Authored by Wendy Cartee, Sr. Director of Cloud-Native Marketing

We are excited to announce the release of VMware Photon™ Platform 1.2 today!

Photon Platform is a container-optimized cloud infrastructure solution for deploying and operating cloud-native applications and microservices. It offers highly secure, fully integrated virtual compute, networking, and storage to simplify and secure cloud-native applications. The 1.2 release adds enhancements across Kubernetes, compute, networking, security, and storage to deliver enterprise-ready capabilities needed to deploy and operationalize Kubernetes clusters.

What’s New

Support for Kubernetes 1.6

Photon Platform 1.2 now includes support for the latest release of Kubernetes. Announced during KubeCon Berlin, Kubernetes 1.6 enhances scale and automation to deploy multiple workloads to multiple users on a cluster. The key functions introduced were:

  • Dynamic storage provisioning (moved to stable state)
  • RBAC or role-based access control (started beta)
  • Automation and controlled scheduling enhancements

Simpler Cluster Management

Photon Platform 1.2 simplifies lifecycle management of Kubernetes clusters. Users have the ability to customize cluster sizing via flavors and quotas, enabling sizing up and down without tickets. 1.2 also now supports the ability for users to upgrade Kubernetes with a few clicks and to choose a desired Kubernetes version when spinning up a cluster. This enables a smooth development staging to production pipeline and eases upgrades of Kubernetes clusters.

Static and Dynamic Persistent Volumes

Photon Platform 1.2 is fully integrated with VMware vSAN™ enabling users to leverage VMware’s production-grade virtual storage platform. Users are able to spin up both static and dynamic persistent volumes on the platform, enabling applications running in Kubernetes to maintain state without any additional work for the developer. This support enables high availability (HA) for stateful applications, delivering the resiliency and availability characteristics found in enterprise-class shared storage for cloud-native apps.

Master and Worker Node High Availability

In addition to HA for stateful applications, the 1.2 release also introduces rolling upgrade capabilities for master and worker nodes. Upgrades and downgrades frequently lead to downtime for master and worker nodes. In order to maximize uptime during upgrades and downgrades, we added new automation processes that update the software versions running on Kubernetes master and worker nodes with minimal downtime.

This rolling upgrade process is part of our new multi-master Kubernetes cluster deployment, which leverages a load balancer front-ending the Kubernetes master nodes. This allows for critical Kubernetes components to be upgraded one at a time without impacting users in the process of consuming a Kubernetes cluster.

Pod Networking and Enhancements

With this release, Photon Platform now integrates VMware NSX® and Kubernetes out of the box with pod-level networking for Kubernetes clusters. In beta, this networking function allows developers to have their own segmented distinct virtual networks, offering data isolation and operationalization of containerized applications.

The deeper NSX integration also enables users to leverage additional enhancements such as embedded DHCP services, overlapping IP addresses across subnets, floating IP addresses, and creation of multiple routers in a project. These new networking features allow developers to be specific about the addressing of their workloads, along with the ability to create CI/CD pipelines that deterministically consume a known address space during repeated tests.

AD/LDAP and Security

Photon Platform 1.2 adds several new security enhancements for enterprise environments.

  • Photon Platform now integrates Lightwave 1.2, VMware’s open source active directory and LDAP authentication system providing in-depth role-based access control.
  • The release also provides OpenID Connect (OIDC) for authentication with Kubernetes through the standards-based OIDC protocol. The net result is that Kubernetes API requests are authenticated via a highly-available and scalable authentication cluster and kept secure for enterprises.
  • Project users can now upload images with more control to ensure other projects don’t inadvertently impact their images. For example, a project user can add controls to prevent other project users from accidentally deleting his/her image. When uploading images, project users are able to limit access to those images and control who can use or delete those images.

Quota Based Dynamic Resource Allocation

This release replaces resource tickets with quotas. Quota, unlike resource tickets, can be resized by a system administrator. This simplifies resource management in the cluster. With 1.2, a tenant can now increase or decrease resource allocation by using a quota setting. This provides faster resource allocation and increases the accuracy of resources consumed and available in the cluster.


