Load Balancing

Avi Innovations for VCF 9.1: Powering Kubernetes, Agentic AI and VPC Workloads

The market landscape is fundamentally shifting now, making AI-ready private cloud infrastructure and robust Kubernetes adoption mandatory. Avi provides the critical foundation to meet the surging demand from agentic AI workloads, delivering an integrated cloud experience by simplifying operations and speeding up consumption.

Legacy hardware load balancers can’t deliver at the speed of Kubernetes and AI due to their rigid architecture. Customers struggle with the complexity and time required to get the application delivery (load balancing) infrastructure ready for VMware Cloud Foundation (VCF) private cloud, resulting in slow deployment and consumption, coupled with delayed time-to-value for new services and applications. To meet the demands for elasticity, high-performance, and specialized protocol support required by emerging Kubernetes and AI workloads, a software-defined load balancing architecture is essential.

Here is a quick glance at the new capabilities and key customer benefits:

  • Zero-Touch Kubernetes Ingress: vSphere Kubernetes Service (VKS) automatically instantiates Avi Operator for ingress LBaaS and at the speed of Kubernetes. Avi Conversion Tool automates migration from Ingress NGINX to Avi.
  • Plug-and-Play Load Balancing for Agentic AI: supports Model Context Protocol (MCP) with visibility, JSON Web Token (JWT) authentication and session persistence, enabling resiliency and security for AI workloads.
  • Self-Service App Delivery with VCF Automation: offers tenant-level self-service config and app analytics for rapid troubleshooting to improve consumption through DevOps delegated workflows.
  • Improved Efficiency for Multi-tenancy: optimizes resource utilization by sharing Avi load balancers across tenants with Virtual Private Clouds (VPCs) support and enabling flexible provider-centric deployment models with Distributed Transit Gateway (DTGW).
  • Accelerated Avi Deployment with VCF Operations: delivers fully automated lifecycle management to streamline Day 0-2 operations at scale, including built-in network placement.

Zero-Touch Ingress with Kubernetes Enhancements

The native integration with VCF completely removes the manual overhead typically associated with standing up container networking, translating Kubernetes intent, and streamlining the deployment process. All of these are enabling teams to focus on application delivery rather than infrastructure complexity. The key improvements focus on:

  • Faster Deployment of Kubernetes Apps: Automatic instantiation of the Avi Kubernetes Operator (AKO) within the VKS. When a new VKS cluster is provisioned, the AKO is automatically installed and configured to communicate with the Avi Controller, without the need for manual methods like Helm charts. This out-of-the-box readiness ensures that robust load balancing and ingress services are immediately operational, drastically reducing the time-to-service and simplifying the deployment of modern applications on VCF.
  • DevOps Experience Simplified: Native Custom Resource Definitions (CRDs) and Gateway API support allow developers to configure advanced Layer 7 settings using familiar YAML/kubectl commands through Avi CRDs like HealthMonitor and AppProfile. This native integration simplifies and accelerates application delivery by enabling developers to configure Avi load balancing and secure communications with web application firewall (WAF) and mutual TLS (mTLS) directly within their Kubernetes workflows.
  • Seamless Migration from Legacy Ingress to Avi: With Ingress NGINX reaching End of Life (EOL), migrating to a supported architecture is now a critical priority. For teams needing to modernize quickly, the Avi Conversion Tool (ACT) automates the migration process to Avi, ensuring a smooth and secure transition to modern ingress services (read our blog). 

Plug and Play Load Balancing for Agentic AI Workloads

To scale and secure VCF Production AI infrastructure, Avi delivers plug-and-play load balancing specifically designed for the unique demands of agentic AI.

  • Unified Visibility: Just like traditional workloads, AI workload traffic benefits from the native Avi Analytics for VCF. Avi brings context-aware visibility to AI applications by providing MCP logs and audit trails, ensuring a single, consistent application delivery and security extended from VMs and containers to agentic AI. 
  • MCP Authentication: Security is enforced through JWT authentication, which provides differentiated, role-based access (RBAC) to MCP tools. This mitigates the risk of unauthorized actions.
  • AI Readiness with Session Persistence: Avi provides MCP session persistence, which ensures that a client’s connection persists across multiple MCP servers which is a critical requirement for the agentic AI communication.

