SlideShare a Scribd company logo

4 Key Considerations for Advanced Load Balancing & Traffic Insights for Kubernetes

DevOps.com
DevOps.com

This document discusses key considerations for advanced load balancing and traffic insights for Kubernetes deployments. It introduces A10's Secure Service Mesh solution for Kubernetes, which provides comprehensive traffic management, security, and visibility for microservices applications. The solution includes A10 Lightning ADC for load balancing and security, the Harmony Controller for centralized management and automation, and an Ingress Controller that integrates these components with Kubernetes. It automates the deployment and configuration of Lightning ADC instances as nodes scale up and down, and provides analytics and insights into application performance and security across the Kubernetes cluster.

Technology
1 of 19
Download to read offline
1. Reliable Security Always™ Key Considerations for Advanced Load Balancing & Traffic Insights for Kubernetes Deployments
2. NEW DE-FACTO STANDARDS: Growing Industry Trend: Containers and Kubernetes APPLICATIONS Moving from Monolith to Micro Services APPLICATION DEPLOYMENTS Moving from Hardware Servers or Virtual Machines to Containers o Adopted by all industry major players – AWS, Azure, Google, VMWare, RedHat. o 10X increase in usage in Azure and GCP last year o 10X increase in deployment last 3 years o Deployment Size increased 75% in a year Growing Kubernetes Adoption APP APP APP APPAPPAPP APP APP APP APPAPPAPP
3. Integrated Security Continuous Availability Visibility, Analytics and Insights Central Management and Automation Application Delivery in Kubernetes Environment 1 2 3 4
4. Kubernetes Cluster AVAILABILITY CHALLENGES IN KUBERNETES o Isolation between external and internal networks Node Node Node o Dynamic Environment • Scaling App Services • Changing IP address because of Auto- healing containers
5. o Auto-scale and Auto-config Load Balancers with App servers o Auto Sync with Application Infrastructure CONTINUOUS AVAILABILITY1
6. o Protection from Attacks, Data Theft and BOTs o Granular yet Simple configuration o Security for both North-South and East-West Traffic INTEGRATED SECURITY2
7. Descriptive Analytics • Health Status • Logs & Events PERFORMANCE MONITORING Diagnostic Analytics • Per-App metrics • Trend Analysis FASTER TROUBLESHOOTIN G Predictive Analytics • Anomalies/Threats • Correlation INSIGHTS VISIBILITY, ANALYTICS & INSIGHTS 3
8. CENTRAL MANAGEMENT AND AUTOMATION 4 o API Driven o Integration with DevOps Tool Chain
9. How A10 Helps
10. A10 Secure Services Mesh Solution for Kubernetes Comprehensive solution for micro- services applications for • Traffic Management • Security • Visibility and Analytics Solution Components • Ingress Controller • Lightning ADC • Harmony Controller Harmony Controller Node Node IG LIGHTNING ADC LIGHTNING ADCIngress Controller
11. A10 Lightning ADC • Load Balancer & Security • Purpose built for Cloud Native Apps Microservices / containers • Application Proxy Services • Advanced-Load balancing, Content- Routing • SSL/TLS Termination • Controlled Blue-Green traffic steering A10 Lightning ADC Cluster A10 Harmony Controller
12. Integrated Security Customer’s account Azure Cloud Harmony Controller o Integrated Web Application Firewall o 1-Click Provisioning o Malware protection o BOT Protection o Application DDoS attack mitigation o SSL Offload o HTTP 2.0 o Access Control for traffic between micro- services (E-W traffic)
13. Security | Access Control for traffic between Micro-services o All traffic and security policies can be applied on micro-segmented E-W traffic o Traffic leaving host boundary is automatically encrypted/decrypted o No change needed in application code or configuration S2 S3 S1
14. Kubernetes Cluster A10 Solution: Automation & Integration with Kubernetes • New Lightning ADCs automatically deployed with new node Node Node Node Ingress Controller Harmony Controller • Ingress Controller detects changes in application service scale and calls Harmony Controller • Controller pushes updated config to ADCs • ADCs connect to controller and get relevant configuration automatically • Metrics/Logs flow from ADC to Controller
15. Per-Service Visibility, Analytics & Reporting o Comprehensive metrics & logs o View, monitor and analyze o Efficient troubleshooting o Generate custom reports
16. Per-Service Visibility : End-to-End Response Time o Distinguish between application, client and infrastructure issues o Quickly identify consistent or one-off glitch o Pinpoint concerns and take corrective action
17. Per-request Log Analysis o Enriched access log of individual transaction o Various filters for quick troubleshooting o Details of each transaction for better confidence
18. A10 Solution Advantage o Self service o Automation o Integration with DevOps tools o Analytics o Faster troubleshooting o Operational intelligence o Integrated Security & Traffic Management o Centralized mgmt. o Multi-cloud Simplified & Efficient Operations Agility Visibility & Control
19. THANK YOU