Photon Platform now publishes an OpenAPI 2.0 API specification for our APIs that is simpler to use and operationalize. New APIs were also added to manage resource quotas on per tenant and project. We are also announcing the availability of a Go SDK that reflects these new API changes which simplify the development of plugins and drivers that enable Photon Platform to be consumed “as code” by DevOps and SRE teams.


Photon Platform 1.2 is available today. Please contact your VMware representative to find out more.

Photon Platform Product Information

For more information about VMware Photon Platform, please check out the Photon Platform product page on VMware website and follow us on @cloudnativeapps.

DockerCon 2017

VMware is a gold sponsor of DockerCon 2017 and we will highlight Photon Platform, VMware vSphere® Integrated Containers™, NSX, vSAN, and many other new demos in our booth. Come by to visit us, meet our developers, and pick up cool giveaways.

VMware, Photon, vSAN, NSX, vSphere, and vSphere Integrated Containers are registered trademarks or trademarks of VMware, Inc. in the United States and other jurisdictions.


Authored by Karthik Narayan, Senior Product Manager, Cloud Native Applications

Today, we are pleased to announce the release of vSphere® Integrated Containers™ 1.1!

vSphere Integrated Containers was released as part of vSphere 6.5, and the new 1.1 release delivers significant user experience improvements, including a new user interface (UI).

What is vSphere Integrated Containers?

vSphere Integrated Containers is designed to solve many of the challenges associated with developing and running containerized applications in enterprise environments. It directly uses the clustering, dynamic scheduling, and virtualized infrastructure of vSphere to create Virtual Container Hosts – providing significant security and operational benefits as compared to standard container hosts.

With vSphere Integrated Containers, developers can use the Docker Client and API to quickly and easily develop and run containerized applications on vSphere while VI admins can benefit from the security, visibility, and operational efficiency normally associated with VMs. vSphere Integrated Containers allows containerized applications to run alongside VM-based applications, leveraging the same resources and tooling. Minimally requiring just vSphere to begin running containers, vSphere Integrated Containers can also leverage the advanced functionality of VMware NSX® for container networking and security as well as VMware vSAN™ to extend its persistent storage capabilities to containers.

 vSphere Integrated Containers Architecture
vSphere Integrated Containers Architecture

What’s New

Unified UI for Developers and DevOps

The primary users of the vSphere Integrated Containers management portal and registry are developers, cloud admins, and DevOps team members. To improve their user experience, we have unified the user interfaces of both these components. Designed using VMware’s open source design system, Project Clarity, customers will be able to access advanced functionality with a more efficient and intuitive user experience.

The management portal provides automated deployment and lifecycle management of containers along with enterprise grade security and identity management. It includes the following key attributes:

  • Application and container lifecycle management – Provision, monitor and manage applications that comprise one or more container images.
  • Container infrastructure management – Cloud administrators and DevOps teams can monitor and manage the infrastructure including compute resources, networks and volumes within the bounds defined by the vSphere administrator.
  • Efficient multi-container template management – Define, build and manage multi-container application templates to stand up complex applications quickly.
  • Live state updates – Get live information on the performance and resource consumption of your applications.

The management portal is also available as a component of VMware’s industry leading VMware vRealize® Suite Cloud Management Platform, providing seamless management, orchestration and operations for both traditional and modern application environments.

Unified Management and Registry Portal
Unified Management and Registry Portal

The registry stores and distributes Docker images behind the company’s firewall. It extends the open source Docker Distribution by adding the functionalities usually required by an enterprise, such as security, identity and management. In addition, the registry includes the following key attributes:

  • Role Based Access Control (RBAC) – Users and Docker repositories are organized via “projects”. A user can have different permission for images under a namespace.
  • Image replication – Images can be replicated (synchronized) between multiple registry instances for load balancing, high availability, hybrid and multi-cloud scenarios.
  • Active Directory/Lightweight Directory Access Protocol (AD/LDAP) – Integrates with existing enterprise AD/LDAP for user authentication and management.
  • Auditing – All the operations to the repositories are tracked to assist with auditing.
Service Registry
Service Registry

Updated Installer

The 1.1 release provides an updated installer which packages all the components of vSphere Integrated Containers into a single OVA. This allows the vSphere administrators to easily deploy, maintain, and upgrade all aspects of the deployment. The new installer also provides a simple upgrade path for customers who deployed vSphere Integrated Containers 1.0. In addition to the management portal and the registry, a file server hosts the vic-machine binary and the vSphere plugins.

