Save to My DOJO
The cloud revolution has brought about many changes in the enterprise. Following the microservices cloud model, many organizations are looking to modernize their business-critical applications to have more agility, scalability, high availability, and ease of deployment. However, manually managing containers and containerized infrastructure can be complex and challenging. Kubernetes helps to solve many of the container management challenges. However, Kubernetes can be challenging to configure and maintain as well.
VMWare Tanzu is a solution that helps to take the complexity out of managing containers and containerized applications using Kubernetes. However, it also includes a rich, robust ecosystem of solutions to extend modern application development. What technologies are associated with app modernization, and what challenges are faced with using containerized workloads? What is VMware Tanzu? How does it help customers realize the end goal of app modernization? Where does it fit in the DevOps cycle? Let’s dive right in!
Businesses today are moving at a rapid pace and need to have the agility to deploy applications more quickly and efficiently. Using modernized infrastructure allows organizations to achieve the agility and capabilities required to meet their current and future business demands and modernize their applications.
When we look back over the past 20 years, there have been several revolutions in enterprise technology. The virtualization revolution certainly was the beginning of this shift in modernizing applications and using more modern and abstracted approaches to solve business problems.
Most recently, the cloud revolution has once again changed how businesses are using technology to solve problems. Using cloud technologies has allowed businesses to accelerate how they build, configure, and deploy infrastructure and applications. It has also enabled building applications effectively using microservices. Legacy monolithic applications are large, complex, and difficult to deploy at scale and with any agility. App modernization often involves breaking these monolithic applications down into microservices architectures that allow much more easily developing applications with the speed and agility needed.
Applications can be deployed and updated much more quickly and with DevOps processes using the microservices approach. Application modernization involves updating older software for newer computing approaches. It includes new languages, frameworks, and modern infrastructure. In addition, it helps businesses to introduce efficiencies into current processes and solutions filled with technical debt.
Why do businesses want or need to modernize their applications?
When applications are modernized, organizations can reap many benefits, including reducing the number of resources required to run a business-critical application, increasing the frequency of deployments, realizing the benefits of continuous integration/development (CICD), and providing better resiliency against failures.
Must of the app modernization process that allows businesses to break down applications into microservices architectures require something smaller and more agile than virtual machines. Modern microservices architectures rely on containers. What are containers?
Containers are a key technology in application modernization. They are a cloud-centric method for packaging, deploying, and operationalizing applications and workloads. Containers are focused on applications and contain all the requirements needed for an application to run. Containerized applications can be moved or deployed on a new container host, and the application is unaffected.
Containers, similar to virtual machines, provide an abstraction layer. Containers are an abstraction at the application layer that combines apps and dependencies. Containers share the OS kernel with other containers, each running as isolated processes in userspace. In addition, multiple containers can run on the same container host. As a result, containers take up less space than VMs. Where virtual machines can take up several gigabytes worth of disk space, container images are typically tens of MBs in size, so they are much leaner than VMs. It means using containers instead of VMs allows running more applications and requires fewer VMs and operating systems.
The difference in the architecture of containers and virtual machines (Image courtesy of Docker)
Docker notes the following points regarding containers:
- A container is a standard unit of software that packages up code and all its dependencies, so the application runs quickly and reliably from one computing environment to another
- They are available for both Linux and Windows-based applications.
- Containerized software will always run the same, regardless of the infrastructure
- Containers isolate software from its environment and ensure that it works uniformly despite differences, for instance, between development and staging
On their own, containers do not have an orchestration engine that “pulls strings” behind the scenes to spin up new containers for scaling up workloads or account for a failed container host. Kubernetes is the orchestration engine that provides the automation behind the scenes that allow businesses to use containers in the way we have been using VMs with vSphere and other hypervisors for years now. In addition, it provides the management and orchestration layer that can manage the underlying container infrastructure so your applications can be resilient to downtime.
