Pivotal has released the first upgrade to its Pivotal Container Service (PKS), and although it’s slipped under the radar somewhat, it’s actually quite a big deal.
First, let’s roll back to 2012, when Pivotal Software was spun out of EMC and server virtualization technology company VMware, with former VMware CEO Paul Maritz becoming its boss. Pivotal has carried on quite successfully ever since, IPOing earlier this year, but with EMC’s new owner Dell as the majority shareholder.
Now let’s go back to the summer of 2017, which is when Pivotal and VMware together announced PKS at the annual VMWorld virtualization technology fest. It then went GA in February 2018.
So what exactly is PKS, and why isn’t it called PCS? In answer to the first question, it’s a purpose-built container solution to operationalize Kubernetes for multi-cloud enterprises and service providers.
Not clear enough? This is how Pivotal describes it:
“PKS is a commercially supported release of the open source Kubo project, adding two important new capabilities for Pivotal customers: a simple way to deploy and operate enterprise-grade Kubernetes, and a seamless mechanism to migrate to container-based workloads to run on-premises on VMware vSphere and Google Cloud Platform (GCP).” It is also designed “to ease the ‘Day 2’ operations burden for container orchestration with built-in HA, monitoring, automated health checks, and much more,” according to Pivotal.
As for the second question, the answer is that no one knows for sure, but the K was probably stuck in there to represent Kubernetes, upon which the whole PKS shebang rests.
What All Is New in Pivotal Container Service 1.1
Now that we are clear what PKS is and where it came from, it’s time to take a look at what’s new in PKS 1.1.
The short answer is that it has new features spanning four key areas, according to Narayan Mandaleeka, VMware’s senior product line manager for cloud native apps: developer productivity, high availability, management and operations, and networking and security. They are all areas where existing or potential customers are likely to have requested enhancements.
Let’s take a deeper dive into each:
- Developer Productivity
The key new item in this area is that PKS 1.1 now supports (and ships with) Kubernetes 1.10. That’s a good thing because Kubernetes 1.10 has a list of enhanced features around storage, node and resource management, programmability and security. Definitely something that you would want, in other words.
- High Availability
New in PKS 1.1 is support for multiple Availability Zones (AZs). Cluster nodes can be spread across multiple AZs so that the workloads can continue to work without interruption even if one AZ goes down completely.
- Management and Operations
There are a few enhancements in this area. These include:
- PKS 1.1 is now integrated with VMware’s vRealize Log Insight to provide visibility into Kubernetes workloads thanks to its log management and analytics capabilities. “PKS 1.1 aggregates, tags and ships all logs to Log Insight with searchable tags such as cluster, pod, namespace and container,” Mandaleeka explains.
- Kubernetes monitoring and alerting capabilities are now integrated with PKS 1.1 using Wavefront by VMware. “Once PKS metrics are in Wavefront, they can be correlated with containerized applications and microservices performance metrics to help DevOps or SREs troubleshoot and alleviate any containerized application availability or performance issues,” says Mandaleeka. “It also alerts on Kubernetes KPIs, which are configurable to send to chosen alert targets by email, PagerDuty or other DevOps tools.”
- PKS 1.1 now ships with Harbor 1.5, a cloud-native registry that stores, signs and scans content to provide a trustworthy container image management solution.
- Networking and Security
There are three key enhancements here:
- Using PKS 1.1, Kubernetes nodes are deployed on a separate subnet so it’s easier to apply security policies to isolate and secure the clusters from one another. It’s also possible to achieve better network isolation at pod, node and cluster level.
- With PKS 1.1, the control plane can be deployed either in or outside NSX-Network. It’s also possible to deploy Kubernetes nodes on routable networks (for better traceability, faster troubleshooting and auditing) or on non-routable networks (to keep the node network IP address private and to save IP address space).
- To meet the security requirements of many production environments, PKS 1.1 now allows ops to deploy it behind a secure HTTP/HTTPS proxy. The Harbor registry service can also be deployed behind a HTTP/HTTPS proxy to allow for external access to CVE databases.
That’s pretty much it as far as enhancements in the new release go, but altogether they make for a pretty significant upgrade. Given that PKS only became generally available five months ago, the rate of development is impressive — keep an eye out for more enhancements in the near future.
Paul Rubens is a technology journalist and contributor to ServerWatch, EnterpriseNetworkingPlanet and EnterpriseMobileToday. He has also covered technology for international newspapers and magazines including The Economist and The Financial Times since 1991.