Introduces micro services and the importance of load balancing for micro services architecture. Explores NetScaler CPX - a containerized NetScaler and integration with Kubernetes, Docker and Apache Mesos
2. About me
¨ Distinguished Engineer
at Citrix
¨ Apache CloudStack
PMC
¨ Work on Citrix
Netscaler and
containers
Copyright: Citrix Systems, Inc
3. Load balancers are important (again)
¨ Containers and Microservices
¨ Teaching old load balancers new tricks
¨ Emerging patterns for Load Balancing
¨ Future directions
Copyright: Citrix Systems, Inc
8. Load Balancing: Traditional vs. Cloud Native
Static Applications, well
defined topology
Dynamic Microservices,
changing topology
W W W
A A A A A
W
M
M
TrafficismostlyN-S
M
M
M
M
M
M
M
M
M
Traffic is mix
of N-S and E-W
Copyright: Citrix Systems, Inc
18. Load Balancing for Container Clusters
¨ High performance
¨ Few instances
¨ Somewhat frequent
reconfiguration
¨ Hardware or virtual
¨ Advanced: TLS, WAF, content
switching
¨ Stateful
¨ Frequent reconfiguration
¨ Short lifespans
¨ Large number of instances
¨ Lower performance
¨ L4 common, L7 desirable
¨ Stateless
Ingress (edge) Intra-cluster
Copyright: Citrix Systems, Inc
19. Reconfiguration of Load Balancer
α1
β1
HostH1
β2
α2
HostH2
α3
α4
HostH3
Ingress LB
α5
α6
HostH4
ClusterManager
LB
Controller
Cluster API
Container
Events Reconfigur
ation
Container
State
Container
State Query
Copyright: Citrix Systems, Inc
20. Orchestration vs. Choreography
¨ Cluster Manager / Orchestrator drives
predefined (often hardcoded) process
¨ Points in the process can be “plugged in”.
¨ E.g., Load Balancer controller can be
plugged in.
¨ Brittle, hard to change
¨ Typical of IaaS stacks (e.g., OpenStack,
CloudStack)
¨ Cluster Manager emits events
¨ Controllers react to events asynchronously
¨ Easy to swap controllers
¨ Loosely coupled
¨ Harder to debug.
¨ No “god view” of state of the system.
¨ Typical of Cluster Managers (Kubernetes)
Orchestration Choreography
Copyright: Citrix Systems, Inc
21. Typical Form factors
¨ Virtual, hardware (F5,
Netscaler), or service
(ELB)
¨ Usually Proprietary
¨ Containerized OSS
(HAProxy, Nginx)
¨ Written from scratch
(kube-proxy, Uber
hyperbahn, linkerd,
traefik)
Ingress LB Intra-cluster
Copyright: Citrix Systems, Inc
23. Netscaler CPX
Containerized
Netscaler for
Developers /
Cloud native
deployments
¨ Proprietary
¨ Same hardened code, same features as
bigger form factors
¨ Unified control plane with Ingress and
other LB (Netscaler MAS)
¨ Unified monitoring, logging and
analytics
Copyright: Citrix Systems, Inc
24. Netscaler Family
Automation
Network and
Load Balancer
Full Featured
Un-compromised
Network/ Load
Balancer
functionality
All Appliance/
Workloads
Containers, VM,
Physical form
factors
Investment
Protection
Keep what you
already have
Single Management
Platform
One manager
for all your
appliances
Copyright: Citrix Systems, Inc
25. Packaged as Docker Container
¨ Investment protection
¤ Same code bits à container form factor
¤ Managed like any other NetScaler platform
¤ Seamless transition from Development to Production
¨ Functionality:
¤ Load balancing
¤ Content Switching
¤ All traffic types and protocols
¤ SSL offloading
¤ DNS
¤ Monitoring and logging
¤ Nitro API
You Can Deploy In Seconds!
Server
Linux OS
Docker Engine
AppA
bin/libs
App
B
bin/libs
App
C
bin/libs
C
P
X
bin/libs
Copyright: Citrix Systems, Inc
26. Netscaler CPX Express
¨ “Developer” Edition*
¨ No license required
¨ Available for download from Docker Hub in Q3
¨ Drop-in replaceable with licensed version
*Not for production use
Copyright: Citrix Systems, Inc
27. MAS Turns NetScalers into a Pool – Control One to Thousands
NetScaler
MAS
CPX VPX MPX
Container
Management:
Mesos & Marathon
Docker Swarm
Kubernetes
Service
Discovery
Orchestrator: Self
Service Portal
NetScaler MAS Functions
App-centric Life
Cycle
Configuration at
Scale
Visibility and
Insights
Copyright: Citrix Systems, Inc
28. What do We Mean by App-Centricity
App configs vs.
network configs
Provide role-based,
partitioned access to
application owners
Provide tools to map
app config to
NetScaler:
Stylebooks
Copyright: Citrix Systems, Inc
29. ¨ Template-driven configuration for Citrix Netscaler.
¨ Intent-driven
¨ Sharing, collaboration and re-use
¨ Automate via an API
App-centric: Netscaler Stylebooks
Copyright: Citrix Systems, Inc
31. ¨ The ADC has visibility to users on
one side and apps/infrastructure
on the other
¨ Outbound: Data provides insights
on customer usage and behavior
¨ Inbound: Insights on app health and
performance
¨ Security: Recognizing and
mitigating increasingly
sophisticated attacks
Analytics at Scale:
Insight from Network Data
Users Apps
Devices
Copyright: Citrix Systems, Inc
36. Client-side LB
¤ Embedded into calling application
n e.g., Netflix Ribbon (with Eureka)
¤ Run as side-cars (alongside each
application or one-per-host)
n Netflix Prana
n Twitter Finagle
n Linkerd from Buoyant.io (based on
Finagle)
n AirBnB Smartstack/Synapse (uses
HAProxy)
n Uber Hyperbahn (like Finagle,
switched from HAProxy)
n Kube Proxy
Eureka
M M
M
M
M
M
Copyright: Citrix Systems, Inc
40. Wrap-up
¨ Load balancing is
different for containers /
microservices
¨ Integration with container
cluster managers is
needed
¨ Consider using the same
LB technology for ingress
and intra-cluster
¨ Emerging patterns
solidify the importance
of the load balancer
¨ LB in the wire brings
¤ Simplicity
¤ Resilience
¤ Future proofing
Copyright: Citrix Systems, Inc