VCF 9 in Detail – why it’s a genuine step forward for customers

Title Image

Hugo, the Cloud Admin

Hugo stands in for many of our customers: he’s responsible for a platform that must be secure, compliant, and agile all at once.
But his everyday reality is full of real obstacles. Four typical examples:

1. The Ticket Desert

A developer needs a new subnet. The request passes through three departments, each reviewing, approving, and forwarding it.
By the time the VLAN is ready, the sprint is already over – and the planned feature is scrapped.
The result: shadow IT and growing frustration in the team.

Ticket Desert

2. Shared Network, Shared Pain

All teams share a single IP range.
One duplicate hostname is enough, and monitoring collapses for everyone.
Suddenly developers, NetOps, and admins are firefighting together – and tripping over each other in the process.

Shared Network

3. Roles Without Boundaries

NetOps, vSphere admins, and developers all run their own scripts.
But no one has the full picture. A firewall port stays open – unnoticed until compliance shows up at audit time.
The risk is always present.

Roles Without Boundaries

4. No Guardrails, Full Risk

“Just a bit more CPU” – and suddenly a cluster consumes everything it can get.
The finance department’s database suffers, the ESXi farm runs at the limit, alarms are firing.
Without clear guardrails, the platform loses its stability.

No Guardrails

What VCF 9 Really Changes

vSphere Namespaces

Namespaces are more than mere technical isolation – they give customers something like a mini data centre.
A project team gets its own resources, shielded from the rest of the infrastructure, with quotas and policies that cannot be exceeded.
That ensures no one can monopolise the platform – while the VI admin still retains full control.

Namespaces

VM Operator

The VM Operator makes VMs declarative.
A developer writes in YAML what sort of VM they need – and it spins up in seconds.
This means VMs can also be used like containers for short-lived, one-off tasks, instead of going through the full, imperative lifecycle of a traditional VM.
It changes how we think about VMs: they are no longer just “pets” but can be used as dynamically as Kubernetes workloads.

VM Operator

Virtual Private Clouds (VPCs)

With VPCs, VCF 9 allows customers to act as service providers themselves.
Teams can build complex network architectures in self-service – isolated, secure, and scalable.
This solves two classic problems of private clouds: the lack of multi-tenancy and the difficulty of network integration.
For organisations delivering multi-tenant services to internal or external customers, it’s a real breakthrough.

VPCs

Fleet Management with VCF Automation

With VCF Automation (vRA), clarity returns: clusters can be run at scale and consistently.
Business logic is built directly into platform operations – whether for updates, rollouts, or compliance checks.
That reduces manual effort and enables customers to manage their fleets in the same way as modern public cloud platforms.

Automation

Multi-AZ Topologies

Multi-AZ is not just an architectural feature – it changes the developer’s perspective.
For the first time, they see the actual topology of the infrastructure and can design their applications to be topology-aware.
That makes the platform more cloud-native, enabling developers to create availability models similar to those used in hyperscaler regions.
For us, Multi-AZ topologies are the step that brings VMware closest to the region models of major providers – and there’s more to come.

Multi-AZ1
Multi-AZ2
Multi-AZ3

Upstream Alignment

One of the key strengths of VKS: it stays very close to upstream Kubernetes.

A Venn diagram explains it well:

  • In real multi-cloud environments, the lowest common denominator of features often dictates what’s possible.
  • Many abstraction layers set that bar so low that valuable platform features are lost.

With VKS, it’s different:

  • Customers can use the full native features of vSphere and NSX whenever they need them.
  • At the same time, they can always fall back to the unified subset of Kubernetes when portability across platforms takes priority.
  • Unlike distribution-based approaches that over-abstract, here the choice remains with the customer.

That makes VKS a Kubernetes service that integrates seamlessly into the VMware world – while remaining open and CNCF-compliant.

Upstream Alignment

My Talk

I recently gave a talk on exactly these themes: how VCF 9 and VKS work together to make complex realities simpler and safer.

Talk

Watch on-demand

Conclusion

Session Cover

VCF 9 delivers the very features that move customers forward in day-to-day operations – not as buzzwords, but in concrete terms:

  • Namespaces for safety and freedom.
  • VM Operator for declarative, dynamic VMs.
  • VPCs for real multi-tenancy.
  • VCF Automation for consistent fleet management.
  • Multi-AZ for cloud-native designs, close to the region model of the hyperscalers.
  • Upstream alignment for portability, without having to forgo native features.

That’s why, for me, VCF 9 is a genuine step forward.