If a container fails, it is much more efficient to have an automated system process that can automatically spin up another container and reprovision the application. This exact use case is the “bread and butter” of Kubernetes.
According to the official documentation found on Kubernetes.io:
- Kubernetes is “a portable, extensible, open-source platform for managing containerized workloads and services, that facilitates both declarative configuration and automation.”
What problems does Kubernetes solve?
- It allows applications running on containers to be highly available – You can lose a container host or process without seeing downtime or disruption in your application
- It provides easy elasticity in your infrastructure – Kubernetes can control when new pods are scheduled for new resources and when resources are idle and need to be spun down.
- It provides the backend scheduling of where resources are best suited to run and on which container host(s)
- It allows quickly adding new container hosts to the Kubernetes cluster
- It allows developers to interact with containers via an API interface
Below is a look at the components of Kubernetes architecture.
Kubernetes architecture components (Image courtesy of Kubernetes.io)
For many businesses, re-architecting their applications to use containers provides a robust platform for application modernization. However, containers have their own complexities and natively lack the management and orchestration needed for availability and elasticity required. While Kubernetes solves many of the management challenges, it can be challenging to configure, maintain, and support.
Businesses shifting to modernized applications running on top of containers may find the tooling, configuration, and infrastructure much different from what they are familiar with coming from the world of virtual machines. What if organizations could use their existing virtual machine infrastructure and the management tools and capabilities they are already familiar with to manage their containerized infrastructure, orchestrated by Kubernetes?
What is VMware Tanzu?
At VMworld 2019 US, in August 2019, VMware unveiled a suite of products that helps organizations solve the many challenges of modernizing their applications – VMware Tanzu. To understand what it is exactly we can draw similarities with the VMware vRealize Suite of products. However, it is not a single solution or product, but rather it is multiple products under the name of VMware Tanzu. The solutions contained in VMware Tanzu include the following:
- Tanzu Application Service – VMware Tanzu Application Service is a modern application platform for enterprises that want to continuously deliver and run microservices across clouds, providing runtimes for Java, .NET, and other platforms such as Node apps
- Tanzu Build Service – automates container creation, management, and governance at enterprise scale
- Tanzu Application Catalog – A curated catalogue of production-ready open source software from the Bitnami collection
- Tanzu Data Services – Simplify your migration to the cloud with VMware Tanzu Data Services. It’s a portfolio of on-demand caching, messaging, and database software on VMware Tanzu for development teams building modern applications. It includes GemFire, RabbitMQ, SQL and Greenplum.
- Tanzu Kubernetes Grid – The Enterprise Kubernetes runtime built into vSphere
- Tanzu Mission Control – a centralized management platform for consistently operating and securing your Kubernetes infrastructure and modern applications across teams and clouds
- Tanzu Observability – Monitor everything from full-stack applications to cloud infrastructures with metrics, traces, span logs, and analytics
- Tanzu Service Mesh – Monitor and secure the microservices driving your business across any runtime and any cloud with an enterprise-class service mesh
VMware Tanzu, in short, allows organizations to run Kubernetes-powered containers across cloud environments and even natively in their VMware vSphere environments. Running VMware Tanzu natively in vSphere brings about many benefits to customers. First, it allows much more easily configuring, managing, and operationalizing Kubernetes-powered containers.
Second, it enables existing VMware vSphere customers who use vSphere as the underlying hypervisor in their environment to use the same set of tools and management interface to manage their existing infrastructure compromised of virtual machines modernized applications running on Kubernetes.
As shown by the list of solutions contained under the umbrella of VMware Tanzu, it is more than just Kubernetes. It is the entire package of services and solutions for building, deploying, running, and managing modern applications. The focus is applications and not infrastructure.
How does VMware Tanzu work?
Taking a closer focus on how VMware Tanzu works in a VMware vSphere environment, it is essential to understand, VMware has re-engineered VMware vSphere 7 from the ground up to have the native functionality built into the hypervisor to run Kubernetes. It means there is no “bolt-on” product or third-party solution needed to run Kubernetes in VMware natively.
