The announcement of Project Pacific by VMware in 2019 marked the release of the vSphere 7 virtualization platform that fully supported Kubernetes. vSphere with Kubernetes was a significant reworking by VMware’s since its introduction of ESXi in 2008. It provided easy provisioning and management of Kubernetes clusters for developers and administrators using the VMware architecture.
vSphere integrated with the VMware Tanzu portfolio of products enabled customers to build and run Kubernetes-based applications that provide a consistent and upstream Kubernetes experience fully supported by VMware.
VMware Tanzu Portfolio majorly consists of two services, the Tanzu Runtime Services, and Hybrid Infrastructure Services. Tanzu Runtime Services is the framework that the rest of the Tanzu Platform builds upon and has Tanzu Kubernetes Grid central to many of the offerings. Hybrid Infrastructure Services, on the other hand, include full Kubernetes access that spans across virtual machines.
In this blog, we will focus on Tanzu Kubernetes Grid and its features and how it compares to other Kubernetes management platforms like Openshift and Rancher to deliver core Kubernetes services.
Tanzu Kubernetes Grid provides a Kubernetes runtime or a distribution that provisions and manages Kubernetes-orchestrated containers across multiple cloud infrastructures. The runtime/distribution uses current open-source technologies in the Kubernetes community and is engineered to simplify the use of Kubernetes operators and syntax for developers.
Tanzu Kubernetes Grid implements a specific collection of Kubernetes binaries that seamlessly integrates with the VMware vSphere virtualization platform. Tanzu Kubernetes Grid integrated with vSphere 7 in Kubernetes enables deployments that span data centers and clouds, with support for multi-cluster operations, automated lifecycle management, and high availability for clustered workloads.
For production environments and mission-critical applications, Tanzu Kubernetes Grid also includes 24x7 support from VMware Global Support Services. There is also a Tanzu Kubernetes Grid plus offering that provides access to VMware’s Customer Reliability Engineering (CRE) group, which handles complex Kubernetes issues and helps customers meet their cluster reliability goals.
Tanzu Kubernetes Grid can be deployed in various ways. VMware provides four different offerings to provide complete Kubernetes life cycle management and cover multiple use cases.
TKG is the multi-cloud Kubernetes offering that we discussed above. It can be run both on-premises and in the public cloud through Amazon EC2 and Microsoft Azure. The TKG CLI binaries have to be downloaded and installed for Linux, macOS, and Windows systems which VMware officially tests. TKG also includes supported and signed open-source applications to provides necessary production environment services such as monitoring, networking authentication, and ingress.
Tanzu Kubernetes Grid Service, informally known as TKGS, is the Kubernetes with vSphere offering from VMware. Users can provision and manage Kubernetes clusters natively in the vSphere virtualization platform and take advantage of many reliable features, such as vSphere networking, storage, security, and vCenter SSO, to provide a better Kubernetes experience.
VMware Tanzu Mission Control, also known as TMC, is a hosted Tanzu Kubernetes Grid offering for public cloud environments. Tanzu Mission control is accessible through VMware Cloud, and implements managed services for Tanzu Kubernetes to support centralized monitoring and operations management across multiple teams.
Tanzu Mission control can also act as a security layer that provides capabilities such as policy management, data management, and data protection based on Microsoft Active Directory, Lightweight Directory Access Protocol, and Security Assertion Markup Language.
VMware Tanzu Kubernetes Grid Integrated Edition is a dedicated production-grade Kubernetes-solution that integrates with Cloud Foundry BOSH and Ops Manager to provide software deployment and application lifecycle management for large-scale distributed services.
TKGI, formerly known as VMware Enterprise Pivotal Container Service(PKS), is used by users to provision and manage enterprise-grade Kubernetes through features like advanced networking, a private container registry(Harbor), and lifecycle management
VMware Tanzu Kubernetes Grid Integrated Edition is most suitable for day 1 and day 2 support in large organizations and provides close integration with the VMware enterprise stack to make the most of their existing VMware infrastructure.
Tanzu Kubernetes Grid is well suited for multi-cloud use cases and provides a common platform for developers to create container-based applications on both private or public clouds.
Public Cloud: TKG supports all the major cloud services like Google Cloud Platform (GCP), Microsoft Azure, and AWS through VMware cloud.
Private cloud: Tanzu Kubernetes Grid implemented through VMware vSphere 7 can enable admins and developers on a private network to easily provision and manage clusters using the Kubernetes constructs and APIs available.
Although Tanzu Kubernetes Grid(TKG) is an integrated offering from VMware services, it includes many open source components like Cluster API, Fluent Bit, and Contour, which makes it a battery included but swappable” Kubernetes distribution.
With so many open-source projects integrated into TKG, users get the benefit of inspecting and fixing the source code while the ability to port Kubernetes clusters into different underlying platforms.
VMware Tanzu offers vSphere Cloud Provider(VCP) for Kubernetes, which provides enterprise-grade storage persistency for stateful applications. vSphere includes features like vSAN and Storage Policy Based Management (SPBM) that integrates well with Kubernetes storage primitives like PersistentVolume (PV), PersistentVolumesClaim (PVC), StorageClass and allows customers to easily meet performance, availability, and redundancy levels needed by their business-critical applications.