Recommended

Considerations for East-West Traffic Security and Analytics for Kubernetes En...
Considerations for East-West Traffic Security and Analytics for Kubernetes En...Considerations for East-West Traffic Security and Analytics for Kubernetes En...
Considerations for East-West Traffic Security and Analytics for Kubernetes En...
Akshay Mathur
 
Enhanced Security and Visibility for Microservices Applications
Enhanced Security and Visibility for Microservices ApplicationsEnhanced Security and Visibility for Microservices Applications
Enhanced Security and Visibility for Microservices Applications
Akshay Mathur
 
Security and Observability of Application Traffic in Kubernetes
Security and Observability of Application Traffic in KubernetesSecurity and Observability of Application Traffic in Kubernetes
Security and Observability of Application Traffic in Kubernetes
Akshay Mathur
 
Network monitoring for the modern wan webinar
Network monitoring for the modern wan webinarNetwork monitoring for the modern wan webinar
Network monitoring for the modern wan webinar
ThousandEyes
 
Istio Service Mesh
Istio Service MeshIstio Service Mesh
Istio Service Mesh
Lew Tucker
 
Overview of IoT/M2M Capability
Overview of IoT/M2M CapabilityOverview of IoT/M2M Capability
Overview of IoT/M2M Capability
ALTEN Calsoft Labs
 
How to be in the know of your infrastructure
How to be in the know of your infrastructureHow to be in the know of your infrastructure
How to be in the know of your infrastructure
Ulrich Weigel
 
Building Efficient, Scalable and Resilient Front-end logging service with AWS
Building Efficient, Scalable and Resilient Front-end logging service with AWSBuilding Efficient, Scalable and Resilient Front-end logging service with AWS
Building Efficient, Scalable and Resilient Front-end logging service with AWS
AWS User Group Bengaluru
 

Recommended

Considerations for East-West Traffic Security and Analytics for Kubernetes En...
Considerations for East-West Traffic Security and Analytics for Kubernetes En...Considerations for East-West Traffic Security and Analytics for Kubernetes En...
Considerations for East-West Traffic Security and Analytics for Kubernetes En...
Akshay Mathur
 
Enhanced Security and Visibility for Microservices Applications
Enhanced Security and Visibility for Microservices ApplicationsEnhanced Security and Visibility for Microservices Applications
Enhanced Security and Visibility for Microservices Applications
Akshay Mathur
 
Security and Observability of Application Traffic in Kubernetes
Security and Observability of Application Traffic in KubernetesSecurity and Observability of Application Traffic in Kubernetes
Security and Observability of Application Traffic in Kubernetes
Akshay Mathur
 
Network monitoring for the modern wan webinar
Network monitoring for the modern wan webinarNetwork monitoring for the modern wan webinar
Network monitoring for the modern wan webinar
ThousandEyes
 
Istio Service Mesh
Istio Service MeshIstio Service Mesh
Istio Service Mesh
Lew Tucker
 
Overview of IoT/M2M Capability
Overview of IoT/M2M CapabilityOverview of IoT/M2M Capability
Overview of IoT/M2M Capability
ALTEN Calsoft Labs
 
How to be in the know of your infrastructure
How to be in the know of your infrastructureHow to be in the know of your infrastructure
How to be in the know of your infrastructure
Ulrich Weigel
 