Formerly known as “Project Pacific,” it uses Kubernetes to change vSphere. It combines the functionality of vSphere by embedding Kubernetes inside the vSphere control plane. Containers now appear in the vSphere client as “first-class citizens,” along with VMs and managed accordingly. VM and container runtimes are converged using vSphere pods. VMware vSphere Native Pods provide many benefits, including being lightweight and secure. VMware touts these can be even faster than bare metal containers due to the efficient way vSphere handles CPU scheduling.
Kubernetes native vSphere platform
With Kubernetes embedded into the control plane of vSphere, it allows container compute, storage, and networking resources to be managed alongside the traditional VM. It provides tremendous benefits from a management and operational standpoint. It means IT operations can manage Kubernetes container objects from the vSphere Client. The native VMware vSphere Native Pods allow all the traditional PowerCLI scripts, third-party tools, and other tools and mechanisms to work with Kubernetes as it does with VMs in VMware vSphere.
VMware implements what is known as a Supervisor cluster that is a special kind of Kubernetes cluster that uses the ESXi host as a worker node. It implements what is called a Spherelet (a special kind of Kubelet) into ESXi. It runs not in a VM but in ESXi itself.
The vSphere Supervisor cluster is a Kubernetes cluster of ESXi
Guest Clusters are created to run general-purpose Kubernetes workloads. The guest clusters run inside virtual machines on the Supervisor Cluster and are a fully upstream compliant Kubernetes distribution which allows full compatibility with existing Kubernetes applications.
The guest cluster control plane in the Supervisor Cluster
Project Pacific is the new architecture in ESXi that brings VMware Tanzu to vSphere and is a component of the much broader VMware Tanzu solution.
What is VMware Tanzu Kubernetes Grid?
Arguably, the central component to the VMware Tanzu solution is VMware Tanzu Kubernetes Grid (TKG). The VMware Tanzu Kubernetes Grid solution is the specialized Kubernetes distribution tested, signed, and supported by VMware. It includes the following supporting components:
- Ingress control
- Logging services
All of the above components are required for production-ready Kubernetes clusters. In addition, it provides organizations with the consistent, upstream-compatible, regional Kubernetes distribution that is ready to host all Kubernetes workloads that can run inside a Kubernetes cluster.
Tanzu Kubernetes Grid can be deployed across both on-premises and cloud environments, including vSphere, Microsoft Azure, and Amazon EC2. Take a look below at the Tanzu Kubernetes Grid instance architecture.
Tanzu Kubernetes Grid architecture (Image courtesy of VMware)
VMware Tanzu Kubernetes Grid Service
Closely related to Tanzu Kubernetes Grid is the Tanzu Kubernetes Grid Service, or TKGS. The Tanzu Kubernetes Grid Service (TKGS) is crucial in the VMware Tanzu portfolio of products. It allows creating and operating Tanzu Kubernetes clusters natively in vSphere with Tanzu. In addition, the service can be invoked using the Kubernetes CLI.
What is vSphere with Tanzu?
In reading about and looking at VMware Tanzu, you may see references to VMware Tanzu and VMware vSphere with Tanzu. What is the difference? When VMware Tanzu was initially released, it required the full modern VMware SDDC stack powered by VMware Cloud Foundation, vSAN, and VMware NSX-T for the software-defined networking component.
However, for most VMware environments, many customers use traditional VMware vSphere implementations without a combination of VMware Cloud Foundation, VMware vSAN, and VMware NSX-T. While VMware notes the full SDDC experience is best consumed with VMware Cloud Foundation, this left out a majority of some 70+ million customers taking advantage of VMware Tanzu.
With the release of VMware vSphere 7.0 Update 1, VMware officially solved this glaring problem for customers. With that release, VMware officially implemented vSphere with Tanzu. What is vSphere with Tanzu, and how can it benefit VMware customers wanting to take advantage of what VMware Tanzu has to offer?
