Broadcom VKS 3.6 and VCF: Kubernetes as a Day-Two Enterprise Platform Layer

Broadcom is doubling down on enterprise Kubernetes at exactly the moment when platform teams are under pressure to do three things at once: simplify operations, support AI-heavy workloads and preserve enough flexibility to avoid being boxed into a single toolchain. The company’s latest VKS upgrades, open-source contribution around Velero and expanded partner integrations signal a clearer strategy for VMware Cloud Foundation as a unified private cloud stack rather than just a collection of infrastructure products. The message is simple but consequential: Kubernetes is no longer being treated as a standalone orchestrator, but as a core operating layer for modern enterprise IT.

Background​

Kubernetes has spent the past several years moving from an exciting open-source container scheduler to a mission-critical enterprise platform. That shift has not been linear, though. Early adopters cared most about getting clusters running; later adopters discovered that the hard part was not launch day, but the day-two problems of upgrades, policy enforcement, observability, networking and recovery. Broadcom’s current pitch reflects that reality and mirrors a broader market transition already visible across the cloud-native ecosystem.
Broadcom’s VMware business has also changed sharply since the acquisition era began. Instead of presenting Kubernetes as an isolated capability, the company has steadily folded container orchestration deeper into VMware Cloud Foundation and pushed toward a private-cloud model where infrastructure, security and app delivery are designed to work together. That has made VMware’s Kubernetes story less about novelty and more about governance, lifecycle control and repeatability at enterprise scale.
That backdrop matters because enterprises are now running mixed estates. Many still have legacy virtual machines, databases and regulated workloads on-premises, while also trying to support cloud-native applications and AI pipelines that behave nothing like traditional enterprise software. Broadcom’s answer is not to force customers into a single application model, but to make VKS and VCF look like a single foundation across old and new workloads.
The company is also talking more explicitly about AI as a forcing function. As inference pipelines, vector stores and agentic systems become part of the application mix, Kubernetes needs better tuning, stronger ingress, more predictable upgrades and more flexible networking. In other words, Kubernetes is no longer “just infrastructure”; it is increasingly a control plane for the enterprise software factory.

---

Why Broadcom Is Reframing Kubernetes​

Broadcom’s timing is deliberate. KubeCon Europe 2026 gives the company a highly visible stage to show that its Kubernetes story has matured from feature delivery into platform strategy. The company is using that forum to emphasize reliability, resilience and interoperability rather than raw orchestration features.
The logic is that customers no longer buy Kubernetes in isolation. They buy outcomes: faster upgrades, fewer outages, simplified policy management and less custom glue code across networking, security and storage. Broadcom is positioning VKS as the part of VMware Cloud Foundation that can absorb those operational headaches without forcing teams to rebuild their environments from scratch.

A platform engineering play​

This is fundamentally a platform engineering story. Broadcom is speaking to teams that want a curated Kubernetes experience, not a raw upstream distribution they must assemble themselves. By bundling lifecycle support, OS choices, networking compatibility and AI-oriented tuning, the company is betting that consistency matters more than absolute minimalism.
The competitive implication is important. If Broadcom can make VKS feel operationally boring in the best possible way, it competes not just with other VMware alternatives but with managed cloud Kubernetes offerings that promise convenience at the cost of portability. That is a strong message for regulated industries and private-cloud-heavy enterprises.

• Broadcom is trying to make Kubernetes feel predictable rather than experimental.
• The company is aligning VKS more tightly with private cloud operations.
• Enterprise buyers are being offered fewer moving parts and more lifecycle discipline.
• The message targets platform teams, not hobbyist cloud-native users.

Broadcom’s language around “day-two” operations is especially revealing. The industry already knows how to spin up Kubernetes; the differentiator now is how well vendors handle upgrades, failures and cluster drift over time. That is where Broadcom believes it can outmaneuver more fragmented approaches.

---

Velero and the Open-Source Signal​

The decision to move Velero into the CNCF Sandbox is more than a housekeeping announcement. It sends a signal that Broadcom wants at least some of its cloud-native credibility to come from community governance rather than pure vendor stewardship. In the enterprise software world, that distinction matters because customers often view open-source control as a proxy for longevity and trust.
Velero itself fills a gap that Kubernetes does not solve on its own: cluster-level backup, restore and migration. As stateful workloads become more common, that gap becomes harder to ignore. Enterprises need to protect data, recover quickly after failures and move workloads between clusters without inventing custom backup logic for every environment.