Building Efficient, Scalable and Resilient Front-end logging service with AWS
Building Efficient, Scalable and Resilient Front-end logging service with AWSBuilding Efficient, Scalable and Resilient Front-end logging service with AWS
Building Efficient, Scalable and Resilient Front-end logging service with AWS
AWS User Group Bengaluru
 
Can’t Wait for 2020: Future-Proof Your Grid Today
Can’t Wait for 2020: Future-Proof Your Grid TodayCan’t Wait for 2020: Future-Proof Your Grid Today
Can’t Wait for 2020: Future-Proof Your Grid Today
Echelon Corporation
 
Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2
Prem Sankar Gopannan
 
COE Integration - OPNFV
COE Integration - OPNFVCOE Integration - OPNFV
COE Integration - OPNFV
Prem Sankar Gopannan
 
Using Microservices Architecture and Patterns to Address Applications Require...
Using Microservices Architecture and Patterns to Address Applications Require...Using Microservices Architecture and Patterns to Address Applications Require...
Using Microservices Architecture and Patterns to Address Applications Require...
Prem Sankar Gopannan
 
mbed Connect Asia 2016 David Morning Welcome and Kickoff
mbed Connect Asia 2016 David Morning Welcome and Kickoffmbed Connect Asia 2016 David Morning Welcome and Kickoff
mbed Connect Asia 2016 David Morning Welcome and Kickoff
armmbed
 
How Intuit Monitors Connectivity to AWS
How Intuit Monitors Connectivity to AWS How Intuit Monitors Connectivity to AWS
How Intuit Monitors Connectivity to AWS
ThousandEyes
 
Elastic Connectivity - Session Sponsored by Megaport
Elastic Connectivity - Session Sponsored by MegaportElastic Connectivity - Session Sponsored by Megaport
Elastic Connectivity - Session Sponsored by Megaport
Amazon Web Services
 
Step-by-Step Guide to Building a Truly Composable Infrastructure for 5G/Edge
Step-by-Step Guide to Building a Truly Composable Infrastructure for 5G/EdgeStep-by-Step Guide to Building a Truly Composable Infrastructure for 5G/Edge
Step-by-Step Guide to Building a Truly Composable Infrastructure for 5G/Edge
Prem Sankar Gopannan
 
ISTIO Deep Dive
ISTIO Deep DiveISTIO Deep Dive
ISTIO Deep Dive
Yong Feng
 
Visibility for a Global Network
Visibility for a Global NetworkVisibility for a Global Network
Visibility for a Global Network
ThousandEyes
 
Patrick Kerpan's CSA EMEA Congress presentation "Overlay Networks: Connecting...
Patrick Kerpan's CSA EMEA Congress presentation "Overlay Networks: Connecting...Patrick Kerpan's CSA EMEA Congress presentation "Overlay Networks: Connecting...
Patrick Kerpan's CSA EMEA Congress presentation "Overlay Networks: Connecting...
Cohesive Networks
 
From local servers up to Kubernetes in the cloud
From local servers up to Kubernetes in the cloudFrom local servers up to Kubernetes in the cloud
From local servers up to Kubernetes in the cloud
Scaleway
 
S4 Value Proposition
S4 Value PropositionS4 Value Proposition
S4 Value Proposition
Steve Jones
 
Lab2104 - IT research laboratory
Lab2104 - IT research laboratoryLab2104 - IT research laboratory
Lab2104 - IT research laboratory
Hardware Group
 
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMigrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Mitchell Pronschinske
 
Anura
AnuraAnura
Anura
Antonio Mondragon
 
Research on water saving irrigation automatic control system based on interne...
Research on water saving irrigation automatic control system based on interne...Research on water saving irrigation automatic control system based on interne...
Research on water saving irrigation automatic control system based on interne...
sudhakar5472
 
Cisco Application Centric Infrastructure
Cisco Application Centric InfrastructureCisco Application Centric Infrastructure
Cisco Application Centric Infrastructure
islam Salah
 
PLNOG 22 - Sebastian Grabski - Is your network ready for application from the...
PLNOG 22 - Sebastian Grabski - Is your network ready for application from the...PLNOG 22 - Sebastian Grabski - Is your network ready for application from the...
PLNOG 22 - Sebastian Grabski - Is your network ready for application from the...
PROIDEA
 
