Modern Applications Experience€¦ · BUILD Modern applications with a cloud native supply chain...
Transcript of Modern Applications Experience€¦ · BUILD Modern applications with a cloud native supply chain...
Confidential │ ©2019 VMware, Inc.
Modern Applications and New Developer Experience VMware for Cloud Native Apps
Ali Al Idrees
Lead EMEA SDDC Architect
VCIX-NV, CCIE RS & DC, AWS-SA
Confidential │ ©2019 VMware, Inc.
Modern Microservices Architecture
REST API
REST API
REST API
REST API
REST API
REST API
APIGateway
WEBUI
WEBUI
DeveloperDeveloper
Microservices• Small, modular code base • Easier to update, scale • Runs in containers
Monoliths • Single, large code base • Slower to update, scale • Runs in VMs or containers
Confidential │ ©2019 VMware, Inc.
Containers as an Enabler
Speed
Boot EnvironmentsRapidly
Portability
Ability to MoveContainers Freely
Lightweight
Minimal Resources Needed
5Confidential │ ©2019 VMware, Inc.
Modern application architectures require a container platform
Confidential │ ©2019 VMware, Inc.
Confidential │ ©2019 VMware, Inc.
What is Kubernetes?
Kubernetes is an open-source platform for automating deployment, scaling, and operations of application
containers across clusters of hosts, providing container-centric infrastructure.
Confidential │ ©2019 VMware, Inc.
Kubernetes 101 (CaaS)
K8s Cluster
Worker
`kubectl apply –f myapp.yml`
Worker
kube-proxyMaster& ETCD kube-proxy
Service: nodeport | ingress | LB
POD POD
Load Balancer
URL Request:
myapp.foo.com/k8siscool
Docker Registry
Developer
Containers @ Scale
Master& ETCD
Master& ETCD
Confidential │ ©2019 VMware, Inc. 9
Confidential │ ©2019 VMware, Inc. 10
We can help
INTRODUCING
VMware Tanzu
Confidential │ ©2019 VMware, Inc. 11
Run
Build Manage
VMware Tanzu Portfolio
Enterprise Kubernetes
On-premises | Public Cloud | Edge
Single Control Point
Multi-cloud
Multi-cluster
Multi-team
Modern Applications
Traditional | COTS | Cloud Native
Confidential │ ©2019 VMware, Inc. 12
Build
VMware Tanzu
BUILD Modern applications with a cloud native supply chain
Application Transformation—Pivotal Labs & VMware KIT KAT
Securely assemble, deploy and update code
Pivotal
Build Service
Develop cloud native applications & microservices
Pivotal
Spring
Package and deploy applications & components
Bitnami
Project Galleon
Run short-lived or long-lived workloads
Pivotal
Function Service
Automate your integration and delivery pipelines
Pivotal
App CI/CD Service
Confidential │ ©2019 VMware, Inc. 13
Consistent Kubernetes
VMware Tanzu
RUN a Kubernetes grid across any environment
Run
VMware PKS
vSphere 6.5 / 6.7VMware Cloud on
AWS Public Clouds Edge
Project Pacific
vSphere [Future release]
Confidential │ ©2019 VMware, Inc. 14
vSphere
VMware as the platform that connects developers and operationsPower the developer, Assure the admin
Workloads
Operations Developers
Collaboration
DeployManage
WorkloadsWorkloads
Performance
Security
Availability
Cost
Diagnostics
Code
Test
Deploy
Support
Confidential │ ©2019 VMware, Inc. 15
The Definition of an Application Has ChangedModern enterprises are building applications that are heterogeneous in nature
An application used to consist of a few VMs
App
Node
Database
VM VM
Modern apps are like distributed systems
Database
Serverless
Function 1 Function 2
App
vGPU
Kubernetes Cluster
My Application
Control Plane
Node GPU Node Node
VM
TECHNOLOGY PREVIEW
Confidential │ ©2019 VMware, Inc. 16
Kubernetes Cluster
Node Node Node
Control Plane
VM App
VM
Database
VM
VM
VM
What’s a workload?