VMware vSphere with Tanzu is the native vSphere offering that allows deploying the VMware Tanzu solution directly into vSphere, without the requirement of having VMware Cloud Foundation, VMware vSAN, or VMware NSX-T networking. In addition, VMware vSphere with Tanzu allows customers to bring their own storage and networking to the VMware Tanzu solution, which lifts many of the restrictions found previously with VMware Tanzu.
The new vSphere with Tanzu offering allows customers to drop in Kubernetes to their vSphere 7.0 Update 1 and higher environments and administer Kubernetes from the same familiar vSphere Client interface. Note the following benefits of vSphere with Tanzu:
- Allows customers to consume enterprise-grade Kubernetes with existing network configurations and block or file storage
- Customers can use the native vSphere Distributed Switch for Kubernetes clusters networking
- Customers can choose a load balancer between either the HAProxy or the NSX Advanced Load Balancer solution
- It allows implementing role-based access to the vSphere-powered Kubernetes cluster in minutes and takes the heavy lifting out of the security configuration
The new vSphere with Tanzu solution is enabled using the Workload Management dashboard found natively in the new vSphere Client UI.
Enabling Workload Management in vSphere with Tanzu
Below is a screenshot of a vSphere with Tanzu environment running a Workspace Cluster along with a traditional virtual machine. It helps to illustrate the seamless nature of managing containerized infrastructure running modern applications and the conventional virtual machines running for the past decade or more.
VI admins, system admins, and others view the entire landscape, including containerized and conventional infrastructure. This single-pane-of-glass interface that most sysadmins are accustomed to can drastically help with adoption, day two operations, and other tasks.
VMware vSphere with Tanzu containers and virtual machines
With vSphere with Tanzu, all the low-level Kubernetes commands can be used to view information about the supervisor cluster, control plane, and guest clusters.
Viewing the provisioning of the Supervisor Cluster control plane
Logging into the vSphere with Tanzu Guest Cluster and viewing pods
VMware Tanzu Editions
With the release of VMware vSphere 7.0 Update 1, VMware also introduced Tanzu Editions. Each of the Tanzu Editions offered provides various features and functionality to meet multiple use cases in the enterprise. However, one of the key considerations made by VMware is to include in all versions several important characteristics shared between them. These include:
- They are open source aligned
- Multi-cloud environments are supported
- DevOps processes are enabled and supported with each offering
So, regardless of the edition of Tanzu, organizations benefit from many of the same cloud, automation, and DevOps capabilities. Let’s take a closer look at the features and capabilities found in each respective Tanzu version.
- Tanzu Basic – The Tanzu Basic offering targets the current VI and System admin currently managing VMware vSphere environments today. With Tanzu Basic, organizations have access to the most affordable and accessible Tanzu solution. In addition, it allows businesses to run containerized off-the-shelf (COTS) workloads with ease, using the familiar VMware vSphere tooling. It allows both containers and VMs to run side-by-side in the environment. With the simple process of installing a license in their existing vSphere 7 environments, customers can start taking advantage of running VMware Tanzu workloads.
- Tanzu Standard – For businesses that have used the off-the-shelf containerized workloads but now need to scale and deploy consistent Kubernetes workloads both on-premises and in the public cloud, Tanzu Standard provides the means to do this with a global control plane to manage them all. It includes a policy engine that provides access management, backups for Kubernetes clusters, and even groups of Kubernetes clusters. Monitoring is also enabled using both Prometheus and Grafana dashboards. It targets the infrastructure lead and cloud architect.
- Tanzu Advanced – The Tanzu Advanced offering provides more of the extended capabilities found in the VMware Tanzu solution. These expanded capabilities include additional DevOps and security features. As a result, the Tanzu Advanced release targets DevOps and Platform Ops teams.
