Introduction to VMware Enterprise PKS

August 13, 2019

Start maximizing up-time with the power of VMware Enterprise PKS

Tweet This:
Share on LinkedIn:

Steven Carnes, Kovarus, Sr. Development Consultant

I recently attended training on a new offering made possible by a partnership between VMware, Pivotal, and Google, titled Pivotal Container Service (PKS). The training highlighted the many capabilities that VMware Enterprise PKS provides and how it addresses issues encountered when using Kubernetes in the Enterprise.

What does VMware Enterprise PKS do?

At a high level, VMware Enterprise PKS helps manage Kubernetes Clusters, which are comprised of Master and Worker nodes. The Worker nodes contain workloads that have been deployed to the cluster. The Master nodes monitor the Worker nodes and may intervene if necessary, to ensure maximum uptime.

VMware Enterprise PKS offers management of these Clusters through the VMware Enterprise PKS Control Plane. The Control Plane manages the life cycle of each cluster and enables the following functionality via the PKS CLI:

  • Create/Delete Clusters
  • Obtain credentials to deploy workloads to Clusters
  • Scaling Clusters
  • View Cluster plans
  • Create/Delete/Manage network profiles for NSX-T Data Center
  • View information for Clusters

Maximizing Up-Time

To go further, let’s start with an example, if we have an application called “foo” that is running on a Kubernetes Cluster that was deployed via PKS. This deployment has three Availability Zones and is backed by a vSphere environment.

As mentioned, one of the goals of VMware Enterprise PKS is to ensure maximum uptime, and to help achieve this, VMware Enterprise PKS offers 4 levels of High Availability.

Kubernetes Up-Time

Using the example given above, we know that if the application “foo” is running on an NGINX server (container) and that server has a corrupted configuration file, the application would fail. However, in Kubernetes, the Master node would continuously monitor this, and if detected, the node will destroy the container containing the now corrupted configuration, and deploy a new one in its place, containing a pristine copy of the configuration

Availability Zones

If the application “foo” completely fails, and so does its Master node, we know that in a traditional environment, that means the end of our application. However, VMware Enterprise PKS offers us Availability Zones, which allow our deployments to be replicated in multiple places. These can be geographically dispersed or simply in separate vCenter instance locations. However, because our application in this example is in three Availability Zones, we know that if one of them fails, our application will still be running in the other two, helping us maintain up-time.

Health Management — Platform

Continuing with our example, we know at this point we only have 2 of our 3 Availability Zones up. Ideally, we would want to get all 3 functional again. BOSH director has many functions, one of which is Health Management of the platform, including the master and worker nodes; This will keep an eye on our Availability Zones and keep them in balance. This means that it can detect if the number of functional instances are at their expected levels in each AZ. If not, it will complete whatever lifecycle actions are needed to get them all back to the original defined state.

Process Monitoring

So far, our application is protected by running in multiple AZs while Health Management keeps an eye on our instances and keeps them in balance. However, what if one these processes, such as Health Management, or any other VMware Enterprise PKS service has issues and is unavailable?

BOSH director also monitors all processes within VMware Enterprise PKS to ensure their up-time as well. It will monitor these processes and if any fail, it will run through a workflow to notify administrators, and will use whatever ability it has to try and get these processes back into operation again.

Health Management — Virtual Machines

Each component of the VMware Enterprise PKS infrastructure runs on its own VM deployed into (in this example), the vSphere environment that is backing it. What happens if one of these fails or is unavailable? BOSH director comes into play once again as it will also monitor these Virtual Machines. If any issues occur, BOSH can communicate via the VMware Enterprise PKS Control plane to vSphere and ask it to rebuild these VMs with all their needed functionality.

Additional VMware Enterprise PKS Benefits and Features

The ability to maintain maximum up-time of entire Kubernetes clusters is not where VMware Enterprise PKS stops. There are many additional benefits and features provided through this remarkable tool set. Highlighted below are what I feel are some of the more robust and beneficial features provided by PKS.

Open Source

VMware Enterprise PKS is built on top of Cloud Foundry’s Container Runtime which provides all the tools necessary to help achieve high availability for our Kubernetes clusters. VMware Enterprise PKS leverages the latest releases of the Kubernetes platform, with the ability to automatically push out updates to existing clusters if desired. This is accomplished by making use tools such as BOSH Director. Additional benefits of this component are discussed in the next section.

VMware Enterprise PKS can be considered vanilla Kubernetes under the covers. Kubernetes has proven at times to be challenging to manage and VMware Enterprise PKS aims to assist as much as possible. To learn more on this subject, please reference https://k8s.af/.

Automated Patching

Baked into the foundation of VMware Enterprise PKS is BOSH director (as part of CF Runtime). BOSH director is the main component providing abilities such as automatic patching and rolling upgrades. BOSH director can also complete these rolling upgrades and patches without interrupting the workloads.

Integration with VMware Tools

If the full suite of VMware tools is part of the topology, the ease of integration is another significant benefit derived from leveraging PKS. Some of the tools may include:

  • vRealize Operations Manager
  • vRealize Log Insight
  • Wavefront
  • vRealize Automation / Cloud Assembly
  • vRealize Network Insight
  • vSphere PKS UI Fling

Each of the tools provided through this integration have something to offer with management and monitoring of your environment.

Can be built on top of NSX-T!

While VMware Enterprise PKS supports the open source virtual networking platform flannel, Kovarus generally recommends the power and versatility of the VMware NSX-T platform for Enterprise environments as it enables the following functionality:

  • Multi-Hypervisor Virtual Networking
  • Micro-segmentation
  • Security
    • Distributed Firewall(s)
    • Edge Firewall(s)
    • Layer-7 App Context-Based Firewall
    • FQDN/URL Whitelisting
    • Application Isolation
    • Many more…
  • Automation (via APIs and integration with other tools)
  • Scalability
  • IP Address Management (IPAM) Capabilities
  • Load Balancing

Deploying VMware Enterprise PKS on top of NSX-T ensures that PKS can automatically build out all components it needs for each cluster and associated applications.

Multi-Cloud

VMware Enterprise PKS supports multiple Cloud Providers, which currently includes:

  • VMware
  • Microsoft Azure
  • Google Cloud Platform
  • AWS (Amazon Web Services)

VMware Enterprise PKS provides the flexibility to deploy and consume Kubernetes on-premises or in the public cloud, achieving reliable and consistent operational experience on any cloud.

Conclusion

The purpose of this article is to share my experience with the VMware Enterprise PKS platform and its many benefits and features. The VMware Enterprise PKS Platform is definitely a positive step forward for Container development and will pave the way to improved management of Container platforms.

Additional Resources

If you are interested in learning more, please refer to the following resources:

If you would like to discuss VMware Enterprise PKS further with our Solutions teams, please go to our CONTACT page to reach out to us and we would be happy to discuss ways in which this solution can help your business.


Looking to learn more about modernizing and automating IT? We created the Kovarus Proven Solutions Center (KPSC) to let you see what’s possible and learn how we can help you succeed. To learn more about the KPSC go to the KPSC page.

Also, follow Kovarus on LinkedIn for technology updates from our experts along with updates on Kovarus news and events.