Wednesday, July 28, 2021

VMware Joins Docker Verified Publisher Program with its Bitnami, Tanzu and Spring Cloud Products

“VMware is pleased to join the Docker Verified Publisher’s program. This provides developers unrestricted access to our artifacts and allows them to safely adopt the popular open-source technologies we’ve made available. We are excited that VMware Tanzu customers, in particular, will benefit from a wider range of complementary services they can leverage as they quickly get apps to market.” - Ashok Aletty, VP Engineering, VMware

In May 2021, Docker, IncTM announced the launch of its Docker Verified Publisher Program which helps developers recognize trusted publisher software. For development teams, this is huge, since this program simplifies the consumption of secure and verified components for them, as they build their applications.  

What is the Docker Verified Publisher Program? 

When building container-based applications or deployment templates such as Helm charts, it is a frequent practice to grab pre-built building blocks to quickly create application images. A common concern among developers is to make sure that the pieces being used to build their applications are secure, reliable, maintained and up to date. Nobody wants to spend time fixing security issues or exposing their software supply chain to malicious content.  

To make it easier to select robust, trusted, and reliable software when navigating through Docker Hub, Docker has launched the Docker Verified Publisher Program. With more than 200 ISVs and thousands of individual contributors delivering software through Docker Hub, the creation of a “Verified Publisher” badge enables development teams to quickly recognize trustworthy containerized images. Docker’s differentiated and trusted content can be used as reliable building blocks for quickly building, sharing, and running applications with complete confidence.  

In addition, developers will benefit from being exempt from rates limiting. This means that regardless of the Docker Hub subscription they opted for, they will have unlimited container image requests for Bitnami, Tanzu, and Spring cloud repositories.  

How can I find VMware Images Labelled “Verified Publisher”? 

VMware with its Bitnami, Tanzu, and Spring Cloud products has joined the Docker Verified Publisher program to enable developers to find trusted content for use in their application delivery pipeline.  

This will allow developers to have unlimited access to VMware’s robust and secure components.

From now on, all users, especially VMware Tanzu customers, will be able to accelerate time to market for their applications by accessing an extended offering of complementary services.  

As a part of VMware’s open-source offerings, Bitnami delivers more than 250 images labelled as “Verified Publisher” in Docker Hub. To discover them, navigate to Docker Hub and enable the “Verified Publisher” filter. You will see the “Verified Publisher” badge in the upper right corner of each image.  

Support and Resources 

Both the Tanzu Developer Center and the Bitnami Documentation Tutorials site are full of handy resources that will enable you to benefit from using VMware’s Docker Verified Publisher images when building your applications.  

Also, check out the VMware and Bitnami GitHub official repositories to contribute to these projects and to solve the problems you may have by opening an issue. Our support teams will be happy to help you there! 

Wednesday, July 7, 2021

New Bitnami Helm Chart Feature! Pod Affinity Rules

Pod affinity rules help define how the Kubernetes scheduler will distribute a group of pods across cluster nodes when installing an application.  

Unless certain constraints are defined, the scheduler makes a reasonable default placement, but there are certain situations in which the user would like the flexibility to dictate where pods get allocated.  

To help users benefit from this feature, Bitnami has implemented opinionated affinities in Helm charts manifests files. This capability is available in all the infrastructure solutions of Bitnami Application Catalog. 

To enable these affinities, the user simply needs to edit a parameter while installing the chart.  

The following tutorial explains the available options to set up pod affinity rules in Bitnami Helm charts and how they can be adapted depending on your needs. 

Monday, June 7, 2021

Kubeapps Meets Tanzu Kubernetes Grid: a New Release is Out

The latest version of Kubeapps (v.2.3.2) is now available for deployment on VMware Tanzu™ Kubernetes Grid™ (TKG) workload clustersVMware Tanzu users already benefit from deploying Kubeapps in several environments andnow with a little configuration Kubeapps can be integrated with your TKG workload cluster. In addition to this capability,  Kubeapps also features full compatibility with the latest versions of Pinniped which means that it can be used with any OIDC provider for your TKG clusters and even in managed clusters such as Azure Kubernetes Service (AKS) and Google Kubernetes Engine (GKE). 

