Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Pivotal Platform: A First Look at the October Release


Published on

Join Dan Baskette and Jared Ruckle for a first look at the latest Pivotal Platform capabilities with demos and expert Q&A. Attend this session and learn how you can put these new updates to work for your enterprise.

Build apps atop Kubernetes with:

● Azure Spring Cloud, a complete runtime for Spring apps atop Azure Kubernetes Service
● Pivotal Build Service, an automated workflow for code-to-container builds
● Container Services Manager for Pivotal Platform, a bridge between Pivotal Application Service and PKS

Build apps atop a self-managed platform with:

● Pivotal Application Service 2.7, and its additional app deployment capabilities
● Pivotal Service Instance Manager, a new tool to help you manage backing services at scale

Get your apps to production with CI/CD tools like:

● Pivotal Continuous Delivery with Spinnaker
● Pivotal Concourse 5.5

We’ll also review Pivotal Spring Cloud Gateway and Pivotal Cloud Cache 1.9!
Presenter : Dan Baskette, Director, Technical Marketing & Jared Ruckle, Director, Product Marketing

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Pivotal Platform: A First Look at the October Release

  1. 1. © Copyright 2019 Pivotal Software, Inc. All rights Reserved. Pivotal Platform October Update A First Look Jared Ruckle @jaredruckle Dan Baskette @dbbaskette
  2. 2. Operational Efficiency ● Employ 500:1 developer to operator ratio ● Perform zero-downtime upgrades ● Runs the same way on every public/private cloud Developer Productivity Comprehensive Security ● Accelerate feedback loops by improving delivery velocity ● Focus on applications, not infrastructure ● Give developers the tools and frameworks to build resilient apps ● Adopt a defense-in-depth approach ● Continuously update platforms to limit threat impact ● Apply the 3 R’s → repair, repave, rotate ● Deploy multi-cloud resilience patterns ● Run platforms that stays online under all circumstances ● Scale up and down, in and out, through automation Multi-Cloud Success The Pivotal value proposition.
  3. 3. Developer Productivity © Copyright 2019 Pivotal Software, Inc. All rights Reserved.
  4. 4. PAS 2.7 © 2019 PIVOTAL SOFTWARE, INC. All Rights Reserved. Confidential & Provided Under NDA —Do Not Distribute. Forwarding this document outside your organization is prohibited. Native rolling application deployments Instead of requiring two apps and client orchestration, developers to perform this scenario natively with each app in PAS. ● API is GA; corresponding cli is beta ● Offers near-zero downtime push & restarts ● Launched as a beta in PAS 2.4 ● Previously exposed as ○ cf v3-zdt-push ○ cf v3-zdt-restart ● Now exposed via the v7 cli beta ○ cf push --strategy rolling
  5. 5. cf CLI updates v7 beta cf CLI is available. Highlights: - cf push supports rolling deployments with new `--strategy rolling` and `no-wait` flags - routes, domains, buildpacks, stacks, feature-flags, spaces, orgs are backed by the v3 API - cf set-label, unset-label, labels - allows developers and operators to add metadata to the app, orgs, spaces, buildpack, stack resources PSA: - v7 cf CLI beta is still under development; we continue to build commands backed by the v3 API - v7 cf CLI beta release is currently tested against a CC API Release Candidate.
  6. 6. PAS 2.7 Developers can manage app re-deployments & revisions in Apps Manager ● View revisions of an application ● Deploy a revision of an application ● View deployment status of a revision ● Users can also view the environment variables associated with a revision (the drop-down section of each row)
  7. 7. Apps Manager 2.7 Displays of App Redeployments & Revisions
  8. 8. PAS 2.7: NEW enhancements for Java apps to run in user-provided sidecars ● Added memory limits to process definitions to enable their use with Java apps ● Remains a beta ● ICYMI: From PAS 2.6 ○ [speed] Improved support for additional use cases
  9. 9. Cloud Cache
  10. 10. Pivotal Cloud Cache 1.9 ● [speed] Performance (PCC 1.8 & 1.9) - 2x on server side, 10% improvement in client/server topology. ● Cloud Cache 1.9 ○ [savings] Cloud Cache is now available on PWS ○ [speed] Add Geode to your apps via ○ [security] TLS over WAN ○ [savings] Service instance sharing ● [Speed] Support for .NET framework
  11. 11. Steeltoe
