The Top 24 VMware Open Source Projects

While you may think that everything happens behind closed doors when thinking about a private company dealing with shareholders, turnover, profits and everything that comes with it, VMware open-source projects are very much a thing as the company is a major contributor to the community through multiple projects and organizations.

The term project may throw you off but the VMware Open-source program encompasses a number of products that are most likely already used in your most critical production system. I’m thinking about PhotonOS which powers the vCenter Server Appliance (VCSA).

In this article, we will have a look at a number of VMware Open-Source projects and what they are all about. Some of them are well-known products while others are a bit more obscure and will probably mature to the point of GA releases.

What is Open-Source?

First things first, let’s quickly touch base on what Open-Source is about for those that aren’t too familiar with it.

Originally, Open-Source software was software in which the code was public and available for everyone to view, modify and distribute. The point of Open-Source projects is to have a collaborative and community-based approach. Everyone can propose changes to the code which will be reviewed by peers who can either reject, edit or approve these changes. Because these projects are developed and supported by the community, they are oftentimes cheaper and have better shelf life than products developed internally by commercial companies (note that this is not a written rule).

The decentralization allows companies to build communities around a product they contribute to in order to deduplicate the quality of the work and increase the pace of development. It also comes with a mindset of community and helping each other.

When a company like VMware uses open-source projects in a commercial product, it is only fair that they contribute to the upstream project to give back to the community. Similarly, the company that opens its code to the public will appreciate contributions from others to improve the product.

What is an Upstream project?

If you start looking at VMware Open-Source projects, you may encounter the term “Upstream”. Upstream projects refer to the source repository or source project where the community contributes. Other projects based on the upstream project are then called downstream. The upstream project is like the trunk of the tree and downstream projects are the branches and leaves.

For instance, the Linux kernel originally developed by Linus Torvald is the upstream project and the hundreds of distributions such as Ubuntu, Debian, Fedora and such are downstream projects.

Most of these projects have community meetings that you can attend with a recurrence that varies according to the effort that goes into it as well as a Slack channel to communicate with the contributors. Below is an example with the Cluster API vSphere Provider.

“Contributors to Open-Source projects usually sync up in meetings and in dedicated Slack channels”

How Serious is VMware About Open Source?

Like many companies, VMware is involved and maintains a lot of Open-Source source projects. They are not all necessarily related to virtualization but a size of the effort is focused on Cloud Native. A good chunk of the VMware workforce contributing full time to these projects are employees from companies that were acquired by VMware such as Pivotal, AVI, Bitnami, Heptio and many others.

You can find news and announcements on the VMware Open-Source blog.

The VMware open-source projects are obviously maintained in Github repositories where you can find them all. Note that some projects are worked on using their internal Jira system and then pushed to Github but I digress.

Here are the main Github organizations where VMware open-source projects are maintained:

• • Main VMware projects on the VMware organization.

• • Smaller projects and code snippets on VMware-Labs and VMware-Samples.

• • Cloud Native and Modern Apps initiatives with Tanzu Labs, which is the software consulting branch (formerly Pivotal Labs) and Tanzu where you will find the projects that most likely run out there in production environments.

• • There are a few other repositories that weren’t rebranded such as Spring, RabbitMQ (yep, it also belongs to VMware), SaltStack…

The point is, there are hundreds of Open-Source projects that are maintained here and there by thousands of contributors. Note that some projects will still be around but deprecated like vSphere Integrated Containers that was superseded by the Tanzu portfolio.

For instance, the main VMware organization currently has 195 repositories:

“VMware Open-Source maintains a large number of projects”

Take Tanzu Community Edition for instance and you will find that there are 110 contributors as of March 2022. The proof of project with a solid community and high-quality code.

“Tanzu Community Edition is one of the most famous VMware Open-Source projects at the moment”

Open Source Projects by VMware

Enough ramblings for now, let’s get to the good stuff and see what cool VMware Open-Source projects we can find and what they do.

Note that I will link the Github repositories here. Not all projects have a marketing page and they are not as current as the repository anyway. However, you will often find a website for the project in the repository. Open-Source projects are moving targets.

The following VMware open-source projects are organized in no particular order.