Want to know more? Keep reading to discover the latest capabilities of Kubeapps that will enable developers and admin clusters to deploy and manage trusted open-source content in TKG clusters. 

A bit of history: What is Kubeapps? 

Kubeapps is an in-cluster web-based application that enables users with a one-time installation to deploy, manage, and upgrade applications on a Kubernetes cluster.  

This past year, the Kubeapps team has added key new features to support different use cases and scenarios. Firstlywe added support for private Helm and Docker registries and later, in Kubeapps version 2.0we built support to run Kubeapps on various VMware Tanzu™ platforms such as Tanzu™ Mission Control, vSphere, and Tanzu™ Kubernetes Grid.  

With Kubeapps you can:  

  • customize deployments through an intuitive, form-based user interface 

  • inspect, upgrade and delete applications installed in the cluster  

  • browse and deploy from public or private chart repositories including VMware Marketplace™ and Bitnami Application Catalog 

  • secure authentication to Kubeapps using an OAuth2/OIDC provider such as the VMware Cloud Service Portal 

  • secure authorization based on Kubernetes role-based access control 

Key Features of Kubeapps 2.3.2

In this Kubeapps release, we have focused on delivering key user experience features including the capability to enable Tanzu users to deploy Kubeapps directly as a Helm chart in TKG workload clusters. This version is tested and validated on the latest version of TKG (v1.3.1) 

Once Kubeapps is up and running, cluster admins will benefit from having: 

  • SSO for Authentication with TKG using Pinniped by configuring an OIDC provider;

  • the ability to configure VMware Tanzu™ Application Catalog (TAC) as a private Chart repository; 

  • the capability to configure VMware Marketplace Catalog and the Bitnami Application Catalog as public chart repositories;

  • customized user interface adapted to the Tanzu look and feel. 

Kubeapps support for SSO Authentication 

All these new capabilities are designed to offer a seamless experience between Kubeapps and Tanzu Kubernetes Grid clusters. 


How can I configure Kubeapps to run in my TKG clusters? 


Tanzu users can execute these simple steps to gain the maximum advantage with this new version of Kubeapps: 

  • Configure your cluster to enable SSO for Authentication with TKG using Pinniped and integrate Kubeapps with the identity management provider

  • Adjust the Kubeapps user interface to get a customized look and feel 

  • Configure role-based access control in Kubeapps (RBAC) to manage roles and permissions among the teams in your organization 

  • Deploy Kubeapps in the cluster  

  • Add public and private repositories to Kubeapps: the public VMware Marketplace™ repository and your private VMware Tanzu Application Catalog for Tanzu Advanced repository 

At this point your development team can start deploying, listing, removing and managing applications in your TKG clusters from the Kubeapps user interface with total confidence! Refer to the Kubeapps documentation to learn how to deploy and configure Kubeapps on VMware Tanzu Kubernetes Grid. 

Watch the following live demo to learn how to get Kubeapps up and running in your TKG clusters:

Support and Resources 


Since Kubeapps is an OSS project, support for this version of Kubeapps will be provided on a best-effort basis. For solving the problems you may have (including deployment support, operational support and bug fixes), please open an issue in the Kubeapps GitHub repository. A markdown template is provided by default to open new issues with the information requested to prioritize and respond to them as soon as possible. Also, if you want to contribute to the project, feel free to send us a pull request, and the team will check it and guide you in the process for a successful merge.  

The Kubeapps documentation section is full of useful resources to help you get the best of the chart.  

Check out the step-by-step guide for deploying and configuring Kubeapps on VMware Tanzu™ Kubernetes Grid™ and the Bitnami documentation tutorials site for improving your Kubernetes skills.  

Also, for more information about VMware Tanzu Kubernetes Grid, refer to its documentation page where you will find handy information on managing your Kubernetes clusters.