OVA Installer
OVA Installer

vSphere 6.5 HTML5 Integration

With the 1.1 release, the vSphere Integrated Containers UI plugin works with the HTML5 based vSphere UI. Once installed, the vSphere UI will feature a section dedicated to vSphere Integrated Containers. In addition, the VI administrators will find two new HTML5 portlets – one that displays information about the Virtual Container Host and another that displays information about the Container-VM.

HTML5 User Interface
HTML5 User Interface


For a demo of vSphere Integrated Containers, please click here.


vSphere Integrated Containers is available with vSphere 6.0 and 6.5, Enterprise Plus edition. You can download it on Please contact your VMware representative if you would like to schedule a technical deep dive session.

Product Information

For more information about Sphere Integrated Containers, please check out the vSphere product page on VMware website and follow us on @cloudnativeapps.

DockerCon 2017

VMware is a gold sponsor of DockerCon 2017 and we will highlight vSphere Integrated Containers, NSX, vSAN, VMware Photon™ Platform, and many other container solutions in our booth. Come by booth G9 to visit us, meet our developers, and pick up cool giveaways. We will also present a session on self-service provisioning of Docker Datacenter on vSphere. Come see us!

VMware, vSphere, vSphere Integrated Containers, NSX, vSAN, vRealize, and Photon are registered trademarks or trademarks of VMware, Inc. in the United States and other jurisdictions.


Authored by Wendy Cartee, Sr. Director of Product Marketing for Cloud Native Applications

Many books and papers have been written on DX or digital transformation with the promise of faster, and more agile business models leveraging technologies such as cloud, artificial intelligence, augmented and virtual reality, robotics, drones, IoT, mobile, and deep learning/machine learning algorithms. While the possibilities are immense and exciting, the key challenge for enterprises to achieve digital transformation is not technology, but gaining the expertise needed to build and operationalize the technologies. While there are countless reports with many organizations recognizing the skills shortage, that gap is only widening over time and proper training and certification remained elusive until now.

To address the gap, the Cloud Foundry Foundation announced the launch of the world’s largest cloud-native developer certification program this week. The “Cloud Foundry Certified Developer” program is designed to train developers and update their skills across cloud, application development and deployment. This program is open to all and will be delivered with the Linux Foundation, which has trained and certified more developers on open source software than any organization in the world.

The training program includes the following:

  • A free introductory course offered via the edX platform.
  • A self-paced eLearning Cloud Foundry Developer course.
  • A training partner program which includes licensed materials for in-person Cloud Foundry developer classes, offered by member companies
  • “Cloud Foundry Certified Developer” Certification, awarded to individuals who pass a performance-based exam.

Since Cloud Foundry Foundation was established in 2015, companies from all over the world have adopted its open source cloud platform to drive faster business agility and innovation. The Cloud Foundry community has built a platform that helps developers innovate faster and simplify production deployments of modern applications.

Adoption of Cloud Foundry is growing rapidly worldwide across all industries.  Customer examples include Volkswagen Group, who is on a quest for the connected car of the future, Fidelity with more than 45 applications running on its Cloud Foundry-based platform, and Rakuten, a Japanese ecommerce and Internet company, who has been running Cloud Foundry in production for five years on over 5,000 virtual servers.

