当前位置：网站首页>Deploy application delivery services in kubernetes (Part 1)

Deploy application delivery services in kubernetes (Part 1)

2022-07-28 13:47:00 【Nginx open source community】

Original author ：Owen Garrett of F5
Link to the original text ： stay Kubernetes Central deployment application delivery service （ The first 1 part ） - NGINX
Reprint source ：NGINX Official website

This article is one of the following blog posts ：

stay Kubernetes Central deployment application delivery service （ The first 1 part ）（ this paper ） It explains why the application services that are reused due to divide and conquer can improve the overall efficiency ： because NetOps and DevOps The team has different requirements , So they will choose the tool that best suits their specific needs .
stay Kubernetes Central deployment application delivery service （ The first 2 part ） With WAF For example , On application delivery services in Kubernetes The deployment location in the environment provides guidance . You can according to your own needs , Based on each Service Or based on each POD The way , take WAF Deployed in Kubernetes Environmental “ Front door ” or Ingress Controller On .

If we want to say accompanying Kubernetes And the growth of cloud native architecture , That's it DevOps Teams and application owners can more directly control the deployment of applications 、 Management and delivery .

Modern applications rely on a set of increasingly mature supporting “ Application delivery services ” To ensure its successful operation in the production environment . The boundary between applications and their supporting services has been blurred ,DevOps Engineers gradually find that they need to control or manage these services themselves .

Let's learn about it through a few specific examples ：

Grayscale and blue-green deployment —— DevOps The team pushes the application into the production environment , Sometimes it will be pushed many times every day . They actively use load balancers or application delivery controllers (ADC) Flow oriented function , First use a small amount of traffic to verify the new application instance , Then switch all traffic from the old instance to the new instance .
DevSecOps Assembly line —— DevOps The team builds the security policy directly into CI/CD In the assembly line , for example Web Application firewall (WAF) Rule set . These strategies are treated as yet another application artifact , Automatically deployed to test 、 In pre production and production environment . although SecOps Teams can define security policies , but DevOps Perform the actual deployment in the production environment .

These examples are consistent with what we said “ Application delivery services ” of —— Functional requirements that do not belong to the application , But it is an indispensable ability to ensure the successful operation of applications . These functions may be caching 、 Load balancing 、 Authentication 、WAF And denial of service （DoS） measures , The goal is to provide excellent scalability 、 Performance acceleration or safety protection .

NetOps and DevOps All pay attention to application delivery services

DevOps The rise of has not weakened at all NetOps The role of the team , The latter is still responsible for the operation of the entire platform and its required application delivery services .NetOps You need to control these global services , This is still crucial . in fact , When NetOps and DevOps All pay attention to application delivery services （ for example ADC or WAF） when , We often find the divide and conquer of application delivery services . This is not inefficiency , It reflects the different needs and goals of all parties when using the service ：

NetOps and SecOps Responsible for the overall security of the enterprise infrastructure 、 Performance and availability . The standard to measure its goal is reliability 、 Normal operation time 、 Delay the situation and the ability to establish safe boundaries . The tools they use are usually multi tenant （ Manage the traffic of multiple applications and business lines ）、 Infrastructure centric and persistent . alike , The monitoring and alerting tools they use are also infrastructure centric .
DevOps and DevSecOps Be responsible for each application that its relevant business line needs to operate . The standard to measure its goal is whether it can iterate quickly 、 Easily bring new services to market , And can respond to changing business needs . It is normal for the system to fail —— For them , Reliability and uptime are second , The most important thing is to quickly eliminate faults and solve inevitable and unpredictable production problems . The tools they use are often software based （ Usually open source ） Of , It's easy to use configuration files and API Automation , And rapidly deploy and expand as needed

Sometimes divide and rule will improve operational efficiency

Why does functional duplication not lead to inefficiency ？ In short , because NetOps and DevOps Need to use some functions , But their goal 、 Indicators and operation methods are quite different . Because of expectation DevOps and NetOps Share a common ADC（ for instance ） There are countless cases of conflict and inefficiency .

NetOps And the operation team are often most concerned about the front door of the infrastructure 、 Closer to the overall service of customers .DevOps And the application team is most concerned about the deployment location closer to the application code 、 Application specific services . Their concerns usually coincide in the middle .

You can provide appropriate tools for each team according to their needs , So as to improve operational efficiency . for example , After years of product development ,F5 Of BIGIP ADC Infrastructure has been able to effectively meet NetOps The needs of .NGINX Software for ADC Can easily pass CI/CD Pipeline deployment and Automation , Can effectively meet DevOps User needs .

Carefully arranging the ownership and responsibility of each application delivery service is the core of improving operational efficiency . for example , When deploying two layers ADC Or load balancer ：

NetOps Able to manage all network traffic 、 Apply security policy 、 Optimize routing , And monitor the health and performance of the infrastructure . A stable and well managed configuration minimizes the risk of change , And maximize uptime . By deploying application delivery services at the front door of the data center ,NetOps You can create a secure hosting boundary , Let all flow flow through here for inspection .
DevOps The team can completely control the deployment by application ADC, Freely optimize and adjust according to the application and operation process ADC To configure . They can adjust the necessary parameters , To cache and speed up applications , Or optimize the health examination 、 Timeout and error handling . They can also safely carry out blue-green deployment and other deployments , There is no need to worry about the interruption of other unrelated services on the same infrastructure .

By way of ADC Functions are placed in two different positions （ The front door of the infrastructure and the location close to the application ）, Enterprises can achieve specialization and precise control , So as to deploy and operate the services that the business depends on more efficiently .

Kubernetes It highlights the necessity of intelligent positioning application delivery services

Take as an example DevOps As part of the central digital transformation plan , Enterprises are rapidly adopting Kubernetes.Kubernetes by DevOps Engineers provide an easy automation 、 A highly scalable application platform with consistent runtime .

Many application delivery services traditionally located at the front door of the data center can be found in Kubernetes Deploy or automate in . This further highlights that in the production environment DevOps The role of the team in application operations management , It also provides more options for the deployment mode and location of important applications .

In this series of blog posts Second articles , We will introduce some mature practices of service deployment , For example Kubernetes Applications running in the environment WAF Deployment of . We will discuss the advantages and disadvantages of different choices and the most important selection criteria , To help you make the best decision .

Want to be in Kubernetes In the environment NGINX Plus Ingress Controller Used as load balancer ？ Want to NGINX App Protect Protect your app ？ Download now 30 Days free trial , or Contact us to discuss your use case .