Self-Service Application Delivery and Visibility with VCF Automation 

Avi integration with VCF fundamentally transforms load balancing from a traditional, complex, ticket-based IT task into an agile, self-service, code-driven capability. This shift empowers developers and application teams to directly provision and manage services via service catalogs and Infrastructure as Code (IaC), reducing bottlenecks and accelerating the software development.

  • Self-Service Application Delivery:The VCF integration introduces a cloud-like consumption model for load balancing, enabling greater agility and operational efficiency through two distinct approaches:
    • DevOps-Delegated Workflows: Empower development teams with controlled self-service capabilities by leveraging the VCF Automation UI. Platform teams can define guardrails while allowing DevOps users to customize and deploy load balancing services tailored for pre-production and development environments.
    • Catalog-Based Deployment: Teams can publish pre-configured load balancing services to a self-service catalog, enabling end users to deploy approved, compliant resources on demand with consistency and speed in production environments.
  • Deep Application Visibility and Analytics: Avi delivers integrated application analytics directly within the VCF Tenant Portal, enabling faster troubleshooting and richer operational insights. Built-in, tenant-level visibility provides DevOps teams with real-time access to critical performance metrics such as application latency, error rates, and throughput. Through the Analytics tab in the VCF Automation UI, users can seamlessly view health scores, logs, and detailed analytics without requiring full Avi administrative privileges, ensuring secure, role-based access while accelerating issue resolution and performance optimization.

Optimized Multi-Tenancy and Efficient Resource Pooling 

This release maximizes resource efficiency while maintaining strict data plane isolation. Delivering a true cloud-like consumption model requires balancing high resource utilization with uncompromising security. Avi for VCF tackles this by enabling a more elastic and consolidated architecture. You can now maximize infrastructure efficiency and lower your total cost of ownership (TCO) through intelligent resource pooling, while maintaining the strict, tenant-level data plane isolation that mission-critical applications demand.

  • Resource-Optimized VPC Support: allows IT teams to align load-balancing resources with workload criticality. Mission-critical applications requiring strict SLAs get dedicated Service Engine Groups (SEGs) for isolated, predictable performance. Standard applications use shared, highly efficient SEGs, optimizing utilization and reducing cost. Network administrators can centrally manage these shared SEGs, seamlessly integrating them with specific Line-of-Business (LoB) VPCs. 
  • Flexible Deployment Models with DTGW Support: establishes a highly scalable, distributed routing model for low-latency, high-bandwidth connectivity across VPCs. Administrators can enable Avi for VPCs with a single click, greatly reducing deployment complexity. Operational consistency is maintained through automatic tenancy mapping across VCF Automation, NSX Projects, and Avi tenants. The VCF platform automatically provisions necessary VRF network plumbing for immediate, secure connectivity and isolated resource pooling without manual configuration overhead.

Automated Lifecycle Management (LCM) with VCF Operations

Avi is a native citizen of the VCF platform. VCF Operations handles Avi’s Day 0-2 operations automatically.

  • Simplified Deployment with Plug and Play Integration: The deployment of the Avi Controller is significantly simplified through an intuitive wizard within the VCF Operations UI. This wizard handles the automatic creation of the essential Avi Cloud Connector, which serves as the critical API endpoint for configuring key VCF components, such as vCenter and NSX. This deep, automated integration substantially streamlines and accelerates the entire network configuration process within the VCF ecosystem, reducing manual overhead and the potential for errors in enterprise environments.
  • Enhanced Operational Efficiency for Unified Security and Centralized Monitoring: The seamless integration facilitates the automated lifecycle management of security credentials, including the rotation of certificates and service account passwords, ensuring continuous compliance with rigorous security policies (e.g., maintaining a strict 47-day certificate validity period). Furthermore, the dedicated Centralized Management Pack provides a comprehensive, fleet-level view of the load balancer’s operational health and performance metrics, directly integrated within the VCF Operations console for streamlined monitoring and proactive management.

Resources

Prashant Gandhi

Prashant Gandhi leads Products and Services in the Application Networking and Security (ANS) Division at Broadcom, responsible for VMware vDefend Lateral Security and Avi Load Balancer product management, product marketing…

Related Articles