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft AzureModernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Mitchell Pronschinske
 
Implementing Docker Load Balancing in Microservices Infrastructure
Implementing Docker Load Balancing in Microservices InfrastructureImplementing Docker Load Balancing in Microservices Infrastructure
Implementing Docker Load Balancing in Microservices Infrastructure
DevSecOpsSg
 
How api management supports the digital transformation process
How api management supports the digital transformation processHow api management supports the digital transformation process
How api management supports the digital transformation process
SmartWave
 

More Related Content

What's hot

Can’t Wait for 2020: Future-Proof Your Grid Today
Can’t Wait for 2020: Future-Proof Your Grid TodayCan’t Wait for 2020: Future-Proof Your Grid Today
Can’t Wait for 2020: Future-Proof Your Grid Today
Echelon Corporation
 
From local servers up to Kubernetes in the cloud
From local servers up to Kubernetes in the cloudFrom local servers up to Kubernetes in the cloud
From local servers up to Kubernetes in the cloud
Scaleway
 
S4 Value Proposition
S4 Value PropositionS4 Value Proposition
S4 Value Proposition
Steve Jones
 
Research on water saving irrigation automatic control system based on interne...
Research on water saving irrigation automatic control system based on interne...Research on water saving irrigation automatic control system based on interne...
Research on water saving irrigation automatic control system based on interne...
sudhakar5472
 

What's hot (18)

Can’t Wait for 2020: Future-Proof Your Grid Today
Can’t Wait for 2020: Future-Proof Your Grid TodayCan’t Wait for 2020: Future-Proof Your Grid Today
Can’t Wait for 2020: Future-Proof Your Grid Today
 
Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2
 
COE Integration - OPNFV
COE Integration - OPNFVCOE Integration - OPNFV
COE Integration - OPNFV
 
Using Microservices Architecture and Patterns to Address Applications Require...
Using Microservices Architecture and Patterns to Address Applications Require...Using Microservices Architecture and Patterns to Address Applications Require...
Using Microservices Architecture and Patterns to Address Applications Require...
 
mbed Connect Asia 2016 David Morning Welcome and Kickoff
mbed Connect Asia 2016 David Morning Welcome and Kickoffmbed Connect Asia 2016 David Morning Welcome and Kickoff
mbed Connect Asia 2016 David Morning Welcome and Kickoff
 
How Intuit Monitors Connectivity to AWS
How Intuit Monitors Connectivity to AWS How Intuit Monitors Connectivity to AWS
How Intuit Monitors Connectivity to AWS
 
Elastic Connectivity - Session Sponsored by Megaport
Elastic Connectivity - Session Sponsored by MegaportElastic Connectivity - Session Sponsored by Megaport
Elastic Connectivity - Session Sponsored by Megaport
 
Step-by-Step Guide to Building a Truly Composable Infrastructure for 5G/Edge
Step-by-Step Guide to Building a Truly Composable Infrastructure for 5G/EdgeStep-by-Step Guide to Building a Truly Composable Infrastructure for 5G/Edge
Step-by-Step Guide to Building a Truly Composable Infrastructure for 5G/Edge
 
ISTIO Deep Dive
ISTIO Deep DiveISTIO Deep Dive
ISTIO Deep Dive
 
Visibility for a Global Network
Visibility for a Global NetworkVisibility for a Global Network
Visibility for a Global Network
 
Patrick Kerpan's CSA EMEA Congress presentation "Overlay Networks: Connecting...
Patrick Kerpan's CSA EMEA Congress presentation "Overlay Networks: Connecting...Patrick Kerpan's CSA EMEA Congress presentation "Overlay Networks: Connecting...
Patrick Kerpan's CSA EMEA Congress presentation "Overlay Networks: Connecting...
 
From local servers up to Kubernetes in the cloud
From local servers up to Kubernetes in the cloudFrom local servers up to Kubernetes in the cloud
From local servers up to Kubernetes in the cloud
 
S4 Value Proposition
S4 Value PropositionS4 Value Proposition
S4 Value Proposition
 
Lab2104 - IT research laboratory
Lab2104 - IT research laboratoryLab2104 - IT research laboratory
Lab2104 - IT research laboratory
 
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMigrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
 
Anura
AnuraAnura
Anura
 
Research on water saving irrigation automatic control system based on interne...
Research on water saving irrigation automatic control system based on interne...Research on water saving irrigation automatic control system based on interne...
Research on water saving irrigation automatic control system based on interne...
 
