New Features in VCF Automation #
Cloud infrastructure automation is entering an exciting era! With the official release of VCF 9.0, it is set to revolutionize private clouds. VCF Automation is the core of VCF 9.0, underpinning the private cloud self-service experience. This breakthrough version introduces a range of new cloud infrastructure automation features that will help accelerate application innovation, reduce costs, and expand cloud governance and compliance capabilities in unprecedented ways. Let’s take a deep dive into three of these accessible and transformative private cloud design innovations.
- Enabling private clouds to provide public cloud-like IaaS out-of-the-box (OOTB)
Modern Cloud Interface #
Private cloud consumers, including developers, DevOps engineers, and SRE engineers, will be delighted! VCF provides application teams with a public cloud-like consumption experience for building applications in a secure private environment. Application teams can directly access various capabilities provided by the underlying vSphere platform through the modern cloud interface offered by VCF, such as GPU (AI), Kubernetes, data protection, and Virtual Private Cloud (VPC) network services.
The modern cloud interface unifies and displays new private cloud services (similar to public clouds) across multiple VCF environments/vCenters, aggregating them into unified public endpoints. These public endpoints can then be accessed via multiple interfaces (UI, CLI, or declarative Kubernetes IaaS API) to enable self-service. VCF Automation abstracts resources across multiple VCF environments and provides a centralized/single consumption interface.
Private Cloud Services #
The core cloud services provided out-of-the-box (OOTB) by VCF include Virtual Machines, vSphere Kubernetes Service (VKS), networking, storage volumes, and VM images. Developers, DevOps teams, and platform engineering teams can utilize the Modern Cloud Interface and consume any service using the Kubernetes IaaS API on Supervisor. This includes VKS service for deploying Kubernetes clusters, and VM service which allows you to define and provision VMs in a declarative manner, among others.
Application teams who prefer using Kubernetes for application orchestration will appreciate the flexibility and adaptability of VCF Automation. They can use K8s manifests to provision VMs and VKS clusters, enabling a more agile and responsive development process. They can also perform Day 2 operations on them (e.g., scaling VKS clusters up/down, turning VMs on/off, etc.). This level of control enhances user confidence and ensures more efficient management processes.
Furthermore, while public clouds only provide an upstream K8s cluster (EKS, AKS, GKE) on which you can install applications, VCF’s capabilities go far beyond this.
VMware continuously adds new extensible services to expand the VCF platform’s private cloud services. These extensible services include Harbor image repository, Contour Kubernetes ingress controller, cert-manager certificate management, Istio service mesh, ExternalDNS, Data Services Manager (DSM), Secret Store, and more. Enterprise IT administrators can activate certified services on Supervisor, adding these services and making them easily consumable. Application teams can configure/operate/modify these structures, such as creating DSM databases or configuring Postgres databases.
Blueprints and Infrastructure as Code (IaC) #
Additionally, VCF Automation uses blueprints to help integrate various tasks. A blueprint is a customizable template where you can define the VMs, networks, storage, and other infrastructure resources for your environment. Platform engineers can utilize the visual design canvas and Infrastructure as Code (IaC) capabilities to create a unified process. This might involve provisioning VMs, provisioning VKS clusters, and deploying applications on these resources. Engineers can also implement a GPU-enabled AI workstation and implement RAG functionality. Blueprints can be version-controlled and hosted in source code repositories such as GitHub, GitLab, or Bitbucket. Furthermore, they can be published to the self-service catalog for access and consumption by developers and DevOps engineers.
IT teams use VCF Automation to enable application teams to access the infrastructure they need, anytime, anywhere, and in any required manner, thereby improving developer productivity and user satisfaction.
- Providing independent private clouds for each organization
Tenant Management #
VCF makes it simple to become your own enterprise cloud provider. VCF Automation introduces new tenant management features. Through the Provider Portal, enterprise IT administrators can partition resources, isolate infrastructure, and use VPCs for network segmentation, creating independent, isolated private clouds for each organization. The new multi-tenancy feature prevents unauthorized access or communication between different user groups or resources, thus ensuring security.
Sounds complicated? Don’t worry. VCF 9.0 redesigned VCF Automation to make it easier and faster for Virtual Infrastructure (VI) administrators to launch and scale a multi-tenant private cloud. The user interface is now designed to be intent-driven, focusing on Manage & Govern, Build & Deploy, and Administer. VCF Automation uses a Quick Start Wizard to provide a streamlined approach to rapidly creating environments. For example, a VI administrator (enterprise IT administrator) unfamiliar with multi-tenant architecture can quickly and easily start creating and configuring organizations (tenants) like a cloud provider using the Quick Start Wizard. The guided workflow helps VI administrators understand the necessary cloud concepts/governance structures and configurations, enabling them to evolve into cloud administrators.
Following the guided workflow, enterprise IT administrators can configure a single organization for the enterprise or multiple organizations for enterprises that require isolated infrastructure. Additionally, they can allocate resources and infrastructure quotas to each organization.
Next, Org Administrators, responsible for managing their respective organizations, can create projects via the Organization Portal. Projects can be set up for different lines of business (LOB) within a specific organization (e.g., business departments, application teams, etc.), and managed by LOB administrators. Org Administrators can also set up their respective Identity Access Management. This allows Org Administrators to logically group multiple LOB users within the organization, making it easier to apply consistent management policies to LOB user groups with similar needs, thus simplifying governance and security controls.
