VCF 9.0: What’s New in VCF Automation
Exciting times are ahead for cloud infrastructure automation! VMware Cloud Foundation (VCF) 9.0 is here, and it’s set to revolutionize the way we approach private cloud. At the core of VCF 9.0 is VCF Automation, which powers the private cloud self-service experience. This groundbreaking release brings a host of new cloud infrastructure automation capabilities that will help accelerate application innovation, reduce cost, and scale governance and compliance like never before. Let’s dive into three game-changing design innovations for private cloud, waiting at your fingertips.
VCF 9.0: VCF Automation Capabilities
1. Public cloud-like IaaS for private cloud straight out of the box (OOTB)
Modern Cloud Interface
Private Cloud consumers, including developers, DevOps Engineers, and Platform Engineers, rejoice! VCF provides a public cloud-like consumption experience for application teams building applications in a secure private environment with GPUs (AI), Kubernetes, Data Protection, Virtual Private Cloud (VPC) Network Services, coming natively/directly from the underlying vSphere platform via a Modern Cloud Interface.
The Modern Cloud Interface exposes new private cloud services (akin to public cloud) across VCF environments / across vCenters and aggregates them into a common endpoint that can be accessed through a choice of interfaces: UI, CLI, or declarative Kubernetes IaaS API for self-service consumption. VCF Automation abstracts resources across a fleet of VCF environments and provides a centralized / single consumption interface.
Private Cloud Services
VCF Automation: Private Cloud Services available through Modern Cloud Interface
The core cloud services that are available OOTB include: VM, vSphere Kubernetes Service (VKS), Network, Volume, and VM Image. Developers, DevOps, and platform engineering teams can leverage the Modern Cloud Interface to consume anything that is using the Kubernetes IaaS API on the Supervisor, including the VKS Service for deploying Kubernetes clusters and the VM Service that allows you to declaratively define and provision VMs, and more.
Application teams who prefer to use Kubernetes for application orchestration will appreciate the flexibility and adaptability of VCF Automation. They can use a K8s manifest to provision VMs and VKS clusters (as K8s objects), allowing for a more agile and responsive development process. They can also apply Day 2 actions on it (e.g., scale up/down VKS clusters, power on/off VMs, etc.). This level of control instills confidence and ensures a more efficient management process.
VCF Automation: VM Service configurable via UI and K8s Resource YAML
VCF Automation: VKS Service configurable via UI and K8s Resource YAML
Also, while public clouds simply give you a K8s upstream cluster on which you can install your application (EKS, AKS, GKE), VCF goes beyond that.
VMware continues to add new extensible services, private cloud services that extend the VCF platform. Extensible services include: Harbor Image Registry, Contour Kubernetes Ingress Controller, cert-manager Certificate Management, Istio Service Mesh, ExternalDNS, Data Services Manager (DSM) Consumption Operator, Secret Store, etc. The Enterprise IT Admin can add these services on the Supervisor, by activating certified operators or services on the Supervisor, and make the services easily consumable. Application teams can provision / manipulate / mutate those constructs, and for example, create a DSM DB or provision a Postgres DB, etc.
VCF Automation: New Private Cloud Services (public cloud-like IaaS) available OOTB
Blueprinting & Infrastructure as Code
Furthermore, VCF Automation features a blueprinting approach that helps integrate various tasks. A blueprint is a customizable template where you define the VMs, network, storage, and other infrastructure resources for your environment. Platform engineers can utilize the visual design canvas and Infrastructure as Code capabilities to create a cohesive procedure. This may involve provisioning VMs, VKS clusters, and deploying applications on those resources. Engineers can also implement a GPU-enabled AI workstation with RAG capabilities*. The blueprints can be version-controlled and hosted on source repos, such as GitHub, GitLab, or Bitbucket. Additionally, they can be published to a self-service catalog for developers and DevOps engineers to access.
* Requires VMware Private AI Foundation with NVIDIA offering, available separately as a VCF advanced service.
VCF Automation: Blueprinting with Infrastructure as Code
IT teams, empower your application teams to access the infrastructure they need – whenever, wherever, and however they need it, boosting developer productivity and user satisfaction.
