Control & security for operators
Centralized policies and data protection can be applied to Kubernetes clusters in any environment.
Control & security for operators
Centralized policies and data protection can be applied to Kubernetes clusters in any environment.
Consistency & speed for DevOps
Use templates and/or GitOps for consistent and faster cluster deployments including needed guardrails.
Flexibility & autonomy for developers
Choice and self-service access to clusters increases developer productivity and unlocks innovation.
Expand control with templating and resource grouping by clusters, namespaces, and provisioners.
Improve efficiency with cascading policies at organization, cluster group (cluster), or workspace (namespace) levels.
Increase security with out-of-the-box security policies and data-protection, including restore to different clusters.
Plans & features Solution briefCreate, update, upgrade, and delete Tanzu Kubernetes Grid, Amazon EKS*, and Azure AKS* clusters in many environments or adopt existing clusters.
Attach any conformant Kubernetes clusters running in other environments—either on-prem or in public clouds—for central management.
Utilize a robust policy engine with out-of-the-box access policies, image registry policies, network traffic policies, and quota policies.
Create and schedule backups and restore to the same or different cluster, in different clouds if you so choose.
Open/extensible approach so users can leverage the tools (Tanzu, third party, open source, in-house) of their choice.
Gain global observability of the health of clusters and workloads across clouds through integration with Tanzu Observability*.
Easily deploy infrastructure and enable routing across environments with always-on mTLS using Tanzu Service Mesh*.
Cluster conformance and Center for Internet Security (CIS) Benchmark Inspection available for configuration and security issues.
Implement centralized authentication and authorization and federated identity from multiple sources, such as AD, LDAP, and SAML.
Manage your clusters consistently across clouds through cluster attach and centralized policy management. Create clusters targeting on-premises locations, vSphere, VMware Cloud, or cloud providers.
Attach existing CNCF-conformant clusters across multiple cloud, on-premises, and edge environments for centralized management. Efficiently provision and lifecycle manage Tanzu Kubernetes Grid (and also Amazon EKS and Azure AKS clusters on the SaaS version). Configure clusters via GitOps for increased consistency.
Out-of-the-box policies such as access, network, image registry, quota, security, custom OPA, and mutation are available and increase control and security of Kubernetes clusters. Resource hierarchy enforces inheritance across cluster groups or collections of namespaces and baseline observability helps teams review cluster health and adapt quickly as needed.
Offer a reliable path to production for internal development teams or external customers so they can deploy workloads easily and avoid wrestling with infrastructure. In the SaaS version, you can apply Helm charts from public git repositories or software packages from the Tanzu Application Catalog or Bitnami Catalog to support multiple requirements.
Use the Tanzu Mission Control Terraform Provider for infrastructure as code configuration and GitOps capabilities enabled by FluxCD. In the SaaS version, you can extend the value of your Kubernetes control plane through integrations with VMware Aria Automation, Tanzu Observability (offering observability), and Tanzu Service Mesh.
Ensure data is protected and recovery point objectives can be met with cross-cluster restore, across environments and clouds. Compliance needs are supported with infrastructure-agnostic data portability while network costs can be reduced with flexible target locations (e.g. AWS S3 and Azure Blob Storage). For the backup of volumes on stateful apps, users have the choice of CSI Snapshot or File System Backup.
For regulated industries the ability to standardize security policies, ensure data protection with fine-grained control, and automate Kubernetes operations at scale is essential. With Tanzu Mission Control Self-Managed, organizations can manage IAM and other policies for all CNCF-conformant clusters including Rancher and OpenShift.
Tanzu Mission Control is a centralized management hub with a robust policy engine that simplifies multi-cloud and fleet Kubernetes management.
Platform operators can reduce complexity through centralized management, increase consistency through configuration management, and offer a better developer experience with self-service through Tanzu Mission Control.
The key capabilities of Tanzu Mission Control include:
Tanzu Mission Control benefits both the applications teams and operations teams by
Tanzu Mission Control benefits three distinct user groups: operators, DevOps teams and developers.
The infrastructure and platform teams use Tanzu Mission Control to enable developers and technical teams with self-service access to Kubernetes and at the same time, centrally operate and manage the Kubernetes clusters and modern apps running on them with efficiency, consistency, and security.
The application teams use Tanzu Mission Control to better manage and maintain applications by easily deploying services and workloads across clusters, better understanding the health of applications and quickly troubleshooting issues.
Yes. Tanzu Mission Control allows you to provision or adopt Tanzu Kubernetes Grid, Amazon EKS*, and Azure AKS* clusters directly from Tanzu Mission Control and perform lifecycle management of these clusters. Today, Tanzu Mission Control supports provisioning, scaling, upgrading, and deleting Amazon EKS*, Azure AKS*, and Tanzu Kubernetes Grid clusters on vSphere, VMware Cloud Foundation, and VMware Cloud on AWS. For Tanzu Kubernetes Grid clusters, additional deployment targets are Azure VMware Solution, Google Cloud VMware Engine, and Oracle Cloud VMware Solution.
You can attach CNCF conformant Kubernetes clusters to Tanzu Mission Control no matter where they are running: on vSphere, in any public clouds, or through other Kubernetes vendors.
Yes. A key design principle of Tanzu Mission Control is extensibility into organizations’ existing workflows and toolkits. Tanzu Mission Control provides this through a documented API, with a CLI and UI for ease of use.
Yes. Even though Tanzu Mission Control was built with a SaaS-first approach, we announced the availability of a self-managed deployment option on June 29, 2023.
We use open source technologies to build core functionalities of Tanzu Mission Control. For example, Project Sonobuoy is behind the cluster conformance inspection functionality, and Project Velero is leveraged to build the data protection function, and we use Open Policy Agent Gatekeeper for policy enforcement.
Today, Tanzu Mission Control integrates with Tanzu Kubernetes Grid, Tanzu Service Mesh*, Tanzu Observability*, Bitnami Application Catalog*, and Aria Automation*. We are working on adding more integrations with other VMware products and will update this space.
Talk to a Tanzu Expert for further details on the commercial versions of Tanzu Mission Control:
This feature comparison chart shows which features are included in each version.
We will get back to you shortly.