What's in the Release Notes
- Download
- Installation and Upgrade
- Using vSphere Integrated Containers
- Changes
- Known Issues
- Open Source Components
Download
Official vSphere Integrated Containers release: http://www.vmware.com/go/download-vic
Open-source vSphere Integrated Containers project download location: https://storage.googleapis.com/vic-product-ova-releases/vic-v1.5.1-6995-a6158aac.ova
File size: 2526382080
SHA256 checksum: 3e50c461351e47762b977158852196bdb864b6d932e66ef9576d9e70b58d08b0
SHA1 checksum: 80c0249985bef23ae8a1a4760c3345f19afbd0d2
MD5 checksum: 44c8f6970d63b253ba687828ab085ff5
This OVA contains the following component versions:
Appliance: https://github.com/vmware/vic-product/archive/v1.5.1.zip
Engine: https://github.com/vmware/vic/archive/v1.5.0.zip
Registry: https://github.com/goharbor/harbor/archive/v1.7.1.zip
Management Portal: https://github.com/vmware/admiral/archive/vic_v1.5.0.zip
UI: https://github.com/vmware/vic-ui/archive/v1.5.0.zip
Installation and Upgrade
- For instructions about how to deploy the vSphere Integrated Containers appliance, see Deploy the vSphere Integrated Containers Appliance.
- For instructions about how to upgrade an existing vSphere Integrated Containers appliance, see Upgrade the vSphere Integrated Containers Appliance.
IMPORTANT: Upgrading from 1.5.0 to 1.5.1 fails. VMware is working on a solution. Upgrading from versions prior to 1.5.0 to 1.5.1 works as normal.
Using vSphere Integrated Containers
For more details on using vSphere Integrated Containers see the end user documentation at https://vmware.github.io/vic-product/#documentation.
- Overview of vSphere Integrated Containers
- vSphere Integrated Containers for vSphere Administrators
- vSphere Integrated Containers Management Portal Administration
- Using vSphere Integrated Containers as a DevOps Administrator, Developer, or Viewer
- Developing Applications with vSphere Integrated Containers
Changes
Full list of changes from 1.5.0.
New Features
vSphere Integrated Containers 1.5.1 includes no new features.
Enhancements
vSphere Integrated Containers 1.5.1 includes no new enhancements.
Resolved Issues
vSphere Integrated Containers 1.5.1 updates the version of runc in the vSphere Integrated Containers OVA appliance, to address a critical vulnerability that allows specially-crafted containers to gain administrative privileges on the host. The version of runc in the dch-photon image on Docker Hub has also been updated. For more information, see CVE-2019-5736.
IMPORTANT: vSphere Integrated Containers virtual container host (VCH) endpoint VMs are not vulnerable to the privilege escalation described in CVE-2019-5736. This issue affected the OVA appliance because it uses a standard container engine to run the vSphere Integrated Containers services. The dch-photon image includes a standard Docker Engine. Container VMs that you deploy by using vSphere Integrated Containers VCHs are not vulnerable to the runc vulnerability.
Known Issues
Upgrading from 1.5.0 to 1.5.1 fails. VMware is working on a solution. Upgrading from versions prior to 1.5.0 to 1.5.1 works as normal.
Apart from the upgrade issue above, vSphere Integrated Containers appliance 1.5.1 has the same known issues as v1.5.0.
Appliance upgrade script does not support FQDN addresses for the old appliance #1731 Appliance services are not available if accessed through NAT or a reverse proxy. #1172 Workaround: Add the FDQN by which the appliance identifies itself to the vSphere Client shows warnings when you attempt legitimate operations on the appliance VM. #1184 Workaround: Ignore the warnings and click Yes to proceed with the operation.
View all
When you run the script to upgrade the vSphere Integrated Containers appliance, the script prompts you for the FQDN or IP address of the old version of the appliance. However, the script only supports IP addresses for the appliance, and does not support FQDN addresses. You can use FQDN for vCenter Server addresses.
The Getting Started page of the appliance includes links to the services running on the appliance. These links are constructed assuming that users connect to the appliance by using its IP or FQDN, and that it is not hidden behind NAT or a reverse proxy.
/etc/hosts file of the client machine, pointing to the translated IP address that the client sees.
If you attempt to perform operations on the appliance VM, for example migrate it, move it to a new folder, or restart it, you see a warning that the the VM is managed by Solution vSphere Integrated Containers-H5Client.
See also the known issues for each of the vSphere Integrated Containers components:
- vSphere Integrated Containers Engine
- vSphere Integrated Containers Management Portal
- vSphere Integrated Containers Registry
- vSphere Integrated Containers Plug-In for vSphere Client
Open Source Components
The copyright statements and licenses applicable to the open source software components distributed in vSphere Integrated Containers are available in the LICENSE file.