Tanzu Community Edition

Tanzu Community Edition repository

Released in 2021, TCE is a full-featured Kubernetes platform available for free and super quick to start with. You can deploy it to docker, vSphere or a cloud provider. It uses Cluster API in the background to provision the infrastructure components and offer a kapp controller to easily install packages such as Prometheus or Velero. This project has a strong community of contributors backing it and is often updated and improved.

It even includes a web interface to deploy Kubernetes clusters for those that want to get straight to the point.

Carvel

Carvel project

Carvel provides a set of reliable, single-purpose, composable tools that aid in modern application building, configuration, and deployment to Kubernetes. A number of tools are associated with the Carvel Project such as:

• • ytt – Template and overlay of Kubernetes configurations (think Kustomize).

• • kapp – Manage multiple Kubernetes resources as one application.

• • kbld – Build or reference container images in Kubernetes configuration in an immutable way

• • imgpkg – Bundle and relocate app configurations via Docker registries

• • kapp-controller – Sort of an app marketplace.

• • vendir – Declaratively define files that should be in a directory.

• • secretgen-controller – CRDs specifying secrets that should be on a cluster.

Octant

Octant

I actually talked about Octant in a blog a while back because I really like this project. Octant was the brainchild of Heptio, a company that was acquired by VMware. It is a Dashboard Kubernetes UI software that you typically run on the workstation on which you would normally use kubectl as it will use whatever kubeconfig file you feed it to connect to a target cluster. That way you can visualize the various resources in place and execute basic actions.

It offers a slick UI where you can find tons of information about your Kubernetes resources. Similarly to how you would add content pack to vRealize Log Insight, it can be extended with plugins to get info on the likes of Antrea for instance.

Photon

Photon

If you use vCenter Server Appliance then you use Photon OS! It is a lightweight Linux container host optimized for cloud-native applications, vSphere and hyperscalers. It powers various VMware appliances such as vCenter Server Appliance, vRealize Automation, vRealize Orchestrator and so on.

Photon OS is a very mature project which is optimized for vSphere ESXi and the key benefits are that it includes support for containers with the Docker daemon, works with the likes of Mesos or Kubernetes, it is easy to manage in terms of lifecycle and offers hardened security out of the box.

NSX Container Plug-in

NSX Container Plugin (NCP)

Another one for the Kubernetes ecosystem with a plugin that provides integration between NSX-T and Kubernetes as well as PaaS products such as OpenShift or Tanzu Application Service (TAS). NCP runs as a container on each node and communicates with NSX Manager and the K8s control plane. It monitors changes to Kubernetes resources and reconciles them by calling the NSX API.

NCP has many capabilities to integrate your Kubernetes environment into NSX-T such as implementing LoadBalancer service types and integrating layer 7 ingress with it, separating logical network for each Kubernetes namespace, allocating IP and MAC addresses and the list goes on. However, it is worth noting that not all industry experts vouch for NCP because of its complexity and the fact that NSX-T may not be the best-suited product for cloud-native workloads.

Harbor

Harbor

Harbor is a cloud-native registry project that stores, signs, and scans content. Having a registry closer to the environment speeds up image transfers. Often used alongside Kubernetes, it adds value by offering features such as security, identity and management. It also supports replication of images between registries which mitigates the risk of having a single container registry from being a single point of failure.

Harbor is a very mature project currently in version 2.0 and is hosted by the Cloud Native Computing Foundation (CNCF).

Antrea

Antrea

This project is also a really cool one. Antrea is a CNI (Container Network Interface) that is a little less known than the big names like Calico or Flannel. However, Antrea offers lots of interesting capabilities such as a LoadBalancer service type working on layer 2 and integrating with the latest versions of NSX-T to increase visibility in the environment. Just like any other CNI, it is straightforward to install in any Kubernetes cluster.

Herald

Herald Proximity

By now we’ve talked a fair bit about Kubernetes and Cloud-Native-related projects but I don’t want you to get bored so let’s switch a bit. The goal of the Herald Proximity project is to offer a range of APIs that will let software developers build applications that rely on regular distance proximity calculation and the exchange of data between devices (VMware’s words).

To simplify this pretty barbaric description, the use cases for this project include Situational awareness apps, Communication apps, healthcare applications for patient tracking or vitals monitoring, or it could be used for Safety apps to record an employee’s exposure to hazardous environments. A very topic project during a pandemic.

Pinniped

Pinniped

Back to Cloud Native with Pinniped, a project that provides identity services to Kubernetes. If you’ve worked with the container orchestrating platform, you’ll know that identity management isn’t the most straightforward of things all the while being a critical one that can make or break the environment’s overall security.

