Carol Pereira and Corey Dinkens contributed to this blog post.
The public preview for lifecycle management of Amazon Elastic Kubernetes Service (Amazon EKS) clusters through VMware Tanzu Mission Control allowed users to create, update/scale, upgrade, and delete clusters with native Amazon EKS APIs through Tanzu Mission Control.
Today, we are announcing this feature’s general availability (GA), including powerful capabilities based on customer feedback such as
- Lifecycle management (LCM) of existing EKS clusters
- Automation of Amazon EKS LCM with the Terraform provider
- Support for custom Amazon Machine Images (AMIs)
These capabilities empower platform engineers with a unified control plane to automate the provisioning and management of Amazon EKS clusters alongside their on-premises workloads using a variety of operational patterns. The powerful centralized management capabilities of Tanzu Mission Control enable platform engineers to create a runway for developers, providing consistent clusters with guardrails to optimize the software development process. For more information, check out the documentation.
Days 0-2 operational challenges are now solved
Throughout the discovery, design, and development phases of adding Amazon EKS LCM support to Tanzu Mission Control, the Tanzu product team has met regularly with customers to better understand their business challenges, and the technologies used to administer their Amazon EKS fleets. Feedback from these customers has heavily influenced the scope and prioritization of feature direction of LCM capabilities and Tanzu Mission Control.
Although each customer is unique with respect to industry, size, organizational structure, and technical expertise related to managing distributed systems; several patterns emerged with respect to operational friction points.
Consistent feedback surfaced for specific Days 0–2 operational challenges including
- Preparing for and performing consistent Amazon EKS upgrades confidently.
- Configuring and managing Amazon EKS cluster lifecycle declaratively using standard tooling and processes.
- Reducing the administrative toil involved with using custom images to launch instances.
The functionality included in this GA release helps address these use cases, serving as an on-ramp for Amazon EKS customers to centrally manage cloud clusters alongside those running on-premises, with centralized access, security, and management capabilities provided by Tanzu Mission Control.
Lowering the barrier to Amazon EKS cluster operations
As a managed service, Amazon EKS is an industry-leading Kubernetes runtime with rich capabilities and deep integration with the Amazon Web Services (AWS) portfolio. By offering LCM support for Amazon EKS clusters through Tanzu Mission Control, VMware adds value to organizations that have standardized public cloud workload deployments with Amazon EKS.
Through streamlined operations with a unified policy engine, Tanzu Mission Control enables organizations to augment security and access controls across their Amazon EKS fleet, ensuring consistent policy assignment and governance. The operational efficiencies are even more impactful for hybrid cloud users who want to unify the management of their Amazon EKS and on-premises clusters.
Adding support for lifecycle management of Amazon EKS clusters to Tanzu Mission Control is a significant step forward in helping our joint [VMware and Amazon] customers with their hybrid cloud journey. By centralizing management of multiple Kubernetes cluster types in Tanzu Mission Control, platform engineering teams can apply controls and security constraints consistently while providing the latest upstream Amazon EKS capabilities to the developers they serve.
—Khaled Sedky, Vice President of R&D, VMware Tanzu
Expanded LCM capabilities including automation with Terraform
As previously mentioned, since the public preview of Amazon EKS LCM, users have been able to connect Tanzu Mission Control to their AWS accounts and create an Amazon EKS cluster. This allows Tanzu Mission Control to provision and manage the lifecycle of Amazon EKS clusters and node pools on the customer's behalf.
View of the Cluster Groups page at Tanzu Mission Control with two Amazon EKS clusters hosted on AWS and provisioned by Tanzu Mission Control.
This GA release expands LCM capabilities to existing Amazon EKS clusters, including those that were not provisioned by Tanzu Mission Control.
Platform engineers can bring existing Amazon EKS clusters under Tanzu Mission Control management to leverage all of the benefits of attached clusters (i.e., data protection, policy management, configuration management, and inspections), plus the ability to update/scale, upgrade, and delete those clusters.
View of the Manage existing EKS cluster workflow from Tanzu Mission Control
Many of our customers are tasked with managing both Amazon EKS in the cloud and VMware Tanzu Kubernetes Grid on-premises, which has often involved divergent teams, tooling, and processes. Centralized management can enable platform engineers to support their organizations in application modernization efforts by performing operational tasks consistently across their diverse Kubernetes cluster fleets using a unified approach. This can help reduce the complexity and nuance of multi-cluster management, as well as facilitate self-service cluster updates and upgrades with guardrails for development teams.
Additionally, platform engineers can now streamline Kubernetes management to support multiple teams with a unified control plane that enables a more predictable route to production deployment.
Automating LCM capabilities is different for each team, therefore, to meet customers where they are, Tanzu Mission Control includes a comprehensive Terraform provider to support customers who leverage HashiCorp Terraform (which is true for a large majority of Amazon EKS customers we polled). Terraform has become ubiquitous across the enterprise and enables teams to design, run, and manage cloud environments declaratively.
Using Terraform, an infrastructure-as-code tool, increases DevOps deployment velocity with an additional route to production. This capability eliminates imperative approaches for deploying infrastructure and apps, and allows teams to use the same syntax and toolchain for improved consistency.
Specify custom Amazon Machine Images for your clusters
AWS provides a variety of AMIs to support launching an Amazon Elastic Compute Cloud (EC2) instance. Those AMIs comprise varied configuration settings built upon different operating systems, elastic block store configuration, and launch permissions, supporting diverse requirements and use cases.
AWS users often bootstrap AMIs with specific software to meet organizational requirements or to integrate with other cloud services. Generally, custom AMIs are created and managed using launch templates. The feedback we got from customers was that managing these launch templates was time-consuming and generally a friction point.
Consider the following example. A VMware customer in the financial services industry curates hardened images comprised of specific packages and configuration settings to meet their business and security requirements. Traditionally this customer has used eksctl to manage launch templates, which added an extra step to their Amazon EKS deployment workflow and forced them to manage the lifecycle of these launch templates over time. Adding custom AMI support from Tanzu Mission Control will help this customer, and can assist others with similar constraints, focus on more differentiating business outcomes for their own organizations.
What's next?
Review how to connect an AWS Account to Tanzu Mission Control, watch this 3-minute explainer video, and register to watch our on-demand webinar on how to streamline multi-cloud operations with VMware Tanzu and managed Kubernetes.
Enroll in our hands-on lab and complete four beginner modules to better understand the product.
Connect with us on social media (LinkedIn, Twitter, and Facebook), watch our YouTube videos, and follow the Tanzu blog for more news!
About the Author
More Content by Andrew Scorsone