Innovation in the Cloud Foundry community continues to expand. The community has built key projects such as BOSH that changed the game for enterprises. Recent projects such as the extension of Cloud Foundry Service Broker API to Kubernetes help enterprises provide the developer-ready platform needed to fuel their digital transformation. The strength of the Cloud Foundry platform is driving the creation of a very healthy partner ecosystem and now with Cloud Foundry Certified Developer program, more partners and developers will have access to much needed training.

For more information on Cloud Foundry Certified Developer program, please visit







Authored by Paul Fazzone, General Manager, Cloud Native Applications

Microservices architectures represent the single biggest change in application development and operations practices in the last 20 years. In a nutshell, microservices are small, discrete application components linked together through lightweight, well-defined APIs. These application components, which are each independently deployable, are linked together in various ways to create modern applications. A major advantage to this application architecture allows for the discrete components to be updated independently from the others, enabling developers to efficiently deliver new features and fix issues with existing ones. The business value of this approach is clear – companies can get new products and services to their customers with phenomenal speed and efficiency.

Amongst our customers, the excitement to understand, experiment with and adopt microservices architectures is palpable. With hundreds of incredible new open source projects and venture backed startups creating awareness of and products around modern application development, it is easy to see why. But most of these projects and startups are facing the same challenge – how do they address IT integration and day 2 operations for enterprise organizations wanting to adopt their products? This is by far the number 1 challenge I hear about from customers considering how to move to a microservices application architecture. In fact, I recently had a Fortune 50 financial customer tell me they have more than 20 proof of concept projects around their company evaluating different platform, container, function as-a-service offering….most of them are stuck on security, networking and day 2 requirements like visibility, compliance, tenant isolation and availability.  These capabilities are key tenets of VMware products, so I was excited to read about the work Google and Pivotal have done to address some of these issues and make Kubernetes on BOSH (KuBo) a better deployment and operational experience for enterprise customers.

With KuBo (check it out on GitHub), high availability is built-in by default. BOSH provides high availability for Kubernetes masters and ETCD within the Kubernetes clusters. Lifecycle management of the Kubernetes cluster and its underlying VMs is completely automated. Deployment, repairs and upgrades are easy. Best of all, enterprises gain operational efficiencies with PCF and Kubo because they both use BOSH as a common deployment tool to efficiently and securely application development.

VMware have been working closely with Pivotal to deliver tight integration between Pivotal Cloud Foundry (PCF) and VMware NSX (to help address a couple of those pesky enterprise IT challenges). This integration provides advanced network and security services to PCF Application Instances. More importantly, it enables customers to realize a single, seamless network and security model across all of their applications. Because the integration was done through BOSH, KuBo will also benefit from NSX support, so customers can take advantage of PCF and Kubernetes side by side, backed by the world’s leading cloud native network and security solution. Cool stuff that solves real customer business and technology challenges.

VMware is all about building, delivering & supporting production-ready, easy to use, enterprise infrastructure solutions to support our customer’s business objectives. Looking forward, customers can expect deeper integration between Pivotal and VMware products that deliver exceptional business value while addressing key technical challenges at the intersection of application architecture and infrastructure solutions.

VMware is committed to the key open source cloud native community projects (Cloud Foundry, Kubernetes, Lightwave to name a few) that sit at this intersection and we are excited to get involved with and contribute to the KuBo project. We believe firmly that our customer’s future is  multi-cloud and are working hard to build, partner and contribute to deliver production ready enterprise solutions to realize a microservices architecture for their applications. Our goal is simple – continue to be the best place for our customers to build and run their business applications in production.


Authored by Wendy Cartee, Sr. Director of Product Marketing for Cloud Native

Today, VMware increased our support for the Linux Foundation from Silver to Gold member. Becoming a Gold member is a significant milestone for any company, and I’m proud to be part of this deepened commitment for the Linux community and all the projects that Linux Foundation has enabled over the years. With the advent of cloud, mobility, SDN, IoT, the Linux Foundation has played a critical role in bringing together developers, researchers, companies, organizations to drive open discussions, innovations, and development that are shaping not only technology but economies, policies, and lives.

