Is VMware’s Carvel Donation Just Another CNCF Sandbox?
VMware’s Carvel project has officially joined a long list of Cloud Native Computing Foundation (CNCF) sandbox projects among several dozen others. But before dismissing Carvel as just another way to purportedly help develop applications for and on Kubernetes environments, Carvel has already seen a few use cases that at least make it worth a second look and has seen over 300,000 downloads since the beginning of the year, its creators say.
One of the more prominent cases for Carvel is how it is used for development and deployment of Tanzu and other VMware platforms and tools. In other words, you are likely indirectly or even directly benefiting from the open source platform already if you’re using VMware’s Tanzu for cloud native environments. There is also ample evidence that VMware remains heavily committed to developing and supporting Carvel, especially when considering the success of its flagship Kubernetes products and platforms depending on how well it runs in many ways.
Carvel application packages can be deployed to VMware’s “red hot” Kubeapps application platform as well as to the Tanzu Framework, where Carvel offers a collection of application-centric tools for Kubernetes cluster management, Torsten Volk, an analyst for Enterprise Management Associates (EMA), told The New Stack. “I would expect further integration of these tools with both, Tanzu and Kubeapps, and would be less concerned about VMware losing its enthusiasm for Carvel,” Volk said. “The pretty solid metric of 257 code commits by 60 developers over the past 12 months supports my prediction.”
https://t.co/M7jPQGzdTZ is now a @CloudNativeFdn project, @VMwareTanzu's Shatarupa Nandis said, to manage deployments on @Kubernetes "securely, reliably and with automation." Just another attempt or will it really perform miracles? #cloudnative #keynote @thenewstack #Kubecon2022 pic.twitter.com/KB5TmFuzlP
— BC Gain (@bcamerongain) October 26, 2022
Again, Carvel joins the ranks of other platforms, including Ambassador Labs, Acorn Labs and others, although it does not necessarily compete against these providers, either. It also offers GitOps functionality and can be used in place of leading GitOps tools such as Argo CD and Flux, although users can still use Carvel tools and continue to use Argo CD or Flux for GitOps if they so choose.
A key differentiator, its creators say, is that Carvel is less of a platform than a set of tools to automate and solve issues organizations are having with the development and deployment of applications on Kubernetes. In that respect, Carvel offers a list of specific tools as opposed to an all-encompassing platform.
Among the project’s early adopters are: Twilio, TeraSky, the U.S. Army and others, as well as VMware’s use of Carvel — as mentioned above — for Tanzu Mission Control (TMC) and Tanzu Kubernetes Grid (TKG).
Whether a DevOps team or user wants to use Carvel, it can certainly help those organizations struggling with automation with their production pipeline, VMware’s Valentina Alaria told The New Stack, during KubeCon + CloudNativeCon last week in Detroit, during which Carvel’s becoming a CNCF as a sandbox project was officially announced.
“The idea that you might have different playbooks that you have to manually run, but with Carvel’s modularity, you can use Carvel and other tools to help automate the interface,” Alaria said.
List of Repos
The list of repos for the Carvel project that are communicated on GitHub are:
- ytt – Template and overlay Kubernetes configuration via YAML structures, not text documents.
- kapp – Install, upgrade, and delete multiple Kubernetes resources as one “application.”
- kbld – Build or reference container images in Kubernetes configuration in an immutable way.
- imgpkg – Bundle and relocate application configuration (with images) via Docker registries.
- kapp-controller – Capture application deployment workflow in App CRD. Reliable GitOps experience powered by kapp.
- vendir – Declaratively state what files should be in a directory.
- secretgen-controller – Provides CRDs to specify what secrets need to be on a cluster (generated or not).
The U.S. Army recently described how it uses Carvel to help its users both use and deploy software across highly restricted environments. The users include Army soldiers who are developing software. Carvel has been instrumental in allowing Army users to overcome challenges with kubectl access and use, which are impeded in the environment by firewall restrictions or connectivity issues, U.S. Army representatives say. The U.S. Army finally used the Carvel kapp-controller to help automate the process of allowing users to have the freedom of benefiting from the highly distributed nature of Kubernetes environments without giving them full access to retain restricted access at the same time.
In other words, Carvel has given those serving in the Army the ability to develop and deploy code and applications for distributed environments, in ways they were previously restricted from doing due to security restrictions, Alaria said.