a10 itil oasys webex 090309
TRANSCRIPT
Implementing ITIL v3Practices with A10 Networks Solutions
“Documented Common Sense”
September 3rd, 2009
Chris Johnson, PresidentOpen Access Systems Corporation
AX Series Advanced Traffic ManagerApplication Delivery
Steve Sacchi, Sr. Systems EngineerA10 Networks
2
AX Series Performance Comparison Chart
ModelsApplication Throughput
AX 1000 2.4 Gb
AX 2000 4 Gb
AX 2100 6 Gb
AX 2200 7.4 Gb
AX 3100 8 Gb
AX 3200 8.7 Gb
AX 5200 40 Gb
ITIL v3 map http://www.oasyscorp.com/itilv3map.html
4
The New Generation of Server Load Balancers(win) Service Strategy: Demand Management
5
A10 AX Architecture Overview(win) Service Strategy: Demand Management
•SSL Acceleration Module – SSL Processing
•Application Memory – Session Tables, Buffer Memory, Application Data
•L4-7 CPUs – L4-7 Processing, Security, NAT
•Control Kernel – CLI, GUI, Management Tasks and Health Checking
•Flexible Traffic ASIC (FTA) –Distributes Traffic Across L4-7 CPUs, Efficient Network I/O, DDoS
•Switching & Routing ASIC –L2 & L3 Processing and Security •High Speed Switching Fabric
•Interconnect SR ASIC, FTA, L4-7 CPU
6
Up to 7 Processors handle traffic simultaneously
AX’s True Parallel Processing• ACOS Architecture designed for
multiple CPUs
• Advanced Super Computing Technologies bring true parallel processing capability
• No interference among processors
• No data copy among processors
Processor 5
Processor 6
L4/7Traffic
L4/7Traffic
Processor 7
Processor 8
Processor 1
Processor 2
Processor 3
Processor 4
•Control Protocol/ Management
7
AX Series Performance Comparison Chart
ModelsApplication Throughput
AX 1000 2.4 Gb
AX 2000 4 Gb
AX 2100 6 Gb
AX 2200 7.4 Gb
AX 3100 8 Gb
AX 3200 8.7 Gb
AX 5200 40 Gb
8
Scalability, High Availability, Optimization(WINs) Service Design: Service Level Management, IT SecurityService Transition: Service & Eval Testing
• Application Load Balancing (SL& Avail)
– Round Robin– Least Connections– Fastest Response– Weighted– Priority
• Monitor Server Health (Ser & Eval)
– TCP Level Health Checks– Application Layer Health Checks– HTTP and HTTPS (IT Security)– Scriptable Health Checks
• Session Persistence (SL)– Source IP– Cookie-based– URL
• AX Redundancy (Avail)– Active-Active– Active-StandbyLoad Balanced Servers
9
Scalability, High Availability, Optimization(WINs) Service Design: IT Security, Service Level Management, Capacity Management, Availability Management
Load Balanced Servers
Recover Server Cycles and Speeds up Servers Responses
• TCP (S L & Cap)– Connection reuse– Dynamic window sizing– TCP multiplexing
• Compression (SL)– HTTP hardware
• Caching (SL& Cap)– Static HTTP RAM cache– Dynamic HTTP RAM
cache– Future Disk Caching
• SSL (IT Security &Cap)– Acceleration and
Management
• Hardware based DDOS (IT Security & Avail)
10
Connection lim
it = 150
Limit Period = 100ms
}
Connection Rate Limiting(Win) Service Design: IT Security, SLM, Capacity
By adding Source-IP based connection rate limiting this protects the system from excessive connection requests from individual clients.
11
High Availability – GSLB (DNS Intelligence)(WIN) Service Design: IT Continuity, Service Level Management, Capacity Management, Availability Management
• DNS Proxy (IT Continuity)• This method is the most commonly used
global server load balancing as it does not disrupt customers’ existing name resolution
• Disaster recovery (Availability)• Provide extra level of High availability to
important applications
• RTT (SL)• Send client connections to the fastest
responding datacenter
• Geo-location (SL)• Send client connection to the “closest”
datacenter
• Session capacity (SL)• Send client connection to the datacenter
with the most available capacity
• Weighted values (SL)• Send client connections to the
datacenter with the highest combined score
• Most active servers (SL)• Send client connections to the
datacenter with the most available active servers
Disaster Recovery
Site1
Site2
12
aFleX - ADVANCED SCRIPTING
• Inspect all application traffic types beyond traditional Layer 4-7
• Looks into application traffic flow to identify decision criteria
• Switch, drop, or redirect based on aFleX policies
• aFleX’s development environment simplifies policy creation and maintenance
1313
aFleX : (Win) Service Design: SLM & Service Operation: Application Management Function
Reallocate requests by content type to optimize data center resources:
Transparent to the user, splits requests for static images (jpgs and gifs) to a separate caching server tier.