Why backup is now core infrastructure​

Backup used to be treated as an adjacent concern. In modern Kubernetes environments, it is part of the platform contract. If application teams are expected to run databases, queues and persistent services on Kubernetes, then backup and recovery cannot be an afterthought. Broadcom’s emphasis on Velero acknowledges that reality in a practical way.
The CNCF Sandbox designation is also important because it places the project in a neutral home with community visibility and mentoring. That can reduce concerns that a corporate sponsor might bend the project toward a narrow commercial agenda. For Broadcom, the upside is that it can present the move as evidence of long-term stewardship rather than withdrawal.

• Velero covers a Kubernetes capability that is not native to the core platform.
• Sandbox placement can broaden outside participation and adoption.
• Enterprises running stateful workloads gain a more credible recovery story.
• Broadcom benefits from signaling vendor-neutral governance.

There is also a subtle market message here. Broadcom is not abandoning the open-source ecosystem; it is selectively emphasizing where open governance strengthens trust and where commercial packaging still drives enterprise value. That balance is likely to define the next phase of VMware’s cloud-native positioning.

---

VKS 3.6 and the Day-Two Problem​

The centerpiece of the announcement is VKS 3.6, Broadcom’s latest Kubernetes runtime release inside VMware Cloud Foundation. The update is aimed squarely at operational friction: lifecycle management, upgrade safety, compatibility and performance tuning. Those are not flashy features, but they are the ones platform teams tend to care about most once clusters are in production.
Support for Kubernetes 1.35 and extended lifecycle windows shows that Broadcom wants to reduce the cadence pressure on customers. In many enterprises, upgrade windows are constrained by application testing, change management and compliance processes, so a runtime that can stretch support while maintaining consistency is likely to be welcomed.

Upgrades without drama​

Broadcom is also highlighting improved checks designed to reduce disruption during upgrades. That matters because Kubernetes upgrades are often less about software compatibility in the abstract and more about the messy choreography of add-ons, controllers and workload dependencies. A smoother path here can reduce the operational tax that causes some enterprises to stall modernization projects.
The company’s mention of performance tuning is also significant. Kubernetes is often accused of being flexible but inefficient for certain workloads, especially databases and high-throughput applications that need careful kernel-level optimization. Declarative tuning profiles are Broadcom’s attempt to automate what used to require deep Linux and cluster expertise.

• Support for Kubernetes 1.35 keeps the platform aligned with current upstream releases.
• Extended support windows help enterprises pace upgrades more safely.
• Declarative tuning reduces the need for hand-crafted node optimization.
• Better checks during upgrade can cut avoidable outage risk.

This is a smart move because it attacks the most common enterprise complaint about Kubernetes: not that it is incapable, but that it is expensive to operate well. If Broadcom can reduce the number of special cases, it can make Kubernetes palatable for a broader set of infrastructure teams.

---

AI Workloads Change the Requirements​

Broadcom is also making a clear bet that AI workloads will reshape how Kubernetes is consumed. The company’s focus on performance tuning, security and integrated support for distributed applications is really a response to the demands of AI systems, which often need high throughput, tight governance and predictable infrastructure behavior.
Unlike many traditional enterprise apps, AI pipelines combine heavy compute, data movement, model access controls and sometimes agentic orchestration. That means Kubernetes has to do more than schedule containers; it has to serve as the substrate for increasingly complex runtime patterns. Broadcom is wisely treating that as a platform design problem, not a bolt-on feature request.

Declarative tuning for data-heavy apps​

The declarative tuning profiles Broadcom is adding are a good example of where the market is heading. Instead of expecting operators to understand every kernel toggle and node quirk, the platform can apply known-good settings based on workload class. That is especially appealing when the workload mix includes databases, inference engines and event-driven services.
There is also a deeper strategic angle. Broadcom wants to make VCF the place where AI and non-AI workloads coexist under the same governance umbrella. That could be compelling for enterprises that do not want a separate “AI island” with a different operational model, a different security stack and a different procurement process.

• AI workloads increase the need for consistent performance tuning.
• Kubernetes becomes a control plane for mixed compute and data workflows.
• Declarative policies reduce operator dependence.
• Unified governance is attractive for regulated enterprises.

The risk, of course, is that Broadcom may overpromise how much abstraction can hide complexity. AI systems are notoriously variable in resource behavior, so customers will still need strong observability and capacity planning. But as a direction, Broadcom’s message is aligned with where the market is going.

---

Networking, Security and the Ingress Transition​

One of the more practical pieces of the announcement is Broadcom’s response to the retirement of the open-source Ingress NGINX controller. That component has long been a workhorse for external access into Kubernetes services, so any deprecation story creates operational urgency for enterprise users. Broadcom is positioning its VMware Avi Load Balancer as the replacement path.
This is not simply a product swap. Broadcom is framing Avi as a broader architectural upgrade that combines load balancing, security and observability while integrating natively with VKS on VCF deployments. That positioning matters because customers often prefer migrations that consolidate functions instead of merely replacing one controller with another.

