VMware vSphere Integrated Containers 1.2 New Features

Recently, with VMware hosting its various VMWorld conferences, we heard about many exciting releases. One of the releases that is exciting around containers is the release of VMware Integrated Containers 1.2. VMware’s container product has been steadily maturing with features and functionality. This release continues with that trend. There are many new features and enhancements found in the 1.2 release of the product. Let’s take a look at VMware vSphere Integrated Containers 1.2 New Features.

VMware vSphere Integrated Containers 1.2 New Features

There are many new features to mention in the 1.2 release including the following:

• Authentication and Authorization
• Now full integration with Register and Management Portal interfaces
• Better container security – trusted content and scanning for security vulnerabilities with policies per project
• Ability to reconfigure the deployed virtual container hosts (VCHs)
• Better vSphere administrator functionality within the vSphere Client
• Docker Engine in VIC is fully functional now
• Support for new Docker commands – commit, diff, stats, and cp

Authentication and Authorization

The vCenter SSO is implemented across VIC components and role based access control is available at the project level. VIC is now fully integrated with VMware Platform Services Controller. You can pull users from the Platform Services Controller and assign them roles through the VIC Managment Portal. Multiple VIC appliances can be deployed to the same vCenter server and you can deploy multiple appliances to different vCenter servers that share the same Platform Services Controller.

Role based access – There are four Users and Roles for user access – Viewer, Developer, DevOps Administrator, and Cloud Administrator.

Better Container Security – Now we have the ability to do Registry Whitelists which helps to ensure security and safety of the downloaded images and make sure they are downloaded from authorized registries only.

Image Scanning will allow the scanning of container images for known vulnerabilities. Thresholds can be set that restrict vulnerable images from being run.

Content Trust enforces only properly signed and validated images to run. This can be turned on per project.

Virtual Container Host Configuration post deployment – This will allow for reconfiguration post deployment of the virtual container host which could not be done before. This should be extremely helpful for environments that may need to reconfigure the VCH due to changing requirements or fast growing teams.

The UI in the HTML5 client used by the VI Administrator will also be updated. The VIC section will feature a list of all VCH container hosts, VMs, in the environment.

Thoughts

The VMware vSphere Integrated Containers 1.2 new features show that VMware is committed to maturing and growing the VIC container product. The new authentication, security, native docker container support, and reconfiguration features of this release are welcomed additions. You will definitely want to upgrade previous environments to version 1.2. Stay tuned as we will take a look at upgrading VMware vSphere Integrated Containers 1.1 to 1.2.