  12. 12. Steeltoe 2.3 Steeltoe.Logging - Serilog dynamic logging Extends the Dynamic Logging Provider with Serilog. This allows logger levels configured via Serilog to be queried and modified at runtime via the Loggers Endpoint. Serilog message templates are a simple DSL extending .NET format strings. Parameters can be named, and their values are serialized as properties on the event for incredible searching and sorting flexibility: var position = new { Latitude = 25, Longitude = 134 }; var elapsedMs = 34; log.Information("Processed {@Position} in {Elapsed:000} ms.", position, elapsedMs);
  13. 13. Steeltoe 2.3 Steeltoe.Management ● Support for ASP.NET Core Community Health Checks ○ Samples here, additional info here ● Support for launching Cloud Foundry tasks bundled with applications (used with below EF migrations cf task) Steeltoe.Connectors ● Apply EF migrations using ‘cf task’ ● Microsoft SQL Server connector now supports arbitrary properties (including using named instances) passed via jdbc-style uri ● Added GemFire Connector (.NET 4.5.2+ only) ● Added Search Path support for PostgreSQL
  14. 14. Spring Cloud Services
  15. 15. Pivotal Spring Cloud Services 3.1 ● Added back Service Registry as part of SCS. Key features: ○ Service registration via cf bind-service and SCS Connectors client dependency ○ Client-side location of services via SCS Connectors client dependency ○ Bi-directional peer replication between Service Registry instances ● Adds support for backup and restore ○ Based on BBR ○ Backs up the following resources for SCS: ■ Service broker database ■ Mirror service database ■ Mirror service persistent disk for mirrored Git repositories
  16. 16. A developer-friendly way to route API requests (internal or external) to the correct service → Getting Started | Hiding Services | Securing Services PAS SSO Pivotal Spring Cloud Gateway [beta] Use Pivotal Spring Cloud Gateway for Routing Resiliency Monolith Strangling Single Sign-On Security Monitoring Canarying Flexibility Built on Spring Framework, Project Reactor, Spring Boot Benefits include Comprehensive List of Filter Options, Route Configuration Done in Dynamic JSON Configuration
  17. 17. Concourse
  18. 18. Pivotal Concourse 5.5 GA + Helm Chart Support Supported Helm Deployment ● Pivotal Concourse team officially maintains and supports Concourse Helm Chart for our enterprise customers ● Deployment validated with “Hush House”—the environment for observing, maintaining, and operating Concourse on Pivotal Container Service at scale ● Available as download on PivNet Key Feature Updates for 5.5 ● Performance boost from improved volume streaming compression with Zstandard ● Better auditability with improved user session and event tracking ● UI refinements like sticky step headers that enables you to keep track of place ● New Super admin role: broader, more efficient access to permissions across teams ● Automated support for Let’sEncrypt SSL/TLS certificates ● Backup & recovery reliability and configuration improvements
  19. 19. Spinnaker
  20. 20. Pivotal Continuous Delivery with Spinnaker [Beta] Proven, community-driven, open-source Spinnaker releases that are offered and supported by Pivotal on PKS. Confidently deploy and operate microservices across multi-cloud infrastructure: ● Built-in canary analysis and blue-green deployments ● App inventory of your entire application estate ● Security and compliance can be built into opinionated pipelines ● Application performance optimization during runtime based on monitoring feedback ● Deploys native K8s manifests (without modification) according to custom workflows ● Part of Pivotal end-to-end DevOps toolchain
  21. 21. Operator Efficiency © Copyright 2019 Pivotal Software, Inc. All rights Reserved.
  22. 22. Ops Manager 2.7 Operators can now set NSX-V and NSX-T configuration for instance groups in the Ops Manager UI. ● The Resource Config page sports a new redesign, to better support NSX-T & NSX-V. ● Improves consistency
  23. 23. Ops Manager 2.7: Newly Available NSX-V and NSX-T Configuration
  24. 24. Ops Manager 2.7 Operators can get enhanced auditing information through Ops Manager. ● Ops Manager now tracks every request made to Ops Manager in a unified way: what it was, who made it, and when it occurred.
  25. 25. Ops Manager 2.7 Operators can easily send information about their deployment to Pivotal Support engineers. ● A new platform information bundle within Ops Manager creates a zip file when clicked by the user. This file can then be uploaded into a support ticket. Pivotal Support can then start resolution process with basic information about the user. ● This is our first iteration on this feature. It’s built with the simplest information possible. We plan to iterate based on your feedback.