Org Administrators use Namespace Classes (templates) to create Namespaces (resource encapsulation, defining resource limits for CPU, memory, and storage for workloads). Furthermore, Org Administrators select VPCs (network isolation domains) to create Namespaces. Each Namespace can be assigned one or more VPCs, which can be shared across multiple Namespaces, allowing application teams to use common networks as needed.
Project Namespaces enable Org Administrators to organize applications and workloads based on business purpose and ownership, making it easier to apply different security measures and operational controls based on individual applications/workloads and environments.
Once all environments are set up, VCF allows enterprise IT administrators, Org Administrators, and LOB administrators to utilize the new tenant operations features to streamline the management and consumption of infrastructure resources.
Enterprise IT administrators can gain an overview of the entire IT asset through VCF Operation. Administrators can view all organizations created in VCF, overall infrastructure resource capacity, and the total cost of the private cloud.
Org Administrators can track their specific organization, projects, namespaces, policies, and users through the Organization Portal. They can monitor the overall utilization of compute, memory, and storage resources, enhancing visibility into cloud infrastructure consumption, thereby enabling more informed decision-making and proactive management of infrastructure resources at both the enterprise and project levels.
Content Management #
In VCF 9.0, managing and sharing standardized content across organizations and projects has become easier.
Centralized Management of “Content Libraries” #
The era of madness with publishing/subscription models and synchronization is gone! With VCF 9.0’s new content management feature, enterprise IT administrators can centrally manage content libraries in VCF Automation without independently managing content libraries for individual vCenters. You can easily discover, create, and assign content libraries directly in VCF, eliminating complexity and simplifying management.
VCF Automation can discover all content libraries across all vCenters and automatically synchronize them in the background. In VCF 9.0, you can also directly create new content libraries in VCF Automation, add one or more VM images to the library, and assign it to one or more organizations as needed. This allows you to assign existing or new VM images and/or content libraries to one or more organizations. Furthermore, you can use the same content library across multiple vCenters in a specific region, enabling scalable content management.
Managing and Publishing Content using Content Hub #
VCF 9.0 also introduces Content Hub, allowing Org Administrators and LOB Administrators to unify content management and publish it to the self-service catalog with one click, streamlining content distribution and management. Content Hub is used to manage content such as content libraries, VM images, blueprints, and orchestrator workflows. Administrators can seamlessly organize and maintain these resources in one place, simplifying the process of sharing them across multiple projects.
By reducing the time-consuming manual tasks and human intervention required when managing content across different user groups (e.g., determining content location and user usage), Content Hub helps enterprises improve efficiency and productivity. Org Administrators and LOB Administrators can efficiently manage and update content, ensuring that individual application teams always have independent access to the latest standardized resources.
- Embedded Security Guardrails for Smooth Governance
Say goodbye to the cumbersome process of managing policies with different tools. In VCF 9.0, VCF Automation enables Org Administrators to build custom policies for IaaS resources within the VCF platform using the new YAML-based “Policy as Code” capability, without relying on external tools or plugins. The new IaaS resource policies are based on native Kubernetes Validating Admission Policy, which helps streamline resource usage for VMs and VKS clusters across organizations and vSphere Namespaces.
This is a powerful feature for Org Administrators, especially when enterprise IT administrators enable self-service and provisioning of VKS clusters in a multi-tenant environment. Org Administrators can programmatically enforce/apply policies consistently at the infrastructure level across the entire organization or specific projects.
Policy as Code based on IaaS resources not only expands governance operations but also helps reduce the risk of human error and ensures that infrastructure resources comply with organizational requirements, thus improving compliance. Org Administrators new to Policy as Code can leverage the new predefined, out-of-the-box policy templates in VCF Automation to quickly start centrally managing resource policies.
Providing a Unified Cloud Consumption Experience #
VCF Automation in VCF 9.0 continuously innovates, enabling modern enterprises to realize their crucial core value proposition when managing VM-based and container-based workloads, which are expected to grow rapidly with the widespread adoption of AI. The VCF platform offers unparalleled simplicity, allowing you to manage your entire infrastructure as a unified cloud. It combines the agility and scalability of public clouds with the security and performance of private clouds. VCF 9.0 focuses on enhancing the infrastructure’s readiness for application teams, which helps your infrastructure become a unified cloud platform that application teams can seamlessly consume, thereby accelerating application innovation.
Launch Your Private Cloud #
With the powerful capabilities of the new VCF Automation in VCF 9.0, you can quickly launch and scale a self-service private cloud. VCF Automation enables IT to provide a unified cloud consumption experience for application teams to build, run, and manage any AI, Kubernetes, and VM-based applications.
The future of self-service private clouds has arrived and is more exciting than ever. VCF Automation in VCF 9.0 is more than just an upgrade; it’s a re-imagining of the possibilities of cloud infrastructure automation. Whether you want to automate simple IT tasks, advance from a VI administrator to a cloud administrator, provide rich public cloud-like IaaS services to developers, or become your enterprise’s own cloud provider, VCF 9.0 offers revolutionary new features.
Are you ready to experience the next generation of self-service private clouds? VCF 9.0 brings infinite possibilities. Dive deep into how this transformative version can revolutionize your private cloud strategy. The future of IT is here. What are you waiting for?