VMware made a number of announcements in the Kubernetes space today under the VMware Tanzu portfolio, confirming again this is one of the main strategic pillars.
For those following VMware the last couple of years this is no surprise. In 2017, together with Pivotal and Google they launched the Pivotal Container Service (now Enterprise PKS): a turnkey platform providing upstream Kubernetes clusters, focused on operational excellence with proven day 2 cluster life cycle management via BOSH, and networking and security through NSX-T. In 2018, this strategy was confirmed with the acquisition of Heptio, through which VMware bought into the Do It Yourself Kubernetes space, resulting on the product side in Essentials PKS - basically upstream Kubernetes with support.
In the last couple of weeks leading up to VMworld, it was hard to ignore the claims of something big being announced:
Wait…what is this new secret session about the #FutureofvSphere by @kitcolbert? And what is this about something game-changing that’s coming from vSphere?! Better sign up for the session! #vSphere #VMworld2019 #VMworld #HBI4937BU https://t.co/v8QmjlIbyc
— Himanshu Singh (@himanshuks) August 14, 2019
I’ve been at @VMware for 16 years. I’ve worked on vMotion, created SvMotion, launched @vRealizeOps, started @cloudnativeapps . Yet I'm more excited than ever for the #FutureOfvSphere! Some really groundbreaking stuff! Come find out: https://t.co/IHghHnx17N @VMworld @VMwarevSphere
— Kit Colbert (@kitcolbert) August 15, 2019
That is, there are actually three major announcements, categorized as ‘build’, ‘run’, and ‘manage’.
Project Pacific - RUN
For techies, this is the most exciting announcement: native Kubernetes on vSphere. This project will launch as a tech preview. Right now, the technical details are coming bit by bit, and Kit Colbert’s session later today will clarify more.
Project Pacific positioning
For now this is what we know:
- ESXi Native Pods: instead of running inside node Virtual Machines, a special ‘supervisor’ cluster uses ESXi as nodes instead of linux Virtual Machines. The workloads (the pods) run inside a minimal VM with a small Linux kernel and a new container runtime (CRX). This may sound very familiar to those who ran or played with vSphere Integrated Containers (VIC) before, in which the Docker engine was integrated in vSphere. Running in this mode can address the fundamental problem with workload isolation and multi tenancy Kubernetes still has, and makes it lightning fast to spin up workloads. However, the Kubernetes running in this way is not upstream conformant.
- Kubernetes is the new vSphere control plane - that’s right - everything runs declaratively, you can even spin up Virtual Machines with yaml now!
- Guest clusters: for general purpose - upstream - Kubernetes loads, clusters can be created to run workloads inside traditional Virtual Machine worker nodes (on a supervisor cluster). What’s new here is the can be created through the Cluster API, a Kubernetes-style API for cluster creation, configuration, and management (the clusterctl to your kubectl). Most likely, we’ll see most workloads land on Guest clusters to stay conformant.
- Harbor container registry is integrated in vSphere
Project Pacific Operator and Developer flows
The unknowns at this time are around networking, portability, and day 2:
- A strong selling point of Enterprise PKS is that it comes with NSX-T, in which containers are first class citizens of the network. How will this work for the new vSphere with Project Pacific? Will it come with a basic version of NSX-T?
- With a new version of Kubernetes coming every 3 months, will vSphere updates keep pace?
- What technology manages the lifecycle of the clusters and workloads? How battle tested is it compared to BOSH (inside Enterprise PKS)?
- With VMs running as Kubernetes constructs, how do we keep them portable, as likely no other Kubernetes vendor will provide ‘vSphere k8s’ resources required to run them?
- How many vSphere admins will get used to writing yaml instead of clicking in a GUI?
For more technical details, check out this technical overview or the announcement video:
VMware Tanzu Mission Control - MANAGE
We see customers running Kubernetes struggle with operations on a daily basis: how do we force policies, identity & access, check capacity, connectivity, monitor performance, compliance or have a general overview over all running cluster and workloads across vendors, across clouds?
Project Olympus (Tanzu Mission Control)
This is where VMware Tanzu Mission Control (formerly Project Olympus) comes in: it’s a Software as a Service offering, in which organizations can enlist their Kubernetes clusters from any vendor, on any cloud, and operate all of it from a single point.
Elements of Tanzu Mission Control
Some examples of the interface:
All the clusters. In all the clouds.
Single cluster overview
The ‘Build’ announcement came in the week before VMworld in the form of the Pivotal acquisition. Together with the announcements above, and the previous Bitnami acquisition, VMware has a solution for building all types of modern applications, from Kubernetes based, to Commercial Off The Shelve, to real Cloud Native applications.
Build - from K8s, to COTS, to Cloud Native
All of the above give VMware a very strong hand in the Cloud Native space.
The original article was posted on: devops.lol