As part of the Linux Foundation, VMware has supported many projects such as Cloud Foundry, Cloud-Native Computing Foundation, Open Container Initiative, OPNFV, and Open Network Automation Project. We were also instrumental in creating Linux Foundation collaborative projects such as OVS and the IO Visor Project with thriving developer communities. In addition to the Linux Foundation, VMware participates and leads in many open source projects such as OpenStack. We are constantly growing our practice, exploring new projects, and finding new ways to engage the open source communities.

I am inspired by our open source commitment and the many ways VMware is contributing. As a member of the Cloud-Native team at VMware, we are actively working on open sourcing many of our best projects and engaging with the community through developer channels and events such conferences, workshops, and meetups.

As a quick summary of some of open source projects specifically for cloud-native environments, here are a few key projects available on the VMware GitHub today that I would like to highlight:

Photon OS

Photon OS is a minimal Linux container host, optimized to run on VMware and 3rd party cloud platforms. Photon OS is compatible with container runtimes such as Docker and container scheduling framework, Kubernetes. It contains a yum-compatible package manager that makes the system as small as possible while preserving robust yum package management capabilities. Photon OS supports vSphere installations and is offered in different pre-packaged binary formats available in ISO, OVA, Amazon AMI, and Google GCE images.

Photon Controller

Photon Controller is a distributed, multi-tenant host controller optimized for containers. The Photon Controller delivers an API-driven developer experience by exposing RESTful APIs, SDKs, and CLI tooling to automate infrastructure resources easily. It is custom-built for massive scale and speed with support for open container orchestration frameworks such as Kubernetes, Docker Swarm, Mesos, and Pivotal Cloud Foundry as well virtualized environments allowing the creating of 1000s of new VM-isolated workloads per minute.

Project Harbor

Project Harbor is an enterprise-class registry server with advanced security, identity, role based access control, auditing, and management services for Docker images. With Harbor, enterprises can deploy a private registry, keeping their data compliant behind the company firewall. In addition, Harbor supports AD/LDAP integration and the setup of multiple registries and has images replicated between them for high availability.  Harbor is localized in Chinese, English, German, Japanese, and Russian today.

Project Lightwave

Project Lightwave offers an enterprise-grade, identity and access management services such as single sign-on, authentication, authorization and certificate authority, as well as certificate key management for container workloads that need security, governance, and compliance challenges for.  Project Lightwave is designed for environments that need multi-tenant, multi-master, highly scalable LDAP v3 directory service.  It includes directory-integrated certificate authority and store that help to simplify certificate-based operations and key management across the infrastructure. Lightwave authentication services support Kerberos, OAuth 2.0/OpenID Connect, SAML and WSTrust which enable interoperability with other standards-based technologies in the data center.

Project Admiral

Project Admiral is a container management platform providing automated deployment and life cycle management of container-based applications for developers and cloud ops teams. It manages Docker hosts, policies, multi-container templates, and applications to simplify and automate resource utilization and application delivery. Developers can use Docker Compose, Admiral Templates or Admiral UI to compose their app and deploy it using Admiral provisioning and orchestration engine. For cloud administrators, they can manage container host infrastructure and apply governance to its usage, including grouping of resources, policy based placements, quotas and reservations and elastic placement zones.

vSphere Integrated Container Engine

vSphere Integrated Containers Engine (VIC Engine) is a container runtime for vSphere, allowing developers familiar with Docker to develop in containers and deploy them alongside VM-based workloads on vSphere clusters. It provides a production-grade environment for these workloads to be managed through the vSphere UI and leverage existing processes to operationalize container apps quickly.  The VIC Engine provides lifecycle operations, vCenter support, logs, basic client authentication, volume and basic networking support. For more information, please see VIC Engine Architecture for an overview.

Our contributions and participation in the Linux and open source communities are growing. You will find us at many open source events around the world, including KubeCon Berlin March 29-30th, DockerCon Austin April 17-20th, and Cloud Foundry Summit Silicon Valley June 13-15th.  If you are interested in meeting to find out more about VMware cloud-native, please send me a tweet at @Wendy_Cartee. I look forward to meeting you at many of the upcoming open source conferences!


