All White Papers

White Paper

Optimized Traffic Control and Load Balancing for Container Environments from F5 + Red Hat

Updated November 26, 2017

Virtualization 2.0: From Virtual Machines to Containers

Technology has benefited greatly from virtualization, an approach that supports abstracting software from underlying hardware systems. Virtual machines (VMs), the initial building blocks of virtualization, made it easier to configure, deploy, and adjust server workloads.

However, an operating system (OS) must be included with each VM, making them large and cumbersome. Despite their advantages, VMs are slow to spin up, use a lot of storage space, and are difficult to move. Additionally, application functionality can be restricted when moving VMs from one environment to another, due to differences between guest and host operating systems.

Representing the next evolution of virtualization, containers help organizations overcome these challenges. Contrary to VMs, containers do not include a guest OS layer and rely on the host’s OS. As a result, containers abstract the underlying OS from the application. With this capability, containers can be spun up much faster than VMs. In addition, they take up far less storage space and are more easily migrated. With their entire runtime environment included, containers help applications perform reliably when moved from one computing environment to another.

However, deploying containers in enterprise IT environments requires a supported, robust container platform. This overview talks about how an integrated container platform solution from F5 and Red Hat can simplify enterprise container deployment to improve application development and performance.

The Emergence of Microservices and Containers

In the past, enterprise applications were large and monolithic. Updates required significant code changes to each function being altered and any affected functions. As a result, applications were typically only updated once or twice a year.

With the increasing speed of modern business, the constant push for agility and differentiation, and the increased expectations of internal and external users, these large, slow updates are no longer sufficient.

Microservices

Applications are now being deconstructed into small, discrete microservices and deployed through a continuous, agile DevOps model. Instead of massive overhauls that require months of synchronization among multiple software development and infrastructure operations teams, each microservice can be updated independently, and new microservices can be added at any time.

However, when VMs are the primary delivery mechanism for microservices, a DevOps model is untenable. With hundreds or thousands of microservices per application, and each VM containing an OS, there is simply too much overhead required for the underlying compute, networking, and storage systems. 

Containers

As an alternative to VM-based microservice delivery, containers support faster, easier delivery of application functions to a computing environment, with dramatically lower overhead.

In addition to overcoming the limitations of VMs, containers also help fulfill the promise of microservices and DevOps. Containers help developers rapidly test, deploy, scale, and refactor code with minimal overhead. Container-based environments are dynamic, fluid, and as stateless as possible, letting developers enhance applications iteratively and continuously—often as part of a DevOps model—without disrupting application performance or underlying infrastructure resources.

Open Source Containers

Open source containers offer additional benefits, including cost, flexibility, freedom, and community-driven knowledge and innovation. But as a container environment is scaled and becomes critical within an enterprise, it must deliver robust and reliable application availability, performance, and security. Achieving these capabilities requires visibility and control spanning ingress traffic, inter-container network communications, and the container itself.

Open source container technologies can interpret containerized applications, including memory, central processing unit (CPU), and routing, but they cannot interpret the delivery network, including its traffic flows, load balancing, or vulnerabilities. For example, they cannot tell if traffic is a distributed denial of service (DDoS) attack or simply a cookie. Neither can the container environment  orchestrate advanced traffic management, optimization, or security policies.

To mitigate this lack of visibility and support, a proven, supported application delivery controller (ADC) must be integrated with an open source container environment to inspect, control, and optimize traffic as a container is moved across the network to its destination.

An Integrated, Supported Container Platform

With Red Hat® OpenShift Container Platform, organizations can take advantage of open source containers with the assurance of a proven, supported solution. Based on Docker and Kubernetes standards, Red Hat OpenShift Container Platform is a comprehensive, enterprise-grade container platform.

F5 and Red Hat have collaborated to integrate Red Hat OpenShift Container Platform with F5 BIG-IP—a sophisticated load balancer and full proxy ADC—via the F5 Container Connector. This fully supported solution provides advanced, container-based application development and delivery with effective traffic control and load balancing.

The F5 Container Connector interprets configurations between containers and BIG-IP for Red Hat OpenShift Container Platform. With a continuous connection, the F5 Container Connector immediately recognizes when new containers are added to a POD and adds them to a pool on BIG-IP. It also automates network configuration to conform to a containerized application or environment. Implementing these changes manually through an IT ticketing system can take weeks or months, but with this integrated, automated solution, they can be completed in seconds.


This Red Hat and F5 solution also provides granular control of all network traffic and optimizes network hand-offs, connections, and flows based on several variables, including:

  • Underlying systems
  • Network connections
  • The application itself
  • Security and compliance requirements

Summary

For optimal results, containers must be integrated with an ADC that can deliver superior traffic control and load balancing. Red Hat and F5, both industry-leading technology companies, have partnered to create an integrated, automated container solution that optimizes network configuration for faster, more secure application delivery. This fully supported solution includes roadmaps and enterprise support to help ensure container success.

Learn more about the F5 and Red Hat partnership and solution integration at https://f5.com/solutions/technology-alliances/red-hat or redhat.com/openshift.