when HTTP_REQUEST { if { [HTTP::uri] ends_with "jpg" } { pool cache
} elseif { [HTTP::uri] ends_with "gif" } { pool cache
} else { pool web }}
.jpg
.gif.js
.cgi.html
1414
aFleX : Auto Displays Made Easy
Automatically displays a Web page based on the user’s language, using the language set in the user’s browser.
when HTTP_REQUEST {
if { [HTTP::header accept-language] contains “es” } { pool Spanish } elseif { [HTTP::header accept-language] contains “ja” } { pool Japanese } elseif { [HTTP::header accept-language] contains “zh” } { pool Chinese
} else {
pool English }}
English
SpanishJapaneseChinese
15
15
aFleX : Easy To Re-direct URLs
Provides a simple way to provide redirect: In this example users are redirected from www.A10networks.com towww.A10networks/oss/signup.php
when HTTP_REQUEST { if { [HTTP::uri] equals "/A10" } { HTTP::redirect http://[HTTP::host]/oss/signup.php } }
//www.A10networks.com
•www.A10networks.com•www.A10netwoks.com/oss/signuo.php
//www.A10networks.com/oss/signup.php
16
Ease of use & Ease of migration
• Industry standard CLI
• Graphical User Interface (GUI)
• aFleX - TCL-based scripting– IP::client_addr,
IP::protocol, TCP::server_port, TCP::payload, HTTP::uri, HTTP::header, HTTP::cookie, pool, drop, log
17
Ease of use & Ease of migration(WIN) Service Design, Transition & Op
• Industry standard CLI
• Graphical User Interface (GUI)
• aFleX - TCL-based scripting– IP::client_addr,
IP::protocol, TCP::server_port, TCP::payload, HTTP::uri, HTTP::header, HTTP::cookie, pool, drop, log
18
GUI Interface-go live
20
Management Virtualization (Role Based Administration) (Win) Service Design: Capacity Management
• Enables VA configuration create/modify/delete
• Dedicated CPU, memory, disk to each VA
• Virtualized hardware acceleration (SSL)
• RBA allows administrators to configure and view SLB statistics
21
Twice the Performance, Half the Price
• Performance & Scalability: Multi-core CPU platform– Greater connections & transactions per second at Layer 4, Layer 7
& SSL– Higher throughput– Faster content delivery– Flexible and customizable traffic management– High Availability and Security
• Answers Cost and Environmental Concerns– Hardware – Power– Cooling– Space
Solution
10 Quick ITIL Wins using A10 Networks• 1.) Service Strategy: Demand Management- Purpose Built Energy Efficient Multi-core Processor;
2x Performance For Half The Investment
• 2.) Service Design: IT Security-DDOS Protection, SSL Built In; Source-IP Based Connection Rate Limiting; Role Based Administration For Virtual Services
• 3.) Service Design: IT Continuity Management - CLI; GUI; Dash Board for KPI; LOG with full API
• 4.) Service Design: Service Level Management-aFleX Scripting Cut Development & Re-development; Establishes & maintains thresholds
• 5.) Service Design: Capacity Management -Add & Manage Virtual Services & Real Services easily without network or customer disruptions; SSL, caching, Global Geo LB to maximize under utilized servers,
• 6.) Service Design: Availability Management - HA Global Geo-LB; DNS; Health Check interdependent applications and services; Seamless Failover DR
• 7.) Service Transition: Service & Evaluation Testing -VS for new applications for “what if” scenarios
• 8.) Service Operations: Event Management -Detailed Logs of KPI reporting system-ie. HP OpenView or by API; metrics dash board
• 9.) Service Operations: Application Management Function -Easy Re-development Via aFleX Scripting; less SSL certificates to manage
• 10.) Continual Service Improvement through baseline and measurement of performance reporting, eliminating under utilized assets.