App Migration across Heterogeneous Environments using F5 Distributed Cloud
Scope:
As most of the organizations deploy apps across multiple cloud platforms to avoid vendor lock-in, enhance reliability, and improve performance. This allows applications to leverage multiple services from different vendors to meet a company's diverse and complex needs. Companies often tend to migrate their applications from one cloud provider to another to adapt to changes in their portfolio to gain benefits like favorable pricing, improved scalability and flexibility and the ability to innovate faster that results in meeting user demands.
Migration of apps from one platform to another is not as easy as it seems. Technical challenges like data loss, security risks, and compatibility issues arise. Specialized skills, along with careful planning and execution are primarily needed for migration.
F5 Distributed Cloud (F5 XC) provides a unified solution to migrate applications seamlessly across hybrid and multi-cloud platforms. It helps organizations migrate apps by steering the ratio of traffic proportionally without compromising security, visibility, or performance throughout the migration process.
Introduction:
This article examines the migration of workloads pattern that results in migration of applications across heterogeneous environments. Common migration scenarios include:
- To migrate the application from VMware services to another cloud platform to meet their business requirements that suits best for the organization.
- To leverage the on-prem applications with the services offered by Nutanix on-prem and public cloud platforms (AWS, Azure, GCP) to scale up and to reduce the complexity.
- Apps deployed across multiple cloud platforms serve as an additional/backup service to provide continuity and extend availability.
F5 XC helps organizations seamlessly migrate from one platform to another by ensuring uniform application delivery and security policies across all applications regardless of the underlying platform.
Architecture Overview:
As illustrated in the diagram above, F5 XC has ability to deploy applications across multiple cloud platforms such as AWS, Azure, GCP, VMware (on-prem), Nutanix (on-prem and NC2) and OpenShift Container Platform (on-prem and Kubernetes-based hybrid cloud platform) and more, and this makes easy to migrate from one to another. Deployment of applications on platforms requires XC’s Customer Edge (CE) site to act as a gateway between XC global network and applications residing in that platform.
Using Secure Mesh Site v2 (SMSv2) with CE node extends the F5 XC’s global network fabric towards the customer premises or the cloud environments via Regional Edges (RE). SMSv2 CE node connects to the nearest RE to solve latency, provide secure connection between RE and CE that connects the customer application network, and provide security enforcement and observability.
In this article, we consider a real-life scenario use case that most of the organizations face these days to migrate their services from the current on-premises platform to the different vendor due to change in their organizations portfolio to meet the requirements on expanding existing services with the services offered by new vendor along with favourable pricing.
The above problem is easily solved using F5 XC, which helps in migrating to other cloud platforms seamlessly without sacrificing the security and observability during the transaction process.
Scenario 1: Migrating from VMWare to Nutanix
Assuming the customer has already created a replica of apps that he would like to migrate to the new cloud platform, which is Nutanix in this case. For detailed steps of deploying an app on Nutanix using SMSv2 CE can be achieved by following the document F5 XC CE deploy on Nutanix using SMSv2 (SaaS Console) | F5 XC Solutions
After deploying apps in Nutanix and integrating to the existing load balancer configurations of VMware for initiating the migration process. In this process, we slowly steer a small portion of traffic to Nutanix.
From the above screenshot, you can be able to see a small portion of traffic (highlighted in green) is reaching the application in Nutanix platform by making associated configurations in F5 XC.
By further steering all the incoming requests to Nutanix makes the app in Nutanix responds to it and thereby isolating the existing platform, which is VMware. This results in complete traffic migration from VMWare to Nutanix. The complete migration process is covered in the document, Migrating application traffic from VMware to Nutanix | F5 XC Solutions.
F5 XC Security services protecting the existing VMWare infrastructure and more can be applied instantly to the Nutanix platform at any point of time during and after the migration process. This makes F5 XC a unique and ridiculously easy to protect apps to the Nutanix platform.
As you can see from the above screenshot, attack requests get blocked by F5 XC WAF after the migration process.
Scenario 2: Migrating from VMWare to OpenShift Container Platform (OCP)
In this scenario, we perform a migration from VMware to OCP, which is newly integrated into F5 XC in this case. Detail steps of deploying an app on OCP using SMSv2 CE can be achieved by following the document F5 XC CE deploy on OCP using SMSv2 (SaaS console) | F5 XC Solutions
After deploying apps in OCP and integrating to the existing load balancer configurations of VMware for initiating the migration process. In this process, we slowly steer a small portion of traffic to the OCP.
From the above screenshot, you can be able to see a small portion of traffic (highlighted in green) is reaching the application in the OCP platform by making associated configurations in F5 XC.
By further steering all the incoming requests to OCP makes the app in OCP responds to it and there by isolating the existing the platform, which is VMware. The complete migration process is covered in the document, migrating application traffic from VMware to OCP | F5 XC Solutions.
As you can be able to see, complete traffic is migrated to OCP from VMWare using F5 XC.
Attack request gets blocked by F5 XC WAF.
Scenario 3: Migrating from VMWare to Nutanix + OCP
In this scenario, we perform migration from VMWare to Nutanix and OCP, i.e we load balance the traffic to Nutanix and OCP platforms.
After deploying apps in Nutanix and OCP and integrating to the existing load balancer configurations of VMware for initiating the migration process. In this process, we slowly steer a small portion of traffic to Nutanix and OCP.
From the above screenshot, traffic is being initiated to Nutanix and OCP platforms, but still the major portion of traffic is flowing through VMware.
By further steering the traffic and finally completely redirecting to Nutanix and OCP results in migrating to Nutanix and OCP. The complete migration process is covered in the document, migrating application traffic to Nutanix and OCP | F5 XC Solutions.
All the traffic is flowing through both Nutanix and OCP and no requests to VMWare after the migration.
Attack request gets blocked by F5 XC WAF.
Scenario 4: Migrating from VMWare to Azure
The process outlined previously will now be applied to migration from VMWare to Azure.
We modify the configs so that traffic redirects proportionally and finally complete traffic reaches Azure platform. In this way, we migrate from VMWare to Azure.
More details on the migration process are covered in the document, migrating application traffic from VMware to Azure | F5 XC Solutions, including WAF protection.
Conclusion:
F5 XC helps to connect apps deployed across on-premises and multiple cloud platforms by deploying SMSv2 CE sites. This connects the application’s infrastructure to the F5 XC’s global network and helps to seamlessly migrate from one platform to another with consistent application delivery and security.
References:
For more details, guidance on deploying SMSv2 CE site on different cloud platforms along with XC configuration, refer to the official documentation below,
Employee