Professional Documents
Culture Documents
Run and Manage Kubernetes With VMware Vsphere 7 PDF
Run and Manage Kubernetes With VMware Vsphere 7 PDF
Himanshu Singh
Mike Foley
VMware Cloud Platform Marketing
2020 2024
and more…
1: IDC WW Semiannual IT Spending Guide: Line of Business, 09 April 2020 (HW, SW and services; excludes Telecom) 2: IDC Futurescape,
Confidential │ ©2020 VMware, Inc. 2020 2
The Definition of an Application Has Changed
My Application
vGPU
Control Pane
Database
Node Serverless
Function 1 Function 2
The big stones we have to overcome are day two operations. It is not a big deal to deploy
Kubernetes clusters. The trouble starts when you want to start
updating, upgrading, adding nodes, all that kind of stuff.”
Stephan Massalt, VP of Cloud Labs, Swisscom
Confidential │ ©2020 VMware, Inc. Source: Worldwide Container Infrastructure Software Forecast, 2020–2022, IDC, Dec 2020 4
“It’s important for IT operators
to closely partner with
developers on Kubernetes
deployments. Today, developers are
uprooted from previous environments and need
to understand the value of the other.”
Sharat Nellutla
Associate Director
Verizon
5
Confidential │ ©2020 VMware, Inc. 3 Kubernetes Secrets From Early Adopters, RADIUS, Jan 2020
Challenges for Modern Applications
Line-of-Business
Developer Leader VI Admin
More complicated to get Monolithic apps fail to meet modern Infrastructure silos make it challenging
modern apps into production requirements to provision resources
Ticket-based infrastructure Cannot quickly respond to changing market Security isolation of modern apps
slows development cycles demands and databases is difficult
Difficulties updating apps Weak customer experiences sacrifice Inconsistent operations and
can impact resiliency market share cross-functional workflows
Streamline Development
Network
Collaboration Storage service Registry service
service
Performance Availability
Application
focused Security Lifecycle
management
Agile Operations
vSphere
VI Admin
Accelerate Innovation
Namespaces
vCenter Server
VMware Cloud Foundation Services
Simplified Application
Lifecycle Intrinsic Security
Acceleration
Management
vSphere Lifecycle Manager for Remote attestation with vSphere Cost efficient AI/ML hardware
simplified upgrades Trust Authority pools
Update planner to discover, manage Identity federation with ADFS Performance & resiliency
and upgrade (improved vSphere DRS)
Simplified software patching
Upgrade using Restful APIs Predictable quality of service
Cloud Foundation Services unify VM and container Advanced automation of vSphere updates, upgrades, and
Summary
management through Kubernetes API maintenance.
Ensure sensitive apps only run on properly attested and Delegates authentication responsibilities to Microsoft Active
Summary
trusted hardware. Directory.
Enhanced Application
Performance,
Availability, and Intrinsic
Security
Confidential │ ©2020 VMware, Inc. *Note: vSphere Platinum reached EoA in April 2020 15
vSphere 7 with Kubernetes
Only available in VMware Cloud Foundation 4
vSphere ENT+
Term License (1-year and 3-year options)
k8s Native
Applications VM
Control Plane
Database
Node Node Node
VM
Serverless
VM
Function 1 Function 2
Function Function
VM
k8s Native
Applications
DevOps VM VI Admin
Control Plane
Database
Node Node Node
Function 1 Function 2
Function Function Cost control
VM
k8s Native
Applications
DevOps VM VI Admin
Control Plane
Database
Node Node Node
Self-Service VM Governance
Serverless
VM
Function 1 Function 2
Function Function
VM
Self-Service VM
kind: Pod
Serverless kind: HanaDatabase
metadata:
VM metadata:
containers: VM nodes: 3
image: func1
ports:
- containerPort: 80
k8s Native
Applications VM VI Admin
Control Plane
Database
Node Node Node
VM Governance
Serverless
VM
Function 1 Function 2
Function Function
VM
Applications VM VI Admin
Security
VM
•
Availability
Failures to tolerate: 2
Governance
• Disaster recovery site: us-east
Serverless
• Hourly snapshots to backup
VM
Database
Node Node Node Application C
VM Governance
Application B
Native Pods
VM
Application A
Function 1 Function 2
Function Function
VM
DevOps DevOps
3
Deploy Apps Flexible TKG Cluster LCM
Upstream Conformant
kubectl
create TKG
Cluster
Full Control of TKG Clusters
2 VI Admin
VI Admin
Define template,
Tanzu Kubernetes versions, etc.
Grid service Define Template, version
1
TKG &
Resource Quota
VM Operator Supervisor Cluster Cluster API
SDDC
VKS Plugin
watch
Cluster Object Cluster API Namespace
watch Cluster API
Machine Object Cluster API Controller
Plugin
DevOps actuate vSphere Provider VI Admin
VM API Plugin
watch
VM Object VM API Namespace
VM Controller
VM Lifecycle
actuate
Confidential ││©2020
Confidential ©2018VMware,
VMware,Inc.
Inc. 28
vSphere Pod Service
Advanced security and performance, without managing clusters
DevOps DevOps
Strong Security and Resource Isolation
Performance Advantages
Serverless Experience
Kubectl
create
VI Admin
deployment
1 VI Admin
Application Centric Management
Application
vSphere Pod Centric
service Management
Workload Visibility
SDDC
DevOps DevOps
3
Deploy Apps Manage virtual machine with
Kubernetes interface
Kubectl
create
virtual
2
machine
VI Admin VI Admin
Virtual Machine
Define VM Class Define VM classes, machine sizes
service
1 Manage VM images
Supervisor Cluster
SDDC
DevOps DevOps
K8s API for Network Objects e.g.
Services and Ingress
Kubectl
create
Ingress
2 VI Admin
VI Admin
Define network Define Admin Policies for Security
security rules
Network service and etc.
SDDC
DevOps DevOps
• K8s API for Storage Objects e.g.
Persistent Volume Claim
Kubectl
create pvc
VI Admin
2 VI Admin • Resource Quota
• Visibility
Define storage
policy and quota
Storage service
SDDC
VI Admin
Create Registry
Instance
Registry Service
Supervisor Cluster
SDDC
ESXi vCenter
Control vCenter Enable Harbor registry in the
K8s Master VM Plane APIs
Registry supervisor cluster
Registry Agent Service
• Integrated with vSphere SSO
VI Admin
Harbor APIs DevOps users push images directly
ESXi into the registry
• Container image signing and
System Namespace
PV Docker Registry scanning built-in
Harbor Pods APIs
Seamlessly deploy native pods
Image Pull and Kubernetes pods using
container images in the registry
User Namespace DevOps
PV User Pods
VI Admin
vCenter
ESXi Cluster
VM VM VM
VM VM VM
VI Admin
vCenter
ESXi Cluster
Pod
CRX
VI Admin
vCenter
ESXi Cluster
Namespace Namespace
VM VM VM VM
Pod Pod Pod Pod Pod VM Pod VM VM VM VM Pod Pod Pod
Tanzu Kubernetes Cluster
Tanzu Tanzu
VM Operator vSphere Pod Service Cluster API Kubernete VM Operator vSphere Pod Service Cluster API Kubernete
s Grid s Grid
SDDC