  26. 26. Ops Manager 2.7: One-Click Support Through Platform Information Bundle
  27. 27. Ops Manager API Docs Now Online ● v2.7 ● v2.6 ● v2.5 ● v2.4
  28. 28. Platform Automation Platform Automation 4.0 ● Goal: Continue to ensure support, as needed, for upcoming Pivotal Platform releases. ○ Platform engineers can easily upgrade when those versions become available. ● Version 4.0 includes a new pre-deploy-check that validates that Ops Manager and its staged products are configured correctly. ○ This enables you to ‘fail early’ and correct configurations before applying changes to a production environment. ○ It works with Ops Manager version 2.6 and higher.
  29. 29. Platform Recovery Speed Savings ● Selective backups: Platform Operators can choose which blobstores to backup ○ Operators can opt out of backing up relatively static files like droplets and packages. ○ Trade backup duration with recovery time! ■ Smaller, quicker and therefore more frequent backups for higher RTO
  30. 30. Healthwatch 1.7 Speed Stability ● Adapts for PAS 2.7 relevant KPI/KSI changes. ● Reduced alert noisiness. ○ We’ve reduced the number of alerts that come with out-of-the box thresholds, allowing customers more configuration of their environments as they know them best ○ Alerts on `dynamic` metrics will still be available, however customers will need to configure the threshold values to receive them
  31. 31. Platform Observability PSA: Firehose v1 deprecation period officially starts with PAS 2.7. ● Firehose v1 endpoint is "deprecated" (but still works for PAS 2.7 to support transitions). ● It is succeeded by v2, LogCache/RLP ○ All platform provided consumers have switched with exception of CLI (expected with PAS 2.9) ● Prepare for final v1 deprecation in PAS 2.9!Stability
  32. 32. Service Instance Manager
  33. 33. Pivotal Service Instance Manager [beta] Reduce the time platform operators spend managing services. - Multi foundation - Version independent - Uses Pivotal Platform Permissions - Faster troubleshooting - Savings, via more efficient resource use
  34. 34. Enterprise PKS
  35. 35. Enterprise PKS 1.5 Production-ready Kubernetes on any cloud Kubernetes 1.14.5 Windows based workloads (beta) Enterprise Management Console (beta) Granular Upgrades Leverage SAML for authentication Enterprise Security & Networking • Customized load balancer configuration • Ordering firewall configuration • Assign a well-known IP address to cluster ingress controller and LB Want early access to PKS 1.5 for Windows workloads? Contact your balanced account team.
  36. 36. PAS for Windows
  37. 37. PAS for Windows 2.7 Speed Security .NET devs have the VisualC++ redistributables pre-installed on the rootfs Adding the VisualC++ 2010, (updating) 2017 and 2019 redistribs to the rootfs and additionally ensuring they are pulling the latest versions. [BETA] Windows AIs provide secure mTLS communication to the GoRouter (via Nginx) Encrypted data-in-motion communication is a requirement for many customers, particularly those who require PCI certification for the platform.
  38. 38. PAS for Windows 2.7 Security Stability Windows Server 2019 VMs are compliant with Microsoft Baseline Security Standard As part of improving the security hardening of our Windows Server 2019 VMs, we are aligning with the Microsoft Baseline Security Hardening Standard. Users can no longer toggle RDP in PASW tile If a customer would really like to continue to RDP, they could do so using the BOSH runtime-config.
  39. 39. PSA & Important reminders PASW 2012 R2 End of Availability **Sept 31, 2019** In line with delivering the best experience for Windows workloads on Pivotal Platform, the 2012 R2 stack is being retired. Please talk to your customers to discuss migration and upgrade strategy. ‘-s windows2016’ is deprecated (as of PASW 2.5). In PASW 2.8 the windows2016 stack will no longer work. Use ‘-s windows’ instead. You may run `cf buildpacks` to verify that you have the `windows` associated stack. View a video on how to change the stack, here. Read more about the change, here.
  40. 40. MySQL
  41. 41. MySQL 2.8 ● ICYMI: MySQL for PCF 2.7 (released Aug 1st) ○ Certificate rotation ○ HA Clusters are now GA (v2.7.2) ○ Multi-DC Replication Limited BETA ● MySQL for Pivotal Platform 2.8 offers Multi-DC Replication (Public BETA) ○ Developers can create a Leader-Follower MySQL in two foundations/data centers ○ Developers can bind apps in either foundation to the Multi-DC MySQL instance ○ Developers can trigger a failover to their DR foundation in the case of a disaster ○ Operators can do data center maintenance while minimizing database downtime Coming Soon Stability
