Introduction

It hasn’t been that long since I told you about VMware Project Pacific, which was announced at VMworld 2019. The latter, as you probably remember, is one of the VMware Tanzu solutions. Since today a lot of enterprises tend to use VMs and containerized applications in their infrastructures, these solutions were developed specifically to build a platform that enables you to work with both.

However, it’s necessary to remember that VMware Tanzu is a broad portfolio of distinct solutions. For simplicity, let’s narrow it down to three separate areas:

Building Kubernetes clusters (K8s) . These are the products for developers and DevOps teams (Bitnami and Pivotal that have recently been acquired by VMware).

. These are the products for developers and DevOps teams (Bitnami and Pivotal that have recently been acquired by VMware). Running clusters . It’s primarily VMware Project Pacific that we already know of, which transforms VMware vSphere into a Kubernetes native platform and is set to appear in the next vSphere releases.

. It’s primarily VMware Project Pacific that we already know of, which transforms VMware vSphere into a Kubernetes native platform and is set to appear in the next vSphere releases. Managing clusters. Now, the crown jewel of products in this area is Tanzu Mission Control (TMC) that provides lifecycle management for K8s clusters from a single point of control.

TMC provides admins and data center managers with the possibility to create and deploy new apps on the Kubernetes platform, let alone to manage K8s clusters from a single point. That way, say, a developing team just has to request resources via the console, and they’ll be provided quickly and efficiently.

Basically, it appears that TMC’s primary goal is to enable admins to manage Kubernetes clusters regardless of whether they reside in vSphere, already integrated VMware Pivotal Container Service (PKS), OpenShift infrastructures, public clouds, private clouds or any other environment. In this case, VMware is pursuing credibility amidst administrators. It’s quite simple because if they’ll be managing their infrastructures consisting of VMs and containerized apps with one tool successfully, it’s only a matter of time when this management tool becomes as widespread as vSphere.

Another thing to remember is that Kubernetes is still evolving. In other words, users still have to apply different consoles for managing infrastructures in geographically allocated data centers (sometimes it is necessary due to data protection regulations like GDPR). That’s when VMware TMC’s SaaS control plane comes in: it’s able to manage and operate a large number of clusters across different environments and data centers.

What’s available?

TMC provides admins and data center managers with the following options:

Creation and deployment of the provisioned K8s on-premise and cloud clusters.

For example, you can create a cluster in Amazon AWS, select a region, Kubernetes version, and VPC CIDR. You also get to set up a cluster type, whether it would be a development (1 control plane node) or a production cluster (3 control plane nodes, Availability zones).

Possibility to attach every existing K8s cluster to the TMC. You’ll need to install a specific agent and verify the connection.

After the connection is successful, run the kubectl command in the kubectl command window, the Kubernetes command-line tool.

The Cluster Groups option enables you to inherit policies at a group level, rather than having to add policies individually to each cluster.

A group of clusters consists of clusters that can exist across the environments with different teams having access to them. Clusters can be moved between groups of clusters.

Workspaces provides the ability to apply access controls to an application that resides in multiple different namespaces, in different clusters on different clouds. This function is vital for users working across diverse clusters and namespaces.

Tanzu Mission Control functions as an API-driven platform, enabling the developers to operate Kubernetes clusters with Cluster API. It covers all major work processes, such as creating or updating a cluster, as well as authentication and other service tasks.

At VMworld 2019, VMware introduced an overview of all the different clusters (AKS from Azure, GKE from Google, PKS from VMware, and EKS from Amazon) being managed by the Tanzu MC instance in one unified environment. More specifically, it offers a potentially very promising unified management tool to manage different K8s clusters:

If you choose the necessary cloud provider, you can, say, build a new EKS cluster on AWS. Furthermore, you can also add a Cluster Group to enable this cluster to inherit existing policies that are already associated with the group.

Once the cluster is deployed, you can see some basic information (Components, Agent, and Inspection) related to the cluster. On an individual worker node, the details about the K8s (kubelet) version, the container run-time and version, and conditions, such as memory and disk pressure, are also available. All the Pods running on the worker node are listed as well.

TMC provides you with:

List of the attached clusters;

High-level cluster metadata (allocated resources and availability);

List of nodes, namespaces, and workloads of the cluster, also cluster metrics;

List of namespaces and workloads of all clusters;

Cluster components and nodes state;

Health check available on dashboard, which is useful for task monitoring;

Conformant status of the clusters.

With TMC, it’s also possible to run various checks for your environment with consequential reports.

As you have probably gathered by now, Tanzu Mission Control is essentially a SaaS-based solution that can attach to different cloud objects (clusters running on vSphere, public clouds, managed services, OpenShift, or DIY cloud implementations). Also, you can basically attach a VMware Essential PKS cluster to VMware Tanzu Mission Control and use the centralized cluster lifecycle management capabilities, or you can use advanced support services of PKS clusters. In general, TMC can potentially manage thousands of clusters, with multiple users working across different cloud and on-premises environments.

VMware Tanzu Mission Control provides a robust set of capabilities that enables admins to manage their infrastructures efficiently and developers to create clusters according to specified requirements.

VMware Tanzu Mission Control leverages:

Cluster API for Lifecycle Management;

for Lifecycle Management; Velero for backup/recovery;

for backup/recovery; Sonobuoy for configuration control;

for configuration control; Contour for ingress control.

Policies and future

In TMC, security policies are flexible and can be assigned either to separate clusters or groups of clusters, thereby sharing the responsibility between developers.

Today, Tanzu Mission Control is focused primarily on centralized authentication, access control/permissions, and privilege policies, but, in the future, the goal is to extend policies to areas like the image registry, networking, pod security, quotas, etc.

VSAN from StarWind eliminates any need for physical shared storage just by mirroring internal flash and storage resources between hypervisor servers. Furthermore, the solution can be run on the off-the-shelf hardware. Such design allows VSAN from StarWind to not only achieve high performance and efficient hardware utilization but also reduce operational and capital expenses. Learn more about ➡ VSAN from StarWind

Speaking in terms of security, TMC will be able to verify that your clusters are configured and secure, and apply policies so that specific actions are not allowed to happen in the cluster.

Also, there are certain backup/recovery policies in work so that the admins would be able to make sure that workloads and cluster backups are stored consistently and safely.

Tanzu Mission Control will be integrated into other VMware products and services. Furthermore, a direct connection to Wavefront will be supported (Wavefront provides a full diagnostic and full-stack detail as a SaaS-dashboard integrated into major cloud solutions such as Amazon AWS). You can find more information about Tanzu Mission Control here.

Related materials:

Views All Time Views All Time 4 Views Today Views Today 9

Appreciate how useful this article was to you?

5 out of 5, based on 1 review 5 out of 5, based on 1 review

Loading... Loading...