Elevate App Development and DevSecOps Experience with New Integrations in VMware Tanzu Application Platform

July 12, 2022 Deepak Belani

Many businesses today rely on delivering modern applications that provide the best customer experience and competitive advantage on any cloud. Modern applications require a modern cloud native infrastructure. One of the clearest signs of cloud native technology mainstreaming (i.e., Kubernetes) is the rapid growth in the number of clusters being deployed in the multi-cloud environment. Our latest State of Kubernetes survey shows an ongoing adoption as almost one third of stakeholders surveyed in the report are operating 50 or more Kubernetes clusters. When we asked people about growth plans, almost half of the respondents said they expect the number of Kubernetes clusters they operate to grow by more than 50 percent in the coming year. However, although Kubernetes adoption is growing rapidly, organizations face challenges with application development and security concerns. More than half of the respondents highlighted that their biggest challenges are meeting security and compliance requirements (59 percent) and the lack of adequate internal experience and expertise (52 percent).

The good news is that VMware is tackling this problem and has introduced VMware Tanzu Application Platform, a superior multi-cloud developer and operator experience on any Kubernetes. As a modular, application-aware platform, it provides a rich set of DevSecOps tooling with a pre-paved path to production to build and deploy secure software quickly. 

Today, we are excited to announce VMware Tanzu Application Platform version 1.2, which focuses on readiness for more environments, from cloud-first to highly regulated. This version adds new out-of-the-box integrations with popular ecosystem tools, and boosts security that doesn’t add to the developer’s workload.  

  • Application single sign-on (App SSO) for authentication  
  • Air gap installation support for regulated environments  
  • IntelliJ IDEA support for developer tools  
  • Support for Dockerfiles to build container images 
  • Out-of-the-box supply chain integrations 
  • Amazon Web Services (AWS) Quick Start with Elastic Container Registry (ECR) and Relational Database Service (RDS) integrations

Here is a general overview of the new features in Tanzu Application Platform 1.2.

Develop applications with single sign-on authentication   

App SSO enables users to log into their identity provider once, which authenticates and identifies access to any Kubernetes-deployed application. Today, developers face challenges in securing access to their applications because existing tools are too complex and thus error prone. Additionally, different app languages need customization, which only adds to the complexity of the solution needed.

Tanzu Application Platform 1.2 provides developers and operators an easy path to get started with App SSO.  Backed by the success of the open source project Spring Authorization Server (SAS), App SSO is built on top of SAS and invests in its success in the OS community. In Tanzu Application Platform 1.2, App SSO comes with pre-configured defaults that make securing the applications fast, simple, and seamless. Developers can quickly get started with SSO locally, without needing to connect to an external identity provider to increase productivity. Securing an application is automated and runs in the software pipeline, ensuring consistency from development to the production environment. The benefit of fully integrating App SSO in Tanzu Application Platform is that developers and operators can make their applications enterprise-secure and ready by adding SSO support with minimal effort.   

DiagramDescription automatically generated 

Get air-gapped support for high compliance, disconnected environments 

Air-gapped security is a measure commonly used in highly regulated industries that physically isolates a computer or network, and prevents the creation of an external connection to other computers or networks. 

Tanzu Application Platform 1.2 supports air-gapped installation (beta) and ensures the components, upgrades, and patches are made available to the system, and that they operate consistently and correctly in the controlled environment, as well as keep the organization’s data secure at all times. The platform operations team can relocate the full solution bundle from the VMware Tanzu Network, scan for any vulnerabilities, and install the platform in an air-gapped environment to meet security and compliance needs.   

Drive greater extensibility with new partner integrations 

The new version of Tanzu Application Platform 1.2 delivers greater extensibility with new partner integrations options in supply chain components that enhance user flexibility and safeguard business investments in already existing tools.

Tanzu Application Platform includes support for Visual Studio Code integrated development environment (IDE), where developers can work right from their own IDE to iterate on code. They can debug a running container on any Kubernetes cluster and update code in a running container to quickly test and iterate.

The latest release of Tanzu Application Platform 1.2 includes integration with IntelliJ as the newly supported IDE for development teams to build and test code changes instantly. Using IntelliJ, developers can follow processes they are most familiar with to rapidly iterate on the code, while gaining higher productivity. 

Once developers commit the code, Tanzu Application Platform provides a set of default supply chain workflows with pre-instrumented components that automate the path-to-production. It is a composable platform, so operations teams can easily customize the workflow and swap components to meet their business needs. In Tanzu Application Platform 1.2, developers can build and deploy Tanzu applications directly from existing Dockerfiles. By integrating Kaniko as the underlying open source technology, users can build a container image using source code and Dockerfiles on the same platform. The benefit for customers who already have Kubernetes apps and Dockerfiles created is that Tanzu Application Platform can build a container image from source, due to its simplicity and ease of usability.  

