Many of the world’s largest enterprises trust VMware Tanzu Application Service to continuously deliver and run their apps both on-premises and across public and private clouds. With over a million containers running on this platform today, Tanzu Application Service is a proven platform to achieve DevOps outcomes.
Tanzu Application Service version 2.12, now generally available, is upping the game with enhanced automation and platform performance. With this latest release, developers get an enhanced CLI version, while the curated CF CLI container image opens the runway for dependable tooling. With security top of mind for all enterprises, TLS version 1.3 helps fortify their compliance posture.
Let’s take a look at the top release highlights through a DevOps lens:
Features developers will love:
-
Support for HTTP/2
-
Compliance fortification via TLS version 1.3
-
Simplified app development with enhanced CF CLI v8 version
-
Dependable tooling via curated CF CLI containerized image
Features operators will love:
-
Longer duration certificates
-
RBAC enhancements – a new role with granular restricted access
-
More-secure access for custom application metrics endpoint
-
Cost savings with option to disable verbose metadata logging
-
Enhanced observability via version display on Apps Manager
Let’s get into these features and the rest of the release!
Support for HTTP/2
The latest Tanzu Application Service release will enable HTTP/2 as default. Please note that manual configuration of route destinations is required to enable end-to-end HTTP/2. In case you need to disable HTTP/2, Ops Manager allows it as well.
Compliance fortification via TLS version 1.3
Customers can now set TLS minimal versions 1.3 to meet their security and compliance needs.
Simplified app development with enhanced CF CLI v8 version
The latest 2.12 release debuts CF CLI version v8 as default. Built on top of CF v3 API services endpoint, this latest CF CLI version introduces new capabilities, like support for HTTP/2 and RBAC. Upgrading to Tanzu Application Service version 2.12 will default to CF CLI version v8, but you can also use CF CLI v7, if required. Given that several new functionalities are only accessible in version v8 and version v7 has entered maintenance mode, we recommend the upgrade to choose the default version v8.
Dependable tooling via curated CF CLI containerized image
This release is upping our automation capabilities by providing a curated image for our foundational element, CF CLI. Customers who have struggled with maintaining homegrown or third-party packaged CF CLI containers can now choose from a set of curated images provided by VMware. This image will auto-update and be kept up-to-date with latest security patches, enabling dependable and more-secure tooling for DevOps teams around the globe!
Longer-duration certificates
Every DevOps team will tell you certificate rotation is crucial to a good security posture. But, managing the ever-increasing number of certificates and CAs can become cumbersome. The good news: starting with this release, OpsManager allows extending certificate duration for leaf certificates and CAs. This can directly reduce the frequency of change through the system.
RBAC enhancements: Granular restricted access with new role
Great news for SREs, application maintainers, and troubleshooters. We are introducing a new role, Space Supporter, that would allow managing and maintaining apps but restrict creation or modification of existing ones. This role is broader than the read-only Space Auditor but more restrictive than Space Developer. This granular access control will be greatly beneficial to our banking and federal customers with stringent access requirements.
More secure access for custom application metrics endpoint
Metric Registrar’s endpoint is widely used by DevOps teams to scrap custom application metrics. This endpoint is public and accessible by all Tanzu Application Service platform users. The 2.12 release introduces a new flag to better secure this Metric Registrar endpoint.
cf register-metrics-endpoint APP_NAME [METRICS_ENDPOINT] --internal-port [INTERNAL_PORT_NUMBER]
Cost savings with option to disable verbose metadata logging
Logging configurability now allows disabling of verbose metadata, reducing the syslog storage costs.
Enhanced observability with version display on Apps Manager
Apps Manager now displays the Tanzu Application Service release version in the footer, making it easy to identify the foundation version. This should be a handy tool for platform teams that manage multiple foundation versions.
More notable highlights
Support for Xenial stemcells – VMware will continue the distribution of VMware Xenial stemcells to Tanzu Application Service customers through April 30, 2024.
Enhancements to Tanzu Application Service supported Azure Log Analytics Nozzle – DevOps teams with many Tanzu Application Service foundations will appreciate the new Azure Resource field to tag logs, making it easier to identify the source for these logs.
Reduced deployment times – Changes in the loggregator-agent module make deployments even faster.
Tanzu Application Service for Windows – Tanzu Application Service platform now honors CPU shares. Windows customers who desire tighter control on the resources used by the Tanzu Application Service platform can now specify the CPU weight in the Windows bundle configuration. Look out for more new and exciting features for Windows in our upcoming releases!
Get started today
Ready to dive into the release? Check out the links below to get up to speed on the newest capabilities:
-
Upgrade to Tanzu Application Service 2.12
-
Read the 2.12 release notes
-
Explore more Tanzu Application Service resources
-
Watch the replay of our recent webinar with demos and a Q&A session with the experts