Authored by James Zabala, Principal Architect and Product Lead for Photon Platform

Today we’re excited to announce the release of Photon Platform v1.1! This is our fourth major release in 2016 and marks a major milestone in our concerted effort to build a true container-focused cloud platform. Download the bits on Github.

Photon Platform is an Enterprise Cloud Infrastructure Platform purpose-built for cloud-native applications. It enables IT to deliver on-demand tools and services developers need to build and run modern applications while retaining security, control and performance of the datacenter.

Photon Platform was originally announced at VMworld in 2015 and, in the spirit of VMware’s cloud-native initiatives, subsequently open sourced on November 16th, 2015. In that time we’ve made thousands of commits and written hundreds of thousands of lines of code.  Today, the v1.1 release brings an impressive list of new features, including networking and storage features powered by NSX and VSAN technologies, and our first release of Kubernetes as a Service on Photon Platform. Development teams can now rapidly build Kubernetes clusters on demand to accelerate application development. Likewise Photon Platform provides a rich HTML5 user interface for management of the overall infrastructure and robust multi-tenant functionality.

kubernetes-500-pod-app tenantresourcedashboard

You can read more about our philosophy in building Photon Platform in Jared Rosoff’s post about our VMworld Barcelona announcement.

Perhaps most exciting are some of the features coming down the pipe which I’ll share in the coming weeks as our version planning wraps up.

If you are inclined to help improve Photon Controller, whether by writing documentation or code, feel free to ping us on GitHub — we love collaborating!


VMware Hands-On Lab (HOL) by Dave Rollins

Today we are releasing the reaming network and Cloud Native Apps labs in 2017 Hands-on Labs catalog.  While we have already released the HOL-1703 and HOL-1725 series of NSX based content, today’s labs focus on VMware Integrated OpenStack and Partner solutions from Check Point and Trend Micro.


These also contain our first vertical solutions for Healthcare and the Teclo industry.  HOL-1741-USE-1 shows a use case on how Horizon, NSX and Trend Micro can help secure and protect the healthcare environment, but in practice, these solutions can be applied to any industry.

The VMware Network Functions Virtualization lab (HOL-1786-HBD-1) covers how communication service providers can virtualize network service functions to reduce CapEx and OpEx, while improving service agility.


As an added bonus, we are releasing the much anticipated Cloud Native Apps labs today.  These where slated to be released later this week, but with the announcement at VMworld Europe of updates to the Photon Platform, we have received a number of requests for their release!  Along with the Photon Platform lab, we are also releasing the vSphere Integrated Containers lab.

Here are the links to the labs we have for you today.  You can click on the Lab SKU link to be taken directly to the lab entry and start taking the lab.  Also, you can download any of the lab manuals from the Hands-on Labs Document site.

HOL-1720-SDC-1 VMware Integrated OpenStack (VIO) with vSphere and NSX HOL-SDC-1620
HOL-1724-SDC-1 Advanced SDDC Security with Check Point vSEC and NSX N/A
HOL-1730-USE-1 vSphere Integrated Containers HOL-SDC-1630
HOL-1730-USE-2 Cloud Native Apps With Photon Platform HOL-SDC-1630
HOL-1741-USE-1 Horizon and NSX/Trend Micro: Use Cases to Secure and Protect Healthcare HOL-MBL-1661
HOL-1786-USE-1 vCloud Network Functions Virtualization N/A

If you attended VMworld, you may have noticed some Hands-on Labs staff wearing the Yellow (banana) shirts.  They were focused on assisting attendees with NSX and networking questions and are also affectionately known as “Tina’s Minions”!  Hi Keith!



Authored by Jared Rosoff, Chief Technologist Cloud-Native Applications

Over the past few years our customers have been asking us how they can get the developer productivity and agility of the public cloud, but with the cost, security, and control of their private data center. Photon Platform, which we are announcing today at VMworld Barcelona, delivers on this promise. In this article we’ll dig into the background of why we built Photon Platform and how it delivers on this new need for cloud native workloads.

