vSphere with Tanzu introduces a new construct that is called vSphere Pod, which is the equivalent of a Kubernetes pod. A vSphere Pod is a VM with a small footprint that runs one or more Linux containers. Each vSphere Pod is sized precisely for the workload that it accommodates and has explicit resource reservations for that workload. It allocates the exact amount of storage, memory, and CPU resources required for the workload to run. vSphere Pods are only supported with Supervisor Clusters that are configured with NSX-T Data Center as the networking stack.

Figure 1. vSphere Pods
ESXi host containing two vSphere Pod boxes. Each vSphere Pod has containers running inside of it, a Linux kernel, memory, CPU, and storage resources.
vSphere Pods are objects in vCenter Server, and therefore enable the following capabilities for workloads:
  • Strong isolation. A vSphere Pod is isolated in the same manner as a virtual machine. Each vSphere Pod has its own unique Linux kernel that is based on the kernel used in Photon OS. Rather than many containers sharing a kernel, as in a bare metal configuration, in a vSphere Pod, each container has a unique Linux kernel
  • Resource Management. vSphere DRS handles the placement of vSphere Pods on the Supervisor Cluster.
  • High performance. vSphere Pods get the same level of resource isolation as VMs, eliminating noisy neighbor problems while maintaining the fast start-up time and low overhead of containers.
  • Diagnostics. As a vSphere administrator you can use all the monitoring and introspection tools that are available with vSphere on workloads.
vSphere Pods are Open Container Initiative (OCI) compatible and can run containers from any operating system as long as these containers are also OCI compatible.
Figure 2. vSphere Pod Networking and Storage
vSphere Pod with containers, container engine, and pod engine inside. The pod connects to container image, storage, NSX switch, spherelet, and hostd.
vSphere Pods use three types of storage depending on the objects that are stored, that are ephemeral VMDKs, persistent volume VMDKs, and containers image VMDKs. As a vSphere administrator, you configure storage policies for placement of container image cache, ephemeral VMDKs, and control plane VMs on the Supervisor Cluster level. On a vSphere Namespace level, you configure storage policies for placement of persistent volumes and for placement of the VMs of Tanzu Kubernetes clusters. See Using Persistent Storage in vSphere with Tanzu for details about the storage requirements and concepts with vSphere with Tanzu.

For networking, vSphere Pods and the VMs of the Tanzu Kubernetes clusters created through the Tanzu Kubernetes Grid Service use the topology provided by NSX-T Data Center. For details, see Supervisor Cluster Networking.

vSphere Pods are only supported on Supervisor Clusters that use NSX-T Data Center as their networking stack. They are not supported on clusters that are configured with the vSphere networking stack.