrated Containers enables VMware customers to deliver a production-ready container solution to their developers and DevOps teams. By leveraging their existing SDDC, customers can run container-based applications alongside existing virtual machine based workloads in production without having to build out a separate, specialized container infrastructure stack. As an added benefit for customers and partners, vSphere Integrated Containers is modular. So, for example, if your organization already has a container registry in production, you can use that registry with vSphere Integrated Containers Engine and vSphere Integrated Containers Management Portal.

What's New

vSphere Integrated Containers 1.5.2 includes the following changes:

  • New option to set subnet masks on user-defined bridge networks. Read more.
  • New option to limit the number of container VMs that a VCH can host. Read more.
  • Setting the client network gateway is optional in the Create VCH wizard. Read more.
  • Fixes an issue that caused upgrading from 1.5.0 to 1.5.1 to fail.
  • Updates the version of runc in the vSphere Integrated Containers OVA appliance, to address a critical vulnerability that allows specially-crafted containers to gain administrative privileges on the host. The version of runc in the dch-photon image on Docker Hub has also been updated. For more information, see CVE-2019-5736.

    IMPORTANT: vSphere Integrated Containers virtual container host (VCH) endpoint VMs are not vulnerable to the privilege escalation described in CVE-2019-5736. This issue affected the OVA appliance because it uses a standard container engine to run the vSphere Integrated Containers services. The dch-photon image includes a standard Docker Engine. Container VMs that you deploy by using vSphere Integrated Containers VCHs are not vulnerable to the runc vulnerability.

Localization

vSphere Integrated Containers 1.5.2 is only available in English.

Product Documentation

The vSphere Integrated Containers 1.5.2 documentation includes the following publications:

Installation

For information about installing vSphere Integrated Containers 1.5.2, see Installing vSphere Integrated Containers.

Compatibility

For information about compatibility, see Interoperability of vSphere Integrated Containers with Other VMware Software in Install, Deploy, and Maintain the vSphere Integrated Containers Infrastructure and the VMware Product Interoperability Matrixes.

Upgrading vSphere Integrated Containers

For information about upgrading to vSphere Integrated Containers 1.5.2, see Upgrading vSphere Integrated Containers.

Open Source Components

The vSphere Integrated Containers components are licensed under Apache 2 with additional licenses denoted within the vSphere Integrated Containers appliance, Engine, Registry, Management Portal, and vSphere Client plug-in open source repositories.

Resolved Issues

For the lists of issues that have been resolved in vSphere Integrated Containers 1.5.2, see the Github open-source project pages for each component.

Known Issues

For the lists of known issues in vSphere Integrated Containers 1.5.2, see the Github open-source project pages for each component.