VMware Explore 2022 News

Simplifying Edge Deployments at Scale with VMware Project Keswick

Did you know that enterprise edge is the fastest-growing category of workloads1? But why do customers have so many workloads running at the Edge, to begin with?

There are a variety of reasons:

  • From a usability perspective, deploying applications closer to those using them is often a more viable solution.
  • Customers need closed-loop feedback and the ability to make decisions immediately.
  • From a logistics point of view, customers have use cases where there’s too much data at the Edge to send to the cloud or privacy concerns for the data to be moved.
  • They have locations with limited bandwidth or intermittent connectivity or sometimes long periods of no connectivity.

With new deployment topologies come new challenges — customers want to make their edge infrastructure self-managing and easy to roll out. They need secure and consistent edge locations that can be easily deployed and updated at scale to thousands of locations. They want to avoid hardware vendor lock-in and prefer a flexible deployment model that allows them to easily switch out hardware or their applications at the Edge location. All of this but scaled to 100’s if not thousands of sites, all configured in a well-known deployment state.

Introducing Project Keswick

Project Keswick (as demonstrated in the video below) is an xLabs project originating in the Advanced Technology Group in VMware’s Office of the CTO.

Keswick will work on any VMware-certified hardware as a highly-optimized deployment endpoint for Kubernetes workloads — making it easier for customers to deploy, manage, and maintain containerized applications seamlessly. In addition, Keswick deployment is entirely automated and uses Git as a single source of truth for a declarative way to manage your infrastructure and applications through desired state configuration enabled by GitOps. This ensures the infrastructure and applications running at the Edge are always exactly what they need to be.

Keswick ensures security and reduces attack surface area through workload isolation, control plane isolation from workers, and enforcing no state sharing between apps. In addition, Keswick is lightweight and provides necessary services, only requiring a small amount of memory, CPU, and disk footprint.

Keswick is an edge solution with no compromise, providing customers with real-time support and ensuring maximum performance while maintaining security.

Simply boot up Keswick via a USB drive or PXE at an Edge location, and you’re ready to go!

Overview of Project Keswick

Key Keswick Characteristics

What makes Keswick the ideal solution for Edge locations?

  • Convenience: a Keswick node is designed to operate with no user intervention. Every aspect of the configuration (from ESXi to application) is applied asynchronously from a version-controlled repository
  • Usability: developers can easily apply configurations and update applications on a Keswick node effortlessly by desired state configuration from a single source of truth (Git), which automatically pulls and deploys the applications and applies configuration definition files, using GitOps
  • Security: the Keswick control plane is isolated from the applications it runs, providing an extra layer of security
  • Resilience: all operations supporting a Keswick node run local to the node, ensuring that your workloads remain up and running even without a network connection
  • Performance: Based on the years of virtualization functionality, ESXi is the most performant way to share the hardware resources.

Find out more at VMware Explore 2022

At VMware Explore 2022, Alan Renouf, Senior Product, Line Manager, will demonstrate how easy it is to deploy Project Keswick.

  • Simply boot up a Project Keswick node via PXE or USB to an Edge device: it will configure the device, which is built upon the ESXi hypervisor. Security hardened and ready for applications to be deployed.
  • As part of its infrastructure, Keswick deploys a Kubernetes control plane and a worker node ready to host applications at the edge site. Integration with Flux2 (GitOps) to a Git repository hosting configurations and manifest files enables you to deploy and configure both your infrastructure and applications.
  • These definitions are pulled for every part of the infrastructure, including security, networking, and, most notably, the applications deployed to the Edge. These are then applied to that infrastructure to ensure it stays compliant with the desired state, ensuring application readiness for use at that edge location.


Project Keswick is the easy button for Edge, taking care of infrastructure deployment, security, and scale issues – so that developers can concentrate on innovating and quickly deploy to hundreds or even thousands of edge locations.

Want to get involved?

We are looking for customers to help us design the finer details of how this solution works. We would love to hear from you and for you to help us by becoming a design partner. For more information about Project Keswick, or inquiries about becoming a potential design partner, contact us at: keswick@vmware.com

1: Source: VMware Corporate Intelligence, IDC (Dec. ’21 update)
2: https://fluxcd.io/


Leave a Reply

Your email address will not be published. Required fields are marked *