3. F5 Mission
Delivering app-centric services wherever your apps “Go”
PRIVATE CLOUD PUBLIC CLOUD
HYBRID CLOUD
On premises Off premises
ADC FirewallApplication
Security
Identity and
Access
DDoS
Protection
Local Load
Balancing
Application
Performance
Secure Web
Gateway
4.
5. COMPUTE NETWORKING STORAGE
MANUAL ADMINISTRATION
COMPUTE NETWORKING STORAGE
AUTOMATION & ORCHESTRATION SYSTEM
CONTROLLER
TRADITIONAL DATA CENTER PRIVATE CLOUD DATA CENTER
Manual administration of
Compute, Networking and Storage
Automation and Orchestration systems
driving Compute, Networking and Storage
via Controllers
6.
7. COMPUTE NETWORKING STORAGE
CLOUD AUTOMATION,
ORCHESTRATION & MANAGEMENT
Automating & Orchestrating L4-L7 Application Services
Automation and Orchestration
systems driving Compute, Networking
and Storage via Controllers
CONTROLLER
Cloud Management & Orchestration Tools
OpenStack, VMWare vRO/vRA, CliQr,
Windows Azure Stack, Puppet, Chef, Ansible
SDN Controllers
Cisco APIC, VMware NSX,
Nuage Networks, Contrail
BIG-IP iSeries
(1) (2)
(1) L4-L7 service configuration via SDN controller
(2) L4-L7 service configuration via Cloud Mgmt & Orchestration Tools
L4-L7 Application Services
14. Container 3Container 2Container 1VM 3VM 2VM 1
Infrastructure
Host Operating System
Hypervisor
Guest OS Guest OSGuest OS
Bins/Libs
App 1
Bins/Libs
App 2
Bins/Libs
App 3
Infrastructure
Operating System
Container Runtime Environment
Bins/Libs
App 1
Bins/Libs
App 2
Bins/Libs
App 3
Virtual Machines Containers
Lightweight, fast,
portable!
“Kind of feels like a virtual machine, but sheds all the weight and startup overhead of a guest operating system”
vs
17. (6) L4-L7 services for N-S Traffic
towards App A managed by BIG-IP BIG-IP
App A
Master Node
Cluster Scheduler
(1) Configures App A
F5 CC
App AApp A
(2) Scheduler starts 3 instances of App A
(3) Scheduler notifies F5 CC
(4) F5 CC configures application services for App A via REST API
(5) User makes request to App A through BIG-IP
18. (6) App A makes request to App B through F5 ASP
BIG-IP
App A
Master Node
Cluster Scheduler
(1) Configures App
B1-B40F5 CC
App AApp A
(2) Scheduler starts 2 instances of App B1
(3) Scheduler notifies F5 CC
(4) F5 CC instructs scheduler to create ASP for App B1
App B1 App B1
F5 ASP
(5) Scheduler starts F5 ASP instance for App B1
(7) F5 ASP load balances App A requests to
App B instances
19.
20. Private Cloud
ADC & Security
Application
Data
Application
Data
ADC & Security AWS Tools
ADC & Security Azure Tools
How about migrating/scaling or adding new apps to a public cloud provider
to get the benefits of public cloud : cost, time to market and scale ?
Application
Data
Public Internet
21. Time to Market
Low initial costs (Pay per use)
Flexible & unlimited capacity growth
• Security: private keys, policy, sensitive data
• Storage: cost, data to/from the cloud
• Cloud lock-in: policy, data transfer cost
• Performance: Higher latency
CONS
Private Cloud
ADC & Security
Application
Data
ADC & Security AWS Tools
ADC & Security Azure Tools
Application
Data
PROS
New Green App to Azure
Application
Data
Migrate/Scale out Orange App to AWS
Public Internet
22. • Security: private keys, policy, sensitive data
• Storage: cost, data to/from the cloud
• Cloud lock-in: policy, data transfer cost
• Performance: Higher latency
CONS
ADC & Security AWS Tools
ADC & Security Azure Tools
Unifying your L4-L7 application services and
policies across your Private and Public Cloud
deployments (BYOL, Utility Billing)
Private Cloud
ADC & Security
Application
Data
Application
Data
Application
Data
Public Internet
PROS
23. Securing and automating app delivery in public cloud
• F5 Solution for Private–Public Cloud inter-connect
• Secure reverse tunnel between Private–Public cloud (SSL keys on BIG-IP in Private Cloud/DC)
• Public cloud resources auto-discovered and managed by BIG-IP in Private Cloud/DC
Application Connector
Private Cloud
ADC & Security
App Connector
App Connector
AC
AC
Private keys
Application
Data
Application
Data
Public Internet
Application
Data Secure Reverse Tunnel
24. • Security: private keys, sensitive data
• Storage: cost, data to/from the cloud
• Cloud lock-in: data transfer cost
• Performance: Higher latency
CONS
Private keys stored in Private Cloud
App front-end via BIG-IP in Private Cloud
Auto-discovery of Public Cloud resources
All resources managed from Private Cloud
Private Cloud
ADC & Security
App Connector
App Connector
AC
AC
Private keys
Application
Data
Application
Data
Public Internet
Application
Data
PROS
Secure Reverse Tunnel
25. Private Cloud
ADC & Security
AC
AC
Application
Storage
ADC & Security
• Security: sensitive data
• Storage: cost, data to/from the cloud
• Cloud lock-in: data transfer cost
• Performance: Higher latency
CONS
Sensitive data securely stored in Colo
Colo brings app closer to end users
Moving data in/out colo at low cost
Low latency towards all public cloud providers
Application
Data
Application
Data
Application
Data
App Connector
App Connector
Public Internet
Colo Facility
Public Cloud
XChangePrivate
Interconnect
Extend your Private Cloud into Colo Facility
PROS
Secure
Reverse
Tunnel
26. Private Cloud
ADC & Security
AC
AC
Application
Storage
ADC & Security
Application
Data
Application
Data
Application
Data
App Connector
App Connector
Public Internet
Colo Facility
Public Cloud
XChangePrivate
Interconnect
Extend your Private Cloud into Colo Facility
Secure
Reverse
Tunnel
Silverline
Services