For nearly two decades, we at VMware have been working on helping our customers address the challenge of supporting traditional business critical applications as well as next-generation application. Today, with the General Availability of vSphere Integrated Containers, we are proud to announce that our customers can count on vSphere to also natively run containerized workloads.
Over the past couple of years, we’ve met a number of customers who have started to experiment with containers in their dev/test environment. While being impressed by the benefits of this technology our customers raised a few important concerns that kept them from being able to take these applications to production.
Reduced visibility – Enterprise IT admins are responsible for running tens if not hundreds of applications in production and their existing toolset and practices do not allow them to peek inside the VMs. If they are able to, often times, they have not had the opportunity to understand the application, its architecture, the effects and the processes to isolate any misbehaving containers.
Multi-tenancy and concerns when sharing a kernel – With no efficient way to partition infrastructure, admins are forced to rethink their strategy for multi-tenancy. On a related note, the well-known security issues that arise from a shared kernel prevent admins from running these workloads in production. The problem is acute in industries where regulation and compliance is mandatory.
Non-elastic infrastructure and inefficient resource utilization – Customers struggle with sizing their container hosts and end up spending too much time trying to predict the amount of resources their applications need. Some overprovision resources to save time and that leads to the creation of monster VMs and inefficient utilization. Even when they overprovision, they often end up resizing their hosts or include additional capacity. As a result, they are forced to bolt on a clustering solution that increases complexity.
DIY isn’t for everyone – Many enterprise customers do not have the bandwidth or the capacity to build out their own stack using a DIY approach or to keep on top of the ever evolving set of patches and updates.
vSphere Integrated Containers starts by enabling IT teams to run traditional and container workloads side-by-side on existing infrastructure seamlessly. This ensures that customers do not ever have to create silos in their infrastructure. Using constructs from the Open Container Initiative to map Docker containers to vSphere infrastructure, containers are provisioned as virtual machines, offering the same security and functionality of virtual machines in VMware ESXi hosts or VMware vCenter Server instances.
The resultant container VMs, that are provisioned on-demand, lend themselves to be managed much like any other VM in the vSphere environment. Thus administrators are able to use their existing tools, processes and even scripts to manage containerized workloads. Since every container VM is backed by its own kernel, the existing security and compliance best practices translate directly to this new paradigm. The on-demand nature of vSphere Integrated Containers ensures that resources are never over provisioned and once a container has been deleted, the resources are recaptured.
vSphere Integrated Containers uses existing vSphere constructs to create a Virtual Container Host (VCH) that is compatible with standard Docker client tools and is backed by a pool of resources to accommodate applications. This resource pool leverages the vSphere resource pool construct in the backend that is elastic by nature. As a result, the vSphere admin has complete control over the amount of resources available to every VCH and is able to address multi-tenant use cases by provisioning an individual VCH per tenant.
By leveraging existing vSphere constructs to run containerized workloads, vSphere Integrated Containers can seamlessly leverage advanced technologies like NSX, VSAN and vRealize out of the box. This also allows for easy integration with the entire ecosystem of vSphere compatible products from various partners and our vast ecosystem. vSphere Integrated Containers provides developers the portability, speed, and agility of using enterprise-class containers, and provide IT Ops the management, security, and visibility they require to run containerized workloads in production.
Learn more about vSphere Integrated Containers at http://www.vmware.com/go/vsphereintegratedcontainers