session1 room179 high performance fabric · • high availability for mission critical apps •...
Post on 01-Jun-2020
2 Views
Preview:
TRANSCRIPT
High Performance Services Fabric
Vincent Lavergne – SED EMEA, South
Gary Newe – Sr SEM EMEA, UKISA
© F5 Networks, Inc 2
“Software defined”everythingSDDC/Cloud
Everything is webified
Internet ofthings
Mobility
Advancedthreats APIs
Quality ofexperience
Time toMarket
Technology shifts are centered on applications
F5 Agility 2014 3F5 Agility 2014 3
I want Corporate Apps deployed just
in seconds
I need to cut IT costs by running
this specific legacy service in the cloud
I want to pay for what I use, I don’t
want to overprovision my
infrastructure
I need to deploy this new
competitive service in less than X
months
The new IT challenges
I need to support the lattest trendy
device, NOW !
F5 Agility 2014 4F5 Agility 2014 4
Today’s IT (R)Evolution :
Users want more choice, more comfort
BUT same SLAOPEX control
More Endpoints More with less More Apps
Number of applications double
every four years
Consume IT As A Service :DC infrastructure need to change
F5 Agility 2014 5F5 Agility 2014 5
Software Defined Data Centre
<2008 2008-2012 FutureMonths/WEEKS DAYS/HOURS MINUTES
F5 Agility 2014 6F5 Agility 2014 6
Software/Application Defined Data Centre
Network OperationsProvisioning• Flexibility• Scalability• Holistic management
• Efficiency • Lower operational and
capital expenses
• Automation• Speed• Agility
Source: Architecting for Hyperscale Datacenter Efficiency
F5 Agility 2014 7F5 Agility 2014 7
Virtual
Physical
Cloud
CONTEXT AWAREFull TCP Proxy
Anywhere, any service, any device Intelligent Dynamic, agile, adaptive
Clients
F5 is application centric : it provides App and user contextWhich Application Request ?
Which device ?
Where from ?
Who ?
Hypervisor
F5 enables your Apps to be Fast, Secure and Available
What Security Policy to apply ?
Where is the best resource ?Application Health ?Response time ?User Proximity ?
Is it Secure ?
F5 Agility 2014 8F5 Agility 2014 8
All these Apps need services
F5 Agility 2014 9F5 Agility 2014 9
Provide the services all your applications need
High Performance Application Services Fabric
F5 Agility 2014 11F5 Agility 2014 11
Pool of Resources
What is a Fabric?
F5 Agility 2014 12F5 Agility 2014 12
• 1000’s of Applications are delivered : need to industrialize/Automate App delivery
• Application can delivered in different ways (On premise, Cloud) : need for a common framework
• Grow your Apps: Scale one node or gather mutliple nodes of the Fabric to achieve High Performance
Why do you need a Fabric ?
F5 Agility 2014 13F5 Agility 2014 13
Why an Application Services Fabric ? Deliver and scale your applications anywhere
Public CloudHybrid CloudData Center
High Performance Services Fabric
Pool of Physical and Virtual ADC Resources
F5 Agility 2014 14F5 Agility 2014 14
F5 High Performance Application Services Fabric
iRules
Programmability
iCall iControl
Virtual Edition Chassis Appliance
TMOS
TMOS The heart of our
fabric
TMOS : OS focused on Application Traffic Management
TMOS = SINGLE FIRMWARE
Virtual Edition Chassis Appliance
F5 Agility 2014 17F5 Agility 2014 17
• Reduce the TCO of your Network / Security Infrastructure• CAPEX
• Simplify your infrastructure : Consolidate several devices into one single ADC• Benefits the best of F5 with G/B/B Licensing
• OPEX• Less demand for skilled people on several OS : invest on TMOS• Fewer power consumption , rack space, cooling
Benefits of TMOS for you
F5 Agility 2014 18F5 Agility 2014 18
Consolidation Case Study• National Bank : Online Banking
• 17 000 + employees• 1 525 agencies• 4 million customers
• Consolidate 39 Critical Regional Online Banking environment into 1 new infastructure :• Layer 4-7 Server Load Balancing (8000 # App Services !)• HTTP Compression • Virtual Hosting, SSL Offloading, etc.• Web Application Firewall• Reverse Proxy• Global Load Balancing
• Customer Benefits: • Simplified infrastructure from 18 devices to 4 (2 pairs in D/R)• Significant Cost Reduction in terms of Hardware costs, maintenance and operations• Capacity to Scale
F5 Agility 2014 19F5 Agility 2014 19
High-Performance Services Fabric
Network [Physical • Overlay • SDN]
Virtual Edition Chassis Appliance
Data Plane
Programmability
Control Plane Management Plane
ScaleN Powering the
Fabric
F5 Agility 2014 21F5 Agility 2014 21
High-Performance Services Fabric
Network [Physical • Overlay • SDN]
Virtual Edition Chassis Appliance
TMOS
F5 Agility 2014 22F5 Agility 2014 22
How does F5 enable you to scale?
