VMware Updates PKS to Advance Enterprise Kubernetes

VMware is including the Pod Security Policy capability, which is still considered to be a beta feature in the open-source Kubernetes cloud-native container orchestration project, as a supported component in its enterprise-grade Kubernetes platform.

VMware PKS

VMware announced version 1.4 of Enterprise PKS on April 23, bringing new functionality to help organizations operationalize the cloud-native Kubernetes container orchestration platform.

PKS, which is an acronym for the Pivotal Container Service, is a joint product effort from VMware and its partner Pivotal, integrating Kubernetes with components from Pivotal as well as VMware. The PKS 1.4 update is based on the Kubernetes 1.13 release and integrates new security and automation capabilities, as well as the inclusion of VMware's NSX-T 2.4 virtual networking technology.

"NSX-T 2.4 is included with a VMware Enterprise PKS license," Scott Buchanan, senior director of the Cloud Native Apps Business Unit at VMware, told eWEEK. "Part of the value of VMware Enterprise PKS is that the components—including NSX-T—are integrated, validated and more readily deployed by the customer."

PKS was launched in August 2017 and has received multiple incremental updates over the past year and a half. The previous release was PKS 1.3, which was announced on Jan. 16, integrating support for Kubernetes 1.12.

Since then, VMware has completed its acquisition of Kubernetes startup Heptio, though there isn't any one specific Heptio technology that is represented in PKS 1.4. That said, Buchanan said VMware has made important strides to integrate Heptio. Among them is the introduction of VMware Essential PKS, which mirrors the approach Heptio took with its Heptio Kubernetes Subscription—helping customers build highly custom footprints on upstream Kubernetes with expert support.

Pod Security Policies

While PKS 1.4 is based on the upstream Kubernetes 1.13 release, it includes at least one key security capability that is not yet considered stable in the open-source project—Pod Security Policy. 

Pod Security Policy is still a beta feature in Kubernetes 1.13, though work has been ongoing on the feature's development since at least 2016. Pod Security Policy provides a set of rules that match a user or group to allow security options on the pods they create.

"It is fairly common for a feature in Kubernetes to be in a beta state for multiple releases—sometimes customers want to use it before GA," Buchanan said. "Pod Security Policy is an example of a feature that a lot of our customers have asked us to support."

Beta Features

VMware is working on its own set of new features for PKS as well, including a new installer that will make it easier for users to get all the required components of PKS set up and running. The beta installer will also provide real-time input validation and automated network deployment. 

"The installation wizard is currently in beta, available to VMware Enterprise PKS customers for trial about one week after VMware Enterprise PKS GA," Buchanan said. "The installation wizard is part of a single OVA file that provides customers with all the components they need to install and configure."

Beyond the new installation wizard, VMware is also working on windows container support, which is one of the key new features that come with the Kubernetes 1.14 milestone that was released by the open-source project on March 25. Buchanan said that support for windows will be part of the future VMware Enterprise PKS 1.5 beta release later this year.

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.