.net azure compliance network network_security nsx pcf_metrics pivotal_cloud_foundry security steeltoe Tanzu RabbitMQ vmware windows_server

Always Be Shipping with Pivotal Cloud Foundry 1.10: Go Fast, Go Secure, and Go .NET!

If the old rule of sales was “always be closing,” the new rule of business is “always be shipping.”

When your developers ship new code thousands of times a month, you win in the market. Velocity triumphs.

Pivotal Cloud Foundry 1.10, now generally available, helps you ship early and often. Here’s how:

Here’s a look at each theme. Be sure to check out the wonderfully detailed posts for each section – they are linked at the end of each topic. To the highlights!

Go Faster Together

Distributed Tracing Eases Troubleshooting for Developers & Operators

Debugging apps and rooting out latency is never easy. Especially when you're adopting a microservices architecture and you have more components interacting with each other.

This difficulty is often compounded by two things. First, developers and operators use different systems for logs and other telemetry data. Teams struggle to agree on what happened, because there are “two sets of facts” under consideration.

Enter PCF Metrics, an integrated component of Pivotal Cloud Foundry.

This module (included for all Pivotal Cloud Foundry customers) delivers a single set of facts for teams. It captures the events, metrics, and logs for all apps running on the platform.

The second issue is more difficult. The complexity of enterprise systems has evolved. Complexity is no longer found in source code, but rather in the scale of interactions between workload components.

Distributed tracing has emerged as a popular solution to address this complexity. We’ve expanded beyond our experience with Spring Cloud Sleuth to support tracing for apps written in many frameworks. Teams can use the new Trace Explorer feature in PCF Metrics 1.3 for many different apps, not just Spring!

The Trace Explorer is an interactive graph that traces a request as it flows through your apps and their endpoints. It also enables developers and operators to view and correlate application trace logs. Why is this a big deal?

When you add tracing to metrics, events, and logs, you get a full picture of how your system operates. And that helps engineers quickly understand failures, and how to best respond.

That’s why distributed tracing is a must-have feature for adopters of microservices.

On-Demand Data Services Remove Bottlenecks for Developers

There’s a new, faster way to add data services to your apps: with on-demand service brokers. The first two from Pivotal are RabbitMQ (for messaging) and Pivotal Cloud Cache (our new in-memory caching product).

On-demand data services offer several advantages.  Most notably, developers can add these services to their apps via self-service. Previously, operators were required to configure instances ahead of time. Now, there’s no waiting.

As the name suggests, on-demand services are provisioned on-demand at service instance creation time. On-demand services deliver more flexibility and solve more customer scenarios.

We want to make it easy to create on-demand services. So, we built the new PCF On-Demand Services SDK.

Tile authors can move faster with this SDK. Common functionality for single-tenant, on-demand services is done for you. It’s abstracted away, so you can focus on your service.

Pivotal’s ISV ecosystem is enthusiastically embracing this tool. Expect to see more and more on-demand tiles become available every month. The SDK is a boon to tile authors everywhere!

New APIs Boost Automation for Operators

Part of the Pivotal Cloud Foundry value prop: the platform itself can be continuously delivered. That exercise gets easier in 1.10 now that Operations Manager has exposed 11 new API endpoints.

Now, power users of Ops Manager can automate more of their workflows. They can also programmatically configure manifests – no more slogging through YAML! You’ll also notice that the Ops Manager API and UI are now at feature parity.

The new endpoints help you integrate with CI tools like Concourse.

Want more details on PCF Metrics? This companion post has you covered.

Go Secure

Isolation Segments

Pivotal Cloud Foundry is a “big tent” for enterprise apps. Operators need controls to ensure that thousands of mission-critical apps run smoothly. With isolation segments, they have a new tool to help keep their deployments humming.

Use isolation segments to direct a set of applications to a specific set of host VMs. This is a handy capability for security and compliance scenarios. After all, some apps need to be logically isolated from others. Isolation segments are the perfect solution.

The feature helps in many other scenarios too:

  • Routing workloads to specialized hardware (i.e. CPU-intensive workloads)

  • Managing chargeback/showback usage of infrastructure

  • Isolating deployments of BOSH Add-ons

  • Segmenting with different SLAs, like dev/test/prod environments

Previously, this segmentation required creating new foundries. Isolation segments are a much better option. Roles and permissions stay in sync, since each isolation segment is tied to the same foundry. Deployment complexity is lower. Maintenance and infrastructure costs go down.

Container-to-Container (C2C) Networking (Beta)

Container networking in Pivotal Cloud Foundry 1.10 is becoming more powerful. With the beta of this feature, container networking is now:

  • Faster. Optimized network routing between containers reduces hops and network latency.