TKG with mission control provides the ability to manage tasks such as provisioning, upgrading, and scaling for multi-cluster operations through a centralized platform. Tanzu Mission Control leverages Cluster API to use declarative, Kubernetes-style APIs for automating the lifecycle management of clusters while providing an intuitive UI for implementing features like time-based Kubernetes version upgrades to meet specific demands.
Rancher is a highly available enterprise-ready Kubernetes management platform designed for production workflows. Rancher is a mature and stable platform in the Kubernetes community because of its own Kubernetes distribution, Rancher Kubernetes Engine(RKE). With Rancher RKE, the company is committed to a completely open-source distribution that supports different Kubernetes versions with all the major open-source offerings.
Openshift, one of the leading contributors to the Kubernetes open-source project, provides a robust, tightly-integrated platform for enterprise deployment and development. Openshift components are built on an upstream open source K8s distribution OKD, the Community Distribution of Kubernetes (previously OpenShift Origin), and comes included with many pre-configured tooling enterprises require to deploy and manage containers.
Out of the box, all three Kubernetes management platforms provide an intuitive UI that provides users with the ability to deploy services and manage resources. VMware offers Mission control where Openshift and Rancher provide Openshift Console and Rancher UI to manage common scheduler configurations, resources, health checks monitoring, and secrets from one place.
Both Rancher and Tanzu Kubernetes Grid (TKG) have a simplistic design and can be deployed on-premises or in all the major clouds. TKG also supports clusters running on vSphere and other certain bare-metal infrastructure. When it comes to Openshift for deployment models offered, Openshift has different offerings for different types of deployment- OpenShift Online for public cloud, OpenShift dedicated for SaaS-managed, and OpenShift container platform for Hybrid cloud.
Coming to storage support and integration, Openshift and Rancher are compatible with a variety of persistent storage endpoints such as NFS, GlusterFS, OpenStack, VMware vSphere, and supports integration with the network-based storage using the Kubernetes persistent volume framework. Tanzu Kubernetes Grid, on the other hand, for storage integration uses the vSphere container storage interface (CSI) to communicates with the control plane for all storage operations. The vSphere CSI provides functionalities such as dynamic volume provisioning, multiple data centers, and datastores clusters.
For networking and CNI support, Rancher provides out-of-the-box support for CNI providers like Canal, Calico, and Flannel. OpenShift also supports CNI based plugins such as Flannel. Still, by default, Openshift SDN is deployed that provides a unified cluster network for reliable communication between pods across the OpenShift platform. Networking in TKG is provided through Antrea, a CNI- compatible plugin based on Open vSwitch.
The other key distinction between these Kubernetes management platforms is support for different Operating systems. TKG is compatible with popular enterprise Linux distributions such as CentOS, Ubuntu. Amazon. Linux and Photon OS. Rancher also works with CentOS and Ubuntu with the inclusion of Red Hat and RancherOS, whereas Openshift only supports RedHat Enterprise Linux bundled into OpenShift.
There is also a distinction on how these platforms provide container image management and provide private registry support. Rancher and TKG do not provide out-of-the-box support for the private registry. Users have to deploy their own registries; however, TKG is primarily designed to integrate with Harbor- Vmware’s own private registry. Openshift for image management primarily relies on the OpenShift registry and supports third-party registries such as Docker Hub.
Lastly, for observability, both Openshift and Rancher support health checks and alerts and deploy Prometheus and Grafana for visualization and monitoring. TKG does not provide any built-in monitoring integrations, but it is compatible with Prometheus and Grafana.
If you already have vSphere in your organization and want a stable production-ready Kubernetes platform, Tanzu is a great way to start integrating with Kubernetes services. Tanzu provides easy creation of Kubernetes clusters with enterprise support and will take less time and resources to install with the existing VMware infrastructure.
But if you want a Kubernetes distribution that is flexible, Rancher is worth giving a try. Although Rancher is not as big as its other two competitors, it is very useful in scenarios where organizations want to integrate with different types of Kubernetes tools and wants a versatile way of running Kubernetes anywhere.
Rancher is also similar to Openshift when it comes to integration with different tools, but Openshift is relatively inflexible when choosing which components to use. Openshift can be advantageous for organizations with large complex systems requiring a bulletproof solution for securely creating and maintaining clusters in different environments.
|VMware Tanzu Kubernetes Grid||Openshift Container Platform||Rancher (RKE)|
|User Experience||Provides a native UI||Provides a native UI||Provides an Intuitive UI|
|Automated Provisioning of Clusters||Yes||Yes||Yes|
|Supported Deployment Models||On-premises and all the major public clouds. Also supports clusters running through vSphere||Public cloud (Open Shift Online) SaaS-managed(OpenShift Dedicated)Hybrid cloud (OpenShift Container Platform)||On-premises and all the major public clouds|
|Storage||CSI, vSphere Cloud Native Storage, and in-tree providers||NFS,GlusterFS, OpenStack,VMware vSphere etc.||NFS,GlusterFS, OpenStack,VMware,vSphere etc.|
|Supported OS||Supports Red Hat, CentOS Ubuntu, Amazon Linux, Photon OS||RHEL Atomic||RancherOS, RedHat CentOS Ubuntu|
|Container Networking||Calico versions beginning with 3.0||Openshift SDN||Canal|
|Image Registry||VMware Harbor||OpenShift Container Registry||Users have to deploy their own private image registries|
|Observability||Support for Prometheus, Grafana. and Fluentbit||Prometheus, and Grafana||Deploys and configures Prometheus and Grafana for monitoring.|