Best Practices cloud native devops How-tos kubernetes pivotal products vSphere

Pivotal Platform Evolves with vSphere 7 with Kubernetes

This post was co-authored by Prasad Kalpurekkal and Alka Gupta.

VMware Cloud Foundation is an integrated software stack that bundles compute virtualization (VMware vSphere), storage virtualization (VMware vSAN), network virtualization (VMware NSX), and cloud management and monitoring (VMware vRealize Suite) into a single platform that can be deployed on premises as a private cloud or run as a service within a public cloud. VMware Cloud Foundation 4.0, which is shipped with vSphere 7, delivers Kubernetes as a service, tightly integrated into all the capabilities described above.  

vSphere was originally designed as an infrastructure-centric platform to support workloads packaged as virtual machines (VMs). However, modern workloads today are a combination of VMs, containers, a variety of developer services (think Jenkins, databases, etc.), and more.  

In the new vSphere 7 with Kubernetes, you’ll work with two types of Kubernetes clusters:  

  1. Supervisor Kubernetes clusters.  These clusters are embedded in vSphere, providing a full Kubernetes REST API to create and manipulate VMs, containers, storage, networking, and a bunch of new services like the vSphere Pod Service and the RegistryService. The Supervisor Kubernetes cluster enables DevOps engineers to deploy, run, and manage Kubernetes clusters as a service via the VMware Tanzu Kubernetes Grid Service for vSphere. 
  2. Tanzu Kubernetes clusters. These area Kubernetes clusters are enabled via the Tanzu Kubernetes Grid Service for vSphere. Tanzu Kubernetes Grid is a CNCF-certified, enterprise-ready Kubernetes runtime. The Tanzu Kubernetes clusters created and managed by the Tanzu Kubernetes Grid Service can run different versions of Kubernetes, depending on the needs of the applications. Developers can create, customize, scale up, and choose when to upgrade their clusters. 

These new cloud-native services enable enterprises to accelerate the development and deployment of modern apps on VMware vSphere while continuing to take advantage of existing investments in people, technology, tools, and skill sets.  

The image below shows the different available services, and the user experience in terms of separation of responsibilities within a single framework, that together enable a truly on-demand delivery model for the customer.  

 

Generally speaking, Day 1 operations — including bringing up the infrastructure to deploy Kubernetes clusters, VMs, or pods as workloads configuring networks and storage, with governance and security baked in, and in a manner consistent with best practices — are challenging. With VMware Cloud Foundation and vSphere 7 with Kubernetes, VMware makes them less challenging with the automated deployment of full-stack infrastructure, including the simplified creation of networking with VMware NSX and storage with VMware vSAN, that is fully aligned with VMware Validated Designs

Deploying Kubernetes solutions using VMware Cloud Foundation 

The initial part of VMware Cloud Foundation deployment is done through Cloud Builder VM. This process automatically creates and configures a management domain with vCenter, vSAN, VMware NSX, and SDDC Manager (an automation and orchestration engine for Day 1, Day 2 operations). To bring up the management domain, please follow these steps.  

Then log in to the SDDC manager and create a VI workload domain, which will deploy an additional vCenter, VMware NSX-T manager and configure the storage for the VI workload domain. For more detailed steps, visit this documentation page.  

Once the NSX-T-based VI workload domain is ready, deploy and configure the NSX-T edge cluster using the SDDC manager dashboard. VMware Cloud Foundation also offers more detailed instructions for how to deploy and configure edge clusters

The SDDC infrastructure will now be set up in compliance with the VMware Validated Design and be ready to enable your first supervisor cluster on vSphere 7 with Kubernetes.  

The SDDC manager will now validate the compatibility of your underlying infrastructure for vSphere with Kubernetes, then redirect to the vSphere client wizard to complete the vSphere with Kubernetes deployment to finish enablement. See here for detailed instructions.

Once the vSphere with Kubernetes is enabled on the VI workload domains, you can create a vSphere Namespace and configure permissions and storage policy on it. Follow the instructions to install kubectl and the vSphere kubectl plugin on your client machine. Once you’ve installed it, you can use kubectl to create and manage Tanzu Kubernetes clusters within your vSphere Namespace, or to create vSphere Pods. 

A private image registry called Harbor is integrated into vSphere 7 with Kubernetes and available as a service in VMware Cloud Foundation.  

vSphere 7 with Kubernetes on VMware Cloud Foundation also works to simplify Day 2 operations like patching, monitoring, backup, and expansion.  

Workload solutions lifecycle management  

VSphere 7 with Kubernetes is a feature built into vSphere, hence VMware Cloud Foundation version updates and the lifecycle management process will always ensure the environment is updated with the latest release.  

Monitoring workload management solutions 

VMware Cloud Foundation is an endpoint for VMware vRealize Operations, and has integrated high-level health data for all VMware Cloud Foundation workload domains. This provides users the ability to monitor and proactively track the health of the supervisor clusters. With the VMware vRealize Operations Management Pack for container monitoring, virtual administrators can get end-to-end monitoring of Kubernetes namespaces, clusters, replica sets, nodes, pods, and containers. 

Logging with vRealize Log Insight/Log Intelligence 

VMware has integrated two enterprise-grade log aggregation products—vRealize Log Insight and its SaaS counterpart, Log Intelligence with VMware Cloud Foundation. With just a few simple steps, container logs can be easily configured to flow into vRLI/Log Intelligence. 

Expansion of workload management solutions 

Supervisor clusters can be scaled on demand securely and simply using the SDDC manager UI workflow.  

Additional toolsets  

Additional toolsets include Velero, for helping with backup and restore for Tanzu Kubernetes Grid, and Tanzu Observability by Wavefront, which acts as a comprehensive solution for monitoring your Tanzu Kubernetes Grid. Contour can be used as an Ingress controller for Kubernetes clusters and Sonobuoy validates the conformance and state of Kubernetes clusters, including best practices and interoperability.  

Tanzu Kubernetes clusters provisioned by VMware Cloud Foundation can also be attached to Tanzu Mission Control to address global management and governance and protect against cluster sprawl within an organization. Tanzu Mission Control has the added benefit of being able to manage Kubernetes clusters of any distribution, deployed to multiple endpoints, on both private and public clouds. 

Over time, enabling Kubernetes services on vSphere through VMware Cloud Foundation will bring increased efficiency to your organization, improving both the total cost of ownership and return on investment associated with operating and managing all types of applications and services, and supporting demands for enterprise-grade Kubernetes on which to deploy and manage cloud-native applications. Your IT department can reliably create and manage full-stack, on-premises infrastructure through VMware Cloud Foundation, and then your development teams can build, deploy, and run applications with native support for Kubernetes.