CNCF-certified Kubernetes built directly into the vSphere hypervisor. Run containers and VMs on one platform, one management plane, and one security model. No separate Kubernetes infrastructure required.
Best for
Included in VCF and VVF subscriptions
What is VMware vSphere Kubernetes Service?
VMware vSphere Kubernetes Service (VKS) is a CNCF-certified Kubernetes distribution built directly into the vSphere hypervisor. Organizations use it to run containers alongside VMs on the same infrastructure, with unified security policies and a single management plane. VKS is included in VMware Cloud Foundation and VMware vSphere Foundation subscriptions.
Most organizations that adopt Kubernetes end up building and managing a separate infrastructure stack — dedicated Linux VMs, separate networking, separate security policies, and separate monitoring tools. This creates operational overhead that slows adoption and increases risk.
Running Kubernetes typically requires provisioning dedicated VMs, installing and maintaining a separate Linux OS layer, and managing cluster lifecycle independently from existing infrastructure.
VKS eliminates this by running Kubernetes directly on the hypervisor. No separate VM layer. No separate OS to patch. Infrastructure teams manage one platform instead of two.
When VMs and containers run on separate stacks, security teams must manage two sets of policies, two networking models, and two compliance workflows. Gaps between them become attack surfaces.
VKS shares the same NSX networking and micro-segmentation used for VMs. One security model, one policy engine, one audit trail for both workload types.
Developers waiting weeks for Kubernetes clusters bypass IT and spin up unmanaged clusters in public cloud. IT loses visibility, governance, and cost control.
VKS provides self-service Kubernetes provisioning with IT-defined guardrails. Developers get clusters in minutes. IT maintains governance, security policies, and resource quotas.
CNCF-certified Kubernetes on the hypervisor
Cluster autoscaling including scale-from-zero
FIPS mode & NSX micro-segmentation
Multi-cluster fleet management
VKS fits specific infrastructure scenarios. Use this as a starting point to evaluate whether it matches your environment and requirements.
Organizations migrating monolithic applications to containers need Kubernetes, but building a separate container platform adds complexity. VKS lets teams run both legacy VMs and new containerized workloads on the same infrastructure without managing a second platform.
Typical scenario: A manufacturing company breaks a monolithic ERP system into microservices. The legacy application components continue running as VMs while new services deploy as containers on VKS — all managed through the same vSphere console, same security policies, same backup procedures.
Healthcare, financial services, and government organizations need Kubernetes that meets compliance requirements. VKS supports FIPS mode, integrates with NSX for micro-segmentation, and runs on infrastructure the organization owns and controls.
Typical scenario: A financial services firm runs containerized trading analytics on VKS with FIPS-validated encryption enabled. NSX micro-segmentation isolates container traffic from other workloads. Compliance teams audit one platform instead of two separate infrastructure stacks.
Platform teams providing self-service Kubernetes to developers need a way to enforce resource quotas, security policies, and networking standards without slowing delivery. VKS provides developer self-service with IT governance built in.
Typical scenario: A platform engineering team at a SaaS company enables 50 development teams to provision Kubernetes clusters on demand. IT defines cluster templates with resource limits, network policies, and approved container registries. Developers get clusters in minutes through self-service. IT maintains full visibility and cost control.
AI and ML teams need GPU-enabled Kubernetes clusters for training and inference. VKS supports GPU passthrough and vGPU on Kubernetes, so organizations can run AI workloads on private infrastructure without separate GPU management tooling.
Typical scenario: A healthcare organization runs AI-assisted diagnostic models on GPU-enabled VKS clusters. Patient data stays on-premises for HIPAA compliance. The same vSphere infrastructure runs both the AI inference containers and the traditional EHR application VMs.
VKS is not a standalone product. It is a Kubernetes runtime layer built into the vSphere hypervisor and managed through the VCF platform. Here is how the components work together.
VMware vSphere Kubernetes Service (VKS) is a CNCF-certified Kubernetes distribution built directly into the vSphere hypervisor. It allows organizations to run and manage Kubernetes clusters alongside traditional VMs on the same infrastructure.
The practical benefit: no separate Linux VMs to provision and manage for Kubernetes. No separate networking stack. No separate security model. Infrastructure teams manage one platform for both VMs and containers.
VKS is included in both VMware Cloud Foundation (VCF) and VMware vSphere Foundation (VVF) subscriptions. It is not sold as a standalone product.
If your organization already has a VCF or VVF subscription, you have VKS entitlements at no additional cost. Contact a VirtualizationWorks specialist to help you enable and configure it in your environment.
VKS is CNCF conformant, so standard Kubernetes tooling and APIs work as expected. kubectl, Helm, ArgoCD, and other Kubernetes-native tools work without modification.
The key difference is that VKS runs directly on the vSphere hypervisor rather than on separate Linux VMs. This eliminates the need to manage a separate infrastructure layer for Kubernetes. Security policies, networking, and storage are unified with the same controls used for VM workloads.
Compared to Rancher or OpenShift, VKS eliminates the need to manage a separate Kubernetes infrastructure stack and a separate license. Organizations with existing VMware environments get Kubernetes without adding a new vendor or a new management plane.
Yes. VKS supports GPU-enabled Kubernetes clusters using vSphere's GPU passthrough and vGPU capabilities. Organizations can run AI/ML training and inference workloads on Kubernetes with the same GPU management and security controls used for VM-based workloads.
For organizations that need a full AI infrastructure stack, VKS works with VMware Private AI Foundation with NVIDIA to provide GPU virtualization, the NVIDIA AI Enterprise software stack, and high-bandwidth networking on private infrastructure.
VKS supports CNCF-conformant Kubernetes releases and maintains support for N-2 versions. This means your organization can run current and recent Kubernetes versions while maintaining compatibility with standard Kubernetes APIs, Helm charts, and CI/CD tooling.
VKS also supports ArgoCD and GitOps workflows for automated cluster and application deployment. Service mesh integration is available for organizations that need advanced traffic management between microservices.
VirtualizationWorks is an authorized VMware reseller. We help IT teams evaluate VKS, plan container platform deployments on VCF, and navigate VMware licensing for Kubernetes workloads.
Have questions about vSphere Kubernetes Service, VCF licensing, or container platform deployment? Fill out the form below and a VirtualizationWorks specialist will follow up.
