Announcing VMware Tanzu Application Platform: A Better Developer Experience on any Kubernetes

Brad Bock and Rita Manachi co-wrote this post.

Today at VMware’s annual SpringOne developer conference, we announced the public beta* of ​Tanzu​ Application Platform. With Tanzu Application Platform, application developers and operations teams can build and deliver a better multi-cloud developer experience on any Kubernetes distribution, including Azure Kubernetes Service, Amazon Elastic Kubernetes Service, Google Kubernetes Engine, as well as software offerings like Tanzu Kubernetes Grid.

For its initial beta release, Tanzu Application Platform establishes foundational elements for building a unified experience on Kubernetes for both development and operations teams, a sort of pre-paved path to production that includes:

  • Application templates with baked-in compliance and best practices

  • Automated container image builds 

  • Runtimes for serving and eventing capabilities

  • API discovery and routing

  • Insights into running applications for quick troubleshooting

A developer-led future for enterprise IT 

At SpringOne we heard about factors inhibiting developers from reaching a state of flow—that feeling when you are so engrossed in your process that time and effort melt away. We believe writing code should be like that. But today’s cloud native ecosystem is riddled with complexity and a surplus of choices, which can make it hard to move forward. Meanwhile, more organizations are adopting DevSecOps practices, meaning developers are taking on more responsibility for delivering code to production and meeting security requirements. Of course, the new applications they create also need to integrate with existing applications and back-end services. The vision for Tanzu Application Platform is to deliver a secure software supply chain that reduces friction along the path to production and integration with back-end systems. It’s also modular, so developers can swap in components and tools they prefer to use, and it lets operations teams define the opinions, or guardrails, that are best suited for their enterprise security and compliance needs. 

Today, software teams are building their own pipelines on Kubernetes by combining parts from infrastructure providers and public clouds, with technologies they sourced from the vibrant (but, let’s face it) fragmented cloud native ecosystem. These pipelines come with a lot of challenges: they can be tough to set up and maintain, they work inconsistently across teams, connecting them to other apps and infrastructure is extremely complex, and they force developers to spend too much time grappling with pipelines and infrastructure instead of writing code. To be sure, Kubernetes is a great platform for building platforms, but developers shouldn’t have to build it themselves. Nor should their operations counterparts have to constantly worry about what kinds of vulnerabilities or compliance violations are introduced while developers are taking advantage of that ecosystem. 

Influenced by Spring, built on Kubernetes

The Spring framework fundamentally changed the way Java developers work. One of its core tenets is inversion of control, which makes it an application-aware framework. By the same token, Tanzu Application Platform is an application-aware platform in that it provides developers with the scaffolding they need based on what kind of application or service they are building.

Inspired by Spring Initializr, Application Accelerator for VMware Tanzu enables developers to create new applications based on templates that follow enterprise standards defined by platform engineers and architects. This accelerates how a developer goes from idea to running system with ready-made, enterprise-conformant code and configurations.

Planned for later this year, the platform will then enable developers to describe their apps in a declarative manifest and get a URL to test on the platform in minutes, with little or no Kubernetes knowledge necessary, in an environment that closely mimics production. 

Planned for Beta 2, the Workload resource will allow an application developer to focus on information relevant to the application.

The application manifest then becomes the contract through which developers and operations teams work together to promote apps to production and maintain them there. And when an application makes its way to production, observability that gives vital insight into pipelines and application health is baked in.

Because the platform is able to run code multiple ways—as event-triggered functions or as long-lived web applications, for example—choosing between those patterns becomes a configuration detail. APIs and application primitives are quickly accessible, and information about those things are easily digestible so that developers can quickly integrate with existing infrastructure and apps instead of sifting through hundreds or thousands of docs.

While these experiences are accomplished through layers of abstraction, none of them are a black box: underlying layers, all the way down to kubectl, are accessible whenever a developer needs them. This ensures the platform can deliver a great experience for any developer regardless of experience with cloud native applications and Kubernetes.

