Pivotal Container Service Improves Kubernetes for Multicloud

The Pivotal Container Service 1.2 update brings together Kubernetes 1.11 and VMware's NSX network virtualization technology to help secure container deployments.

PKS

Pivotal along with VMware announced the new Pivotal Container Service 1.2 update on Sept. 25, providing new capabilities for the Kubernetes-based container orchestration platform.

The PKS update was announced at Pivotal's SpringOne Platform developer conference, alongside the new Pivotal CloudFoundry (PCF) 2.3 and Pivotal Application Service (PAS) 2.3 releases. Among the new features that landed in PKS are support for Amazon Web Services (AWS) and enhanced multicloud deployment and management options.

"PKS previously supported two IaaS [infrastructure-as-a-service] platforms, vSphere and GCP," Wendy Cartee, senior director of VMware’s Cloud Native Business Unit, told eWEEK. "With PKS 1.2, customers can now run PKS on AWS EC2."

PKS was first announced in August 2017 as a collaboration between Google, VMware and Pivotal. It is a Kubernetes service that makes use of the Kubo open-source project, which brings Pivotal's BOSH deployment technology to Kubernetes. The PKS 1.2 update follows PKS 1.1, which was announced on June 28.

At the time PKS 1.1 was released, the VMware Kubernetes Engine (VKE) service was also announced, providing a Kubernetes-as-a-service offering that integrates VMware's Smart Cluster technology. Cartee said VMware Kubernetes Engine (VKE) is still in beta and VMware continues to onboard users.

PKS 1.2

One of the unique attributes of PKS is that it also bundles VMware's NSX Software Defined Networking (SDN) technology. Cartee said customers who buy PKS 1.2 also get NSX-T 2.2. NSX-T is a version of NSX that has been designed to work with cloud-native workloads. Among the capabilities that NSX-T 2.2 provides is the ability to provide SSL/TLS workload termination.

"In PKS 1.2 with NSX-T 2.2, users can configure SSL termination to encrypt traffic between external clients and the dedicated NSX-T edge load balancer serving each cluster," she said.

PKS 1.2 also provides a highly available (HA) Kubernetes Control Plane that goes beyond what is provided in the upstream open-source Kubernetes project. PKS 1.2 is based on the Kubernetes 1.11 release that became generally available on June 27.

"PKS provides health monitoring and automated self-healing of the Kubernetes control plane, and also automatically distributes the control plane across multiple availability zones, when present," Cartee said. 

She explained that the automated HA capabilities come to PKS from Pivotal's BOSH technology, which is Pivotal Cloud Foundry's core deployment and lifecycle management tool. 

"BOSH also underpins PKS’ automated cluster lifecycle management, which is key to its multi-cluster architecture," Cartee said.

PKS 1.2 also extends Kubernetes role-based access control (RBAC) capabilities, with role binding for Active Directory. Cartee explained that the RBAC enhancements enable enterprises to map Kubernetes RBAC policies to their directory systems. Support for multicloud deployment is also something that VMware enables for PKS 1.2. Organizations can deploy PKS on multiple clouds and use tools such as VMware's Wavefront to monitor and troubleshoot Kubernetes clusters and workloads, she said.

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.