We aren’t done with 2022 yet, but phew! This was a busy year for the VMware Tanzu Mission Control team.
In the two short years since VMware introduced Tanzu Mission Control, the Kubernetes management hub has evolved rapidly to meet industry trends and changing customer needs with important new features, such as data protection, lifecycle management capabilities, GitOps automation, and integration across the VMware portfolio, to name a few.
We’ll get into the details of those feature announcements below. But first, here’s a look at some of the industry trends that are driving this rapid product development.
Why did VMware build Tanzu Mission Control?
The short answer is to relieve platform teams of manual tasks as they scale their Kubernetes footprint.
O'Reilly's Technology Trends for 2022 Report demonstrated a healthy 15 percent year-over-year increase in content about the tools used to deploy software for Kubernetes, so people are searching for knowledge in the area and the landscape is indeed very complex.
Companies want to be cloud native, but they can land in "cloud chaos" when business units use their own preferred cloud providers in siloes. They need to build an effective cloud infrastructure across those providers, and Tanzu Mission Control helps with their distributed Kubernetes footprint as they do that. That's how they get to "cloud smart."
IT teams needed consistency in their day-to-day management of Kubernetes clusters, no matter where they were running—vSphere, any public cloud, on premises, or at the edge. They also needed data protection capabilities, integrations with full-stack observability, and service mesh capabilities.
Tanzu Mission Control is designed to be a secure solution with which operators can group their clusters, regardless of which environment they live in, and apply policies at scale (i.e., one click, many clusters) for identity and access management, security, networking, quota, and more.
Kubernetes hyper growth and its challenges
VMware’s drive to expand its Kubernetes offerings is continually reinforced by findings in our annual State of Kubernetes survey.
In 2022, this survey showed hyper growth in cluster count, with almost 30 percent of survey respondents claiming to operate more than 50 clusters and half of them expecting cluster count to increase dramatically (more than double) or substantially (50 to 100 percent more) over the next year.
Number of Kubernetes clusters currently in operation, according to 2022 State of Kubernetes respondents
Numbers like this clearly show that Kubernetes adoption is on the rise. But it’s worth noting that organizations don’t need to have dozens of clusters for a management solution like Tanzu Mission Control to be useful. Even with just a few clusters, customers can see immediate benefits from grouping clusters together to apply policies consistently, and then seamlessly adding more clusters as they grow.
This survey also tells us that IT teams want four things out of a Kubernetes platform:
Data security – They are concerned about controlling access to clusters by teams.
Lifecycle management – They want one management hub to create, update, and delete their clusters.
Platform monitoring – They want full-stack observability.
Platform automation – They want to integrate with their existing GitOps toolchain for increased consistency.
Tanzu Mission Control is well positioned to help with all of that.
What have we been up to? Many new features!
Tanzu Mission Control is a key part of the VMware Tanzu for Kubernetes Operations solution, which includes a suite of components that provide a foundation for managing and running a modern, multi-cloud container infrastructure.
We have incrementally added new capabilities and constantly hear from customers about what matters to them.
In 2022, we announced many features that are available today and some that are planned to come in 2023:
Lifecycle management of Amazon Elastic Kubernetes Service clusters (preview) – Users can now connect Tanzu Mission Control to their Amazon Web Services accounts and create, update, upgrade, and delete EKS clusters and node pools, achieving less friction and more choice. In 2023, we plan to add lifecycle management support that would include adopting existing EKS clusters and configuring them with Terraform.
Cross-cluster backup and restore – Users now have more flexibility with backup and restore and can move applications between any cluster, running on any cloud, or on-prem data centers for more resiliency and simplified site recovery. Cluster backups can be stored on Amazon S3, any S3-compatible object store, and Azure Blob Storage. Powered by Velero (an open source project supported by VMware) to help users avoid vendor lock-in.
Simplified package installation (Bitnami) – Users can now streamline Helm packages installation from the Bitnami repository with a few clicks after they enable Helm service on their cluster. Bitnami maintains many Helm charts for popular applications, including databases, proxy solutions, and stream-processing platforms, which streamline operations.
Simplified cluster configuration (GitOps) – Users can now configure cluster resources via their GitOps toolchain (via FluxCD, a graduated CNCF project) for consistency. They can attach a git repository and sync their YAML artifacts today. Cluster Group support, planned for 2023, would allow all clusters inside a particular group to inherit the defined FluxCD configuration. Additional customizations can be added on a per-cluster basis.
Terraform provider support – Users can take advantage of Terraform to define their infrastructure as code as well as resources supported by the Tanzu Mission Control API in a declarative format and automate their pipelines. They can accommodate a variety of infrastructure back ends (e.g., multi-cloud and private cloud), increasing DevOps velocity.
Integration with VMware Aria Automation – Users can consolidate their infrastructure-as-a-service and Kubernetes platforms integrating Tanzu Mission Control with VMware Aria Automation, formerly known as vRealize Automation Cloud, to inherit Tanzu Mission Control policies complying with Aria Automation rules and constraints.
Global expansion to India and Canada – Users with data localization requirements in financial services, banking, healthcare, government, and other regulated verticals can now enjoy the benefits of our SaaS expansion. Tanzu Mission Control also complies with SOC 2 Type 2, SOC 2 Type 1, ISO/IEC 27001, and CSA Star.
Self-managed, private deployments (private beta) – The VMware team is working to offer, in 2023, self-managed deployments of Tanzu Mission Control for customers in regulated industries who need full control over their network infrastructure connectivity. Sovereign clouds will also benefit from added security for their customers' environments.
Local registry support – The VMware team is working to offer, in 2023, support for local registries in Tanzu Mission Control so customers would be able to ensure our cluster agent and extension images are pulled from their trusted registry, instead of from VMware Tanzu's public registry. Users would then be able to use their preferred security and vulnerability scanning tool.
Private Helm repo support for clusters – We are working to offer, in 2023, support for private Helm repositories so Tanzu Mission Control admins would be able to attach their repository to a cluster and install applications from Helm charts maintained by their company. This would ensure charts are on an “allow list” approved by their security team.
Mutating policies – The VMware team is working to offer, in 2023, support for mutating webhooks to enable dynamic admission control for pods. This can be used to modify Kubernetes objects when requested to enforce custom defaults, for example, modifying any pod requesting
We wish you a happy close to 2022!
About the AuthorMore Content by Carol Pereira