Why ingress is a strategic choke point​

Ingress is one of those components that only gets noticed when it breaks. It sits at the boundary between internal services and the outside world, which makes it a critical enforcement point for traffic, policy and visibility. In that sense, Broadcom’s move to promote Avi is as much about control as it is about convenience.
The company’s expanded partnerships with F5, Kong and Tigera reinforce that point. These are not random additions; they cover app delivery, API management and security, the three layers that increasingly define the edge of modern Kubernetes environments. Broadcom appears to be saying that customers can choose their preferred control points as long as they fit into the VKS framework.

• Ingress migration is a real operational issue for enterprises.
• Avi is being sold as a functional and architectural upgrade.
• Partners extend flexibility without forcing custom integration work.
• Security and observability are now inseparable from ingress design.

This is a sensible strategy because no single vendor can credibly own every control plane function in modern enterprise networking. The winners are likely to be the platforms that coordinate best with specialized partners while still preserving a unified experience.

---

Operating System Choice and Enterprise Continuity​

Broadcom’s addition of Red Hat Enterprise Linux support for both control plane and worker nodes is an important compatibility story. It gives enterprises a cleaner path for standardization, especially in shops that already run RHEL broadly across their server estate. That matters because Kubernetes adoption is often constrained less by Kubernetes itself than by the operating system policies underneath it.
The supported OS list now includes RHEL, Photon OS 5, Ubuntu 22.04 and 24.04, and Windows Server 2022. That breadth lets Broadcom speak to a wide range of enterprise deployment philosophies, from Linux-standardized infrastructure teams to organizations with lingering Windows workloads.

Standardization without a rewrite​

This is one of the more understated but valuable parts of the announcement. Enterprises rarely want to replatform the entire OS layer just to get a better Kubernetes experience. By expanding OS choice, Broadcom is making it easier to adopt VKS incrementally rather than as a disruptive replacement project.
That flexibility also helps Broadcom in mixed estates where infrastructure modernization happens in phases. A company can keep existing operating environment conventions while still introducing VKS as the container layer and later normalizing around a preferred baseline. In enterprise sales, that kind of gradualism is often the difference between interest and approval.

• RHEL support lowers friction for Red Hat-centric shops.
• Multiple OS options make staged migration easier.
• Existing governance standards can be preserved.
• Hybrid estates become more manageable under one platform.

There is an obvious commercial logic here: the more familiar the underlying OS, the easier it is for procurement, operations and security teams to sign off. Broadcom is not trying to replace enterprise habits overnight; it is trying to package Kubernetes in a way that respects them.

---

Partnerships as an Interoperability Strategy​

The expanded partner ecosystem is one of the strongest signs that Broadcom recognizes how enterprise Kubernetes is really bought and deployed. Customers do not want a monolith; they want a platform that works with the tools they already trust. That is why integrations with F5, Kong and Tigera are more than marketing theater.
In practice, these partnerships cover a spectrum of need: traffic management, API governance and security policy. That maps neatly onto the operational reality of distributed applications, where the network edge, service layer and policy layer have become tightly coupled. Broadcom seems to understand that flexibility is now a feature, not a concession.

Reducing custom glue code​

A recurring enterprise pain point is the amount of bespoke integration work required to make tools behave as a coherent stack. Broadcom’s partnership posture suggests a desire to reduce that burden by pre-validating combinations and narrowing the space for brittle DIY integration. That can lower deployment risk and accelerate rollout decisions.
This approach also serves Broadcom competitively. By allowing best-of-breed partners to coexist with VKS, the company can keep customers inside its ecosystem without demanding that every operational need be satisfied by a native Broadcom component. In a market where lock-in concerns are always present, that is a useful balancing act.

• Partnerships reduce the need for custom integration work.
• Enterprise buyers get more choice without losing standardization.
• Validated ecosystems can shorten deployment timelines.
• Broadcom gains credibility with platform engineering teams.

The broader implication is that Broadcom is moving toward a federated platform model. It wants to remain the foundation, but not necessarily the only tool in the stack. That is a more realistic enterprise proposition than trying to own every layer outright.

---

Competitive Positioning in a Crowded Market​

Broadcom’s Kubernetes push lands in a crowded field. Red Hat, Google Cloud, AWS, Microsoft and others all have strong stories around cloud-native operations, managed Kubernetes and AI-ready infrastructure. Broadcom does not need to out-manage the hyperscalers at their own game; it needs to prove that on-prem and hybrid customers can get comparable operational simplicity with better control.
That is where VMware Cloud Foundation remains strategically important. VCF gives Broadcom a packaging advantage: it can present compute, storage, networking, security and Kubernetes as parts of one architectural plan. For enterprises pursuing private cloud or regulated AI deployments, that message is more coherent than a grab bag of point products.