The principal purpose of Pinniped is to allow users to access Kubernetes clusters with a unified login experience. Following the same idea as identity sources in vCenter, Pinniped lets you plug in external identity providers into Kubernetes such as Active Directory, OpenLDAP and other OIDC providers.

Avi Kubernetes Operator (AKO)

Avi Kubernetes Operator (AKO)

We talked a little bit about LoadBalancer service types in the Antrea section which offers built-in LoadBalancer but that’s probably not really sustainable in an intense production scenario. AVI Kubernetes Operator is a Kubernetes operator that communicates with the Kubernetes API and the AVI controller (now NSX Advanced Load Balancer). By doing so, creating LoadBalancer services in Kubernetes will integrate with NSX ALB and create service engines that you can then find in the user interface easily.

Salt Project

Salt Project

Salt is a company that was acquired by VMware in 2020. They develop intelligent and event-driven automation software to deploy and configure complex IT systems. It is based on remotely executing commands and is used to manage large infrastructures with thousands of servers.

Container Service Extension

Container Service Extension

Container Service Extension (CSE) is a VMware Cloud Director extension that helps tenants create and work with Kubernetes clusters to achieve on-premise Kubernetes-as-a-Service (KaaS?). CSE works on a client (vcd-cli plugin) – server (VCD api extension) model. Users can then provision Kubernetes clusters in the Cloud director interface like they would a virtual machine.

PowerCLI example scripts

PowerCLI example scripts

This one may appear a bit odd in this list but VMware distributes a selection of sample PowerCLI scripts for everyone to consume and learn from. We find big names from VMware in the contributors list such as Alan Renouf and William Lam. You will find modules for various products as well as a number of random scripts

vCheck

vCheck

What started as a flexible reporting script written by Alan Renouf himself ended up becoming almost a full-fledged product with over 60 contributors bringing plugins to expand the capabilities of the script.

vCheck is a nifty PowerCLI reporting script that will create dashboard and issues alerts based on thresholds in your VMware environment. The great thing is that it was written to allow anyone to propose plugins for it.

Flowgate

Flowgate

Flowgate is a project that helps enterprises consolidate data from various sources like facility and IT systems in order to form a single view of their operations. For instance, it can help with workload placement since it fetches metadata and runtime metrics from various facility (power supply, cooling capacity, temperature/moisture situation) and IT systems and correlates them together in one pane of glass. Imagine moving your workloads off of a server rack when the temperature rises drastically or power fluctuations happen, that would be great for big organizations!

vSphere Integrated Containers

vSphere Integrated Containers

At first, I had mixed feelings about whether I should cover this one since it is officially deprecated in favor of the Tanzu product line. However, I thought it made sense if only to make that statement. vSphere Integrated Container is comprised of a container runtime that allows you to deploy containers alongside virtual machines on vSphere, a vSphere client plugin to offer visibility and deployment capabilities. It also contains a container registry (Harbor) that stores and distributes container images as well as a Containers Management Porta (VMware Admiral) where you can manage the solution more in-depth.

With that said, while you may still see fairly recent commits to the GitHub repo, it has been said several times that the project is deprecated.

Weathervane

Weathervane

Weathervane is a stress-test tool that will benchmark the performances of your on-premise and cloud-based Kubernetes clusters. It achieves that by deploying applications on the cluster and then loading those applications. You can configure it to follow different profiles to fit your own environment such as steady load or varying the number of users to find the breaking point which violates quality-of-service (QoS) requirements.

Pyvmomi

pyvmomi

You may have seen this term here and there in your VI admin career without paying too much attention to it if you never needed it. pyvmomi is a Python Software Development Kit (SDK) for the VMware vSphere API and allows you to manage vSphere and vCenter with it. While most IT admins coming from the Microsoft world are familiar with PowerShell and PowerCLI by extension, those coming from the Linux world will have more experience with Python as a scripting language. Pyvmomi will be a solid addition to their toolbelt should they need to interact and automate tasks in the organization’s VMware environment.

Contour

Contour

In Kubernetes, Ingress service types are a set of rules that define how external traffic is routed to an application inside of a cluster. Contour is a lightweight and opinionated Ingress controller for Kubernetes that works by deploying the Envoy proxy as a reverse proxy and load balancer. It also includes an ingress API (HTTPProxy) implemented via a CRD (Custom Resource Definition). Contour helps running workloads at scale on Kubernetes in a smooth and efficient manner.

