Skip to content

vSphere Integrated Containers Appliance v1.5.1

Compare
Choose a tag to compare
@stuclem stuclem released this 18 Feb 10:15
· 152 commits to master since this release
a6158aa

What's in the Release Notes

Download

Official vSphere Integrated Containers release: http://www.vmware.com/go/download-vic

Open-source vSphere Integrated Containers project download location: https://storage.googleapis.com/vic-product-ova-releases/vic-v1.5.1-6995-a6158aac.ova

File size: 2526382080
SHA256 checksum: 3e50c461351e47762b977158852196bdb864b6d932e66ef9576d9e70b58d08b0
SHA1 checksum: 80c0249985bef23ae8a1a4760c3345f19afbd0d2
MD5 checksum: 44c8f6970d63b253ba687828ab085ff5

This OVA contains the following component versions:

Appliance: https://github.com/vmware/vic-product/archive/v1.5.1.zip
Engine: https://github.com/vmware/vic/archive/v1.5.0.zip 
Registry: https://github.com/goharbor/harbor/archive/v1.7.1.zip 
Management Portal: https://github.com/vmware/admiral/archive/vic_v1.5.0.zip 
UI: https://github.com/vmware/vic-ui/archive/v1.5.0.zip 

Installation and Upgrade

IMPORTANT: Upgrading from 1.5.0 to 1.5.1 fails. VMware is working on a solution. Upgrading from versions prior to 1.5.0 to 1.5.1 works as normal.

Using vSphere Integrated Containers

For more details on using vSphere Integrated Containers see the end user documentation at https://vmware.github.io/vic-product/#documentation.

Changes

Full list of changes from 1.5.0.

New Features

vSphere Integrated Containers 1.5.1 includes no new features.

Enhancements

vSphere Integrated Containers 1.5.1 includes no new enhancements.

Resolved Issues

vSphere Integrated Containers 1.5.1 updates the version of runc in the vSphere Integrated Containers OVA appliance, to address a critical vulnerability that allows specially-crafted containers to gain administrative privileges on the host. The version of runc in the dch-photon image on Docker Hub has also been updated. For more information, see CVE-2019-5736.

IMPORTANT: vSphere Integrated Containers virtual container host (VCH) endpoint VMs are not vulnerable to the privilege escalation described in CVE-2019-5736. This issue affected the OVA appliance because it uses a standard container engine to run the vSphere Integrated Containers services. The dch-photon image includes a standard Docker Engine. Container VMs that you deploy by using vSphere Integrated Containers VCHs are not vulnerable to the runc vulnerability.

Known Issues

Upgrading from 1.5.0 to 1.5.1 fails. VMware is working on a solution. Upgrading from versions prior to 1.5.0 to 1.5.1 works as normal.

Apart from the upgrade issue above, vSphere Integrated Containers appliance 1.5.1 has the same known issues as v1.5.0.

View all
  • Appliance upgrade script does not support FQDN addresses for the old appliance #1731
    When you run the script to upgrade the vSphere Integrated Containers appliance, the script prompts you for the FQDN or IP address of the old version of the appliance. However, the script only supports IP addresses for the appliance, and does not support FQDN addresses. You can use FQDN for vCenter Server addresses.

  • Appliance services are not available if accessed through NAT or a reverse proxy. #1172
    The Getting Started page of the appliance includes links to the services running on the appliance. These links are constructed assuming that users connect to the appliance by using its IP or FQDN, and that it is not hidden behind NAT or a reverse proxy.

    Workaround: Add the FDQN by which the appliance identifies itself to the /etc/hosts file of the client machine, pointing to the translated IP address that the client sees.

  • vSphere Client shows warnings when you attempt legitimate operations on the appliance VM. #1184
    If you attempt to perform operations on the appliance VM, for example migrate it, move it to a new folder, or restart it, you see a warning that the the VM is managed by Solution vSphere Integrated Containers-H5Client.

    Workaround: Ignore the warnings and click Yes to proceed with the operation.


See also the known issues for each of the vSphere Integrated Containers components:

Open Source Components

The copyright statements and licenses applicable to the open source software components distributed in vSphere Integrated Containers are available in the LICENSE file.