Embrace DevSecOps for Modern Apps

January 13, 2021 Patricia Johnson

As enterprises prioritize application modernization initiatives, moving rapidly to adopt containers and cloud native patterns, VMware is pleased to announce the availability of VMware Tanzu Advanced edition. VMware Tanzu Advanced meets the moment. It simplifies and secures the container lifecycle, enabling teams to accelerate the delivery of modern applications across multiple clouds—a real DevSecOps approach. 

The launch of Tanzu Advanced follows the introduction of VMware Tanzu Basic and VMware Tanzu Standard editions in the fall of 2020, which target infrastructure modernization by easing the adoption of Kubernetes. VMware Tanzu Advanced builds on VMware Tanzu Standard to enable enterprises to embrace DevSecOps. It’s a full stack of modular capabilities for standing up an app platform that can work for any organization. 

VMware Tanzu editions: Simplify Kubernetes adoption and run modern apps at scale

Tanzu Advanced enables teams to align in a shared effort to modernize applications by addressing needs across the container lifecycle, specifically:

  • Developer velocity –  Enables developers to spend more time coding by automating container sourcing and builds as well as providing self-service access to environments. Shorter development cycles drive more innovation to market. 

  • Security from code to customer – Can boost your security posture with source code provenance, automated updates and scanning, consistent policy and access control across all clusters, as well as secure connectivity between services.  

  • Operator efficiency – Makes it simple for operators to centrally manage a few or a few hundred Kubernetes clusters across teams and clouds, and get full observability into the health and performance of clusters across clouds.

Read on to learn more about how Tanzu Advanced can support your app modernization journey.

Developer experience front and center

An application developer’s role can be a lot different on paper than it is in reality. The more developers have to perform repetitive, non-value-add tasks, the less productive they are—which reduces the value they can deliver to customers. Finding the right level of abstraction to enable developers the latitude to write code as they choose while benefiting from high levels of automation is key. 

Tanzu Advanced delivers on the developer experience. It starts with the integration and full support of Spring—a framework used by millions of developers to make the best use of microservices, data pipelines, and APIs. Developers also can tap into an on-demand, relational database for modern apps and spawn dedicated instances of SQL for new and replatformed apps with no operator intervention.

After developers write custom applications using their preferred language, Tanzu Advanced automatically builds the container, taking care of dependencies and continuous maintenance. Gone are the days of managing Dockerfiles across separate development teams, each pulling in different package versions from different sources. And when developers need best-in-class application building blocks and backing services, they can self-serve from a curated catalog. Then when it’s time to deploy, they can access pre-configured clusters with autonomy. In short, developers don’t need to be software packaging or infrastructure experts—they can focus on their code. 

Mind the security of the container lifecycle

Container lifecycle security starts with what’s in the container. In “Best Practices For Container Security,” a report published in July 2020, Forrester declared that “Scanned and verified ‘golden images’ are the bedrock of your container security.” Today, developers can choose to source software from a variety of places, but that can create security challenges for the enterprise. And once containers are deployed in production and connecting to other resources, that risk can be amplified. How do you ensure vulnerabilities are not introduced during development and minimize the risk of containers running in production? And can you show the receipts to your security team at the end of the day?

Tanzu Advanced makes security an integrated part of the container lifecycle. It provides a secure, curated catalog of application building blocks that are always up to date and validated, and includes a complete accounting of their contents for easy auditing. For custom applications, containers are built using an automated, centralized image build system that patches operating system libraries and dependencies, then rebuilds with no developer intervention. 

Every container built or sourced through Tanzu Advanced uses a base operating system that is known to be good, and the provenance of source code and dependencies are tracked. This enables the programmatic enforcement of IT governance in a way that does not create friction in the development process. All of your images can be stored in a private container registry where they are scanned for vulnerabilities and signed as trusted before being deployed to production. 

Once containers are running in production, a service mesh enables resilient and secure connectivity using granular authorization and encryption features. What’s more, an intelligent web application firewall can deliver high-performance web application security using the Common Vulnerabilities and Exposures (CVE) catalog of known threats as a blueprint. A policy-based approach to cluster management means that enforcing a fleet-wide policy change can be quickly implemented, as with the recent Kubernetes CVE-2020-8554

Container management at enterprise scale

There is complexity in running containerized applications at scale across clusters and clouds. How do you manage policy and governance for all teams and clusters? How do you manage traffic routing and resiliency for distributed apps across clouds? How do you manage the health and performance of Kubernetes clusters everywhere? 

Tanzu Advanced streamlines the management of Kubernetes and containers at scale. At the core is a certified Kubernetes distribution on which to run your modern applications. This is foundational. As your container count and Kubernetes footprint grow, you can manage it all from a central control plane. Apply consistent policies to any conformant Kubernetes cluster—including groups of clusters spanning clouds. 

With Tanzu Advanced, you can also unify management, policy control, and visibility into service connectivity between containerized workloads and VMs. Access consolidated Kubernetes ingress services to simplify cluster operation. And proactively observe and manage your Kubernetes estate using advanced analytics. Real-time event alerts and correlation can help you rapidly diagnose any performance-impacting issues. 

Get started with Tanzu Advanced

Tanzu Advanced offers the modular capabilities that enable you to build a developer-centric platform for modern apps that works for your organization. Whether your organization is starting out or already has many pieces of the container lifecycle in place, Tanzu Advanced capabilities can be added as needed to address your most pressing challenges today and support your overall modernization journey going forward. 

Tanzu Advanced offers full-stack DevSecOps capabilities

While Tanzu Advanced can enable your organization to embrace DevSecOps, you may need support and expertise on your journey to deliver the outcomes you want in the time frame you need. That’s where VMware Tanzu Labs can help. This team of experts can introduce you to the cloud native patterns and practices that enable DevSecOps, as well as help you design, implement, and configure the platform that’s right for your organization.

Consider these Tanzu Labs’ engagements:

  • VMware App Navigator – Determine the fastest and most reliable path to modernizing your app portfolio. Through hands-on validation, this engagement delivers a plan of action for app modernization designed to iterate and evolve with the needs of your business.

  • Platform Development – Our Kubernetes architects can help you design, build, and scale a production-ready app platform leveraging VMware Tanzu and your own commercial and open source building blocks. We can help you provide your developers with an app platform tailored to your portfolio and business objectives.

Tanzu Advanced is now generally available. Take the next steps today. Learn more about Tanzu Advanced in our announcement webinar or check out the editions site for more details.

 
Previous
VMware IT’s Journey with Tanzu Kubernetes Grid on vSAN
VMware IT’s Journey with Tanzu Kubernetes Grid on vSAN

by: VMware Director of Solutions Engineering and Design Swapnil Hendre; VMware Director of Cloud Infrastruc...

Next
VMware Tanzu Labs: New Name, Even More Transformative Expertise
VMware Tanzu Labs: New Name, Even More Transformative Expertise

VMware Tanzu Labs, previously called VMware Pivotal Labs, is dedicated to helping organizations around the ...

×

Subscribe to our Newsletter

!
Thank you!
Error - something went wrong!