2. Isolated Private Clouds for each of your organizations
Tenant Management
Becoming your own cloud provider just got a whole lot simpler. VCF Automation introduces new tenant management capabilities. Through the Provider Portal, Enterprise IT Admins can carve up resources, isolate infrastructure and segment networks with VPCs, creating isolated private clouds for each of your organizations. New multi-tenancy capabilities can help ensure security by preventing unauthorized access or communication between different groups of users or resources.
Sounds sophisticated? Not to worry. With VCF 9.0, VCF Automation has been redesigned to make it easier for VI Admins to jump start and scale a multi-tenant private cloud. The UI is now intent-driven designed around Manage & Govern, Build & Deploy, and Administer. VCF Automation provides a streamlined way to jump start the creation of the environment using a quick start wizard. For example, a VI Admin (the Enterprise IT Admin), who is new to multi-tenancy, can quickly and easily get started setting up Organizations (tenants) just like a Cloud Provider via the quick start wizard. The guided workflows can help VI Admins understand what cloud concepts / governance constructs and configurations are required, enabling VI Admins to evolve into Cloud Admins.
VCF Automation: Manual Setup with Guided Workflows
Following the guided workflow, the Enterprise IT Admin can configure a single Organization for a typical enterprise or multiple Organizations for an enterprise that requires infrastructure isolation. Additionally, they can allocate resources and assign infrastructure quota against each Organization.
Next, the Organization Administrator (Org Admin) responsible for managing an Organization can then create Project(s) through the Organization Portal. Projects can be set up for the different Lines of Business (LOBs) (e.g., BUs, Application teams, etc.) within a specific Organization and managed by the LOB Admins. The Org Admin can also set up their respective Identity Access Management. This allows the Org Admin to logically group multiple LOB users within the Organization, making it easier to apply consistent management policies to groups of LOB users with similar needs, simplifying governance and security controls.
Org Admins create Namespaces (resource envelopes that define resource limits, CPU, memory and storage for workloads), using Namespace Classes (templates). Additionally, the Org Admin selects VPCs (network isolation domains) to create the Namespaces. Each Namespace can be assigned one or more VPCs which can be shared across multiple Namespaces enabling application teams to use common networking, if required.
Project Namespaces enable Org Admins to organize applications and workloads based on business purpose and ownership, making it easier to apply different security postures and operational controls by application/workload and environments.
Once all of the environments are set up, VCF enables Enterprise IT Admins, Org Admins, and LOB Admins to simplify the management and resource consumption of infrastructure resources with new Tenant Operations capabilities.
The Enterprise IT Admin can gain an overview of the entire IT estate through VCF Operations. The Admin can get visibility into all of the Organizations that have been created in VCF, the total infrastructure resource capacity, and the overall cost of the private cloud.
VCF Operations: Cost Overview
The Org Admin can track his/her own specific Organization, Projects, Namespaces, Policies, and Users through the Organization Portal. They can monitor the total utilization of compute, memory, and storage resources. This enhanced visibility into cloud infrastructure consumption with data (operational metrics from VCF Operations), enables more informed decision-making and proactive management of infrastructure resources at the enterprise-level and all the way down to the project-level.
VCF Automation: Organization Portal
Content Management
Managing and sharing standardized content across Organizations and Projects just got a whole lot easier.
Centrally Manage “Content Libraries”
Guess what VI Admins? The days of the pub/sub model and synchronization madness are gone! With the new Content Management capabilities, you (as the Enterprise IT Admin) can centralize content library management in VCF Automation rather than trying to manage content libraries across fleets of vCenters. Easily discover, create, and allocate content libraries directly within VCF, eliminating complexity and simplifying management.
VCF Automation discovers all the content libraries across all the vCenters and can automatically synchronize the content libraries across all the vCenters in the background. In VCF 9.0, you can also create a new content library directly within VCF Automation, add one or more VM images to this library and allocate it to one or more Organizations, as needed. Together, this enables you to allocate existing or new VM images and/or content libraries to one or more organizations. Furthermore, you can leverage the same content library across multiple vCenters for specific Regions, enabling you to scale content management.