Cisco Application Centric Infrastructure
Cisco Application Centric InfrastructureCisco Application Centric Infrastructure
Cisco Application Centric Infrastructure
 

Similar to 4 Key Considerations for Advanced Load Balancing & Traffic Insights for Kubernetes

Implementing Docker Load Balancing in Microservices Infrastructure
Implementing Docker Load Balancing in Microservices InfrastructureImplementing Docker Load Balancing in Microservices Infrastructure
Implementing Docker Load Balancing in Microservices Infrastructure
DevSecOpsSg
 
One And Done Multi-Cloud Load Balancing Done Right.pptx
One And Done Multi-Cloud Load Balancing Done Right.pptxOne And Done Multi-Cloud Load Balancing Done Right.pptx
One And Done Multi-Cloud Load Balancing Done Right.pptx
Avi Networks
 
Chris Purrington's talk from CLOUDSEC 2016 "Defense in depth: practical steps...
Chris Purrington's talk from CLOUDSEC 2016 "Defense in depth: practical steps...Chris Purrington's talk from CLOUDSEC 2016 "Defense in depth: practical steps...
Chris Purrington's talk from CLOUDSEC 2016 "Defense in depth: practical steps...
Cohesive Networks
 
Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...
Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...
Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...
Amazon Web Services
 

Similar to 4 Key Considerations for Advanced Load Balancing & Traffic Insights for Kubernetes (20)

PLNOG 22 - Sebastian Grabski - Is your network ready for application from the...
PLNOG 22 - Sebastian Grabski - Is your network ready for application from the...PLNOG 22 - Sebastian Grabski - Is your network ready for application from the...
PLNOG 22 - Sebastian Grabski - Is your network ready for application from the...
 
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft AzureModernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
 
Implementing Docker Load Balancing in Microservices Infrastructure
Implementing Docker Load Balancing in Microservices InfrastructureImplementing Docker Load Balancing in Microservices Infrastructure
Implementing Docker Load Balancing in Microservices Infrastructure
 
How api management supports the digital transformation process
How api management supports the digital transformation processHow api management supports the digital transformation process
How api management supports the digital transformation process
 
Primend Praktiline Konverents - Rakenduse keskne IT infrastruktuur / Cisco Ap...
Primend Praktiline Konverents - Rakenduse keskne IT infrastruktuur / Cisco Ap...Primend Praktiline Konverents - Rakenduse keskne IT infrastruktuur / Cisco Ap...
Primend Praktiline Konverents - Rakenduse keskne IT infrastruktuur / Cisco Ap...
 
ciscothousandeyesusecase
ciscothousandeyesusecaseciscothousandeyesusecase
ciscothousandeyesusecase
 
VMworld 2015: No App is An Island
VMworld 2015: No App is An IslandVMworld 2015: No App is An Island
VMworld 2015: No App is An Island
 
iWAN - Cisco Application Experience Solution
iWAN - Cisco Application Experience SolutioniWAN - Cisco Application Experience Solution
iWAN - Cisco Application Experience Solution
 
One And Done Multi-Cloud Load Balancing Done Right.pptx
One And Done Multi-Cloud Load Balancing Done Right.pptxOne And Done Multi-Cloud Load Balancing Done Right.pptx
One And Done Multi-Cloud Load Balancing Done Right.pptx
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
 
Enterprise Application to Infrastructure Integration - SDN Apps
Enterprise Application to Infrastructure Integration - SDN AppsEnterprise Application to Infrastructure Integration - SDN Apps
Enterprise Application to Infrastructure Integration - SDN Apps
 
Chris Purrington's talk from CLOUDSEC 2016 "Defense in depth: practical steps...
Chris Purrington's talk from CLOUDSEC 2016 "Defense in depth: practical steps...Chris Purrington's talk from CLOUDSEC 2016 "Defense in depth: practical steps...
Chris Purrington's talk from CLOUDSEC 2016 "Defense in depth: practical steps...
 
