Tanzu Platform, specifically the Elastic Runtime built on Cloud Foundry, is a true polyglot platform as a service (PaaS). And since it matured under the same umbrella as Spring—first with Pivotal, then VMware, and now Broadcom’s Tanzu Division—that shared stewardship produced deliberate integration from the start: in the Java Buildpack, service bindings, observability hooks, auto-scaling features, and more.
Watch the webinar: Modern Java Performance: AOT, Leyden &
Spring Boot Acceleration on Tanzu Platform
Today, advances in Java and Spring, the rise of AI, and the push for automated modernization and compliance have deepened this alignment, unlocking new levels of productivity, efficiency, and capability for Tanzu Platform users. The result is a platform that runs many workloads well but that is uniquely optimized for Spring—through a sophisticated set of purpose-built capabilities that elevate an already strong foundation. For enterprises under growing pressure to move faster while maintaining security, governance, and consistency, this tight integration can be a decisive factor. Here are four areas where this comes to life.
| Spring: A Proven Foundation Spring has long been the dominant framework for enterprise Java. Spring Boot alone powers roughly half of enterprise Java apps, with overall usage of Spring exceeding 60% across the industry, according to JVM ecosystem survey data. Developers love Spring because it dramatically simplifies building complex applications—its modular architecture, opinionated defaults, rich ecosystem, and active community make it one of the most productive environments in software engineering. For enterprises, Spring means stability, innovation, and access to the largest pool of skilled Java developers worldwide. It’s not just a framework; it’s a foundation for digital transformation. |
| Cloud Foundry: The Developer’s Platform If Spring makes building applications easier, Cloud Foundry makes running them effortless. Its philosophy can be summed up in the classic haiku: Here is my source code. Run it on the cloud for me. I do not care how. With a simple cf push, Cloud Foundry takes your code and delivers it to a running URL—detecting the app, building it with the right runtime, binding it to the necessary services, and deploying it securely into production. Developers gain speed, operators retain control, and enterprises get the consistency, governance, and security they need. By embedding application packaging, operational automation, and governance, the platform ensures zero-config deployments, automatic scaling, comprehensive lifecycle management, and enterprise compliance—all while reducing developer toil. Today, Cloud Foundry sits at the heart of Tanzu Platform’s Elastic Runtime, providing the proven foundation that powers the platform’s speed, reliability, and developer experience. |
Smarter upgrades with Application Advisor
For enterprises, keeping applications current is one of the biggest and most persistent challenges. Falling behind on framework or runtime versions creates technical debt, increases security risk, and makes it harder to adopt new capabilities. Yet upgrades are often deferred, since teams are under pressure to deliver new features rather than refactor existing code. Over time, older applications become less familiar to developers, and the combination of age, tech debt, and unfamiliarity makes them more brittle and even harder to modernize.
Application Advisor addresses this problem head on by automating upgrades using a comprehensive library of OpenRewrite recipes. OpenRewrite is an open source framework that performs structured, semantic code transformations, understanding language syntax and APIs to apply precise and safe changes across large codebases—providing much more accurate, deterministic, and sophisticated results than regex-based or even LLM-based approaches. Among its many recipe libraries, the Tanzu collection for Java and Spring is especially deep, making it uniquely effective for keeping Spring applications up to date.
In contrast to many alternative solutions, Application Advisor puts developers in control. Instead of attempting a risky, all-at-once upgrade, teams can apply changes gradually—reviewing them in smaller chunks, committing incrementally to Git, and validating each step with targeted tests. This reduces risk, makes code reviews more manageable, and provides clear auditability of every modification. Most importantly, it gives developers confidence to advance at their own pace while ensuring stability along the way.
In addition, the Application Advisor CLI can be integrated directly into existing CI/CD or DevOps pipelines. It includes a pull-request capability to submit upgrade recommendations into the pipeline, where they can be tested immediately by existing automation. Developers get involved only after those tests pass, and their task is simply to review a validated upgrade—not perform the upgrade themselves or sort through untested changes. The result is a new status quo, in which keeping applications current becomes easier, safer, and part of everyday software delivery.
And with the growing excitement around coding assistants, developers will likely find its AI integration especially compelling. Application Advisor connects with assistants like Copilot or Cursor via the Model Context Protocol (MCP), allowing them to request precise, Spring-specific upgrades—keeping code local, saving tokens, and avoiding vague AI suggestions. The outcome is not only faster adoption of the latest Spring versions, but also more correct, more comprehensive, and ultimately better results.
Enterprise-ready AI applications in Tanzu Platform
When it comes to AI, the dynamic is different. Developers are eager to move fast, building intelligent features into applications with modern frameworks and coding assistants. In the Java ecosystem, this is particularly true with Spring AI, which lowers the barrier through simple, consistent abstractions for model integration.
The bottleneck lies within enterprises, which are still working out what models to approve, how to manage sensitive data, and what guardrails to enforce. Many of the ancillary and nonfunctional concerns—such as cost controls, compliance, auditability, and risk management—are still being defined. There is a lot to pioneer, and there are a lot of unknowns to resolve before organizations feel comfortable enabling broad adoption. Without these foundations, experimentation risks turning into shadow usage, fragmented APIs, and security gaps.
The AI Services capability in Tanzu Platform addresses this organizational challenge on two fronts. First, it exposes self-service access to enterprise-approved models as a standard Marketplace service. Developers simply bind the service instance for the model they want to use, and the platform injects credentials into the app automatically through the usual service-binding flow—no tickets, no one-off keys. The platform team determines which models and modalities appear in the Marketplace, giving developers ready-to-use options for GenAI tasks such as chat, text generation, and embeddings. Vector-capable data services—such as Tanzu for Postgres with PGVector or Tanzu for Valkey’s vector search—can also be exposed through the same Marketplace and bound to applications, allowing teams to assemble retrieval-augmented generation (RAG) stacks without bespoke plumbing wherever those services are enabled.