The need for developer services

As much as the public cloud heralded in a new cost model, shifting from capex to opex, the bigger change is actually in the way we construct software. Public cloud is as much a programming model as it is a cost model.

Developers today demand on-demand, API-drive access to the tools and services they need to write software. Teams are embracing devops toolchains, leveraging things like Chef, Puppet and Terraform to describe and automate deployments. These environments are highly dynamic, often getting provisioned, used, and then torn down over the course of an hour.

Developers are taking new levels of responsibility for the operation of their software. No longer do they push builds over a wall to an operations team. Instead they are responsible both for writing the software and for maintaining the running instances of the software. This means they need direct access to monitoring, management, and diagnostic tools that previously only the IT operations teams used.

The need for private cloud

Public cloud has defined and delivered this new developer experience. But for many organizations, there is a need to achieve this same operating model in their own data center.

For large applications, the cost of renting vs. buying makes the public cloud a poor option. Shifting from capex to opex is great when you have rapidly changing costs or lack predictability in your workloads. But when applications reach maturity and have predictable growth, continuing to pay the tax to rent your hardware gets expensive.

Many organizations have strict security and regulatory requirements that make public cloud prohibited. There are often strict controls on the location of data in order to comply with data sovereignty laws. Sometimes you need to build applications that interoperate with existing systems already in your data center. For these workloads, the latency of crossing from public cloud to your own data center makes this architecture infeasible.

Problems faced with private cloud

As we talked to more and more customers that were making this journey to deliver a public cloud experience in their private data center, several things became very apparent:

  1. vSphere is a different thing. It’s operational model is focused on enabling IT to directly manage workloads and infrastructure, rather than provide a set of service to developers.
  2. Other options are immature, complex, or incomplete. Whether looking at the open-source OpenStack ecosystem, or newer bare-metal container based solutions, IT professionals struggle to get these systems up and running and to keep them running. When they do, they often lack the features, flexibility and security needed to power mission critical enterprise workloads.

We need a new way.

Photon platform

Photon Platform is an Enterprise Cloud Infrastructure Platform which enables IT to deliver on-demand tools and services developers need to build and run modern applications while retaining security, control and performance of the datacenter. Purpose-built for cloud native applications with natively-integrated enterprise container infrastructure support, Photon Platform brings the scale, performance and features previously accessible only to hyper-scale web companies into the customer’s own datacenter. It leverages the industry leading hypervisor, networking, and storage technologies to bring the best-in-class performance, reliability and ease-of-use to cloud native workloads.



Kubernetes as a Service

Photon Platform enables you to deliver Kubernetes as a Service to multiple tenants from a single shared pool of hardware. Each tenant gets access to API, CLI and GUI tools which allow them to provision dedicated Kubernetes clusters on the fly. Users get a dedicated kubernetes cluster with strong isolation from other tenants. Photon Platform automates the provisioning and high availability of these clusters, automatically replacing failed nodes with no human intervention.

Infrastructure as a Service

Photon Platform delivers core IaaS capabilities including VMs, Networks, and Persistent Disks on-demand to developers. Resources are provisioned quickly and reliably, supporting the needs of devops tools that programmatically allocate resources at scale.

Modern Developer Experience

Photon Platform exposes services to developers through REST API, CLI or HTML5 based GUI. This makes it easy to integrate Photon Platform’s capabilities into developer tools and workflows including CI/CD, deployment automation, or configuration management tools.

Scale-out architecture

Photon Platform uses a unique scale-out, multi-master control plane. Photon controller implements a quorum based consensus model that ensures that as long as >50% of controller nodes are available, the control plane still operates with full capabilities. A standard deployment is 3x Photon Controller nodes, but you may deploy more nodes to increase the capacity of the control plane or to enable more sophisticated high availability models. Control plane data and and processing is spread across photon controller nodes. Photon controller has no external dependencies; you don’t need to run any databases, message queues, or other systems to keep the control plane running.


