Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

F5 Cloud Solutions

404 views

Published on

Prezentace z konference Virtualization Forum 2019
Praha, 3.10.2019
Hlavní sál

Published in: Technology
  • Be the first to comment

  • Be the first to like this

F5 Cloud Solutions

  1. 1. F5 Cloud Solutions --- Update--- Radovan Gibala Senior Systems Engineer
  2. 2. Public Cloud Private Cloud Hybrid Cloud On-Prem Colo Multi Cloud CI/CD API RBAC “I’m not relevant to my app teams anymore.” “I’m overwhelmed by tickets.”
  3. 3. Source: F5 State of Application Delivery, 2018 Applying consistent security policy across enterprise applications Protecting applications from threats Optimising performance of applications Gaining visibility into application health “What is the most challenging, frustrating, or difficult part of managing applications in a multi-cloud environment?” 42% 40% 34% 31%
  4. 4. F5 Positioning
  5. 5. F5 Application Centric Management
  6. 6. Device Management Operational Management Policy & Security Management Application-Centric Management APIs From centralised management to application-centric management Business value: Increased IT agility Device Management Operational Management Policy & Security Management Centralised Management APIs NetOps SecOps NetOps SecOps AppOwner DevOps
  7. 7. Deploying application services AppOwner NetOps & SecOps Deploy app service X Centralised Management Application-Centric Management AppOwner Self-service portal Create templates NetOps & SecOps
  8. 8. Monitoring and troubleshooting Centralised Management AppOwner NetOps & SecOps Why is my app not performing well ? Application-Centric Management AppOwner Consult app analytics dashboard
  9. 9. Application teams get to see only the apps they have created or are responsible for
  10. 10. Toggle to enable enhanced analytics Enhanced analytics status
  11. 11. Applications can be deployed on any BIG-IP SSL offload app template Service catalogue HTTP app template Deploy apps from templates in the service catalogue Deploy Use pre-canned or define custom templates SecOps NetOps HTTP app template Application Apply RBAC AppOwner
  12. 12. Edit or create new templates
  13. 13. Attach WAF policy Attach access policy Attach firewall policy
  14. 14. F5 AUTOMATION TOOLCHAIN APP SERVICES 3 EXTENSION Deploy Classic and Advanced Application Services on BIG-IP using Declarative REST APIs DECLARATIVE ONBOARDING EXTENSION Initial Config of BIG-IP Instances CLOUD TEMPLATES Start BIG-IP Instances in Public & Private Clouds TELEMETRY STREAMING EXTENSION Stream Telemetry, Events & Logs from BIG-IP to various Analytics and Logging solutions
  15. 15. (Exp.) (Exp.) (Exp.) (Exp.) (Exp.) (Exp.) - Experimental
  16. 16. • F5 iControl LX Extension (Node.js) • Provides declarative interfaces for common L1-L3 device onboarding requirements • Deployments via a single REST API endpoint* • JSON-based document • Atomic and Idempotent Declarative Onboarding Extension User Device Onboarding: • Licensing • Self-IP • VLANs • NTP Servers • DNS Nameservers • Routes • Module Provisioning • Password Creation • Minimizes need for BIG-IP domain knowledge • Minimizes onboarding errors and maximizes onboarding consistency • TMOS-independent RPM package • https://github.com/f5devcentral/f5-declarative-onboarding
  17. 17. Many Imperative Commands BIG-IP One Declarative Statement Many Imperative Commands AS3 .rpm BIG-IQ Example services: • HTTP • SSL offload • URL routing • HTTP(s) with WAF • Fast L4 TCP/UDP Tenant-1 App-1 App-2 App-N Tenant-X App-1 App-2 App-N • F5 iControl LX Extension (Node.js) – not a TCL iApp • Provides declarative interfaces for common L4-L7 App Services use cases • Deployments via a single REST API endpoint* • JSON-based document with defaults included • Supports multi-tenancy • Atomic and Idempotent • Supports pool member service discovery • Supports multiple application types • Minimizes need for BIG-IP domain knowledge • Minimizes deployment errors and maximizes deployment consistency • TMOS-independent RPM package • https://github.com/F5Networks/f5-appsvcs-extension
  18. 18. • F5 iControl LX Extension (Node.js) • Tenant and Application stats grouping and filtering • TLS Certificate inventory • Event log collection from BIG-IP sources, including ASM and AFM Device Statistics: • State • CPU usage • Disk stats • Interface stats Device Statistics: • Virtual Server/App stats • Pool stats • Pool member stats • Policy stats • Declarative aggregate, normalize, and forward statistics and events • Via single TS JSON POST to declarative REST API endpoint • TMOS-independent RPM package • Validated third-party Consumers: • Splunk • Azure log Analytics • AWS CloudWatch • AWS S3 • Graphite
  19. 19. F5 AUTOMATION TOOLCHAIN APP SERVICES 3 EXTENSION Deploy Classic and Advanced Application Services on BIG-IP using Declarative REST APIs DECLARATIVE ONBOARDING EXTENSION Initial Config of BIG-IP Instances CLOUD TEMPLATES Start BIG-IP Instances in Public & Private Clouds TELEMETRY STREAMING EXTENSION Stream Telemetry, Events & Logs from BIG-IP to various Analytics and Logging solutions API SERVICES GATEWAY Container / VM platform for running F5 & Custom iControl LX Extensions
  20. 20. Node 2Node 1 Container Environments F5 BIG-IP Bring app availability and advanced security services for your containerised apps Visibility and analytics F5 Container Connector AppServicesAcrossNetwork Orchestration Native Integration with Container and PaaS Frictionless deployment of app services Enable Self-Service for DevOps Automate for faster app deployments SSL Container App Protection Simplify and centralise security services WAF DDoS Auto-Scale Container Apps Align DevOps velocity with automated app services Frictionless and automated app services insertion

×