• The Cisco Container Platform Installer OVA

• The tenant OVA

• A vCenter cluster with High Availability (HA) and Distributed Resource Scheduler (DRS) enabled

• A DHCP server that provides IP addresses to the Cisco Container Platform VMs

• A vCenter datastore that is mounted on all the ESX hosts in the cluster

• Cisco Container Platform control plane VMs needs to have network access to vCenter appliance API

• Cisco Container Platform 1.3.0 and later requires hypervisor hosts to be running CPUs with an Ivy Bridge or newer microarchitecture.

• Included support for Istio 1.0

• Included support for scheduling of workloads to specific node pools

• Improved handling of master node upgrade failures

• Enhanced the Cisco Container Platform dashboard:

  • Modified the Installer to shows console output during the install and upgrade process

  • Added alt tags to icons that do not have accompanying text

  • Improved look and feel of the Sign in and Copyright sections

  • Updated ACI modals to use Particle modals

  • Enhanced the Cisco Container Platform dashboard to provide its own Ingress resource

  • Replaced Identity modals with Particle modals

  • Enabled automatic population of VLAN ID when creating ACI profile

  • Added Istio and Harbor information to the Cluster Summary and Details

  • Updated documentation on Docker for Mac

  • Upgraded Django and Bootstrap

For step by step instructions on installing Cisco Container Platform, refer to the Cisco Container Platform Installation Guide.

• Upgrading Cisco Container Platform is supported from the 1.0.0 release for deployments using Calico or ACI for CNI.

• If an existing deployment uses Contiv for CNI, then upgrades to the 1.5.0 version is not supported.

• Enhanced the Username drop-down list on narrow or collapsed viewport

• Added Help link for Smart Licensing

• Added VM template information on the Cluster Details page

The known issues in this release are as follows:

• Contiv as the CNI for tenant clusters is only supported as Tech Preview, and upgrading to a newer version of Cisco Container Platform is not supported.

• In an ACI environment, the link to a tenant cluster Kubernetes Dashboard from the Cisco Container Platform dashboard is not supported. To view the tenant cluster in the Kubernetes Dashboard, you need to obtain the Ingress IP of external IP address using kubectl get svc.

  Workaround

  Run the following commands:

  1. helm delete --purge kubernetes-dashboard

  2. helm upgrade --install kubernetes-dashboard -f /opt/ccp/charts/kubernetes-dashboard.yaml --namespace=ccp /opt/ccp/charts/kubernetes-dashboard.tgz

  3. Apply the rolebinding file.

     kubectl apply -f rolebinding.txt

     You can download the file from the following location:

     https://jira-eng-sjc11.cisco.com/jira/secure/attachment/13957/rolebinding.txt

• The Cisco Container Platform web interface displays links to external pages such as Smart Licensing. You cannot launch these pages if you do not have access to them.

• Virtual IP address is not released when cluster creation fails.

• If ACI fabric is running 3.1(1i), you need to turn on the promiscuous mode in the corresponding tenant port group in order to make the ACI load balancer functional.

• In a Contiv deployment, you should not use matchExpressions for a NetworkPolicy.

• In a Contiv deployment, network policy does not work with the hostnetwork pod.

• In a Contiv deployment, various networks are used internally by Contiv, and communication to IP addresses outside the cluster is blocked if there is an overlap.

• In a Calico deployment:

  • The network policy matching on labels will not block hostnetwork access to pods or services.

  • Host IP change may impact pod networking. To resolve the issue, you need to restart the Calico pods.

• istioctl is not installed when you enable Istio. You can follow the Cisco Container Platform documentation to install istioctl.

• When upgrading Istio from the 0.8 version to the 1.0 version, the backend services stop responding and you need to manually restart them.

• Do not use - in the tenant name in an ACI deployment.

  For example, tenant names such as test-a and test-b cause ACI overlap resources.

• A master VIP is required for a tenant cluster upgrade. Creating tenant clusters using an API without specifying a master VIP has a risk of corrupting the tenant cluster during tenant cluster upgrades.

• When you upgrade tenant clusters the Prometheus and EFK components are purged before installing the new versions. If you want to save history, a manual backup and migration is required before a tenant cluster upgrade.

• After an upgrade, the Cisco Container Platform web interface port may be different from the previous version.

• Taking a snapshot of the VMs managed by Cisco Container Platform is currently unsupported and results in failures during upgrades.

• ACI deployments are only supported in online mode.

• ACI deployments do not support Kubernetes security context.