Rapid change is among us. We are flooded with new concepts and technologies. This article will dive into the new possibilities to host cloud native workloads in the vSphere environment. Actually, VMware released a new suite of products in April 2020 named Tanzu.
Finally, I finished designing and implementing my new home-lab environment based on VMware vSphere.
Thus, I could deploy and test many new VMware products and features like vSphere 7 U2, vSAN, vRealize Automation 8.3 and vRealize Orchestrator 8.3. Meanwhile, I feel in love with infrastructure as code. So, I created and edited several JSON & YAML files to get my infrastructure up and running.
In this week the time came to build up a nested environment that is capable to run vSphere with Kubernetes.
Thanks to vSphere 7 U2 Tanzu is now supported with three different load balancing setups: NSX-T the most expensive, HA proxy which is free and new in U2, NSX advanced load balancer essentials free as well. Without load balancing neither Container nor Kubernetes will work properly.
My choice for lab was HA proxy because my nested environment was built stable & lightweight on vSphere 7 U1.
What is a Container and Kubernetes?
Now I won’t dive deep into Containers and Kubernetes at this moment. But I think a crash course is essential to understand the need for TANZU and its USP (unique selling proposition).
You can compare them with virtual machines they are just more lightweight and faster to spin up.
They can offer diverse apps/services mostly in the cloud native ecosystem.
If you couple one or more containers the next layer above is a POD. One container host which can be either physical or virtual can host huge amounts of containers. Containers are deployed from container images which are comparable to VM templates. Each created Container contributes to a service and doesn’t have an own IP address but shares it with the host. So, that’s why the load balancers are crucial. They distribute the request to one or many containers.
The core duty of Kubernetes is to handle the complexity and automate the deployment and scaling of PODs which contain one or more containers. Kubernetes itself has a control plane and worker nodes.
The control plane manages and stores container data in a key value database (etcd).
The nodes are literally hosting the container and execute a new POD derived from a container image.
So containers become enterprise grade, you can scale and make them high available via replica sets.
Furthermore, the environmental state is always monitored and faulty or crashed containers are quickly redeployed via the concept of desired state. Developers communicate with the control plane via kubectl commands and essentially describe the design via YAML files.
TANZU – Solution Overview
By the way, Tanzu is derived from the Japanese word Tansu (Jap. 箪笥) that is an antique lightweight wooden cabinet. No paper anymore now digital transformation.
The software version is a suite of products that offer key capabilities in three different pillars.
These are Run, Manage and Build. I think this overview is a good way to start, and today we absolutely focus on the “Run” part.
Basically, the key function of Tanzu is to enable the vSphere infrastructure to natively run Containers and ease management with the orchestration through Kubernetes. So, it is the above master layer which acts as a bridge between the legacy and cloud native world. It offers huge enterprise grade integrations to consume SDDC resources in the container and Kubernetes world. Furthermore, it offers a secure and efficient way to make it possible for administrators to support the developers. This is truly DevOps and no bullshit bingo anymore.
So TANZU is nothing proprietary it is fully upstream Kubernetes compliant. One vSphere Cluster can automatically deploy and manage almost unlimited amounts of custom size Kubernetes clusters to run enterprise services.
Every department can get their DEV and PROD clusters to have isolation and security. It runs on the same easy to manage and high available platform.
Despite that you can run VMs in these supervisor clusters too, just magical.
First you always have to prepare the requisites:
- Current vSphere 7.0 U1+
- vSphere Enterprise Plus Cluster with minimum three nodes
- TANZU per cluster socket licensing required: Different flavors available: basic, standard and advanced.
- Networking foundation: NSX-T with T-0 configured or DVSwitch design with HAProxy/NSX advanced load balancer essential
- Enough Resources
Then you have to enable the vSphere Cluster and deploy the supervisor cluster control plane. All Control plane nodes either supervisor cluster or Tanzu Kubernetes Grid cluster are based VMware Photon OS.
Thus, your vSphere cluster turns into a supervisor cluster. Then you can create namespaces and configure permissions in VCenter.
Furthermore, you can define persistent storage with storage policy-based management. (SPBM)
Now you have two possibilities to run container workloads. Either natively on vSphere with the ESXi hosts itself as container host or on TANZU Kubernetes Grid Cluster. If you want to run that special native version NSX-T is mandatory.
Despite that you can run TKG Cluster with either NSX-T or the free variant (HA Proxy or NSX advanced load balancer essential).
- Tanzu integrates in the well-known VMware enterprise grade ecosystem.
- vSphere Administrator have an easy entry in the Kubernetes sphere and become DevOps engineers.
- Run native vSphere PODs with great transparency and performance through native spherelet ESXi integration.
- Automate & operate huge amounts of Kubernetes Cluster deployment with Tanzu Kubernetes Grid Clusters.
- Stay fully Kubernetes upstream compliant and satisfy your developers.
- VCenter Container Storage Integration (CSI) lets you use your existing storage environment, vSAN, vVOLs, VMFS and NFS.
- Make use of next-level networking & security with native NSX-T integration and automation.
- Easily move or expand to public cloud. VMware supports all major cloud providers and integrates vSphere Tanzu Suite
Homelab TANZU design
I was inspired by a wonderful article from the genius William Lam. Thank you so much for your passionate work!
Basically, I run a nested 8 Core 32 GB RAM ESXi host on top of my 12C 128 GB ESXi host.
I had to enable promiscuous mode on the base host vSwitch and of course expose hardware assisted virtualization to the nested ESXi which runs the TANZU, load balancing and routing workloads.
vSwitch of physical ESXi:
Nested ESXi VM:
Homelab: Whiteboard & VCenter Inventories:
This is my logical map focussing on the virtual distributed switch and networking on the upper right.
It is always good having a whiteboard at hand to express some thoughts and get them out of your head.
Current News & Roadmap
2015 was Kubernetes birthdate and was originally developed by Google to manage huge amounts of container workloads. It is still one of the fastest growing open-source projects ever. Soon it was clear that a new level of abstraction was required. Solved through Suites like TANZU, OpenShift or Rancher we now arrived in a new world accelerating the journey to cloud native applications. Orchestrating the Orchestration.
The adoption rate will further thrive in the next years, and we will see great innovations regarding AI Ops & Automation.
Hope you enjoyed, see you next time!