Many Kubernetes Clusters, One Control Plane, Your Private Environment

November 8, 2022 Carol Pereira

As Kubernetes adoption becomes pervasive for organizations in support of their application modernization efforts, we see hyper growth in the number of clusters companies are deploying.

This hyper growth, demonstrated in the latest State of Kubernetes 2022 report from VMware, shows that almost 30 percent of survey respondents are now operating more than 50 clusters, and almost half expect the number of clusters they operate to increase dramatically (more than double) or increase substantially (50 percent to 100 percent more) over the next year. 

Number of Kubernetes clusters currently in operation, according to 2022 State of Kubernetes respondents

As a result of this massive growth, 97 percent of survey respondents said they are now willing to pay for services and support for important Kubernetes tools. And the top four tool categories were: data security, cluster lifecycle management, platform monitoring, and platform automation. 


Most important tools or capabilities when operating Kubernetes in production, according to 2022 State of Kubernetes respondents

One control plane for your distributed Kubernetes environment

In our continued commitment to support customers' adoption of Kubernetes platforms across any environment, we introduced VMware Tanzu Mission Control to simplify multi-cloud, multi-cluster Kubernetes management with full visibility in a single control plane. 

VMware Tanzu Mission Control is a software-as-a-service (SaaS) offering that helps operators take control of their entire fleet of clusters, with capabilities to fulfill organizations’ top needs:

  • Data security – Apply centralized policies and data protection to Kubernetes clusters in any environment

  • Cluster lifecycle management – Create, update, upgrade, and delete VMware Tanzu Kubernetes Grid and Amazon EKS clusters in any environment

  • Platform monitoring – Integrate with VMware Aria Operations for Applications, formerly named VMware Tanzu Observability by Wavefront

  • Platform automation – Drive clusters via GitOps for increased consistency

However, as the number of Kubernetes clusters grows, so do the environments they are deployed in, which brings security risks that operators must manage, a fact that’s reflected in a big jump in concerns around applying policy consistently across clusters and teams (46 percent) and controlling access to clusters (35 percent). 

Biggest security concerns about using Kubernetes, according to 2022 State of Kubernetes respondents 

Again, Tanzu Mission Control addresses those needs today with unified access control, RBAC (role-based access control), and guardrail-style policies that provide safety nets for self-serve platforms via our SaaS offering, and we are glad to announce that we are working to add support for self-managed, private deployments of Tanzu Mission Control too. 

Highly regulated industries want better Kubernetes management on their private environments

Cloud and SaaS adoption varies from industry to industry due to regulatory and compliance factors that prevent movement of apps and data. As such, we know that some customers and partners operate in highly regulated, on-premises, and air-gapped environments and would benefit from a self-managed solution for multi-cluster Kubernetes management rather than a solution that’s delivered as SaaS. Those highly regulated industries include banks, insurance companies, government agencies, healthcare institutions, telco providers, retail, and manufacturing organizations.

So, the VMware team is working on a new initiative to design and offer self-managed, private deployments of Tanzu Mission Control that would give customers full control over their network infrastructure connectivity. 

Our goal is to allow customers with stringent regulatory and compliance controls and need to operate on on-premises and air-gapped environments to benefit from a single control plane so they can manage their Kubernetes estates residing anywhere, including on-premises, in private and public clouds, and at the edge. The VMware Tanzu team is working on this offer via a private beta program with selected customers and partners.

By offering multi-cloud, multi-cluster management of Kubernetes platforms, operators could take control of their entire fleet of clusters with full visibility in a single control plane while maintaining their adherence to needed certifications as a result of operating on-premises with limited connectivity to public cloud services. To extend management to public clouds, they could simply leverage their dedicated, private connection to their public cloud environments and be able to benefit from centralized policy management and automated disaster recovery, including application mobility between clusters. 

Sovereign clouds are also looking at their Kubernetes management needs

VMware's definition of sovereign clouds describes those as architected and built to meet strict data security and residency requirements of regulated industries and local jurisdiction laws on data privacy, access, and control. And according to IDC, the EU is continuing to develop foundations for its digital ecosystem and adopted a wide range of digital policy reforms that included calls for local data hosted by major global providers from outside Europe to be repatriated.

VMware understands that cloud service providers that are answering the call to build sovereign clouds in their regions would also benefit from a self-managed deployment of Tanzu Mission Control, since they would be able to control the solution on-premises and manage their customers' environments with added security. This would allow them to service customers that cannot consume SaaS offerings operated outside of their regions, due to compliance and security requirements while enabling them to take advantage of managing Kubernetes at scale in a consistent, secure, and flexible way. 

So, as we work on this private deployment strategy for Tanzu Mission Control, we are also working on plans to bring it to VMware Sovereign Cloud partners as part of a broader sovereign-ready Tanzu portfolio

If you are attending VMware Explore in Barcelona (November 7–10, 2022), look for our VMware Tanzu specialists and bring all your questions.

VMware makes no guarantee that services announced in preview or private beta will become available at a future date. The information in this press release is for informational purposes only and may not be incorporated into any contract. This article may contain hyperlinks to non-VMware websites that are created and maintained by third parties who are solely responsible for the content on such websites. 

About the Author

Carol Pereira

Carol Pereira is a product line marketing manager and a member of the VMware Tanzu team. She has developed most of her career in the enterprise software industry and, in her current role, she focuses on increasing product awareness by leveraging product-led growth strategies and helping customers resolve their Kubernetes management challenges.

More Content by Carol Pereira
Application Service Adapter for VMware Tanzu Application Platform 1.0 Now Available for Download
Application Service Adapter for VMware Tanzu Application Platform 1.0 Now Available for Download

The Application Service Adapter for VMware Tanzu Application Platform is now available for download with re...

VMware Tanzu Kubernetes Grid 2.1 Enhances the Multi-Cloud Experience
VMware Tanzu Kubernetes Grid 2.1 Enhances the Multi-Cloud Experience

Tanzu Kubernetes Grid 2.1 provides more flexibility and choice for customers through support for VM-based m...