All Active Clustering
Multi-TenancyOn Demand Scaling
• Any device can be clustered together in all active deployment model
• Application workloads can be moved due to capacity, failures, maintenance
• Consolidate devices and services
• Create partitions or virtual instances on shared infrastructure
• Scale performance and capacity when needed
• Modular chassis and software license upgrade keys
TMOS TMOS TMOS TMOS
F5 Agility 2014 23F5 Agility 2014 23
On Demand Scaling
Appliance Virtual EditionChassisIncrease key performance
via software license upgrade.
Increase to higher throughput versions.
Linear on demand performance by adding
blades without rebooting or reconfiguration.
VIPRION Platform PAYG License
F5 Agility 2014 24F5 Agility 2014 24
“With VIPRION, we can deploy the same ADCs and architecture for years to come, despite tremendous projected growth.”
Key benefits of F5• Scales to serve tens of millions of users • Delivers superior uptime • Eases server maintenance • Improves performance, resulting in Pandora top
ranking in speed and reliability
F5 Reference Architectures• Application Services
-James Kelty, Director of Network Engineering, PandoraLTM GTM VIPRION
View on F5.com
F5 Agility 2014 25F5 Agility 2014 25
Device Service Clustering : All-Active Clusters
Pool of hardware and virtual resources
Automatic config sync
Heterogeneous devices
Scale beyond HA pair
Load aware and user defined failover
Migrate/failover at application level
F5 Agility 2014 26F5 Agility 2014 26
Traditional HA Pair
VIPRION2VIPRION1
HA Pair
Status: ActiveCapacity: 40%
Status: StandbyCapacity: 0%
Requirements
• 50% idle resource• Failover entire device
• High availability for mission critical apps
• Failover device need to handle 100% of traffic
• Capacity to scale traffic
Challenges
F5 Agility 2014 27F5 Agility 2014 27
Device Service Clustering
VIPRION3VIPRION2
Device Group1
Status: ActiveCapacity: 60%
VIPRION1
Status: StandbyCapacity: 0%
Status: ActiveCapacity: 60%
Config Sync
Config Sync
Config Sync
Requirements
• High availability for mission critical apps
• Failover device need to handle 100% of traffic
• Capacity to scale traffic
• Reduced Capex and protect your initial investment when scaling
Benefits
F5 Agility 2014 28F5 Agility 2014 28
“F5 provides us with added network capacity, improved scalability, and greater security in a single solution that is easy and cost effective to operate.”
Key benefits of F5• Increases network capacity from 5 Gbps to 80 Gbps• Scales to increase capacity to 160 GB per second• Improves resistance to DDoS attacks• Saves time and costs from simplified network
management• Improved utilization by deploying two VIPRION
devices in each of its data centres in an active-active configuration
F5 Reference Architectures• DDoS Protection
-Gonen Wilf, Head of Production, LivePersonLTM AFM VIPRION
View on F5.com
F5 Agility 2014 29F5 Agility 2014 29
Three ways to implement multi-tenancy
Virtual Editions Route Domain/PartitionsvCMPFull BIG-IP virtual
instances on general purpose hypervisors on
commodity servers
Network isolation and/or admin separation
Fully isolated BIG-IP virtual instances on F5
purpose built ADC hypervisor and hardware
TMOS TMOS TMOS TMOS
F5 Agility 2014 30F5 Agility 2014 30
Multi-tenancy with virtual Clustered Multi-Processing (vCMP)
Provides the agility of virtualization with performance of F5 hardwareSpin up independent, virtual ADCs on-demand with complete control over resource allocation
IsolateSecure the traffic and administration of each virtual application service instance with network and resource isolation
ConsolidateConsolidate application services onto one shared device while serving different customers
DedicateAllocate dynamically the right amount of dedicated resources to run different services for your specific application needs
F5 Agility 2014 31F5 Agility 2014 31
Multi-Tenancy with Admin Partitions/Route Domains
Data Center
Route Domain 1
Route Domain 2
Use Cases
• Simple to setup and manage• Thousands of tenants• Use with vCMP and VE’s
• Consolidation of multiple business units (e.g. finance, HR, IT, sales, marketing)
• Consolidation of multiple customers
Benefits
Data Center
Partition1 Partition2
Partition3 Partition4
F5 Agility 2014 32F5 Agility 2014 32
“The multi-tenancy and complete network isolation that vCMP brings about is key to the school district’s BYOD initiative.”
Key benefits of F5• Consolidated resources• Streamlined administration • Created a highly available application environment• Kept costs low• Deployed a secure, separate BYOD network
dedicated solely to providing wireless Internet access from personal devices.