Graphical user interface, applicationDescription automatically generated 

 When it comes to managing continuous integration and continuous delivery (CI/CD) pipelines, there are likely many customers who have existing software pipelines that they are unwilling to tear down. Similarly, they may have existing tools, such as vulnerability scanners, that they do not want to replace. To enable these customers and help them leverage their investments in existing tools, Tanzu Application Platform 1.2 provides new integrations with CI/CD tools such as Jenkins for producing artifacts, and Snyk (beta) for image scanning. By using software supply chain choreography, operations teams have the flexibility to customize the supply chain by swapping out-of-the-box components with their preferred tools for CI/CD and image scanning. 

For developers building Java artifacts with existing Jenkins or other CI/CD pipelines, Tanzu Application Platform 1.2 offers support for Maven repository artifacts as the source for supply chains, which enables businesses to bring existing applications to production quickly. This new functionality offers developers the ability to focus on writing code and allows them to be more productive, as opposed to adapting to a new pipeline for existing applications. Application operators can leverage existing investment in CI/CD tools to perform current tasks while managing the overall supply chain with Tanzu Application Platform.  

By integrating Snyk (beta) for vulnerability scanning with out-of-the-box supply chain, users can:  

  • Leverage their existing scanner to implement security features prior to deploying to a cluster) (e.g., image scanning to detect common vulnerabilities and exposures (CVEs). 
  • Get automated and continuous monitoring on each new image built. 
  • Enforce user-defined policies to block noncompliant CVEs. 
  • Create metadata stores to archive and query scanned reports and vulnerabilities.  

“Tanzu Application Platform integration with Snyk ensures you can secure your software path to production, and identify and fix issues before they are deployed. The Tanzu and Snyk integration enables your software supply chains to continuously scan every new container image for vulnerabilities, so you can ensure security at scale without impacting developer velocity.”
Jim Armstrong, Senior Director, Product Marketing, Snyk 
 

Graphical user interfaceDescription automatically generated

Build a great developer experience on AWS  

Building on their strategic partnership, VMware and Amazon are elevating the experience of running the Tanzu Application Platform on Amazon Elastic Kubernetes Services (EKS) by introducing an AWS Quick Start in addition to support for Amazon ECR and RDS service bindings.  

Starting with the pre-configured cloud native pattern templates, developers can turn source code into a container and get a URL to test their app in minutes on Amazon EKS. Once the container is built, developers can debug a running container and update the code quickly every time there is a new code commit or dependency patch to test and iterate. Developers have the option to take the committed code to production using an out-of-the-box supply chain workflow with all components pre-configured by the operations team, including security and compliance requirements baked-in. Operations teams have full control of workflow customization and are empowered to employ their own opinions and best practices, given the modular nature of the platform. They can even plug in their own components and integrations from the AWS ecosystem​ in the workflow “natively.” 

Tanzu Application Platform on Amazon EKS provides a perfect solution for enterprises with a large number of developers and development teams that are already on AWS or looking to move their DevOps processes and tools. Infinite scale allows enterprises to address their evolving business needs with a seamless integration into native AWS services like ECR and RDS (which help customers develop applications efficiently).

To help organizations run Tanzu Application Platform on AWS faster, VMware and Amazon are introducing an automated quick start. This Quick Start provides the fastest means to get started with the Tanzu Application Platform by automatically provisioning an EKS Cluster, installing the Tanzu Application Platform, and launching a sample application, with minimal manual steps.

Watch the demo.

  

Accelerate your app development while providing the best DevSecOps experience  

For more information, check out the replay of this webinar,  Jun 30 – Increase Business Growth by Elevating the Developer Experience, and read the latest report from Forrester on “Elevating the Developer Experience.” To learn more on how VMware Application Platform helps organizations like yours build a superior developer experience, visit us at https://tanzu.vmware.com/application-platform.

About the Author

Deepak Belani

Deepak Belani is senior product marketing leader for Tanzu Application Platform at VMware Tanzu.

More Content by Deepak Belani
Previous
What’s New with VMware Tanzu RabbitMQ for Kubernetes 1.3
What’s New with VMware Tanzu RabbitMQ for Kubernetes 1.3

This new release extends the reach of the Warm Standby Replication while automatically upgrading open sourc...

Next
That’s a Wrap for DevOps Loop 2022: Recap and Highlights
That’s a Wrap for DevOps Loop 2022: Recap and Highlights

Get the scoop on DevOps Loop 2022 and catch up on missed sessions and announcements.