Discover how we’re supporting Helm charts, why we’ve made tarballs for containers and Helm charts downloadable, and how we’ve dialled security up a notch in this latest update to the VMware Cloud Marketplace. Take a sneak peek at upcoming features while you’re here.
Earlier this year, we talked about a key update on VMware Cloud Marketplace – the ability to host ISV-published and open-source Docker Images on our own container registry. We recently released a host of other features that enhance our subscribers’ use of containers. These features are explored below. See what’s coming up on the roadmap, too.
Support for Helm charts
Helm charts help to streamline and simplify the deployment of Kubernetes applications, and VMware Cloud Marketplace now supports third-party Helm chart solutions in our catalog. Publishers can upload the solution through a public link of the Helm chart repo with deployment instructions and customized values.yaml file.
Alternatively, publishers can now upload the Helm chart as tarballs to the Marketplace storage.
Downloading container solutions from the catalog
Previously, to access container solutions on VMware Cloud Marketplace, users would follow deployment instructions which link to the public container registry details. Now, you can download these container solutions as tarballs. As noted above, this capability also extends to Helm charts, which we recently included as an available format for third-party solutions.
By making tarballs for containers and Helm charts downloadable, you can use these solutions independent of registries and chart repos. Moreover, it enhances usability for those who are on-premises or using cloud infrastructure with limited or controlled outgoing Internet connections.
For our publishers, tarballs offer a way to drive up the consumption of published solutions by providing this additional download option for their container and Helm chart solutions. We further facilitate this publisher-user interaction by providing publishers with related analytical data, such as the count, orgs and times related to each download instance.
Enhancing security for containers
Ensuring the security of containers – from the pipeline, to deployment, to integration tools – is a major consideration for enterprises. There are already many container-focused third-party and open-source security solutions on VMware Cloud Marketplace. In the past month, we have also enhanced the innate security of the Marketplace service itself for the secure use of containers.
First, we now provide our publishers with access to security scan reports during the publish process. These security scans are provided through the third-party scanner tool Clair, and are available to publishers whether the solution is uploaded as a tarball or linked via deployment instructions.
Second, we now create an organization-based repository for each consumption instance of a container solution hosted in our Marketplace registry. Publishers benefit from a high level of security, even in the case of a breach or other exposure incident in a consumer’s organization.
What’s next: Roadmap for containers on VMware Cloud Marketplace
Beyond these important updates for consumers and publishers, we have a number of container-related features on the roadmap over the next few weeks and months:
- Long-term Docker token – Currently, Docker image tokens on the Marketplace are valid for up to 12 hours. However, in extended use, these rapidly deteriorating tokens become tedious for administrators to continuously maintain and update. To alleviate these issues, we are currently working on a long-running Docker token in a Kubernetes setting – valid for, say, six months to a year.
- Kubernetes operators – We are currently working on including Kubernetes operators in our catalog. These specialized applications will help subscribers to automate and streamline their Kubernetes operations.