Release Notes

shoenisch edited this page May 11, 2017 · 12 revisions
Clone this wiki locally

VMware Photon Platform 1.2.1 Maintenance Release

This maintenance release fixes bugs and improves or extends several features:

  • You can now upload images larger than 8 GB.
  • This release fixes image-uploading bugs with the Photon controller agent.
  • This release updates API end points to be more consistent with the refactoring done in the 1.2 release.
  • You can now create Kubernetes clusters with more than 10 workers.
  • This releases improves scalability and reliability.
  • This release adds DNS support for creating subnets.
  • This release extends validation of the installation configuration before attempting the installation.
  • This release adds support for making a white list of data stores.
  • This release also includes a technology preview: Support for container networking with NSX for Kubernetes.
  • This release updates the user interface.

For more information, see the release notes for Photon Platform 1.2 below.

VMware Photon Platform 1.2 Release Notes

Supported Platforms

  • This release of Photon Platform must be used with VMware ESXi 6.5, Patch 201701001 (ESXi650-201701001), which you can find by searching for patches for ESXi 6.5.0 on the My VMware Product Patches web site at The patch's build number is 4887370. Support for ESX 6.0 has been dropped.
  • Photon Platform 1.2 uses Lightwave 1.2 client and server. Photon Platform 1.2 is incompatible with previous versions of Lightwave.
  • All hostnames in the YAML deployment template now need to be distinct.


  • This release now supports Kubernetes 1.6.0.
  • This release supports upgrading existing Kubernetes clusters by running the photon service change-version command.
  • This release supports Kubernetes persistent volumes, both static and dynamic. See Persistent Volumes for Kubernetes.
  • This release uses and requires OpenID Connect for authentication with Kubernetes. When using the Kubernetes CLI, you'll need to configure it with an OIDC token. The Photon Controller command-line interface has a new command to help with this, photon service get-kubectl-auth. The Kubernetes web interface doesn't natively support OIDC, but you can use the Kubernetes command-line interface (kubectl proxy) to login with OIDC. See the instructions in Creating a Kubernetes Cluster.
  • This release supports deploying multiple Kubernetes masters behind a load-balancer, for high-availability.
  • This release supports deploying Kubernetes clusters on NSX-backed VMs (but does not provide pod-level network virtualization). See Setting Up a Kubernetes Cluster with NSX.
  • When you create a Kubernetes cluster with the command-line interface, the command has changed from photon cluster create to photon service create.


  • This release supports VMware NSX-T 1.1 for integrating Photon Controller with VMware NSX.
  • This release now supports NSX-T 1.1 DHCP integration. A customized DHCP server is no longer required for networking in Photon Platform.
  • This release supports overlapping IP addresses across subnets.
  • This release supports floating IP addresses for VMs.
  • This release supports the creation of multiple routers in a project.
  • This release supports the creation of multiple subnets under a router.


  • Resource tickets have been replaced with quotas. Previously a tenant could have multiple resource tickets and could not update the resource allocation within a ticket. Now a tenant can have a single quota, but quota can be increased or decreased if needed. But note that unlike resource tickets, quotas must provide limits for all costs used. For instance, if a flavor specifies a "vm.cpu" cost, then the quota must have a limit for "vm.cpu", or the creation of VMs will fail because of an insufficient quota. See Creating Projects, Tenants, and Quotas.
  • This release now allows project users to upload images; uploading images is no longer limited to system administrators. These images will have "project" scope instead of "infrastructure" scope. Images provide full identity and access management (IAM): By default, only system administrators can manage images with infrastructure scope and users from one project cannot manage images from another project. However, fine-grained RBAC rules can be applied to images.
  • On Microsoft Windows, the command-line interface now supports authentication using the existing Windows login if Lightwave has been associated with the appropriate Active Directory domain.


  • APIs have been updated to be versioned: All API URLs start with /v1 now.
  • Some of the APIs have been renamed. For instance, /auth and /info are now /v1/system/auth and /v1/system/info. See the list of APIs.
  • When the API returns an error, it now returns a numeric error code (e.g., 1904) along with the pre-existing error name (e.g., ExpiredAuthToken).
  • You can now get a full OpenAPI 2.0 spec file from a running Photon Controller instance. They are available from the /v1/swagger.yaml URL; for example: wget --no-check-certificate https://{load_balancer_ip}:443/v1/swagger.yaml

Known Issues

  • A hostname including its domain name should not exceed 64 characters to register the host with Lightwave.
  • NSX VIBs need to be removed from ESXi hosts before Photon Platform deployment. For instructions, see Troubleshooting.
  • In some cases when you create a Kubernetes cluster with the CLI, you may need to specify a smaller worker batch size (--batchSize 1) to work around a problem when deploying multiple Kubernetes workers simultaneously. This issue will be fixed in the next release.
  • When creating a cluster by using the Photon Platform user interface, you have to use the CLI to create subnets for the cluster.

VMware Photon Platform 1.1.1 Release Notes

Supported Platforms


  • A new installer makes deploying Photon Platform easier, more robust, and more secure.
  • The YAML deployment template has been restructured to be more intuitive.
  • The installer includes extensible logging.


