Come with me, dear reader, on a journey. An odyssey wrought with perils and conquest, valor, victory and venerable voracity. Or, you know, some really cool technology and geeky stuff, at least. This voyage will take you through the twists and turns of my unpredictable mind as I lay out the core pieces of what allows F5 to do what F5 does. That is, to oversee, manage and influence application traffic in a way that few others can muster. This isn't just happenstance. A lot of thought and effort goes into sculpting the many pieces of the puzzle to fit just so, allowing things to work together in a way that ushers in the programmability, flexibility, performance, scalability, and security necessary to play the part of the BIG-IP. So come, my intrepid friend, and take a look at what I see when I dig through DevCentral to discover what is happening, and find many pieces of a machine working in unison:
SDN: An architecture for operationalizing networks
So you've heard of this SDN thing. You know that it's either horrifying or worthy of exaltation, depending on where you sit on the Operations <---> Applications spectrum. But what is it, really? If you've been watching, you've noticed the world has shifted in recent years towards an app centric view. We're not talking about a slight tilting here, we're talking a cataclysmic altering of the priorities and expectations of the world. Suddenly there are extraordinary levels of competition when it comes to releasing product and application features. Things are pushed faster to the market, updated, patched, tweaked and re-released rapidly, frequently and with less tolerance for any form of delay. To keep up, the network is going to have to step out of the red tape wrapped box in which it has been living. Gone must be the 1990s techno-brain that thinks mountains of change control for simple updates is a good idea. Here to stay, at least for the foreseeable future, is a world in which flexibility is king.
John Giacomoni, one of F5's leading minds in the SDN realm, calls this "operationalizing" in this awesome article. He digs into why it is so paramount for networks to change their take on how they do business and what they expect from applications. He touches on the changing landscape, the needs of the applications, and some of the ways in which SDN helps to allow the network to keep up. Namely, by operationalizing to the point that they can keep pace with the rapid evolution of the current application world, and move away from the old school thinking that lead to manual, scripted, highly time intensive processes. This one is a killer read, and it lays a lot of groundwork for some major conceptual shifts that are likely happening all around you, if they haven't already taken place. The world is changing, and the network needs to keep up.
iControl REST 101: Modifying Objects
So how do we get from point A to point B on the "manual" -> "operationalized" trek mentioned in the above article? A large part of this is integration and interoperability. The means for the network to be controlled by and/or to control applications as necessary. Working with and for the apps that are rapidly updating and changing means never falling behind the curve and being left in the cold. It also means speaking their language. As I've said time and time again, that language is code. If you're not programmable you've got no leg to stand on when it comes to trying to integrate with a highly scripted, automated, flexible application or application suite. Enter our powerful, flexible APIs, the most recent addition to which is iControl REST. This series has been trucking along showing how iControl REST can help you act more quickly and easily to take control of your BIG-IP.
In this most recent edition I dig into modifying objects already in existence on the device. This is an extremely useful function, and is just as easy as all the rest. Probably even more simple than adding objects, since you're only required to list the data for the item you're modifying within the object. By offering and making use of our deeply integrated API mechanisms we continue to be as programmable, flexible and operational as possible. Left behind in a programmable world? Not hardly.
F5 Synthesis: Massive Scale Needs Management
The first two offerings out of this week's 5 focus on programmability and flexibility. On the idea that to keep up with the more and more grueling pace of application development and turn over, we have to continue to operationalize and inject flexibility wherever possible. That's great, and I obviously agree or I wouldn't be putting them here. So now we have this awesome, scalable, flexible, programmable network infrastructure. How in the heck do you manage something that is constantly moving and shifting, altering size, layout, structure and needs? That's…not a fun problem to solve if you're just trying to roll up your sleeves and dig in. Fortunately there is an answer to this herculean question as well. As the title says, such massive scalability begs for proper management, or it can and will all go asunder rapidly. BIG-IQ is designed to solve exactly that problem. With the newest release of F5's Synthesis, which is focused largely on Intelligent Services Orchestration, comes BIG-IQ device. BIG-IQ device is designed to offer up the management of individual devices, virtual, cloud or otherwise. This should help tame the sprawl, at least logically, that is so often associated with scalable, flexible app delivery. A single management system that handles deploying, licensing, and managing live systems is just what the Doctor ordered when it comes to keeping things orderly, and that is precisely what BIG-IQ offers. Lori naturally digs far deeper into it than I do, or could, so go read her take on things to get more details.
TCP Pace Yourself
Flexible, scalable, programmable, operationalized – if your network has been following along with the concepts in the above topics, you're in good shape. All of that, however, becomes less brilliant and useful if the apps get crippled but a lack of available throughput, or shoddy network performance and tuning. F5 has gone to great lengths to tune and optimize our stack, with continued investment in performance and reliability over the years. With 11.5 that has resulted in some TCP optimization offerings that can have a serious impact on your ability to fluidly deliver applications efficiently. Dawn digs into more of such TCP wizardry in this easy to follow blog post. Touching on congestion control, packet bursts and rate pacing, she illuminates just how much benefit you might be able to get out of a properly optimized TCP profile. While I'm a programmer at heart, and the John Giacomoni's of the world are singing my siren's call, I know enough to understand that none of it makes one iota of difference if the user has to make a sandwich or take a nap in between each screen load on their app. Performance is, and will always be important. Finding new ways of optimizing things, especially something as far reaching as TCP, will forever be a good investment. We've done exactly that, and I highly recommend you check Dawn's post to find out how you can benefit.
The Top Ten Hardcore F5 Security Features in BIG-IP 11.5.0
Last, but never least, is security. If you've built a highly flexible, scalable, programmable, performant infrastructure without considering security, you've poured that blood and sweat into something that will most likely be used by … someone else. Let's face it, right along with the higher and higher demands of the application world rolling out rapid updates and changes is the scaling of security threats and intrusion attempts. The world of the web is not the most friendly of places, even more so as more automation and programmability is put into place. It is necessary to keep up with applications, but many security pros shudder at the thought. Your infrastructure is the castle that you've built, and you're not about to let anyone storm that keep, are you? Fortunately F5 is offering up healthy helpings of security with each major release these days, and the most recent is no exception. Follow along in this article by F5 security ninja David Holmes as he outlines the Top 10 things that you can find in version 11.5.0 that will help you defend your castle from the hordes of angry trolls, as it were. You'll want to check this one out, I assure you, as there are some very cool things being rolled into this release that you should check out, and David is absolutely he guy to walk you through them.
So there we have it. We've stepped through the concepts of SDN, Synthesis, programmability, operationalization, optimization and performance, security, management and, hopefully, seen how they all need to work together if we're going to continue forging this new, highly available, highly flexible, highly programmable world. I intend to, and I hope you do, too.