Tanzu Application Platform on VCF - Supply Chain Integration

Container platform integration with traditional virtualization infrastructure enables organizations to support cloud-native applications while leveraging existing VMware investments. vSAN CSI driver integration provides Kubernetes-native storage provisioning with enterprise storage management capabilities, bridging the gap between developer self-service and IT governance requirements.

Kubernetes persistent volume provisioning through the vSAN CSI driver enables declarative storage requests where developers specify capacity, performance, and protection requirements through storage classes without needing deep knowledge of underlying vSAN storage policies. The CSI driver translates Kubernetes storage class parameters into appropriate vSAN storage policy selections, automatically creating backing VMDKs with correct RAID levels, encryption settings, and compression configurations based on policy definitions.

Administrator visibility remains intact despite developer self-service: all container volumes appear as first-class citizens in vCenter inventory alongside traditional VM disks. This unified visibility enables centralized capacity planning, performance monitoring, and compliance reporting across both virtualized applications and containerized workloads. Storage administrators maintain policy control through vSAN storage policies that enforce organization standards for data protection, encryption, and performance characteristics without blocking developer agility.

Source KB: https://knowledge.broadcom.com/external/article/tap-vcf-integration

KB Number: tap-vcf

Orchestrator Integration: Automation Workflow

Goal: Automate tanzu application platform on vcf - supply chain integration configuration and validation to reduce manual effort and ensure consistency across environments.

Workflow steps (VMware Aria Orchestrator)

• Create a workflow: 'Kubernetes Persistent Volume Lifecycle Management via vSAN CSI Driver'
* Inputs: namespace (string), pvcName (string), storageClass (string), capacityGB (integer), accessMode (string)
* Step 1: Validate Kubernetes cluster connectivity - query cluster API server, verify vSAN CSI driver installed and healthy
* Step 2: Retrieve storage class definition - extract vSAN storage policy name, parameters (RAID level, encryption, compression)
* Step 3: Query vSAN datastore backing storage class - verify sufficient capacity available, check performance SLAs can be met
* Step 4: Create PersistentVolumeClaim manifest with specified parameters - generate YAML, apply via kubectl API
* Step 5: Monitor PVC binding process - watch for vSAN to create backing VMDK object, CSI driver to register volume, PVC status change to Bound
* Step 6: Validate volume accessibility - create test pod with PVC mount, perform read/write operations, verify I/O performance meets expectations
* Step 7: Tag vSAN-backed volume in vCenter - add metadata: Kubernetes namespace, PVC name, application name, owner, cost center for chargeback
* Step 8: Implement snapshot schedule via VolumeSnapshot API - create snapshot class using vSAN capabilities, configure retention policy
* Step 9: Generate visibility dashboard in vCenter - show all container volumes as first-class citizens alongside traditional VM disks
* Step 10: Setup automated capacity monitoring - alert when namespace approaching storage quota, predict exhaustion date based on growth trend
* Step 11: Implement volume lifecycle policies - automatic resize if application requests more capacity, cleanup orphaned volumes after pod deletion
* Step 12: Integration with backup solution - configure Velero or equivalent to use vSAN snapshots for Kubernetes backup

Expected outcome

Seamless integration between Kubernetes storage consumption and vSAN infrastructure with policy-based management enables developers to provision storage using cloud-native tools while maintaining administrator visibility and control.