Container & Kubernetes with Vmware Tanzu and NTS
Stefan Berchtold, Account Executive of VMware Tanzu and Bernhard Waldecker, Senior Systems Engineer at NTS answer seven questions, which are about containers, Kubernetes and VMware Tanzu, in an interview with NTS.
1. I AM ONLY FAMILIAR WITH CONTAINERS FROM LARGE PORTS. WHAT CAN I ENVISAGE WHEN WE TALK ABOUT A CONTAINER IN IT?
Stefan Berchtold, Account Executive at VMware Tanzu: Although one initially associates containers with something big and cumbersome, the idea is exactly the opposite. Compared to virtual machines, containers are “lightweight” as they don’t need their own operating system, but they use the underlying kernel of the host instead. This allows containers to port much easier between locations in Clouds compared to virtual machines. At the same time, containers can be started within seconds and enable scaling based on a dynamic load behavior. This supplies the flexibility that is required these days.
Bernhard Waldecker, Senior Systems Engineer at NTS describes containers by way of an analogy as follows:
Imagine that I am an ordinary hardware server that hosts a data base, for example, like a single-family house. One use case, which would be one family, lives in it. Here, the responsibility lies with one part. I am responsible for the heating, the roof, the maintenance – thus, I oversee everything.
When I shift this to the VM level, then this is more like an apartment block. We have a common roof, but more families live under it. There is, for example, a central heating, that is serviced centrally, and the responsibility is shared by everyone. However, what ultimately happens in the individual apartment is that the VM, or the family, carries the responsibility. Then, I oversee the maintenance of the apartment, the safety door, therefore the security of my VM, and also for the furnishings.
And now the container arrives: this is a student residence in our view. It comes, for example, furnished or non-furnished. It has a lot of common resources such as a kitchen, a gym, but still my own private space. This is, for instance, my room, where I can place my bed, my desk, etc. For me, this symbolizes the container. I break it down into the essentials and in the best case, I only operate a service in it.
2. IN VIRTUALIZATION, VMWARE VSPHERE IS DE FACTO A STANDARD. IS VMWARE TANZU A LOGICAL NEXT STEP AND A FURTHER DEVELOPMENT?
Stefan Berchtold: “Yes, as the application environment is rapidly changing. New applications have to be modified regularly in order to adapt to new market circumstances and customer requirements. This involves the challenge that in future applications will have to be updated not once or twice a year, but, depending on customer requirements, to some extent on a weekly basis. This is enabled by containers with the concept of micro services architecture.
Not all applications are suitable for containers or necessarily have to be migrated in containers. Therefore, a mixed operation of VMs and containers will be needed. In the past, Cloud-native platforms were found primarily in the public Cloud. However, as the world is a hybrid one, VMware has complemented this “experience” on the proven vSphere stack with Tanzu and thus allows our customer to use the best of both worlds.”
“VMware Tanzu facilitates the “coexistence of VMs and containers” in an already existing and established platform.”
Stefan Berchtold Account Executive, VMware Tanzu3. WHAT IS KUBERNETES? IS IT A SPECIAL CONTAINER?
Stefan Berchtold describes Kubernetes, and in particular containers, in this way: “Kubernetes is the most widespread orchestration to manage containers. You can imagine Kubernetes to be like the vCenter for your containers: a manager who specifies and knows at any given time on which nodes a container has to be started or on which nodes it runs. Likewise, Kubernetes assures amongst other things that a container automatically starts when it crashes. It’s clear that in future Kubernetes could be established as a multi-Cloud manager and would be able to orchestrate VMs.”
“Kubernetes is a system from a multitude of open-source components that collaborate, but that also hold a certain complexity. This system implies advantages and disadvantages. One the one hand, the advantages are simple and fast scalability or a high reproducibility. On the other hand, the complexity itself is a disadvantage, which is reflected in the interaction between the utilized components, for example, configuration parameters or the deployed software versions. Here, VMware sets in and supports with the Tanzu product portfolio. What also needs to be said: from the very beginning, Kubernetes paid attention to security. This fact contributed to the success. Questions that were considered: How do I authenticate myself? How do services authenticate themselves? Which rights am I entitled to? How can I protect the pods?”, Bernhard Waldecker of NTS added.
4. TODAY WE ALL TALK ABOUT ATTACKS ON VULNERABILITIES IN IT. IS VMWARE TANZU SECURE AND HOW ARE CONTAINERS MADE SECURE?
“Tanzu will be provided in a hardened state in the familiar VMware quality. Here, VMware is going further and it combines an intrinsic security approach with micro segmentation and a holistic end-to-end approach. The principles of the architecture are security; thus, individual processes (containers) are isolated from the underlaying operation system. Each process obtains a new user space and therefore a completely new environment”, Stefan Berchtold described.
Bernhard Waldecker: “With containers there are also problems like with conventional Linux infrastructures. If I don’t adapt my configuration, problems will occur. Such issues can be caught by prefabricated and hardened images. Furthermore, one must observe the known and proven security aspects in order to guarantee security. Generally speaking, security is enlarged by an additional layer!”
VMWARE TANZU’S MOTTO IS:
“WE CHANGE HOW THE WORLD IS CONSTRUCTING SOFTWARE.”
5. IS VMWARE TANZU A PRODUCT THAT I CAN JUST ORDER?
Stefan Berchtold: VMware Tanzu is not just A product, but a holistic solution portfolio that targets to improve the “developer experience” and to advance the modernization of applications. As a company, I can start small and then gradually grow. Many elements are needed to map a CI/CD pipeline. This comprehensive portfolio includes VMware Tanzu to cover the entire end-to-end lifecycle.
6. WHAT CAN THE CUSTOMER EXPECT FROM NTS IN CONTEXT WITH VMWARE TANZU?
Bernhard Waldecker is certain: “What makes us such a special team is our different backgrounds. We all come from various areas and together we can cover a broad range of topics. Moreover, we are continuously training ourselves so that we can offer the usual NTS know-how to our customers in order to stay true to our motto Relax, We Care.”
“We are very proud to already have four certified employees in the Kubernetes area in our NTS team.”
Bernhard Waldecker Senior Systems Engineer, NTS“There are currently 4 people in our team that are certified Kubernetes admins. This is one of the highest certifications in this area and we are very proud of this fact. Additionally, we are also have a colleague who is a certified Kubernetes security admin and in the near future we will continue to aim for this certification and to train even more NTS colleagues in this direction”, tells Waldecker.
7. SHOULD EACH EXISTING VMWARE VSPHERE CUSTOMER CHECK OUT TANZU AND IF YES, WHY?
Stefan Berchtold answers the last question with the words: “Absolutely, in order to stay relevant. IT departments have to be prepared to either continuously provide better software to its developers or to operate COTS applications.”
Our NTS expert Bernhard Waldecker concludes the interview by stating: “The relevance will definitely increase in the coming years at all levels.”
We thank our partner for the exciting insights around VMware Tanzu.
Here you can find more information about the data center topic.