Using Content Hub to Manage & Publish Content
Furthermore, VCF 9.0 introduces a Content Hub for Org Admins and LOB Admins to manage content in one location and publish it to the self-service catalog with a single click, streamlining content distribution and management. The Content Hub is used to manage content, such as content libraries, VM Images, blueprints, and orchestrator workflows. Admins can seamlessly organize and maintain these resources in one location, simplifying the process of sharing them across multiple Projects.
This helps increase efficiency and productivity by reducing time-consuming manual tasks and human intervention associated with managing content across different groups of users (i.e., figuring out where things are and who is using what). Org Admins and LOB Admins can efficiently manage and update content, helping to ensure application teams have access to the latest standardized resources that can be independently consumed.
VCF Automation: Content Library Creation
VCF Automation: VM Images managed via Content Hub
3. Frictionless governance with embedded guardrails
Say goodbye to juggling different tools to manage policies. In VCF 9.0, VCF Automation enables Org Admins to build custom policies for IaaS resources, using new YAML-based Policy as Code, in the VCF platform without having to rely on external tools or add-ons. The new IaaS resource policies are based on native Kubernetes Validating Admission Policy, which helps to streamline resource usage by VMs and VKS clusters across Organizations and vSphere Namespaces.
VCF Automation: IaaS Resource Policy
This becomes a powerful feature for Org Admins, especially when the Enterprise IT Admin enables self-service provisioning of VKS clusters in a multi-tenant environment. The Org Admin can programmatically enforce/apply policies at the infrastructure-level consistently across the entire Organization or specific Project(s).
IaaS resource-based policy as code not only scale governance operations, but also helps to reduce the risk of human error and ensure infrastructure resources adhere to organization requirements, improving compliance. Org Admins new to policy as code can leverage new pre-defined policy templates in VCF Automation, available OOTB, to quickly get started on centrally managing resource policies.
VCF Automation: YAML-based Policy as Code
Delivering a Unified Cloud Consumption Experience
These VCF Automation innovations in VCF 9.0 deliver on key value propositions that are crucial for modern enterprises managing VM and container-based workloads, which are expected to rapidly grow as AI adoption increases. The VCF platform offers unparalleled simplicity, allowing you to manage your entire infrastructure as a unified cloud. It provides the agility and scale of public cloud with the security and performance of private cloud. And with its focus on application team-ready capabilities, VCF 9.0 helps your infrastructure become a seamless unified cloud for your application teams to consume, accelerating application innovation.
Note, this is just a taste of what’s new in VCF 9.0 for VCF Automation. Stay tuned for more technical blogs, where we’ll dive into more detail on all of the new and enhanced features.
Jump Start your Private Cloud
With the new VCF Automation capabilities in VCF 9.0, you can jump start and scale a self-service private cloud. VCF Automation enables IT to deliver a unified cloud consumption experience for application teams to build, run, and manage AI, Kubernetes, and VM-based applications.
The future of self-service private cloud is here, and it’s more exciting than ever. VCF Automation in VCF 9.0 is not just an upgrade – it’s a complete reimagining of what’s possible in cloud infrastructure automation. Whether you’re looking to automate a few simple IT tasks, advance your career from VI admin to a cloud admin, empower your developers with rich public cloud-like IaaS services, or become your own cloud provider, VCF 9.0 has something revolutionary to offer.
Ready to experience the next generation of self-service private cloud? The possibilities are endless with VCF 9.0. Dive in and see for yourself how this game-changing release can transform your private cloud strategy and enable a Cloud Operating Model. The future of IT is here. What are you waiting for?
Learn More
- Webinar (July 30, 2025): Unlocking the Power of VMware Cloud Foundation 9: Operate, Secure, and Automate Your Private Cloud ? Register now!
- New HOL: What’s New in VMware Cloud Foundation 9.0 – Automation
- Tenants and Organizations – Management and Administration
- Building Modern Applications
- Deploying Modern Applications
- Solution Brief: Self-Service Private Cloud with VMware Cloud Foundation
- Datasheet: VCF Automation
- Technical Documentation: [VCF 9.0] VCF Automation Release Notes
- Blog: Kubernetes on VCF 9.0: Single Platform to Run Modern Workloads, Simplify Operations, and Elevate Security
- Blog: VMware Cloud Foundation 9.0 – What’s in it for the VCSPs
