F5 Friday: What are SDAS Anyway?
I talk a lot about SDAS (that's Software Defined Application Services) with respect to F5 Synthesis and, well, F5 in general. That's because what F5 Synthesis delivers the ability to easily provision and orchestrate SDAS across a variety of deployment models (on-premise, in the cloud, and now, as a service).
But maybe it's time to answer without a lot of marketing-type language just exactly what SDAS are. After all, it's sometimes confusing just to talk about application services let alone tacking on the modifier "software-defined" to them.
So let's dig in, shall we?
SDAS = Software-Defined + Application Services
First let's tackle application services.
Application services is a less networky way to say "stateful Layer 4-7 services", but they mean the same thing. Application services are software that reside at the upper, stateful layers of the network stack and provide a range of functions from basic load balancing to complex access and identity management to the more nebulously defined security and mobility functions. They reside in the data path and focus on providing a specific service on behalf of applications (like a proxy).
There are a lot of them and, as noted recently, application services are everywhere.
Now, what makes SDAS, well, software-defined is their unique support for programmability across all three planes (data, control and management).
SDAS are capable of providing "out of the box" functionality that can further be tailored to meet specific business and operational requirements of any application. Redirects, rewrites, modifying content or tweaking the TCP stack based on the context (the unique combination of device, network and application variables) of a given request (or response) are just a few possible customizations that may be desired.
That's part of the reason they're software-defined, because they can execute custom (tailored) application and business logic using a scripting language like TCL or node.js. That custom logic might be something simple like delivering a custom 404 page or something incredibly complex, like a Google Authenticator iRule For Two-Factor Authentication With LDAP. This is the programmability in the network often associated with SDN; the ability to programmatically change the behavior of "the network" dynamically based on some thing that might be happening in the network, to the application or because of the user.
But they're also software-defined because they can be provisioned and managed via an open, standards-based API. In the case of F5 Synthesis' SDAS, that can be via iControl REST or SOAP. This type of programmability is often associated with DevOps and infrastructure automation.
Finally, SDAS are software-defined because they can be described programmatically using app templates, called iApps. This type of programmability is often associated with software-defined technologies from the likes of VMware and Cisco and OpenStack, which seek to leverage policy or template-based provisioning. Template-based systems can alleviate the API tax and provider greater variance in service functionality by eliminating restrictions that might otherwise be imposed by a common, shared model.
So, there you have it. Software Defined Application Services in a nutshell.
For more on F5 Software Defined Application Services, their relationship to Synthesis and how they're delivered, feel free to check out this presentation.