My Application
Serverless
Function 1 Function 2
Confidential │ ©2019 VMware, Inc. 17
Kubernetes Cluster
Node Node Node
Control Plane
VM App
VM
Database
VM
VM
VM
Serverless
Function 1 Function 2
Challenges
My Application
Developer IT Ops
How do I deploy this app?
How do I operate it on day 2?
What tools can I use with it?
How do I ensure the availability of this
app?
How do I ensure it’s security?
How do I deliver quality of service?
How do I control cost of our infrastructure?
Confidential │ ©2019 VMware, Inc. 18
Kubernetes Cluster
Node Node Node
Control Plane
VM App
VM
Database
VM
VM
VM
Serverless
Function 1 Function 2
Using Kubernetes to manage workloads!
My Application
kind: KubernetesCluster
apiVersion: vks.vmware.com/v1
metadata:
name: My Application
spec:
topology:
workers:
count: 3
class: small
distribution: v1.14.1
kind: Function
apiVersion: faas/v1alpha2
metadata:
name: Function 1
spec:
name: func1
image: functions/func:latest
kind: VirtualMachine
apiVersion: vms.vmware.com/v1
metadata:
name: VMApp
spec:
className: large
imageName: my-app.ova
powerState: poweredOn
policy:
restartPolicy: OnFailure
kind: HanaDatabase
apiVersion: hana.sap.com/v1
metadata:
name: ERP database
spec:
nodes: 3
class: extra-large
Confidential │ ©2019 VMware, Inc. 19
Namespace
Kubernetes Cluster
Node Node Node
Control Plane
VM App
VM
Database
VM
VM
VM
Serverless
Function 1 Function 2
Namespaces as the unit of management
My ApplicationSecurity
• Encrypt all persistent data
• Disallow all ports but 443
• Audit developer changes
Availability
• Failures to tolerate: 2
• Disaster recovery site: us-east
• Hourly snapshots to backup
Access controls
• Users in group app-admin: Write
• Users in group ops: Read Only
• Disallow MySQL
Quality of Service
• Priority: High
• Reserved vCPUs: 128
• Reserved Memory: 1 TB
Confidential │ ©2019 VMware, Inc. 20
Transforming vSphere into the App Platform of the Future
Project Pacific: Rearchitecting vSphere with Native Kubernetes
Developer IT Operator
vSphere with Native Kubernetes | App-focused Management | Dev & IT Ops Collaboration
Improved Economics | Control at Scale | Increased Velocity
vSphere
Supervisor Kubernetes Cluster
vCenter
ESXi Cluster Networking Storage
Kubernetes cluster
Virtual machines
Native pods
App
TECHNOLOGY PREVIEW
Confidential │ ©2019 VMware, Inc. 21
Project Pacific
On-premises | Hybrid cloud | Public cloud
Supervisor Kubernetes Cluster
ESX Networking Storage
vCenterDeveloper
IT Ops
A Kubernetes control plane for the SDDC
Confidential │ ©2019 VMware, Inc. 22
Project Pacific
On-premises | Hybrid cloud | Public cloud
ESX Networking Storage
vCenterDeveloper
IT Ops
KubernetesService
Kubernetes as a service
Supervisor Kubernetes Cluster
Confidential │ ©2019 VMware, Inc. 23
Project Pacific
On-premises | Hybrid cloud | Public cloud
KubernetesService
ESX Networking Storage
vCenterDeveloper
IT Ops
Virtual Machine Service
Virtual Machine Service
Supervisor Kubernetes Cluster
Confidential │ ©2019 VMware, Inc. 24
Project Pacific
On-premises | Hybrid cloud | Public cloud
KubernetesService
ESX Networking Storage
vCenterDeveloper
IT Ops
Virtual Machine Service
Application Services
Ecosystem
Anything as a service
Supervisor Kubernetes Cluster
Project Pacific
Kubernetes
Service
ESX Networking Storage
vCenter
Virtual Machine
Service
Application
Services
Ecosystem
Supervisor Kubernetes Cluster
Confidential │ ©2019 VMware, Inc. 25
Project Pacific
Supervisor Kubernetes Cluster
ESX Networking Storage
vCenterDeveloper
IT Ops
Cloud native applications
• Deploy and operate applications
Infrastructure as a service
• Manage infrastructure resources
• Create Kubernetes clusters
• Create supporting services (databases, middleware, DevOps tools)
Service Management
• Manage service lifecycle
• Manage Templates and images
• Inventory management
• Policy management
Workload management
• Resource allocation and monitoring
• Diagnose and troubleshoot
• Policy based management
Software defined datacenter
• Hypervisor isolated clusters
• Microsegmented network
• Cloud native storage
KubernetesService
Virtual Machine Service
Additional Services
Virtual Machine Service
Ecosystem
26Confidential │ ©2019 VMware, Inc.