BYOO - Bring your own opinions

Normally when getting started with Kubernetes, platform operators and DevOps teams choose and deploy a mix of vendor products and community projects onto their clusters, configuring each one to work with the others in DevOps pipelines. Tanzu Application Platform customers will start with the entire end-to-end supply chain included, with its components pre-instrumented to work seamlessly together out of the box. Having this set of strong defaults eliminates many decisions that teams would normally have to make when deciding how to build their platform from the thousands of possible combinations of technologies available in the Kubernetes ecosystem.

However, while strong defaults may make it easier to get started, what happens when one of VMware’s choices of component doesn’t work for you? Because of its modularity, Tanzu Application Platform lets operations teams set their own guardrails based on their expert opinions. In other words, they can substitute individual components easily through adapters. From CI to container build system, developers can use whichever they prefer as long as they’re defined by their operations teams.

Tanzu Application Platform does not lock you into technologies chosen by VMware. We believe defaults are necessary to get started, but these choices need to be dynamic and easy to change.

Separation of concerns

Application teams that are prolific software producers organize their work into inner and outer loops. The inner loop consists of shared or local development environments where developers have self-service access to the right resources and cloud native application patterns. The outer loop is where DevOps, platform operations, and security teams work with each other and with developers to promote applications to production and maintain them there. Tanzu Application Platform facilitates collaboration between these groups because the work that happens on the platform is coordinated around these inner and outer loops.

Developers are able to spend the  majority of their time focused on their code, using the tools in the inner loop that help them be productive and maintain their flow. There is little context switching happening when the only command you run to update your app in production is git push.

Because security and operations teams are able to codify guardrails into Application Accelerator scaffolding, security and policy concerns largely melt away for developers. Everyone benefits when compliance becomes automated and security shifts left, when security is not an afterthought and developers aren’t forced to start over or shoehorn their cloud native apps into outdated rules designed for VMs. And ops teams love it when they do not depend on developers for things like dependency updates in their container images.

When a vulnerability hits, ops and security teams can remediate every affected container with no developer intervention thanks to continuous container build and maintenance centralized through VMware Tanzu Build Service. Other activities that ops teams are responsible for, from operating CI/CD pipelines to configuring the network to maintaining underlying Kubernetes plumbing—the Ops in DevOps—is handled in the outer loop so that operators can do their finest work without getting in developers’ way.

Help developers connect external applications, services, and infrastructure

Microservices architectures are essentially an API-first construct in that the services need to communicate with internal sources—including each other—and external sources. With Tanzu Application Platform’s API portal, developers can access internal and external APIs through a simple interface. Developers can also try out endpoints directly and receive sample responses, all without writing a single line of code. Operations, meanwhile, uses the portal’s management capabilities to verify that APIs remain secure, compliant, and performant even as their usage scales with the number of deployed applications.

Discovering APIs is important, but a good gateway is also necessary to facilitate the connection of services through those APIs. When it comes time to implement interactions between both internal and external applications and microservices, Spring Cloud Gateway for Kubernetes enables developers to configure routes on distributed gateway service instances. And instead of the ticket-based workflows and cumbersome centralized API gateway appliances that are still the norm, these routes are configured in JSON during service binding in Tanzu Application Platform. That means, once again, that developers can accomplish this task without ever leaving their IDE and git.

In addition to simplifying API connectivity to applications, Tanzu Application Platform makes it easier to consume events from other apps and infrastructure. This happens through Cloud Native Runtimes for VMware Tanzu, which connects different types of event sources and consumers by using the TriggerMesh event integration platform. TriggerMesh unlocks external event sources from cloud native applications with event-driven architectures running on Kubernetes.

Get started early with the Tanzu Application Platform beta*

We are actively working with a wide variety of customers as we build momentum toward general availability. We would love for you to take part by signing up for the beta! And be sure to catch these SpringOne talks or watch the replay if you missed them to learn more about Tanzu Application Platform and related topics:

*VMware, Inc. makes no commitment or obligation that technical preview or beta features or offerings will become generally available.

Previous
Securing VMware Tanzu Mission Control with Access Policies
Securing VMware Tanzu Mission Control with Access Policies

Tanzu Mission Control has a lot of power, so verifying that proper user permissions are in place is critica...

Next
Introducing Azure Spring Cloud Enterprise Tier
Introducing Azure Spring Cloud Enterprise Tier

This Microsoft-managed service for Spring includes VMware Tanzu technology and offers enterprise-grade supp...