  42. 42. RabbitMQ
  43. 43. RabbitMQ 1.18 ● Off-platform access: on-demand instances can be given an externally accessible address ● Granular Upgrades: on-demand instance owners can choose when to perform an upgrade ● Improved availability of SIs when updating underlying RabbitMQ and Erlang versions ● Expose additional metrics (node sockets, cluster response time, node uptime) RabbitMQ Summit - Nov 4th
  44. 44. Comprehensive Security © Copyright 2019 Pivotal Software, Inc. All rights Reserved.
  45. 45. PAS 2.7 Operators can rotate the CCDB encryption key ● Rotation of secrets is a best practice, as it reduces the value of data that leaks outside the org. ● This is now enabled for encrypted fields at rest in the Cloud Controller Database in PAS. Security
  46. 46. Pivotal Compliance Scanner Now GA! ● Allows customers to prove platform compliance through scan results of Ops Man-visible VMs. ● Bundles 4 benchmarks ● Works in foundations with SSO enabled ● S3 bucket support for storing scan results ● Allow cancellation of running scans Compliance Scanner Security
  47. 47. Compliance Updates ● Pivotal Anti-Virus 2.0 now GA ○ Formerly known as ClamAV ○ Now a tile ○ Bundles the ClamAV Mirror Tile to provide an easy way for our customers to set up a mirror, to serve virus definition files. ○ Handles both air-gapped and non-air-gapped use cases Security
  48. 48. PAS 2.7 Developers can configure LDAP user credentials when creating NFS service instances. ● This removes the need for re-entering service bind configuration details when binding NFS services to apps. ● This also enables LDAP integration to work in use cases that do not support bind configuration (e.g. SCDF, or binding via application manifest). Speed Security
  49. 49. © 2019 PIVOTAL SOFTWARE, INC. All Rights Reserved. Confidential & Provided Under NDA —Do Not Distribute. Forwarding this document outside your organization is prohibited. Kubernetes-Native Services
  50. 50. RabbitMQ for Kubernetes Pivotal Platform October Update
  51. 51. Pivotal RabbitMQ for Kubernetes [beta] Why RabbitMQ for Kubernetes? ● More efficient resource consumption ● Consistency ● Modular administration ● Latency A full-featured Kubernetes Operator for RabbitMQ to provision and manage clusters at scale.
  52. 52. Services Marketplace Pivotal Platform October Update
  53. 53. A multi-platform services marketplace Our goal: enable Platform Engineers to intuitively curate and manage a marketplace of services across multiple platforms (both Cloud Foundry and Kubernetes). Services Marketplace © 2019 PIVOTAL SOFTWARE, INC. All Rights Reserved. Confidential & Provided Under NDA —Do Not Distribute. Forwarding this document outside your organization is prohibited. BOSH managed tile (i.e. RabbitMQ) Helm packaged software (ie. MongoDB) Managed services from AWS, Azure, GCP
  54. 54. KSM - A broker to bridge PAS and PKS [beta] KSM enables Platform Engineers to extend the marketplace with a catalog of containerized services deployed on PKS. As a Platform Engineer you can now offer OSS, internal, and COTS products deployed on Kubernetes in your developer marketplace. And once in the marketplace, Application Developers can create and bind dedicated service instances to their applications using native CF commands.
  55. 55. KSM - How it works.
  56. 56. Azure Spring Cloud Pivotal Platform October Update
  57. 57. Azure Spring Cloud: Build, run, and scale apps with Spring Cloud & K8s A complete runtime for Spring Boot microservices (and .NET in the future) Managed Eureka, Config Server, and Circuit Breaker Dashboard Integrated with Azure Monitor & Application Insights Extend apps with Azure data services Supported in the Azure CLI Multi-region Tiered offering: “Standard” & “Premium” Private preview @ SpringOne Platform A fully managed service for microservices, powered by Spring Cloud and Azure Kubernetes Service. +
  58. 58. Partner Ecosystem © Copyright 2019 Pivotal Software, Inc. All rights Reserved.
  59. 59. ISV Ecosystem Momentum Drives Platform Advantage ETL DATABASE IaaS CACHE / LB COMMERCE SEARCH IAM SECURITY TEST ANALYTICS BATCH APM MOBILE CI / CD NETWORKING ITIL BPM IDE/CODE API / SOA / uS / IOT MESSAGING SIEM / LOG / AUDIT CRM Microsoft Azure Microsoft Azure Google Cloud Platform Google Cloud Platform
  60. 60. © Copyright 2019 Pivotal Software, Inc. All rights Reserved. Version 1.0 ● Software published to ● Docs available on
  61. 61. Visit us at KubeCon next month!
  62. 62. Transforming How The World Builds Software © Copyright 2019 Pivotal Software, Inc. All rights Reserved.