  • More flexible. The product supports app-to-app policies and client-side load balancing. And applications can listen on any port – you are not restricted to 8080.

  • More secure. Use C2C networking to create and enforce app-level policies that secure your apps and boost compliance. Easily identify the source of app traffic, using C2C networking and application logs.

The beta feature is self-service in Elastic Runtime. Point-and-click to add this to your deployment after you upgrade to PCF 1.10. After you’ve used the feature, be sure to reach out to your Pivotal account team to provide your feedback!

How Pivotal Cloud Foundry and NSX Make Your Data Center Better

Isolation segments are especially useful for those who have invested in network virtualization like VMware NSX. It’s easier to verify-at-a-glance that application isolation is, in fact, happening as compliance rules dictate.

There are many other benefits to running PCF atop NSX. A new Pivotal blog post takes a deeper look at how Pivotal Cloud Foundry and VMware NSX combine to deliver Developer-Ready Infrastructure. VMware recently wrote about developer-ready infrastructure too.

Nearly all of these features are invisible to development teams. Operators simply configure them in the platform. Developers can go fast (and go safe) with these capabilities working in the background. Here’s a deeper look at the new security and compliance features in PCF 1.10.

High-Velocity Tools – Now for Windows Server and .NET

The cloud-native movement is well underway. For Java, you build with Spring and deploy to Cloud Foundry. But what about the other enterprise apps, the ones that use .NET on Windows?

Our goal is to deliver a first-class experience for .NET developers. In PCF 1.10, this experience gets even better with the new PCF Runtime for Windows tile.

The 1.10 version of the tile includes the .NET Hosted Web Core (HWC) buildpack. Use this buildpack to run full-featured .NET apps on Windows Server. (Pivotal also offers the .NET Core buildpack to support this lightweight framework. Use this one to push .NET Core apps to Linux VMs.)

Now, enterprises can achieve greater efficiency with a shared platform for all their apps: Java and .NET. Developers can use their preferred frameworks and run-time: cf push to your heart’s content!

Operators can focus on supporting a single platform for the entire engineering organization.

This feature is a big win for executive leadership, too. It’s easier to standardize on Pivotal Cloud Foundry when teams are free to use their tools of choice!

Minimize the use of “shadow” platforms for edge cases, and go all-in on Pivotal Cloud Foundry. Watch efficiencies skyrocket while per-app operational costs plummet.

There’s even more to like for Microsoft developers in PCF 1.10:

  • Steeltoe is now GA, with commercial terms. PCF customers are now fully entitled to support and maintenance for this .NET microservices toolkit. Steeltoe supports .NET Framework 4.x as well as .NET Core on Windows and Linux; check out the excellent documentation for details. Steeltoe has proven mighty popular – over 22,000 downloads so far! Expect the number to jump with the new Windows tile.

Ready to learn more about these features? We take a closer look here.

Additional Features in PCF 1.10

Apps Manager gets a boost in this release. Developers can now create and view tasks in the UI. Further, asynchronous services can now be managed here as well.  Previously both features were only available in the PCF cli.

Loggregator components now use gRPC to improve reliability. TLS is now used extensively in the system. As a result, data flow between Loggregator components is now more secure. Review an updated architecture diagram for more.

Volume Services (beta) introduces stateful storage for Cloud Foundry applications. Try out Volume Services when your apps need to attach to filesystem-based interface. Example scenarios include: legacy apps that use a file system as a transient store, CMS workloads, and 3rd party apps that can’t be refactored. This feature is part of OSS Cloud Foundry, so the commands and interactions in PCF are identical.

As usual, the complete product documentation for PCF 1.10 is illuminating. Take a careful, deliberate read through these materials. Then, you’ll know exactly how fast you’ll be able to go with Pivotal Cloud Foundry.

Supporting Quotes

"Pivotal has steadily improved the .NET experience in Cloud Foundry. Coupling these improvements with Steeltoe based Microservices, allows our developers to use the tools they know and love when deploying to the platform. These latest updates make Pivotal Cloud Foundry a logical home for our Linux AND Windows-based apps."
– Mark Porter, vice president, Software Development, Audatex
 
"Developer-ready infrastructure provides the technology bridge to support the people, processes and culture changes required by organizations for IT operations and developer teams to successfully embrace cloud-native development practices. Combining VMware’s container-native infrastructure with Pivotal’s cloud-native application platform enables IT to deliver developer-ready infrastructure that enables developers to deploy the right software, faster and more frequently by eliminating the drag of traditional operational concerns. Together, our mutual customers benefit from an ecosystem of developer-friendly products and services combined with enterprise agility, automation, and security.” 
– Milin Desai, vice president of products, networking and security business unit, VMware