Whether you’ve used VMware Tanzu Application Service for several years or just a few months, you have a thirst for better outcomes through the rapid delivery of high-quality software. To that end, both practitioners experienced with the product and those new to it will find something to like in Tanzu Application Service 2.11, now generally available.
Long-time customers in particular will appreciate the new “jump upgrade” capabilities. Platform teams can now upgrade directly to version 2.11 from any Tanzu Application Service version between 2.7 and 2.10, skipping the toil associated with sequential upgrades entirely. If you’re also using VMware Cloud on AWS, you can now deploy new foundations for the product in this environment.
If you’re new to Tanzu Application Service, you’ll be interested in its pairing with VMware Cloud Foundation (VCF), which offers a standardized, full-stack, hyperconverged architecture; intrinsic security; and much more; making it the ideal infrastructure target for Tanzu Application Service on-premises. Deploy this combination in your data center, and you have a developer-ready platform for your modern apps.
Both camps will appreciate the new Tanzu Cloud Service Broker, a standard set of APIs that simplifies the way your development teams bring services from AWS, Azure, and GCP to apps running on the app platform.
So without further ado, let’s get into these features and the rest of the release!
One big request from customers in recent months has been to simplify the day-to-day lifecycle management of the product. And so we added a crucial new feature in version 2.10: Operations Manager supports multiple Tanzu Application Service versions.
That particular feature paves the way for the most exciting capability in this release: the ability to perform “jump” upgrades to version 2.11 from an older version of Tanzu Application Service. You now have a direct upgrade path from versions 2.7, 2.8, 2.9, and 2.10 to version 2.11 without having to go through sequential upgrades! The feature works as a single workflow; a “jump” upgrade will be similar to a standard upgrade.
To get started with your jump upgrade, generate your specific path in the upgrade planner. Then work with your balanced account team on next steps.
One quick note: We’ve extended the support window for versions 2.8, 2.9, and 2.10. These few extra months should enable you to stay on a supported version while you prepare and execute your jump upgrade.
Tanzu Application Service customers have long recognized the value of multi-cloud deployments. Nearly every enterprise is running the product on some combination of VMware vSphere, AWS, Azure, and GCP.
Now you have another supported infrastructure target to consider for your deployment, as VMware now supports Tanzu Application Service 2.11 atop VMware Cloud on AWS. Choose this option, and you can quickly extend your on-prem Tanzu Application Service environment on vSphere to the AWS Cloud.
Both Tanzu Application Service and VMware Cloud on AWS appeal to the same customer segment: large vSphere shops adopting the cloud operating model. To learn more, check out the use cases for VMware Cloud on AWS.
We recommend you install new foundations in VMware Cloud to extend to your Tanzu Application Service deployment, rather than “lifting-and-shifting” any of your existing foundations.
Ready to get started? Check out the installation docs for VMware Cloud on AWS.
When you want a production-ready app platform quickly, Tanzu Application Service is the clear choice. When you want a feature-rich hybrid cloud solution with intrinsic security and full stack automation, it’s VCF. Should we not bring Tanzu Application Service and VCF closer together? Yes, and that’s just what we’ve done in this release.
We've validated Tanzu Application Service versions 2.9, 2.10, and 2.11 for production use atop VCF versions 3.10, 4.0, 4.1, and 4.2. This is a fantastic combination if you’re looking to achieve better outcomes.
Not familiar with VCF? VCF is a full stack, hyperconverged infrastructure (HCI) solution that not only integrates vSphere, vSAN, NSX, and vRealize, but also includes the Tanzu Standard edition for management of Kubernetes and virtual machines from the same platform. Watch this video explainer to learn more.
One reason developers like microservices? With this architecture style, practitioners have the freedom to use the right backing service for the job. From an operations perspective, curating a large portfolio of backing services can be a big challenge. How do you give developers this freedom, while mitigating the complexity that comes from a potential sprawl of options?
The service broker model, powered by the Open Service Broker API, strikes a wonderful balance. Dozens of these brokers exist, and have been used in production at scale for years. Developers get to use their favorite technologies, while platform teams enjoy a structured set of APIs that offer assurances around credential management, showback/chargeback, and efficient infrastructure usage.
We’ve offered a few flavors of service broker to hyperscale cloud providers in recent years. But this new incarnation, Tanzu Cloud Service Broker, is one we’re particularly excited about. In the beta launch post, we describe a few reasons why:
It’s a common service broker for multiple public clouds – Cloud Service Broker decouples the service broker functionality from the catalog of services that it exposes. So instead of using multiple brokers, you can just use one!
It’s easily extensible – Don’t see the public cloud service you want? Quickly and easily add it yourself!
It reduces risk, with unified credential management – CredHub encrypts and manages all the secrets associated with your use of cloud services.
It’s easy and safe to migrate – Use a simple workflow to move service instances from your incumbent brokers onto the Cloud Service Broker.
Logs, metrics, and events are the lifeblood of operations. You need to be able to easily parse telemetry for the entire stack in order to make sense of any issues or anomalies. We’ve made one part of the troubleshooting process easier in Tanzu Application Service 2.10. The new timestamp format follows the RFC3339 spec, is in UTC, and includes nine points of precision wherever possible. When enabled, the logs from the following components will be in a new format: Diego, Garden, MySQL monitoring, PXC, routing, and Silk.
We’ve continued this work in version 2.11. New subsystems for logging, CAPI, and UAA now use this handy syntax. Check out the release notes for a list of the specific components.
Tanzu Application Service has always included lifecycle management for backing services and other add-on modules. The APIs that underpin these capabilities are now available in the Cloud Controller V3 API library. When you call these endpoints, you will notice faster responses from the system when listing, creating, and modifying services. You can get started with the V3 APIs in version 2.11.
Concourse for VMware Tanzu v6.7 adds mitigations for Docker Hub rate limiting, pipeline management features
Concourse for VMware Tanzu is an essential tool for platform teams running Tanzu Application Service. Recently, we added several new capabilities in version 6.7.x to assist your platform CI/CD workflows. Three highlights stand out:
Mitigations for the rate-limiting restrictions introduced for Docker Hub.
Archive pipelines, so that pipelines no longer in use can be paused and hidden from the web UI. Build logs can still be retained via the
Favorite pipelines, which allow you to select frequently viewed/used pipelines and have them prioritized within the dashboard and sidebar.
Concourse for VMware Tanzu adds a new “favorites” capability to the user interface
There are a handful of other Tanzu Application Service features worth highlighting as well:
“Forced” verification of a primary CredHub encryption key – If a primary CredHub encryption key has not been selected, your Tanzu Application Service deployment will now fail quickly, and will present a helpful error message. You can then identify the root cause of a failure, select a primary encryption key, and proceed with the deployment.
Configure UAA proxy settings via Operations Manager – With this feature, you can enable authentication with external identity providers and persist those settings through redeployments. Previously, this action could only be done via BOSH and bosh-init.
For the Gorouter in the Isolation Segments tile, you can configure trusted client CA certs – In this release, you can configure Gorouter to request (or require) only a specified list of client certs so as to accomplish mutual authentication and tighten security in your foundation.
Take the next step: “Jumpgrade” to Tanzu Application Service 2.11
Review the documentation below and get the new version of the app platform running in your sandbox environment. Then plan your jump upgrade (or “jumpgrade”) so you can take advantage of all these new capabilities!
This article may contain hyperlinks to non-VMware websites that are created and maintained by third parties who are solely responsible for the content on such websites.