Project Pacific Demo
TECHNOLOGY PREVIEW
Confidential │ ©2019 VMware, Inc. 27
Workloads Run In Namespaces
Governed By Policy
IT Operator
TECHNOLOGY PREVIEW
Confidential │ ©2019 VMware, Inc. 28
Namespace Auth Through vSphere SSO and Kubernetes Rolebindings
IT Operator
TECHNOLOGY PREVIEW
Confidential │ ©2019 VMware, Inc. 29
Namespace Resource Consumption
Backed by vSphere Resource Pools and Kubernetes Quotas
IT Operator
TECHNOLOGY PREVIEW
Confidential │ ©2019 VMware, Inc. 30
Assign Storage Policy and Quota To Namespace
IT Operator
TECHNOLOGY PREVIEW
Confidential │ ©2019 VMware, Inc. 31
Share Namespace With Devs Through Portal
Developer
TECHNOLOGY PREVIEW
Confidential │ ©2019 VMware, Inc. 32
Create Infrastructure with kubectl and REST API
Devs Use Standard Kubernetes Tools To Deploy Clusters, Serverless Pods and VMs
Developer
TECHNOLOGY PREVIEW
Confidential │ ©2019 VMware, Inc. 33
Supervisor Cluster
Powered by Project Pacific
New Inventory Items Mapped To Kubernetes Objects
Namespace Level Details on Workloads
IT Operator
TECHNOLOGY PREVIEW
Confidential │ ©2019 VMware, Inc. 34
Run
Build Manage
VMware Tanzu Portfolio
Enterprise Kubernetes
On-premises | Public Cloud | Edge
Single Control Point
Multi-cloud
Multi-cluster
Multi-team
Modern Applications
Traditional | COTS | Cloud Native
Confidential │ ©2019 VMware, Inc. 35
VMware Tanzu Mission Control allows customers to attach any Kubernetes cluster for a single point of control
Multi-cloud Multi-cluster Multi-team
Independence Visibility Control
Give developers self-service access to the right resources
Centrally observe and monitor health across all of your clusters
Manage security, configuration, and cost at enterprise scale
VMware Tanzu
MANAGE Multi-Cluster and Multi-Team Management
Manage
Confidential │ ©2019 VMware, Inc. 36
VMware Tanzu
MANAGE Multi-Cluster and Multi-Team Management
VMware Tanzu Mission Control
Manage
NSX-Service Mesh
Observability & diagnostics OptimizationConnectivity & traffic
management
Audit & compliance Data protection
Cluster lifecycle management Identity & access Security & configuration
Provision Attach
Confidential │ ©2019 VMware, Inc. 37
Confidential │ ©2019 VMware, Inc. 38
Confidential │ ©2019 VMware, Inc. 39
Confidential │ ©2019 VMware, Inc.
Thank You