Second, every request and response passes through an enterprise-grade AI middleware—delivered as an AI Server built with Spring AI but exposed as a client-agnostic HTTP endpoint. This middleware abstracts model providers so teams can switch wire formats without rewriting applications, tracks token usage to optimize costs, enforces PII-compliance scanning and policy controls, and journals interactions for audit. Governance is applied consistently across all applications, ensuring enterprises maintain the visibility and control they need.
Together, Tanzu Platform’s self-service Marketplace and the AI Server’s governance deliver the full impact of AI application delivery on a trusted platform as a service (PaaS): Developers get autonomy and the freedom to innovate at speed, while enterprises benefit from the guardrails they require. With the growing excitement around generative AI, this balance is critical. Developers can focus on delivering intelligent applications, while organizations can trust that costs, compliance, and risk are managed. The outcome is AI adoption that is not just fast, but also safe, auditable, and enterprise-ready—unlocking innovation without sacrificing trust.
Security and compliance with Tanzu Spring Extensions
For enterprises, demonstrating compliance with standards like PCI, FIPS, or NIST is one of the most resource-intensive aspects of software delivery. Teams often find themselves buried in spreadsheets, custom scripts, and manual attestations. The result is slower delivery cycles, uneven enforcement, and a constant risk that controls drift from policy intent.
Tanzu Spring Extensions automate this compliance work and bring it into the application lifecycle. During startup, the Spring Boot Governance Starter auto-generates compliance evidence and policy reports—covering standards such as PCI, NIST, and FIPS—and can be configured to block noncompliant applications, catching issues early rather than during an audit. At runtime, the Spring Cloud Gateway Extensions enforce edge policy—access and identity, operational policies, traffic safeguards, and response mediation—applied globally or per route as needed. Both are delivered as drop-in starters that are simple to enable, without changing application code.
By shifting compliance from manual effort to built-in, policy-as-code automation, developers stay focused on delivering business features. Operators and security teams have confidence that applications are continuously validated and policies are applied consistently, aligned with enterprise standards. Out-of-the-box policies cover common requirements, and organizations can extend the defaults with their own rules, validations, and gateway policies when needed.
The result is faster delivery with stronger assurance: teams stay productive, auditors are satisfied, and enterprises meet regulatory obligations with less friction and more consistency.
Performance without effort via the Tanzu Java Buildpack
Runtime efficiency is a first-order concern for both the engineering team and the business, impacting application performance and UX as well as infrastructure cost. To improve startup time, throughput, or memory footprint, teams often get pulled into time-consuming trial and error—manual experimentation and bespoke flag sets that yield app- and environment-specific gains and require continual rework as versions and traffic change. This effort is neither efficient nor scalable, nor does it necessarily yield optimal results.
The good news is that recent Java and Spring advances make meaningful improvements more accessible. Ahead-of-time (AOT) compilation, Class Data Sharing (CDS) or its successor (the JVM AOT Cache), along with virtual threads and native image, are broadly available and easy to enable in Spring Boot applications. In particular, Spring AOT and CDS/JVM AOT Cache are strong candidates for portfolio-wide defaults. Nevertheless, realizing the full benefit of these improvements in production hinges on build/run parity; any mismatches—classpath order, active profiles, environment variables, database interactions—can erode effectiveness.
Cloud Foundry provides that parity by design, and the Elastic Runtime’s embedded Tanzu Java Buildpack automates the rest. It derives settings with awareness of the application environment (profiles, environment variables, bound services) and applies them consistently at staging and runtime, enabling Spring AOT and performing the required training run for CDS (Java 21) or the JVM AOT Cache (Java 25)—with no application code changes and no JVM-flag tuning.
In internal benchmarks and early customer deployments on Java 21, organizations have observed up to 20% lower memory consumption and as much as 2x faster startup, with even stronger results on Java 25. In operational terms, this translates to smaller instances, higher density, faster scale-out, and clearer capacity planning—improving SLO attainment while lowering spend. Because the Elastic Runtime and Java Buildpack apply these optimizations consistently across environments, the gains are predictable and repeatable at portfolio scale, turning one-off tuning into a durable platform capability.
Spring’s favorite platform is Tanzu
Spring and Cloud Foundry have long complemented one another, and the recent enhancements in Tanzu Platform further reinforce that relationship. Capabilities such as automated upgrades, integrated AI services, policy-driven compliance, and buildpack-enabled performance optimizations reflect a platform shaped by years of alignment with Spring workloads and refined for the realities teams face today.
Operationally, organizations benefit from reduced effort in managing infrastructure, upgrades, and policy enforcement, allowing teams to focus more on delivering application features and business value. Developers work in a dependable environment with consistent behavior across stages, while operators gain clearer governance and lifecycle management without adding operational complexity.
For organizations investing in Spring today, the decision is no longer just about where applications can run, but about which platform best supports the broader demands that now surround them—modernization, AI adoption, governance, and runtime efficiency. In that landscape, Tanzu Platform stands out not simply for its ability to run Spring applications, but for the way it helps teams move through these demands with far less friction. It brings these capabilities together in a cohesive way that reflects its shared evolution with Spring, offering a platform that keeps pace with today’s pressures and is ready for what comes next in Java and Spring.
