With the emergence of new programming languages, libraries, packaging systems, and dependencies, the open source landscape has become more diverse. At the same time, companies are finding it more and more complex to package and deliver open source software.
This creates a massive challenge for independent software vendors (ISVs), large enterprises, and other organizations that need to control their software supply chain lifecycles while adhering to industry standards and best practices. Moreover, to move faster and boost the productivity of development teams, companies need a single, platform-agnostic service that can be consumed either as SaaS or on-premises.
This is precisely what VMware Image Builder provides: an API-first collection of services that allow users to automate the packaging, verification, and publishing of customized and secure content on any platform and cloud.
Behind VMware Image Builder, there is more than a decade of Bitnami experience in packaging open source content to major hyper-scaler cloud marketplaces. VMware Image Builder also embraces the capabilities that VMware Marketplace currently uses to deliver first- and third-party offerings.
Since the announcement of VMware Image Builder going into Tech Preview at VMworld 2021, the team has been working hard to refine and fine-tune this tool, including through work with key design partners.
We are thrilled to announce that we have joined hands with our design partner CARTO to help them deliver a Kubernetes self-hosted version of the CARTO Location Intelligence platform. Through this design partnership, VMware Image Builder helped CARTO’s engineering team ensure that all the containers running within the chart are verified images and are not exposed to known vulnerabilities.
Keep reading to learn more about how VMware Image Builder enables ISVs and large enterprises to move faster when building applications, and supports them with the security and compliance they need to successfully run in the cloud and on Kubernetes.
VMware Image Builder: An end-to-end pipeline for customized and secure content
VMware Image Builder automates the processes of packaging, verifying, and publishing customized and secure content on any platform and on any cloud. Through VMware Image Builder, organizations can forget about having to perform manual checks and validations on their custom-built content, thus saving the time needed to add new applications, operating systems, or targeting new platforms.
All the services that VMware Image Builder provides—package, verify, publish—are API-first. This means they are designed to interact with each other, resulting in a complete end-to-end content-generation pipeline. However, these services can also be used standalone in order to cover a variety of use cases.
For example, some users may want to use VMware Image Builder to ensure that their Helm charts are validated and have provenance generated, while others may want to utilize VMware Image Builder to publish their products to hyper-scaler marketplaces.
To address these different scenarios, VMware Image Builder services are divided into the following core functional domains:
- Packaging – Supplies an API-driven interface to build fully functional solutions in the desired format of Helm charts or Carvel packages. Users also can syntactically and semantically check their application packaging resources.
- Verification – Verifies a supported package (ideally but not necessarily created through the packaging service) on various deployment cloud platforms simultaneously, including VMware Tanzu Kubernetes Grid, Google Kubernetes Engine (GKE), Azure Kubernetes Service (AKS), Amazon EKS, and VMware Cloud—with more platforms coming soon. The verification stage includes functional and verification tests, health checks, CVE scanning, and container scans by running the latest generation of testing tools, such as Trivy, Cypress, or JMeter, among others.
- Publish – Allows users to seamlessly publish packages onto one or more Helm chart and/or OCI registries through an API-driven interface.
By slicing up the different content management actions into different phases, we provide users with the possibility of choosing where to plug the VMware Image Builder into their build pipeline.
CARTO and VMware partnership
VMware Image Builder is an ideal tool for ISVs that would like to simplify the process of packaging, verifying, and publishing their Kubernetes Helm charts or Carvel packages. As announced in April, CARTO became one of the first partners to incorporate VMware Image Builder into its packaging lifecycle. In their case, they opted to use VMware Image Builder to automate the verification tests against different Kubernetes engines, such as Tanzu Kubernetes Grid, AKS, EKS, or GKE. In this way, they are able to ensure that CARTO’s Self Hosted with Kubernetes offering is secured at every layer of the stack.
VMware and CARTO engineering teams have worked side by side to make sure that the VMware Image Builder service addressed all of their requirements to successfully package their spatial analytics solution.
“VMware Image Builder ensures we meet the highest compliance, security, and testing standards demanded by our clients,” says Alberto Asuero, CARTO chief technology officer. “It provides us with a convenient and scalable solution for Self Hosted deployments of our leading Location Intelligence solution, across cloud platforms.”
Learn more
We will be presenting at VMware Explore! Be sure to add our session, How CARTO Optimized Kubernetes with VMware Image Builder, to your VMware Explore schedule now, and don’t miss the opportunity to learn more about VMware Image Builder and CARTO. The session will feature CARTO CTO Alberto Asuero, along with VMware experts Carlos Sanchez, senior manager of R&D, and Beltran Rueda Borrego, senior manager of R&D, live and in-person at Moscone Center in San Francisco, California. Join us on August 30 at 11:30 AM PDT!
VMware Image Builder is currently in Tech Preview. The tool is growing, and it is enhanced every day thanks to the feedback we are receiving from the partners we are working with. If you are interested in being a part of this project, please contact us via the contact form. To learn more about VMware Image Builder, visit the GitHub page.
About the Author
More Content by Raquel Campuzano Godoy