Velero

Velero

Like Contour, Velero (formerly known as Heptio Ark) ended up in VMware’s shopping basket after the acquisition of Heptio. This product is an important one since it addresses the problematic of backup and restore of Kubernetes cluster resources as well as persistent volumes. It can run on premise or in public clouds. Velero will allow you to take backups of cluster resources (etcd) and restore in case of loss. Backups, scheduled backups and restores take the form of custom resource definitions (CRD) in Kubernetes.

You can also migrate resources to other clusters and replicate a cluster to a development or testing clusters for instance. Quite a handy feature if you ask me.

Sonobuoy

Sonobuoy

Sonobuoy is a diagnostic and reporting tool aimed at simplifying your understanding of the current state of a Kubernetes cluster. It achieves that through CNCF conformance tests (e2e) running in an accessible and non-destructive manner. It will also simplify workload debugging and custom data collection.

VMware Event Broker Appliance (VEBA)

VMware Event Broker Appliance (VEBA)

A project that was released as a fling with William Lam as one of the main contributors ended up almost being its own product. The VMware Event Broker Appliance (VEBA) is a VMware open-source project that enables customers to create event-driven automation using vCenter Server Events easily. The idea behind the Fling is simple. It brings modern technologies and innovations out of the cloud-native world, like Kubernetes, to help cloud admins build event-driven automation based on vCenter Server events.

This tool should open new doors to VI admins who have been frustrated for many years by the limitations of the vCenter alerts capabilities. A blog on the topic will arrive soon on the VMware dojo.

Cluster API vSphere Provider

Cluster API Provider vSphere

Cluster API is an open-source project that offers an API to extend the capabilities of Kubernetes with CRDs and operators which lets you manage clusters in a declarative way, like you would with pods, deployments, services and so on. It does so by plugging “providers” to it, those are like plugins that know how to interact with cloud providers such as AWS, Azure, Open Stack, vSphere and many others. CAPV is the vSphere provider for Cluster API. Once you initialize a cluster with CAPV (regardless of whether it’s a kind or an actual cluster), you can start deploying kubernetes clusters to your vSphere environment by applying a yaml manifest describing it.

CAPV is a SIG (Special Interest Group) within the Kubernetes project, it isn’t clear whether the project is maintained by VMware themselves but a number of VMware employees are among the main contributors. Regardless, this VMware open source project is already used by Tanzu Kubernetes Grid.

Concourse

Concourse

Concourse is a VMware open-source project that provides CI/CD tool for Cloud Foundry. Concourse is based around the mechanisms of resources, tasks, and jobs to automatically update and patch software, as well as test code, commits before and after a deployment. The product is built around three principles which are expressive, versatile and safe. The learning curve is apparently steeper compared to other CI/CD products but it is supposed to be beneficial in the long run in terms of improving productivity and reducing stress levels, who wouldn’t want that?

Open VM Tools

Open VM Tools

As you know, VMware Tools are essential to efficiently run virtual machines on vSphere for various reasons including memory reclamation mechanisms and virtual hardware drive among other things. Like older versions of Linux distributions, the VMware Tools for Windows workloads are stored on vSphere by default and mounted as an ISO on the VM.

The primary purpose of open source VMware tools is to enable OS/virtual appliance vendors and communities to bundle VMware Tools into their product releases. That way, in later Linux distributions, the open-source VMware tools are already included and there is no need to install them manually.

To protect your VMware environment, Altaro offers the ultimate VMware backup service to secure backup quickly and replicate your virtual machines. We work hard perpetually to give our customers confidence in their backup strategy.

Plus, you can visit our VMware blog to keep up with the latest articles and news on VMware.

Wrap up

The importance and the reach of the open-source community is ever-growing and most big tech companies have teams that contribute like VMware open-source projects. We talked a lot about Kubernetes here as this is a very hot topic but other areas of the IT landscape are also in the list.

While we covered a fair number of VMware open-source projects, this was only part of what is currently being worked on by the various teams as we can’t mention all of them here. Refer to the Github repositories mentioned previously to review them. Such projects mostly come from companies acquired by VMware and anyone can contribute to a project, you can.