Introduction
When Bob Dylan wrote back in the 60’s “times they are a-changin” it’s very possible he knew how true that would be today. Last week, we saw a few things announced in the container technology space during the DockerCon event in Copenhagen – but one thing that I believe came as a surprise to many was Docker’s announcement to begin including Kubernetes in Docker Enterprise edition sometime in early 2018. This doesn’t concede or mark the death of Docker’s own scheduling and orchestration platform, Docker Swarm, but it does underscore what we’ve heard from many of our customers for quite some time now – almost every IT organization that is using/evaluating containers has jumped on the Kubernetes bandwagon. In fact, many of you are probably already familiar with the integration supported today with NSX-T 2.0 and Kubernetes from the post that Yves did earlier in the year…
In the past few years, we’ve heard a lot about this idea of digital transformation and what it means for today’s enterprise. Typically, a part of this transformation is something called infrastructure modernization, and this happens because most IT environments today have some hurdles that need to be overcome to align with goals of digital transformation. In modern times, the “app-centric world”, the provisioning of network and security services is often very slow and requires some manual intervention. Additionally, complex processes and varying IT architectures hamper today’s developers. Therefore, these IT environments prevent the speedy delivery of modern applications, which today means cloud-native or container based apps.
The software defined data center (SDDC) stack has been embraced for compute and storage functionalities, and for network virtualization (here in late 2017) we’ve come a long way as well. NSX has played a key role in redefining and modernizing networking in the data center. NSX subsequently has emerged as the industry leader in software-defined networking (SDN) by providing a network virtualization and security platform for the enterprise, which has enabled customers to make this transition to the digital era. Digital transformation starts with IT… and for more and more organizations, the lightbulb moment has occurred – the network, as it’s known today is dead. So when IT receives infrastructure sounding goals and objectives like security of on-prem and cloud applications and data, speed of delivery, and application high availability, this network needs to be rearchitected and thought about completely differently. Our goal is to align with many new key business priorities, as well as meet the demands of new approaches in application development and new application architectures (containers, microservices, PaaS) as we move into 2018 and beyond.
VMware NSX is designed to address these emerging application frameworks and architectures that have heterogeneous endpoints and technology stacks. NSX allows IT and development teams to choose the technologies best suited for their particular applications. NSX is designed for management, operations, and consumption by development organizations – also for IT. As developers embrace these newer technologies like containers, and the percentage of workloads running in public clouds increases, network virtualization must expand to offer a full range of networking and security services, native, in these environments. And that’s exactly where we are with NSX – a network virtualization solution for multi-cloud and multi-hypervisor environments. By providing seamless network virtualization and security for workloads running on either VMs or containers, NSX supports cloud and container environments:
F5 Networks, the global leader in Application Delivery Networking (ADN), also addresses many emerging IT trends by providing secure, reliable, and fast delivery of applications. F5’s framework and architecture enables community-driven innovation that helps organizations enhance IT agility. F5’s vision of unified application and data delivery redefines the management of IT (application, server, storage, network) resources, streamlining application delivery and reducing costs. Customers from all segments (globals, service and cloud providers, and web 2.0 providers) also trust F5 to keep their business moving forward into the digital era.
The Integration
In our demo setup, we will deploy three simple applications into the Kubernetes cluster. An NSX setup has already been deployed and configured. We have also deployed a BIGIP as a VM (but this could also be a physical appliance, it’s the same code). The topology and applications being deployed are the following:
- Nsx-demo Application – a simple container that is running flask. Contains an embedded port-scan application
- Guestbook Application – another multi-container based app that deploys a PHP Guestbook allowing users to sign or log their visitation or comments, much like a guestbook at a rental property. The architecture calls for a frontend container, and both redis-master and redis-slave database containers to be deployed
- Yelb Application – a simple multi-container based app that allows users to vote on a set of data (restaurants) and dynamically updates pie charts based on the number of votes received. Architecturally, it deploys a yelb-ui nginx frontend container, a yelb-appserver ruby container, and a redis-server database container
The first step to get this integration going, before we deploy our applications, is to deploy the F5 BIG-IP Controller for Kubernetes (aka the F5 Container Connector). The F5 BIG-IP Controller for Kubernetes is a container that runs in a Kubernetes Pod. It uses F5 Resources to determine:
- what objects to configure on the BIG-IP system
- which Kubernetes Service said objects belong to
The k8s-bigip-ctlr container watches the Kubernetes API for the creation, modification, or deletion of Kubernetes objects. For some Kubernetes objects, the BIG-IP Controller responds by creating, modifying, or deleting objects in the BIG-IP system:
Deploying the BIG-IP Controller is simple:
Next, we will create our no NAT (routed mode) namespace called “f5-demo”:
Now it’s time to deploy our first application in the newly created namespace:
Then, using the Container Connector, we build a virtual server on the BIG-IP for this app:
This definition file is where we describe the nsx-demo app and BIG-IP VIP attributes:
Now, let’s verify the BIG-IP configuration. First, the virtual server:
Second, verify the appropriate pool members based on the number of k8s Pods running:
Last but not least, let’s verify the application (and the load balancing) is working correctly:
In terms of deploying our second and third applications, the entire workflow works in a very similar manner. First, let’s create our new NAT namespace “nsx-demo”:
Next, let’s deploy the multi-tier applications into the newly created namespace:
After the application is successfully built and deployed, we again need to create the virtual servers on the BIG-IP appliance:
Let’s again verify the configuration on the BIG-IP appliance:
And that’s it – now let’s verify that our container based applications are up and running:
Conclusion
The solution leveraging VMware NSX and F5 addresses many of the requirements/demands of these emerging cloud-native and new application architectures. The integration between these solutions provides customers many potential benefits, such as the ability to leverage existing investment in their load balancing resources, provides a solution to address the microsegmentation of microservices and container based applications, all while reducing the deployment time of applications and simplifying operations for application layer, security, and network availability services. The solution eliminates the network as a stalling point in application deployment, so that both the application services and the network aren’t inhibiting the goals/expectations of the business:
We know that a blog and screenshots can only go so far – and if you’re into technology, we understand that today is a very busy day with lots happening to occupy your time. TV enthusiasts are eating eggo waffles and binge watching Stranger Things 2, tech and gadget enthusiasts are busy pre-ordering the iPhone X, and gaming enthusiasts are diving into the first major Mario themed release for the Nintendo Switch console. But if you’re like me and one of the many visual learners out there, please give us about three minutes of your very busy Friday… we’d like to take the opportunity to show you a demo of how this integration works from a live setup we used at VMworld 2017, so that you too can understand why more and more organizations are choosing to #RunNSX.
Below you will find a short demonstration of this powerful integration between NSX and F5 available on our youtube channel:
Comments
0 Comments have been added so far