Today we are pleased to make GA, VMware Cloud Director (VCD) 10.3, covering three main themes: Networking, Security and Kubernetes capabilities.
Within Networking, we introduce the NSX-T vApp Edge Gateway, completing parity with NSX-V vApp capabilities. vApps are a core feature in VMware Cloud Director and are very useful for grouping together VMs for an application need. Now customers can use vApp and networking services on vApp Edge Gateways backed by NSX-V or NSX-T for services such as Routing, DHCP, Edge Firewall, and NAT.
Networking is also addressed with NSX-T Data Center Group networking makes communication between K8s clusters and VMs within the same org possible. Tanzu Kubernetes clusters support NSX-T Data Center group networking and detection of a Virtual Data Center membership to a Group and automatically updating firewall rules to that Data Center Group to allow access.
Addressing security is a must for Cloud Providers. As we all know, in the last year, there has been significant increase in the amount of distributed data in cloud and remote working. This has expanded the attack surface area for malicious threats which has exponentially increased the reported organizations being attached and needing protection. In fact, customers cite that
Data Protection and Security is the most important challenge with cloud[1]
And Cloud Providers are in a unique position to address this for their customers to help them overcome the security challenge and provide them a security model that works in their environments and hybrid environments. VMware Cloud Director 10.3 delivers NSX-T Distributed Firewall dynamic membership, adding complete automation for Cloud Providers to offer policy driven security to customers. This means customers can define security group membership that is based on VM characteristics, such as VM names and VM tags, making the possibilities endless and enabling the customer to focus on the business and not the security of every workload.
Moving to the next theme surrounding app modernization. The direction for customers workloads is clear, a large volume of customer workloads will remain as virtual machine workloads for good reason, but for new and easier to modernize workloads, these will be primarily developed on cloud instance containers. With 46%[1] of future packaging of customer existing, modernized, and net new workloads expected to run in containers, it is obvious that the Cloud Provider needs to cater for a container-orchestration system for automating application deployment, scaling, and management, the most popular today is Kubernetes.
VMware Cloud Director 10.3 brings complete Tanzu Basic support with Tanzu Kubernetes Grid for vSphere (TKGs). Particularly supporting multi-tenancy automation making tenant isolation possible for Tanzu Kubernetes Grid for vSphere. This cross-tenant network isolation is available using the new NSX-T Data Center Group capabilities, automating NAT and firewall rules for each gateway to control outgoing source traffic and allow only to the supervisor ingress CIDR for the supervisor cluster namespace. This also allows edge gateway traffic from a corresponding virtual data center (VDC) or guest clusters in supervisor namespaces to communicate in the same VDC.
Container Service Extension (CSE) 3.1 is shipped with VMware Cloud Director 10.3 and provides enhanced K8s cluster management from within the upgraded CSE UI with the Kubernetes Clusters UI Plugin 3.0 that comes with VCD 10.3. The rate of adoption and advancements in the Kubernetes world is very dynamic, security concerns and performance issues are updated constantly; With CSE 3.1, users can now upgrade their K8s clusters up to date by upgrading their pre-existing Kubernetes clusters from one version to another directly using the new enhanced UI with little or ZERO downtime; helping users to optimize the performance and security of the applications running on K8s. Providers can even publish the UI to desired tenants to give them complete control to upgrade and share their K8s clusters – a huge step forward in the K8s -aaS journey. Read on more here to know more about CSE 3.1
Also, VCD Tanzu clusters are also supported by the Tanzu Mission Control (SaaS) service, making VMware Cloud Director a perfect on-premises Kubernetes endpoint for hybrid customer environments and requirements.
Lastly VCD 10.3 has introduced some usability improvements making searching and shortcuts easier to use and customize. Keyboard shortcuts are now customizable, stored locally for the user and allowed unlimited combination keys in sequential order. This makes usability for key conscious customers much easier, fitting to their preferences for shortcuts.
In 10.3 the Quick Search & Global Search functions are now combined so that there is broader entity coverage for searching. If you are a provider admin you can now search across all customer organizations and provider objects, for example, external networks and network pools. This will help customers and providers find the items they need faster and more efficiently.
To find out more about how VMware Cloud Director 10.3, please use the following resources: Release notes, Product Documentation. Alternatively have a look at the web page and the 10.3 data sheet and VCD briefing paper.
[1] 451 RESEARCH’S VOICE OF THE ENTERPRISE: CLOUD, HOSTING AND MANAGED SERVICES, WORKLOADS & KEY PROJECTS 2021