The latest update to the VMware Tanzu Application Platform beta release includes capabilities that further streamline the path to production for developers and empower platform engineers, enterprise architects, and site-reliability engineers (SRE) to build a more secure developer experience on any public cloud Kubernetes service, and on premises.
First announced at SpringOne 2021, Tanzu Application Platform is a modular, application-aware platform that runs on any compliant public cloud or on-premises Kubernetes cluster. The application-aware nature of Tanzu Application Platform means developers can focus on writing code using their favorite programming language, while the platform provides features like application configuration or service discovery. An application-aware platform identifies what critical components the application needs and injects them into the file system.
Preconfigured with all the critical components for building a superior developer experience on Kubernetes, Tanzu Application Platform paves a more secure path to production for developers. It includes Tekton for CI, Cloud Native Buildpacks for automated container image builds, and Knative for deployment, IDE plug-ins, API routing, and image scanning and signing.
Tanzu Application Platform is also composable, so platform teams can customize their supply chains based on their requirements and preferences. For example, if an organization does not want to use Tekton, they can simply swap it out for their preferred CI tool; if they prefer to use Kubernetes primitives to deploy workloads, they can use them instead of Knative. Operators can not only customize and manage multiple supply chains, they can add components; thus, they can easily serve multiple development teams with security and scalability built in.
With this latest release, the Tanzu Application Platform beta will include the full set of capabilities that allow developers to quickly get started building and iterating on their software, debugging, security, continuous integration and deployment, and testing.
What’s new in Tanzu Application Platform Beta 2
Supply chain choreography allows app operators to create pre-approved paths to production integrating Kubernetes resources and existing toolchains. Using technology from the Cartographer open source project, operators can create and manage multiple, pre-approved supply chains. These supply chains are the base rock—to borrow a term from civil engineering—for your paved path to production. They include components for building, testing, scanning, and deploying your software all while giving app operators peace of mind that all code in production has passed through an approved workflow. To learn more about supply chain choreography check out this post.
Developer tooling includes IDE plugins and extensions so developers can interact with the platform or its open source components easily all while working in their inner loop environments. Developers can execute important and frequent pre-commit development tasks, such as running code or debugging on Kubernetes, without needing to leave their preferred IDE. The VS Code extension is available in Beta 2 with plug-ins for IntelliJ, and Eclipse coming. We’ve also included a source controller that allows application developers to create and/or update workloads from local source code.
Developers can deploy and debug applications on a Kubernetes cluster right from their IDE, as well as do a live update of code on a cluster using Tanzu developer tooling.
Intrinsic security enables a more secure software supply chain by inserting features for signing, scanning, and storing along the path to production. Scanning introduces source and image scanning capabilities along the path to production that will block the next set of activities if CVEs are identified. Image signing allows application operators to sign images at time of build or post-scan completion, and verify signature integrity, to increase trust in image provenance. Metadata store gives application operators a single location for storing all supply chain metadata, starting with image, package, repo/source, and CVEs, to allow more advanced automation and intelligence (deploy time policies, continuous monitoring for new CVEs, etc). To learn more about better securing the software supply chain check out this talk, Steps to Implementing a More Secure Software Supply Chain in VMware Tanzu, at VMworld, and other great security-related content here.
Data service bindings are specified by operators so developers don’t have to think about it. Operators can define how endpoints and credentials from data services are exposed to workloads in a portable and Kubernetes-native way.
A framework for platform operators to set best practices for runtime configuration of a deployed workload enables all workloads to follow the best practices. This means application developers can focus on developing the application logic without having to learn and implement deployment and runtime best practices.
These capabilities are in addition to what we announced last month, which includes application templates so developers can bootstrap their applications quickly with predefined compliance and best practices, automated container image builds, runtimes for serving and eventing capabilities, insights into applications for troubleshooting, and API discovery and routing. If you’d like to see what a pre-paved path to production can do for you and your developers, start using the Tanzu Application Platform beta. You can also check out the Getting Started with Tanzu Application Platform on KIND series on the Tanzu Developer Center.
This overview of new technology represents no commitment from VMware to deliver these features in any generally available product. Features are subject to change, and pricing and packaging for any new features/functionality/technology discussed or presented, have not been determined.
About the Author
More Content by Rita Manachi