Why rivals should pay attention​

Broadcom’s messaging suggests it is trying to own the operating model rather than the container runtime alone. That can be more durable than chasing feature parity because it shifts the competitive fight to lifecycle, governance and consistency. Those are areas where enterprise buyers often value stability over novelty.
It also reflects a subtle change in how Kubernetes is judged. The best platform is no longer the one with the most raw flexibility, but the one that makes flexibility manageable at scale. That benefits vendors who can integrate cleanly with the broader enterprise stack and provide guardrails without destroying choice.

• Broadcom is competing on operating model, not just features.
• Private cloud remains a strong differentiator.
• AI workloads make governance and consistency more valuable.
• Hyperscaler convenience is not always enough for regulated buyers.

This is especially relevant given how much the market has shifted toward AI-native infrastructure. As more enterprises ask how to host inference and data pipelines securely, the vendor that can stitch together Kubernetes, networking and compliance without drama will have a real advantage.

---

Strengths and Opportunities​

Broadcom’s announcement has real strengths because it ties together open source, platform operations and ecosystem partnerships into a single story. The company is not just adding features; it is trying to reduce entropy in the enterprise Kubernetes stack. That is a compelling pitch for organizations that are already exhausted by complexity.

• Operational simplicity is a strong differentiator in enterprise Kubernetes.
• Velero’s CNCF Sandbox move can increase trust in the project’s future.
• VKS 3.6 addresses real day-two pain points.
• RHEL support broadens appeal to conservative enterprise estates.
• Partner validation reduces integration risk.
• AI workload tuning aligns the platform with current buying priorities.
• Avi Load Balancer integration offers a clean response to Ingress NGINX retirement.

The opportunity is particularly strong in regulated, hybrid and private-cloud-heavy industries. Those buyers tend to prioritize governance, compatibility and lifecycle control, which are exactly the areas Broadcom is highlighting. In other words, Broadcom is leaning into the parts of Kubernetes that enterprises actually struggle to operationalize.

---

Risks and Concerns​

The biggest risk for Broadcom is execution fatigue. Enterprises are often sympathetic to platform consolidation narratives, but they still judge vendors on migration complexity, support quality and the pace of innovation. If the ecosystem feels too curated or too locked down, the company could lose the goodwill it is trying to build. Choice has to feel genuine, not merely scripted.
There is also the usual tension between enterprise simplicity and Kubernetes’ open, composable ethos. Broadcom is trying to abstract away complexity, but over-abstracting can create another layer of dependency that customers resent later. That is especially true if operational behavior becomes too tightly coupled to VMware-specific tooling.

• The platform could be seen as too proprietary despite open-source gestures.
• Enterprises may worry about migration complexity from existing ingress tooling.
• AI performance claims will need proof under real workloads.
• Partner integration quality must remain consistent over time.
• Lifecycle promises matter more than launch-day features.
• Competing clouds may still look simpler for some use cases.
• Broadcom has to prove that vendor neutrality is more than positioning.

Another concern is market perception. Broadcom still has to overcome skepticism from customers who view VMware’s post-acquisition era through the lens of pricing, licensing and product consolidation. Announcements like this help, but trust is rebuilt through sustained delivery, not just polished messaging. That is the real test the company now faces.

---

Looking Ahead​

The next phase will be about whether Broadcom can turn this strategic framing into measurable customer momentum. If VKS 3.6, Velero’s community transition and the partner ecosystem together reduce enough friction, the company could strengthen VMware Cloud Foundation’s role as a default enterprise private cloud platform. If not, the announcements will read as sensible but insufficient.
What will matter most over the coming months is whether Broadcom can show that its Kubernetes story is coherent across lifecycle, security, performance and AI support. The market is moving quickly, and platform engineering teams are increasingly allergic to vague promises. Broadcom needs to prove that its stack can handle real production pressure without turning into another complexity engine.

Key things to watch​

• Whether customers adopt VKS 3.6 as a safer upgrade path.
• How much traction Velero gains under CNCF Sandbox governance.
• Whether Avi becomes the default migration path for Ingress NGINX users.
• How effectively Broadcom demonstrates AI workload performance in production.
• Whether partner integrations reduce, rather than reintroduce, operational complexity.

Broadcom’s latest Kubernetes push is best understood as an attempt to make Kubernetes less like a project and more like a platform discipline. That may sound incremental, but in enterprise IT, incremental improvements that reduce risk and simplify operations are often the most valuable ones. If Broadcom can keep that promise intact, VKS and VCF could become even more central to how large organizations build hybrid and AI-ready infrastructure in the years ahead.

---

Source: SiliconANGLE Broadcom expands Kubernetes support with VKS upgrades, open-source contributions and new partnerships - SiliconANGLE