The world is changing. IoT is becoming more and applications hold a prominent place in this new world. As IT infrastructure carries a huge cost and we need to find a way to optimize it.
- How can I create apps faster?
- How can I guarantee my security level?
- How can I have an adaptive infrastructure that suits my real consumption?
- How can I manage exceptional events that temporarily increase my traffic?
Automation is the answer.
How Can I Create Apps Faster?
First, we need to understand the concepts below from the cloud world:
In the world of application development, developers have several tools that they can use to accelerate the development process. We all know server virtualization has been a good tool that allows us to quickly create a new infrastructure to support new applications. This is the infrastructure-as-a-service in the diagram above. But this virtualization is not fast enough. We need to provision new OS for each virtual server which takes a long time to provision, and it is difficult to manage the high number of OS in the datacenter.
With the arrival of containers (like Docker), you can access virtualization by keeping the same operating system. This is the platform-as-a-service level in the diagram above. As developers’ we do not need to manage the OS. Therefore, the creation and suppression of new services can be done very quickly.
One application can run on several containers that need to talk to each other. Some platforms like Google Kubernetes are used to orchestrate these containers so you can build an application running on several containers that is completely automated. Kubernetes also introduces the capabilities to scale in/scale out an application in real time regarding the traffic load. That means we can imagine a VOD service like Netflix running more or fewer containers depending on the time of day. So, applications will use less computing power when there are fewer viewers that have a direct impact on the cost of the application.
We now understand why it is important to use automation at the application level, but an application does not only exist at the application level. When we publish our apps and make them available for use by external clients, they must travel through a lot of devices, such as a switch, router, firewall, and load balancer in order to function. These devices have to be configured for this application to know what to do on the network level. Historically, those elements are still very manual, and not automated, which results in slow exposure of new application/services because we need human intervention on those devices to build the configuration.
In the DevOps/SecOs domain, we try to create automation on these networks’ elements. Basically, we need to have a fully automated system that takes care of change/add/delete at the application level and do automatic configuration provision on network elements to support this application.
That’s is what we call a Software-Defined-DataCenter (SDDC), which introduces some kind of “intelligence” in the infrastructure. In this way, it’s possible to have a dynamic infrastructure that follows the request from an application to the infrastructure layer:
- Automation of application layer based on service virtualization (container)
- Scale in / scale-out mechanism to provision / de-provision compute according to the exact needs
- Expose an application automatically to the customer
- Provision all network/security configuration that is required (switch, router, load balancer, reverse proxy, DDoS, etc.)
Using an intermediate orchestrator, acting as an abstraction layer, can provide a very strong tool to be integrated into this kind of SDDC infrastructure with:
- Auto-provisioning of ADC services (Alteon VA or vADC on physical Alteon)
- Auto-provisioning of configuration triggered by an external event (new apps in kubernetes for example)
- Dynamic scale in / scale out
- Auto-provisioning of security services (DDoS, WAF)
In the next article, I will continue to answer to the following questions using automation:
- How can I guarantee my security level?
- How can I have an adaptative infrastructure that suits my real consumption?
- How can I manage an exceptional event that increases temporally my traffic?
Read “Radware’s 2018 Web Application Security Report” to learn more.
Benjamin is solution architect team leader for France & Benelux. He joined Radware in 2015 after 10 years in network integration (dimension data) starting with technical support and then presales on networking technologies. Interested in web development/scripting, Benjamin quickly became a subject matter expert on automation for Radware EMEA to support the local team in automation project.