We’re very excited to introduce Photon Platform to the VMware family of products. We believe this new architecture enables modern IT organizations to deliver a best-in-class developer experience to their development teams with the cost, security and control advantages of the private cloud.

To learn more about Photon Platform, check the product page at


Authored by Emad Benjamin, Principal Architect, Global Services Advanced Architecture

The room for this session was packed in Las Vegas, and boy did people come armed with their questions. It was great to see attendees for multiple companies who are paying attention to the Cloud Native Apps (CNA) space.  Now, we promised that what was discussed in Vegas would stay in Vegas, but if we can offer a glimpse for our European attendees, then we are sure you would appreciate this minor break away from tradition.

Speaking of breaking away from tradition, well “Hello, CNA!” – What a way to begin the session as to just what is CNA, how does one distinguish a cloud native app from a monolithic one. But wait a minute!? What is monolithic, draw it for me please!?  And this is how the conversation began; we defined what we see as being a monolithic app as opposed to highly scaled out micro-services like architecture often found in CNA.  It is all great flexibility offered on Day-1 and we talked about the benefits, but what happens on Day-2 (security, manageability, scalability) – well we discussed the answers to that too, and won’t spoil the surprise, but suffice to say that if you come to the session we will do our best to answer any and all questions about this, IMHO a rapidly forming new and highly opinionated space.  Come join us and listen to a few of our technical services experts as to how their customers are tackling CNA.


But wait…you didn’t think that was it…here read more…

In this group discussion we will have an interactive session on what is cloud native, what scale it addresses, who are some of the adopters, and which direction this trend is forcing the market over the next few years.  It is an opportunity for you to ask the simplest of questions to the most complex ones, sometimes a simple question as “what is cloud native” can quickly turn into a complicated answer, and hence is the opportunity to discuss the wide variety of opinion that surrounds this.

In this talk we will highlight the elements of this rapidly moving phenomenon through our industry, a phenomenon of building platforms, not just business logic software but infrastructure as software. We humbly believe that the drive towards these platform solutions is due to the following fact: approximately half of new applications fail to meet their performance objectives, and almost all of these have 2.x more cloud capacity provisioned than what is actually needed. As developers/DevOps engineers we live with this fact every day, always chasing performance and feasible scalability, but never actually cementing it into a scientific equation where it is predictable, but rather it has always been trial based, and heavily prone to error. As a result we find ourselves delving with some interesting platforming patterns of this decade, and unfortunately we are lead to believe that such patterns as microservices, 3rd platforms, cloud native, and 12factor are mainly a change in coding patterns.  However, contrary to this popular belief, these patterns represent a major change in “deployment” approach, a change in how we deploy and structure code artifacts within applications runtimes, and how those application runtimes can leverage the underlying cloud capacity. These patterns are not code design patterns, but rather platform engineering patterns, with a drive to using APIs/Software to define application platform policies to manage scalability, availability and performance in a predictable manner.



Authored by Mark Peek, Principal Engineer, Cloud-Native Applications

Technologies such as PaaS and containers are making developers increasingly more efficient at delivering their code into production. The tooling around continuous integration and continuous deployment is reducing the time it takes to safely push code through the delivery pipeline. Earlier this year we announced the Pivotal-VMware Cloud Native Stack which delivered the power of the Pivotal Cloud Foundry on top of Photon Platform. And at VMworld US 2016 we hinted about more to come on top of Photon Platform.


Next week at VMworld Europe 2016 in Barcelona, Jared Rosoff (CTO, Cloud Native Applications) will be delivering a spotlight session on Delivering Containers as a Service with Photon Platform [CNA12273]. In this session he will talk about how containers are becoming increasingly popular as a way to deliver software from development out into production. Kuberenetes integration with Photon Platform can address the challenges to running an enterprise container infrastructure. Jared will discuss the capabilities such as self-service Kubernetes clusters on demand, multi-tenant operation, and much more. Come join us in Barcelona to hear about our Photon Platform offerings.