  • The new installer requires the use of authentication. You can neither deploy Photon Platform without authentication nor turn off authentication after you deploy the platform.
  • The new installer removes plain text passwords from the configuration and the cloudstore.
  • Photon Platform and Xenon have been updated to use the VECS endpoint certificate store instead of the previous Java Key Store, making it easier to rotate the certificates used by Photon Platform.


  • Photon Platform 1.1.1 upgrades the networking fabric to NSX-T 1.1.
  • The DHCP installation no longer requires two subnets when Photon Platform is installed with NSX-T. This change simplifies and improves DHCP installation.
  • Networking components in Photon Platform have been enhanced to work with the new installer's workflow.
  • NSX host provisioning is supported only with the default uplink profile.

Command-Line Interface

  • The CLI utility has been updated to support refreshing tokens.
  • The CLI utility has also been updated to align with changes to the installation process. You no longer deploy Photon Platform by using the Photon CLI on your Linux, Mac, or Windows workstation.
  • The installer VM now includes a command-line utility to set up Photon Platform.
  • Before you can add a new ESXi host to a Photon Platform cluster of ESXi hosts, you must install the Photon agent VIBS on the new ESXi host.


  • Kubernetes has been upgraded to version 1.5.1.


  • The Harbor Docker Registry has been upgraded to version 0.4.1.


  • For instructions on how to install Photon Platform 1.1.1 by using the new installer, see the Quick Start Guide. It's available on our GitHub wiki.

Photon Controller 1.1.0 Release Notes

Supported Platforms


  • ESXi cloud hosts are joined to the Lightwave domain.
  • Communication from Photon Controller to the Photon Controller agent on the ESXi hosts is secured with SSL.
  • Requires Lightwave version 1.0.1.
  • All SSL certificates for the Photon Platform management plane are issued by the Lightwave Certificate Authority.

vSAN Integration

  • VMware vSAN for Photon Platform version 1.0.1 is required.
  • Photon Controller has built-in support for vSAN for Photon Platform.
  • Disk flavors can be tagged as vSAN-specific. Disks created with those flavors will be placed on a vSAN datastore.
  • If a vSAN datastore is created after Photon Controller is installed, Photon Controller detects that vSAN datastore after 15 minutes.
  • If you are planning to use vSAN, you must add a vSAN datastore to Photon Controller's deployment YAML file when you install Photon Controller.
  • Known bug: vSAN performance service does not work properly.

NSX Integration

  • VMware NSX-T version 1.0.1 is required.
  • Photon Controller has built-in support for NSX.
  • A custom DHCP server is provided to allow VMs to get IP addresses.
  • Users can create multiple virtual networks, each associated with a single project. A single project allows multiple virtual networks.
  • Users can create virtual machines that are attached to the virtual networks.
  • Photon Controller orchestrates DHCP reservations.
  • Users can assign floating IP addresses from a pool of addresses to a VM.
  • Photon Controller can manage VLAN-backed networks or consume NSX networks, but not both.

Container Orchestration Frameworks


  • Kubernetes has been upgraded to 1.4.3.
  • Kubernetes UI and DNS are supported.
  • Kubernetes can be configured to work with the Harbor Docker Registry.
  • Many bug fixes and small improvements.
  • Kubernetes currently works only with VLAN-backed networks.
  • Known bug: If the Kubernetes master or etcd node fails, it will not be recreated. Kubernetes worker nodes are, however, recreated.

Harbor Docker Registry

  • The Harbor Docker Registry version 0.3.0 (docker register with integrated UI and role-based access) has been added as a new container cluster type. Although it is not a container orchestration cluster itself, it supports other clusters, especially Kubernetes.

Other Cluster Types

  • Support for Mesos and Docker Swarm remains experimental, and they can be deployed only through the API.


  • Photon Controller has an entirely new UI.
  • The UI supports differentiated access for system administrators, tenant administrators and project users.
  • Users can create and manage Kubernetes clusters.
  • Users can create and manage VMs.
  • Known Issue: By default, the tokens granted by Lighwave last five minutes and are renewable. The UI and CLI do not renew the tokens automatically. As a workaround, you can extend the token lifetime through the Lightwave UI: Select “Policies & Configuration," and then “Token Policy." Edit “Max Token Lifetime" to provide a timeout in milliseconds.

Photon Controller Agent

  • The Photon Controller agent, which Photon Controller installs on the ESXi host, is deployed in conjunction with a Lightwave VIB. (VIB stands for vSphere Installation Bundle; it distributes an ESXi software package).
  • The communication between Photon Controller and the agent is encrypted with SSL.
  • The Photon Controller agent supports NSX.
  • The Photon Controller agent supports vSAN.


  • The installation process deploys Lightwave on a separate management VM. For instance, when you deploy four management VMs, one will have Lightwave and three will have Photon Controller.
  • The installation process joins ESXi hosts to the Lightwave domain for secure communication.
  • ESXi hosts should have static IP addresses and a non-default hostname.


  • When querying the API for the set of tenants or projects, a request now returns only the set of tenants or projects that the user is authorized to access.
  • API support has been added for virtual networks.
  • A new /info API provides information about whether SDN networking with NSX is enabled as well as version information about Photon Controller.