BLOG

Bringing Security and Application Delivery to Kubernetes and the Google Cloud

Robert Haynes Miniature
Robert Haynes
Published May 15, 2017

 

The Google cloud platform is growing. This is good news, even if you are a happy AWS customer (and at F5 we have plenty of them). It’s good news because competition drives up innovation, drives down costs, and improves the health of the successful players in the market. And while the “big three” cloud IaaS vendors offer a similar set of core services, they all choose to differentiate themselves in different ways. AWS offers the widest range of services, Azure probably has the best features for organizations looking for a Windows-based hybrid cloud. Google would argue that they are the most data-centric cloud offering, with a focus on machine learning, and data analytics – both hot topics with enterprises these days. 

What has that got to do with F5? Well, despite the new capabilities, new business models, and the step-change in speed that the public cloud has brought, it turns out that the applications running in the cloud still need to be kept secure, fast, and available (to use a tag line that is as relevant today as it was a decade ago). It also turns out that for many customers, using the services provided by a programmable, high-capacity, application delivery controller continues to be the best way to do that. The core challenges of defeating attackers, maintaining performance, and keeping a service alive haven’t changed, just the venue, and the velocity.

So it’s good news that our customers can now deploy F5 BIG-IP Virtual Edition on the Google Cloud Platform. What does this mean? Well you can now get advanced application delivery and security services like protocol gateways, application layer security, and tremendous analytics data, for all your applications in the Google Cloud. Need a web application firewall, an HTTP/2 gateway, or to know when someone from New York clicks on a link on a Thursday? Need to distribute traffic across back end nodes in a very specific manner, maybe enable some blue/green testing? What about some TCP optimization for customers on lousy radio networks? Those are exactly the kinds of problems we make it easy to solve.

How about deploying the base image? Well just like we have for AWS and Azure, we’ll be providing supported Deployment Manager templates, and API and documentation to help you deploy F5 BIG-IP application services with the toolchain of your choice.

To add to the good news, as well as the virtual appliance image, we also have  a tool to connect the power of the BIG-IP into the Kubernetes container cluster manager. This is where things get really interesting. With the F5 Container Connector for Kubernetes, you can manage traffic going to new containers as the cluster manager brings them online. By subscribing to events form Kubernetes, the Container Connector dynamically creates, modifies, or removes configurations on the BIG-IP. So now you can have advanced security, optimization, and monitoring functions delivered seamlessly as your container-based services shrink and grow. Your production applications can get the protection, acceleration, and visibility you need, with the agile, scalable architecture that everyone wants. Add in the fact that we provide fully functional (but throughput limited) lab edition versions for the price of a few rounds of artisan toast, and now you can have the same functions in your test and QA environments too, so you can be sure that your code will work in production exactly as it did in test. Contianer connector for Kubernetes will run anywhere there is a Kubernetes cluster, so it can be deployed in your private or public clouds.

In summary, we now have the market-leading tools to manage, secure, and optimize your application traffic, on an exciting and innovative public cloud platform and with any-cloud Kubernetes integration. Happy days.