Tanzu Platform

What Is Tanzu? A Conversation Summary from “Two Friends Talking Tanzu”

My friend Oren Penso and I recently discussed the question “What Is Tanzu?” Going into it, I anticipated that this would be a complex conversation because VMware Tanzu encompasses a lot. It’s a collection of all of the components, services, and frameworks needed to build, run, and manage software. Tanzu covers everything from Kubernetes and Cloud Foundry, to databases, event services, and programming frameworks like Spring, and the management tools used by platform engineers and ops staff. But in our conversation, Oren presented the simplified, streamlined VMware Tanzu Platform that brings all these things together into a single platform experience regardless of the types of apps or deployment patterns. 

I’ve summarized our discussion below. You can also watch our conversation and lightboard session for all the fun details!  

Getting to cloud native 

As we discussed the evolution of the software industry–from physical servers to virtualization to containerized software, and today with microservices–we agreed that each big evolution brings with it unparalleled opportunity. These advances allow businesses to deliver cutting-edge software that help you thrive in a competitive and dynamic digital landscape. Following that thread, we also agreed that, as a result, each evolution brings with it the obligation to modernize your systems so that your organization does not fall behind and become obsolete. 

An established pattern from the IT modernization playbook is to break up applications into smaller components. This makes them more flexible and resilient, and speeds up development. This so-called microservices architecture, while profound in its impact on cloud native computing, introduces lots of complexity. 

Which brings us to an era concerned with implementing organization-specific strategies for managing the complexity that comes from running large numbers of containerized applications and microservices across distributed systems. This is the problem that Tanzu Platform solves, with the ultimate goal of accelerating an application’s path to production.

Platform Engineering: the next frontier of innovation

Let’s paint a picture. With containerization, a large or even medium-sized organization now has a staggering number of workloads running. Besides physical infrastructure, operations folks are concerned about many aspects of complex architectures, including, but not limited to, security, cost, uptime, policies, access, regulatory compliance, performance, and observability. That’s before considering that these workloads might be running in multiple environments across multiple clouds. It’s all too much! 

In Cloud-Native Platforms Require Infrastructure Platform Engineering, Gartner analysts Carolin Zhou and Elaine Zhang write: 

“The infrastructure environments also become increasingly complex and hard to manage. Additionally, they can’t fulfill agile requirements, such as scalability, flexibility and adaptivity for environment changes in standards and operating procedures, compliance and security, from product or software development teams, AI/ML engineers (ModelOps) or Prompt engineers. Infrastructure platform engineering is treated as a new discipline that emerged in response to the increasing complexity of system design and underlying hybrid infrastructures.”

DevOps thinking has reached mainstream understanding as a way to deal with today’s cloud native computing systems, and, as a result, has made way for the platform engineering discipline. Platform engineering is concerned with delivering a foundation for self-service APIs, knowledge, services, and tools to support the development, deployment, operation, and/or management of an organization’s product and services delivery. 

Balancing customizability and repeatability 

With this background, Oren and I found ourselves coming back to the notion of consistency as a crucial pillar of any platform strategy. This makes sense when we consider that many teams across an organization have the same, undifferentiated technical requirements. When each team solves the same problem in their own custom way, not only is there a duplication of effort, it also means that governance, security, and integration all need to be addressed in a way that is unique to that particular solution. Our own State of Cloud Native Application Platforms report shows that respondents struggle with compliance and governance, especially at scale. 

So when those undifferentiated capabilities are managed centrally and provided to teams in a consistent, self-service way, an organization’s products and services become more reliable and secure, and the developer experience is improved. This all leads to organizations that can deliver their products and services faster, repeatedly. 

For example, if application teams each define the infrastructure that they need using infrastructure as code, that not only leads to a duplication of effort, it also results in infrastructure being defined in different ways all over the organization. By having the platform engineering team provide universal definitions for infrastructure requirements and offer a self-service experience, we can ensure that all infrastructure is regulated and secure. It also unlocks advanced behaviors like cost optimization and observability across applications. At the same time, you win points with your app teams by delivering a better development experience. 

Tanzu Platform solves the consistency conundrum, continuously  

So how does Tanzu Platform do this? Oren demonstrated how Tanzu Platform provides consistency and improves user experience throughout an application’s lifecycle–from the first line of code all the way to production. Consistency was once again front and center because doing these steps in the same way across hundreds, or even thousands, of applications is one of the powers of Tanzu Platform. Here is Tanzu Platform’s golden path to production:

First, the developer writes code.

