What’s New with VMware Tanzu Application Catalog - Aug 2023
Welcome to the first edition of the “What’s New with VMware Tanzu Application Catalog” series.
An overview of Tanzu Application Catalog
There are many reasons why developers are using open source software (OSS) to build modern applications. OSS accelerates development, lowers maintenance costs—the code is maintained and tested by the authors and community contributors—and allows tech teams to work with their preferred technology.
However, along with all the benefits, using OSS can pose certain challenges when deploying applications to production environments. To benefit from open source software while minimizing risk, enterprises must ensure that the content their development teams are using comes from trusted sources, is safe, continuously updated, and complies with their internal policies.
Bitnami Application Catalog has been packaging open source applications for more than 15 years and is a reference for the developer community as one of the most reliable sources for open source building blocks.
VMware Tanzu Application Catalog is an enterprise version of Bitnami Application Catalog. It enables enterprise platform engineering teams to customize OSS applications and have them delivered directly to a private repository for seamless use by their developers.
These applications are continuously maintained and verifiably tested for use in production environments and come with the guarantee of being the latest upstream release with strict SLO commitments. Read this blog post announcement to learn how to mitigate open source software supply chain risks with Tanzu Application Catalog.
To meet the demands of our customers, the Tanzu Application Catalog team continually expands our catalog by incorporating new open source applications on a regular basis. Additionally, we prioritize customer requests and make efforts to include them in our growing selection. So far this year, the Bitnami content team has onboarded more than 15 new applications and added additional deployment options for several existing applications. Keep reading to find out what is new in Tanzu Application Catalog.
Latest updates in Tanzu Application Catalog
Over the last few months, Tanzu Application Catalog welcomed an array of new additions and new deployment offerings for existing applications. As with the rest of the catalog, all these applications are thoroughly tested and come with comprehensive build time reports, metadata, and software bills of materials (SBoM) for increased transparency and security, regardless of whether they are packaged as Helm charts, containers, or virtual machines (VMs).
Find below the list of Helm charts, containers, and VMs that are now available for customers to add to their private catalogs:
Helm charts and containers
- Flux – Container and Helm chart
- multus-cni – Container and Helm chart
- Whereabouts – Container and Helm chart
- Apache Flink – Container and Helm chart
- Apache APISIX – Container and Helm chart
- Kaniko – Container
- JAX – Container
- Prometheus – Helm chart, previously only available as container
- Fluent Bit – Helm chart, previously only available as container
- JAX – Container
- Kubeapps OCI Catalog Service – Container
- Milvus – Container and Helm chart
Virtual machines
- Kong – Previously available only as container and Helm chart
- Jaeger – Previously available only as container and Helm chart
- Percona Server for MySQL – Previously available only as a container
- MinIO – Previously available only as container and Helm chart
- Supabase – Previously available only as container and Helm chart
- Concourse – Previously available only as container and Helm chart
All these applications are also available as free content—packaged using Debian as the default base image—on Bitnami Application Catalog; Google Cloud, AWS, and Azure marketplaces; GitHub, and DockerHub.—and they are ideal for use in development environments. Production-grade versions of the same applications are available in Tanzu Application Catalog.
Catalog improvements
Our team has also included new features to enhance the user experience:
- Kafka images now include support to utilize the KRaft mode that allows running Kafka without the need for ZooKeeper.
- SPDX (Software Package Data Exchange) SBOM reports now come with runtime language dependencies and are integrated with CPE (Common Platform Enumeration). These latest improvements, in combination with the usage of Syft and Grype to enhance SBoM reports and vulnerability scanning for containers, result in enriched metadata—enabling better identification and classification of software components—and increased reliability in CVEs detection.
- Vulnerability Exploitability eXchange (VEX) documentation is now available as a part of the build-time reports of all Photon OS 4–based containers. Learn how to gain actionable visibility into upstream vulnerabilities with VEX from VMware Tanzu Application Catalog.
Additionally, we have introduced enterprise support for two of our most popular Kubernetes projects: Kubeapps and Sealed Secrets, enabling customers to easily deploy and manage applications on Kubernetes clusters while adding an extra layer of security to their deployments.
Learn more about Tanzu Application Catalog
Tanzu Application Catalog currently supports more than 100 images, ranging from build and development tools to databases and runtimes ready to run in production environments. The catalog is continuously growing and updated to enhance existing applications and meet customers' demand.
Please review the Applications changelog to stay informed about the latest additions to the catalog.
To learn more about Tanzu Application Catalog visit our product page, browse through all applications available on Tanzu Application Catalog, check the VMware Apps and Cloud Management Tech Zone, or read our updated technical documentation.
For more questions, reach out to the product team directly at app-catalog@vmware.com.