Ruurd
Ruurd

Aug 26, 2019 4 min read

VMware is all-in on Kubernetes

thumbnail for this post

VMware made a number of announcements in the Kubernetes space today under the VMware Tanzu portfolio, confirming again this is one of the main strategic pillars.

For those following VMware the last couple of years this is no surprise. In 2017, together with Pivotal and Google they launched the Pivotal Container Service (now Enterprise PKS): a turnkey platform providing upstream Kubernetes clusters, focused on operational excellence with proven day 2 cluster life cycle management via BOSH, and networking and security through NSX-T. In 2018, this strategy was confirmed with the acquisition of Heptio, through which VMware bought into the Do It Yourself Kubernetes space, resulting on the product side in Essentials PKS - basically upstream Kubernetes with support.

In the last couple of weeks leading up to VMworld, it was hard to ignore the claims of something big being announced:

Paul Fazzone hinted at most of the announcements in this blogpost.

That is, there are actually three major announcements, categorized as ‘build’, ‘run’, and ‘manage’. Pacific

Project Pacific - RUN

For techies, this is the most exciting announcement: native Kubernetes on vSphere. This project will launch as a tech preview. Right now, the technical details are coming bit by bit, and Kit Colbert’s session later today will clarify more.

PositioningProject Pacific positioning

For now this is what we know:

  • ESXi Native Pods: instead of running inside node Virtual Machines, a special ‘supervisor’ cluster uses ESXi as nodes instead of linux Virtual Machines. The workloads (the pods) run inside a minimal VM with a small Linux kernel and a new container runtime (CRX). This may sound very familiar to those who ran or played with vSphere Integrated Containers (VIC) before, in which the Docker engine was integrated in vSphere. Running in this mode can address the fundamental problem with workload isolation and multi tenancy Kubernetes still has, and makes it lightning fast to spin up workloads. However, the Kubernetes running in this way is not upstream conformant.
  • Kubernetes is the new vSphere control plane - that’s right - everything runs declaratively, you can even spin up Virtual Machines with yaml now!
  • Guest clusters: for general purpose - upstream - Kubernetes loads, clusters can be created to run workloads inside traditional Virtual Machine worker nodes (on a supervisor cluster). What’s new here is the can be created through the Cluster API, a Kubernetes-style API for cluster creation, configuration, and management (the clusterctl to your kubectl). Most likely, we’ll see most workloads land on Guest clusters to stay conformant.
  • Harbor container registry is integrated in vSphere

Ops_Dev_FlowsProject Pacific Operator and Developer flows

The unknowns at this time are around networking, portability, and day 2:

  • A strong selling point of Enterprise PKS is that it comes with NSX-T, in which containers are first class citizens of the network. How will this work for the new vSphere with Project Pacific? Will it come with a basic version of NSX-T?
  • With a new version of Kubernetes coming every 3 months, will vSphere updates keep pace?
  • What technology manages the lifecycle of the clusters and workloads? How battle tested is it compared to BOSH (inside Enterprise PKS)?
  • With VMs running as Kubernetes constructs, how do we keep them portable, as likely no other Kubernetes vendor will provide ‘vSphere k8s’ resources required to run them?
  • How many vSphere admins will get used to writing yaml instead of clicking in a GUI?

For more technical details, check out this technical overview or the announcement video:

VMware Tanzu Mission Control - MANAGE

We see customers running Kubernetes struggle with operations on a daily basis: how do we force policies, identity & access, check capacity, connectivity, monitor performance, compliance or have a general overview over all running cluster and workloads across vendors, across clouds?

OlympusProject Olympus (Tanzu Mission Control)

This is where VMware Tanzu Mission Control (formerly Project Olympus) comes in: it’s a Software as a Service offering, in which organizations can enlist their Kubernetes clusters from any vendor, on any cloud, and operate all of it from a single point.

Olympus_ContentsElements of Tanzu Mission Control

Some examples of the interface: Olympus_UIAll the clusters. In all the clouds. Olympus_UI2Single cluster overview

Build

The ‘Build’ announcement came in the week before VMworld in the form of the Pivotal acquisition. Together with the announcements above, and the previous Bitnami acquisition, VMware has a solution for building all types of modern applications, from Kubernetes based, to Commercial Off The Shelve, to real Cloud Native applications.

BuildBuild - from K8s, to COTS, to Cloud Native

All of the above give VMware a very strong hand in the Cloud Native space.