OpenShift Service Mesh on Multi - Cloud Environments

Paul PindellSr. Manager ArchitectureF5 Networks

May 10th, 2018

Dylen TurnbullPrincipal EngineerF5 Networks

Dave CainSr. ArchitectRed Hat

2

oc whoamiPaul PindellSr. Mgr. Architecture and Engineering, F5 Networks

@ppindell

Dylen TurnbullPrincipal Business Development Engineer, F5 Networks

@Dylen_Turnbull

Dave CainSenior Architect, Red Hat

@thedavecain

3

Multi - Cloud

4

● Deliver a Multi-Cloud web application architecture, using F5 BIG-IP, DNS, F5 BIG-IP Controller for OpenShift, and F5 Aspen Mesh – Istio.

● Deploy OpenShift Clusters and F5 Infrastructure with Ansible Tower running on premises, in Azure, and in AWS.

The Goal

5

Space Reality Soul

Mind Time Power

6

The Gauntlet

7

8

BIG-IP Controller for OpenShift

BIG-IP DNS

OpenShift Container Platform

BIG-IP

Ansible Tower

Aspen Mesh - F5 Incubation of an Istio Service Mesh

Multi-Cloud

RHEL Atomic HostMicrosoft Azure

AWS

On Premises Private Cloud

Enterprise eCommerce appiAppsiRulesLX

TMSH2iApp

9

10

Head Start(Ansible Demo)

11

12

13

AnsibleTower

OpenShiftRHEL Atomic

BIG-IPVE

Ansible Playbook

BIG-IP Controller for OpenShift

Dynamic Application Services

Build

Click

Deployed

Applications

LX

Demo 1

14

15

Architecture

16

On Premises dc-onp

Azuredc-azr

AWSdc-aws

Applications & Infrastructure

CI

17

Azuredc-azr

AWSdc-aws

On Premdc-onp

Routing Virtual IPs

BIG-IP LTMBIG-IP LTMBIG-IP LTM

Routing Virtual IPs

Gateway PoolMembers

OpenShiftCluster

OpenShiftCluster

OpenShiftCluster

BIG-IP DNS

Gateway Service Web UI Service

Inventory Service Cart Service Catalog Service Pricing Service

BIG-IP Controller

Ingress

Gateway PoolMembers

BIG-IP Controller

Aspen MeshAspen Mesh

BIG-IP Controller

Aspen Mesh

HTTP

18

Azuredc-azr

AWSdc-aws

On Premdc-onp

Routing Virtual IPs

BIG-IP LTMBIG-IP LTM

BIG-IP LTM

Routing Virtual IPs

Gateway PoolMembers

OpenShiftCluster

OpenShiftCluster

OpenShiftCluster

BIG-IP DNS

Gateway Service Web UI Service

Inventory Service Cart Service Catalog Service Pricing Service

Data Plane

Gateway PoolMembers

BIG-IP Controller BIG-IP Controller

Aspen MeshAspen Mesh

BIG-IP Controller

Aspen Mesh

19

Failover(BIG-IP Ingress Demo)

Demo 2

20

21

Istio & Service Mesh

POD

ENVOY

SERVICE

POD

ENVOY

SERVICE

POD

ENVOY

SERVICE

Pilot Mixer Auth

Applies security, route rules, policies and reports traffic telemetry at the pod level

Jaeger

Istio Data Plane

Istio Control Plane

Istio

23

Aspen Mesh

24

Java

Spring

OpenSSL 110f

disco-java

OpenTracing Spring

Ribbon

Node.js

http.createServer

OpenSSL 102l

Zoologist

Jaeger

Python

Flask

OpenSSL 110d

kingpin

OpenTracing Flask

Lemur Express RL

ReviewsFavorites Titles

Before Service Mesh

Java

Spring

Node.js

http.createServer

Python

Flask

TitlesReviewsFavorites

Service Mesh

Service Mesh

After Service Mesh

Service Mesh

Service Mesh

25

Service MeshNative Advanced L7 Policy

Envoy

A

Envoy

BEnvoy

C

Mixer Agent

User’s OpenShift Cluster

26

Hosted SaaS Platform

Service and Support

Security and Authentication

Customizable alerts and events

Logging and Tracing

Visual Insights Dashboard

27

Istio(Aspen Mesh Demo)

Demo 3

28

29

Partnership

30

PRODUCTION

Red Hat and F5Red Hat is the leader in providing open source software for enterprises

F5 helps customers scale, secure, and deploy apps on any private or cloud platform

Technology AssuranceSecure. Stable. Reliable. Enterprise-grade certainty.

ExpertiseExperience you can trust.

InnovationCompetitive advantage.

31

Certified OpenStack Solutions

F5 & Red Hat Partnership: Better Together

OpenShift Integration Upstreamed Ansible Modules

Partnering to drive customer satisfaction

32

Wrap Up

33

● Automation is table stakes○ Always keep you automation lock step with your architecture and design○ Write your roles to be versatile making good use of variables

● Multi-Cloud is here○ Cost, failover, running services where best suited○ Apps must be multi-cloud able.

● Istio based Aspen Mesh delivers consistency ○ Across cloud environments○ Across multiple frameworks and languages

● https://github.com/aspenmesh● https://github.com/f5networks/k8s-bigip-ctlr● https://github.com/f5devcentral/f5-tmsh2iapp● http://clouddocs.f5.com/containers/v2/openshift/

F5 and Red Hat landing page: https://f5.com/redhat

Q&A

34

THANK YOUplus.google.com/+RedHat

linkedin.com/company/red-hat

youtube.com/user/RedHatVideos

facebook.com/redhatinc

twitter.com/RedHat

35