- Tanzu Enterprise – The Tanzu Enterprise edition provides the full features and capabilities found in the Tanzu portfolio. It helps provide the tools and features needed for developers and improves the developer experience and the velocity of the deployment process. Tanzu Enterprise has been described as creating a “superhighway” between developers, IDEs, and production environments.
The different editions of VMware Tanzu provide flexibility for various use cases needed by different environments and business requirements in the enterprise. In addition, each of the Tanzu editions is a superset of the one before it so that customers can start with a particular edition and easily step up to a higher edition if additional capabilities are needed in the future.
Where does it fit in the DevOps Cycle?
VMware Tanzu allows developers to have full access to Kubernetes APIs and consistently create production-ready container images that run on Kubernetes and across clouds in a self-service type manner. In addition, it enables automating source code to container workflows across all development frameworks.
At the same time, it allows VI admins and operations engineers to maintain policies and other role-based access control in the environment so that both teams can operate effectively and efficiently. As a result, it enables maintaining proper security and other controls without impeding development workflows and processes.
Why do I need VMware Tanzu?
As with any technology used to serve business-critical processes, data, and services, a certain amount of complexity is involved. Kubernetes has not been known for being easy to deploy, configure, and manage using manual means. However, it is the defacto standard in the industry for orchestrating and automating container deployments in production.
VMware Tanzu allows organizations to get up and running quickly and easily with Kubernetes-powered containers without the steep learning curve required using manual Kubernetes deployments. It also allows businesses to step into Kubernetes-managed containers in a supported fashion, with VMware support assisting with any deployment, configuration, or management issues. The support aspect is huge, especially for production use, as any downtime can be disastrous.
As mentioned earlier, VMware Tanzu allows businesses to utilize the same familiar tools they are accustomed to using with vSphere and use these same tools to manage their containerized infrastructure. As a result, avoiding the need for new management interfaces, tools, processes, and other solutions can pay tremendous dividends in operationalizing Kubernetes-powered containers.
The vSphere with Tanzu offering allows businesses to use their existing standard vSphere implementations without VMware Cloud Foundation, VMware vSAN, or VMware NSX-T, which means they can simply install a license key and start configuring Workload Management using vSphere with Tanzu.
Businesses looking to modernize their applications stand to benefit from the VMware Tanzu offering as it provides the tools and solutions to configure Kubernetes-orchestrated containerized infrastructure quickly and in a supported way. In addition, VMware has positioned the licensing to make it easy to start with the Tanzu Basic edition and move up if needed.
My Thoughts on VMware Tanzu
Organizations today are accelerating their applications and application development using hybrid and cloud technologies. In addition, those on the path of application modernization find it requires using cloud-native technologies like containers to break monolithic applications into microservices for rapid deployments, upgrades, and feature enhancements.
Containers provide a much smaller footprint than VMs and can often be ephemeral, able to spin up and down as needed. However, containers in themselves have no native way for orchestration and automation. Kubernetes is the industry standard to manage production-ready containerized environments. Both containers and Kubernetes can present a steep learning curve for organizations looking to introduce these manually.
VMware Tanzu is an entire suite of solutions that allows businesses to deploy, configure, and manage Kubernetes using a fully supported Kubernetes distribution produced by VMware. Organizations can run Tanzu Kubernetes Grid solution natively in vSphere, Microsoft Azure, and Amazon AWS. Additionally, with vSphere with Tanzu, businesses can run VMware Tanzu in very traditional vSphere environments, without VMware Cloud Foundation, VMware vSAN, or VMware NSX-T.
VMware Tanzu is a powerful application modernization platform assisting businesses in making the entire digital transformation, allowing them to modernize their applications for cloud-native and hybrid cloud technologies more efficiently.
You can learn more about VMware Tanzu from the official VMware Tanzu site at VMware here.
Not a DOJO Member yet?
Join thousands of other IT pros and receive a weekly roundup email with the latest content & updates!