F5 Reference Architectures• Secure Mobility, Application Services
-Jason Baekey, Coordinator of Network Enterprise Infrastructure Services, Gwinnett County Public SchoolsLTM GTM VIPRION
View on F5.com
F5 Agility 2014 33F5 Agility 2014 33
“Today, we can spin up a pair of BIG-IP LTM Virtual Edition instances with all of the configuration parameters we need in just 20 minutes.”
Key benefits of F5• Isolates the risk of downtime to a per-client basis• Speeds provisioning time to 20 minutes• Uses IT staff more efficiently and effectively • Reduces time to deployment
F5 Reference Architectures• Application Services
-Charlie Wehner, Network Engineer, CernerLTM
View on F5.com
Programmability
F5 Agility 2014 35F5 Agility 2014 35
High-Performance Services Fabric
iRules
Programmability
iApps iControl
Virtual Edition Chassis Appliance
TMOS
F5 Agility 2014 36F5 Agility 2014 36
Programmability : Adapt F5 product to your needs
• 0 day protection• Adapt quickly
• Reduce Operation Costs• Reduce time to market
Custom Traffic Scripting Application Templates Automation and orchestration API
• Reduce Operation Costs• Reduce time to market
79% of F5 Customers deploy iRules on productionBIG-IP devices
84% fasterdeploy time
90% accuracyof configuration
=Interoperate
F5 Agility 2014 37F5 Agility 2014 37
Top Things iRules Can Do for You
Transformapplication data
Protect Your applications
Manageapplication access and availability
Createcustom solutions
View the state of yournetwork
• Deploy cookie proxy, encryption, rewrite
• Match traffic data to a variable list or array
• Use URL-based redirection
• Utilize dynamic HTTP to HTTPS rewriting
• Allow SSL renegotiation
• Provide immediate security mitigation at the edge until application code can be patched
• Control bot access to your applications
• Protect against data leaks (screen and clean outbound application data, such as CC and SSN #s)
• Utilize advanced application persistence
• Take advantage of high-performance and ratio-based rate limiting
• Enable client auth using HTML forms
• Manage users and application access during downtime and maintenance windows
• Integrate Google Authentication with anyapplication
• Create a pie chart showing your top website referrers
• Build entire SMTP and file servers, right from an iRule
• Track and display site usage statistics in a heatmap
• Distribute email based on source IP
• Monitor application code performance (Gomez)
• Achieve real-time logging of any traffic state, event, and data
• Employ persistence cookie logger
• Track referrals
F5 Agility 2014 38F5 Agility 2014 38
App optimization services
Securityservices
Firewall
iAPP how it works
SummaryNext Steps
F5 Agility 2014 40F5 Agility 2014 40
Throughput Connections per second
Concurrentconnections
Multi-tenantinstances per device
Devices in cluster
*40K when combining route domains/admin instances with vCMP
F5 SDAS Fabric help you address your application and traffic growth
On-Demand Scaling All-Active Clustering Multi-Tenancy
ScaleN
TMOS TMOS TMOS TMOS
32x VIPRION 4800
F5 Agility 2014 41F5 Agility 2014 41
• Isolated silos of app services, point products, and legacy devices• Inefficient utilization (overprovisioning, idle resources)• Quickly deploy app services to meet surging demand• New deployment models (cloud, XaaS, hybrid)• Less budget, increasing opex costs
F5 High Performance App Services Fabric
CHALLENGES
SERVICES FABRIC PROVIDES AGILITY, OPERATIONAL EFFICIENCY, AND REDUCED COSTS
Provisioning• Automated config syncing• Spin up BIG-IP instances quickly• Tie into orchestration engine
Network•Flexibility•Dynamic scaling•Holistic management (TMOS/BIG-IQ).
Operations•Higher resource utilization •Lower opex/capex•Fine grain app services control
F5 Agility 2014 42F5 Agility 2014 42
Deploy an app services fabric in Data Center/Cloud today
Devices
Data Center
Load BalanceSSL Offload
HW CompressionL4 DoS
Image OptimizationBrowser caching
Content assy
Sync GroupFW Policy
Device Group1
Device Group2
TMOS enables your to:• Simplify / consolidate your
infrastructure with multi modules• Reduce your operation costs• Deploy Apps Faster
ScaleN enables you to:• Easily scale capacity when you need it• Deploy and split app services where
you need them• Multi-tenancy for workload isolation
Hybrid data center or cloud:• HW for performance and accelerated
offload functions• Virtual instances for workload and fault
isolation, rapid deployment, closer to apps
F5 Agility 2014 43F5 Agility 2014 43
Good Better Best
Scalable and flexible hardware or virtual editions + simplified software purchase
Virtual EditionChassis Appliance
BESTBetterGood
Data Center
Hybrid Cloud PrivateCloud
F5 Agility 2014 44F5 Agility 2014 44
ScaleN Resources
www.f5.com1 datasheets3Whitepapers2
https://f5.com/products/platformshttp://www.f5.com/pdf/white-papers/scalen-elastic-infrastructure-white-paper.pdf
https://f5.com/products/technologies/scalen
top related