Webinar unlock the power of adc management and automation AppViewX
Webinar unlock the power of adc management and automation AppViewXWebinar unlock the power of adc management and automation AppViewX
Webinar unlock the power of adc management and automation AppViewX
 
Check Point and Accenture Webinar
Check Point and Accenture Webinar Check Point and Accenture Webinar
Check Point and Accenture Webinar
 
Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...
Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...
Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...
 
Cloud_controllers_public_webinar_aug31_v1.pptx
Cloud_controllers_public_webinar_aug31_v1.pptxCloud_controllers_public_webinar_aug31_v1.pptx
Cloud_controllers_public_webinar_aug31_v1.pptx
 
F5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 RoadshowF5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 Roadshow
 
Open Source Networking Days- Service Mesh
Open Source Networking Days- Service MeshOpen Source Networking Days- Service Mesh
Open Source Networking Days- Service Mesh
 
Is your MQTT broker IoT ready?
Is your MQTT broker IoT ready?Is your MQTT broker IoT ready?
Is your MQTT broker IoT ready?
 
DEVNET-1153 Enterprise Application to Infrastructure Integration – SDN Apps
DEVNET-1153 Enterprise Application to Infrastructure Integration – SDN AppsDEVNET-1153 Enterprise Application to Infrastructure Integration – SDN Apps
DEVNET-1153 Enterprise Application to Infrastructure Integration – SDN Apps
 

More from DevOps.com

Modernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source SoftwareModernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source Software
DevOps.com
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
DevOps.com
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
DevOps.com
 
Next Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykNext Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and Snyk
DevOps.com
 
Vulnerability Discovery in the Cloud
Vulnerability Discovery in the CloudVulnerability Discovery in the Cloud
Vulnerability Discovery in the Cloud
DevOps.com
 
2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions
DevOps.com
 
Don't Panic! Effective Incident Response
Don't Panic! Effective Incident ResponseDon't Panic! Effective Incident Response
Don't Panic! Effective Incident Response
DevOps.com
 
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's CultureCreating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
DevOps.com
 
Deliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or PrivatelyDeliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or Privately
DevOps.com
 
The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021
DevOps.com
 
Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?
DevOps.com
 
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
DevOps.com
 
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
DevOps.com
 

More from DevOps.com (20)

Modernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source SoftwareModernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source Software
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
 
Next Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykNext Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and Snyk
 
Vulnerability Discovery in the Cloud
Vulnerability Discovery in the CloudVulnerability Discovery in the Cloud
Vulnerability Discovery in the Cloud
 
2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions
 
A New Year’s Ransomware Resolution
A New Year’s Ransomware ResolutionA New Year’s Ransomware Resolution
A New Year’s Ransomware Resolution
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
 
Don't Panic! Effective Incident Response
Don't Panic! Effective Incident ResponseDon't Panic! Effective Incident Response
Don't Panic! Effective Incident Response
 
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's CultureCreating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
 
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with TeleportRole Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
 
Monitoring Serverless Applications with Datadog
Monitoring Serverless Applications with DatadogMonitoring Serverless Applications with Datadog
Monitoring Serverless Applications with Datadog
 
Deliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or PrivatelyDeliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or Privately
 
Securing medical apps in the age of covid final
Securing medical apps in the age of covid finalSecuring medical apps in the age of covid final
Securing medical apps in the age of covid final
 
How to Build a Healthy On-Call Culture
How to Build a Healthy On-Call CultureHow to Build a Healthy On-Call Culture
How to Build a Healthy On-Call Culture
 
The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021
 
Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?
 
