Ready for Take-Off with Kubernetes, Cloud Foundry, and vSphere

A complex and diverse world

Singapore. Etihad. Wow. I always found it impressive when airlines were able to build a business and a brand without a significant domestic customer base to start off from. They instead focus on the global market, which is much more challenging. There is a competitive landscape of many players. There is the complexity of interconnecting a world of disparate lands and diverse customer cultures and preferences. An impressive feat.

The world of networking is becoming quite similar. From private, hybrid, and public cloud models, to increased use of SaaS, to the way SaaS and other apps are built using microservices architectures and containers, the landscape of islands to connect in an inherently secure and automated fashion is increasingly diverse and complex.

An app built to demonstrate this diversity

If the airline to networking analogy is lost on you, or you think it’s too much of a stretch, let me pull up the second reason I used planes in my symbolism. My brilliant colleague Yves Fauser built an app to demonstrate how NSX is connecting and securing this variety of new app frameworks, and it happens to be a “plane spotter” app. You may have already seen it demonstrated at Network Field Day 17 #NFD17 this past January. He pulls airplane data provided publically by the FAA, and ultimately connects it with flight status provided by a live feed from ADS-B. So for example, we were able to see if John Travolta’s airplane was in flight or not. It wasn’t. But still, pretty neat.

More importantly, from the networking and security perspective, this app was intentionally designed to have each app component running in a different platform, including:

Pivotal Container Service (PKS): Both the Redis database and the API service were deployed in Kubernetes clusters using PKS – which by the way went GA with version 1.0 just last week! In this case, NSX-T is not only tightly integrated but is a component of PKS, delivering container networking and security automatically as apps are spun up.
vSphere: The SQL database was deployed manually on a vSphere VM.
Pivotal Cloud Foundry: The web front end is running on Pivotal Application Service (PAS).
OpenShift: A program accepting the ADS-B feed and feeding it into the Redis database is running in an OpenShift container.

A cohesive networking and security strategy with VMware NSX

Across all of these platforms, NSX-T was automatically deploying network services, providing container level network visibility, and applying the associated security policies, as soon as “the developer” spun up that app component (e.g. “kubectl create -f” in K8s or “cf push” in cloud foundry). I don’t know if any environment plans to use all of these platforms in parallel like this, but the point here was to demonstrate what’s possible, achieving consistent networking and security services, functions, and tooling across a diverse landscape of environments.