When the developer is ready, Tanzu Platform builds that code into a runnable image. Here the platform uses Cloud Native Buildpacks as the build service. Besides compiling the code into a container image, this build step takes into account additional considerations, including industry standards, testing, dependencies, and some infrastructure concerns, for example, the base OS, programming language runtimes, or certificates.

Next, without any additional action from the developer, Tanzu Platform creates a package that can be deployed to a container service like Kubernetes, Cloud Foundry, or others. This is significant because creating manifests and configuration is very complex. There is so much to consider, including ports, resource guarantees, environment variables, infrastructure concerns, connection credentials, and much more. Tanzu Platform generates this configuration according to best practices, and then the application and its configuration get packaged together and versioned in a consistent way. 

Then the developer deploys their application to a space with a single command. And that’s it! It’s an absolutely simple developer experience. 

But what is a ‘space’? A space is an abstraction. It is a set of compute, network, and storage that might span regions but still feels like Kubernetes or Cloud Foundry. A platform engineer is the person who defines and configures the space, and in doing so they make choices regarding aspects like mTLS, local and global load balancing, underlying clusters, ingress controller software, certificate management concerns, cache, and enabling a database like MySQL, to name a few.

Of course, the application almost certainly needs backing services, like cache, for example, and a database. With Tanzu, developers can use a service catalog to see which services are available to them in a particular space. Next they choose which services they want to add, and then they can use a single command to bind their application with the service(s) that they’ve chosen. Who decides and configures which services are available in a space? The platform engineer! And services are secure by design–that means that security best practices are built into the implementation without any additional knowledge or effort from humans. Services can run on Kubernetes, Cloud Foundry, or VMs.

When the application inevitably needs to evolve, lots of update actions are available to the platform engineer. Actions such as autoscale (or manually scale), drain, promote, and restage. Or a platform engineer can upgrade, start, or stop the app all while additionally managing traffic.

I hinted at this before, but it’s worth saying explicitly: All of this can happen on either Kubernetes or Cloud Foundry. This is a big deal. Users get a streamlined, unified experience without concern for infrastructure decisions like whether the app will run in VMs or containers (or both!), whether it will run on- or off-premises, or whether it will be deployed using Cloud Foundry orchestrator or Kubernetes API server. That complexity is abstracted from the developer. The developer simply “pushes” their application to the right runtime.

Integration begins at the UI–understanding Tanzu Hub  

The last thing that Oren and I talked about during our “What Is Tanzu?” conversation was an overview of Tanzu Hub. Tanzu Platform is consumable as an API, a CLI, and/or a UI. Tanzu Hub is the out-of-the-box UI.

As its name implies, Tanzu Hub is the center of the Tanzu universe: It’s the integration point for all of the people involved and the integration point for all Tanzu services. Depending on the user, many advanced actions are available here, such as easily upgrading underlying infrastructure, patching a vulnerability across the entire organization, and automatically taking advantage of available cost optimizations. 

Tanzu Hub displays many aspects of what is happening in the overall system, and what you see in the Tanzu Hub is customizable based upon what you care about. For example, a developer might see logs, CVEs, bugs, app health, and test results, while an app operator might see the latest commit, performance across services, policies, and which developers have access to what. 

While people see what’s pertinent to their roles, Tanzu Platform again allows consistency for a better user experience and improved system reliability. For example, the way a database service is presented to an operations person is consistent across database types, and this goes for developers as well. 

Consistency + Repeatability = Scale

At the end of our conversation, Oren demonstrated how Tanzu Platform makes it easy for developers to push their code securely into any environment and accelerate an application’s path to production. While all of this is trying to achieve a relatively simple workflow–developers easily pushing their apps to production–this simplicity can be confounded by things like security and governance requirements, infrastructure design, identity management, and on and on to include all the things in the purview of platform engineering and operations teams. 

But, when we introduce a consistent and repeatable model for application development, delivery, and operations backed by a platform like Tanzu, we can abstract away complexity from the developer experience and scale our systems securely and consistently.  

Check out the full video series to see Oren and me walk through that process and answer the question “What is Tanzu?”