Secure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift EnvironmentsSecure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift Environments
 
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
 
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
 

Recently uploaded

Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Peter Udo Diehl
 

Recently uploaded (20)

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»
НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»
НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 

4 Key Considerations for Advanced Load Balancing & Traffic Insights for Kubernetes

  • 1. 1. Reliable Security Always™ Key Considerations for Advanced Load Balancing & Traffic Insights for Kubernetes Deployments
  • 2. 2. NEW DE-FACTO STANDARDS: Growing Industry Trend: Containers and Kubernetes APPLICATIONS Moving from Monolith to Micro Services APPLICATION DEPLOYMENTS Moving from Hardware Servers or Virtual Machines to Containers o Adopted by all industry major players – AWS, Azure, Google, VMWare, RedHat. o 10X increase in usage in Azure and GCP last year o 10X increase in deployment last 3 years o Deployment Size increased 75% in a year Growing Kubernetes Adoption APP APP APP APPAPPAPP APP APP APP APPAPPAPP
  • 3. 3. Integrated Security Continuous Availability Visibility, Analytics and Insights Central Management and Automation Application Delivery in Kubernetes Environment 1 2 3 4
  • 4. 4. Kubernetes Cluster AVAILABILITY CHALLENGES IN KUBERNETES o Isolation between external and internal networks Node Node Node o Dynamic Environment • Scaling App Services • Changing IP address because of Auto- healing containers
  • 5. 5. o Auto-scale and Auto-config Load Balancers with App servers o Auto Sync with Application Infrastructure CONTINUOUS AVAILABILITY1
  • 6. 6. o Protection from Attacks, Data Theft and BOTs o Granular yet Simple configuration o Security for both North-South and East-West Traffic INTEGRATED SECURITY2
  • 7. 7. Descriptive Analytics • Health Status • Logs & Events PERFORMANCE MONITORING Diagnostic Analytics • Per-App metrics • Trend Analysis FASTER TROUBLESHOOTIN G Predictive Analytics • Anomalies/Threats • Correlation INSIGHTS VISIBILITY, ANALYTICS & INSIGHTS 3
  • 8. 8. CENTRAL MANAGEMENT AND AUTOMATION 4 o API Driven o Integration with DevOps Tool Chain
  • 10. 10. A10 Secure Services Mesh Solution for Kubernetes Comprehensive solution for micro- services applications for • Traffic Management • Security • Visibility and Analytics Solution Components • Ingress Controller • Lightning ADC • Harmony Controller Harmony Controller Node Node IG LIGHTNING ADC LIGHTNING ADCIngress Controller
  • 11. 11. A10 Lightning ADC • Load Balancer & Security • Purpose built for Cloud Native Apps Microservices / containers • Application Proxy Services • Advanced-Load balancing, Content- Routing • SSL/TLS Termination • Controlled Blue-Green traffic steering A10 Lightning ADC Cluster A10 Harmony Controller
  • 12. 12. Integrated Security Customer’s account Azure Cloud Harmony Controller o Integrated Web Application Firewall o 1-Click Provisioning o Malware protection o BOT Protection o Application DDoS attack mitigation o SSL Offload o HTTP 2.0 o Access Control for traffic between micro- services (E-W traffic)
  • 13. 13. Security | Access Control for traffic between Micro-services o All traffic and security policies can be applied on micro-segmented E-W traffic o Traffic leaving host boundary is automatically encrypted/decrypted o No change needed in application code or configuration S2 S3 S1
  • 14. 14. Kubernetes Cluster A10 Solution: Automation & Integration with Kubernetes • New Lightning ADCs automatically deployed with new node Node Node Node Ingress Controller Harmony Controller • Ingress Controller detects changes in application service scale and calls Harmony Controller • Controller pushes updated config to ADCs • ADCs connect to controller and get relevant configuration automatically • Metrics/Logs flow from ADC to Controller
  • 15. 15. Per-Service Visibility, Analytics & Reporting o Comprehensive metrics & logs o View, monitor and analyze o Efficient troubleshooting o Generate custom reports
  • 16. 16. Per-Service Visibility : End-to-End Response Time o Distinguish between application, client and infrastructure issues o Quickly identify consistent or one-off glitch o Pinpoint concerns and take corrective action
  • 17. 17. Per-request Log Analysis o Enriched access log of individual transaction o Various filters for quick troubleshooting o Details of each transaction for better confidence
  • 18. 18. A10 Solution Advantage o Self service o Automation o Integration with DevOps tools o Analytics o Faster troubleshooting o Operational intelligence o Integrated Security & Traffic Management o Centralized mgmt. o Multi-cloud Simplified & Efficient Operations Agility Visibility & Control