People of DevOps: If you know one thing about F5, let it be this

F5 缩略图
Published December 04, 2019

So, you’re following DevOps patterns—small changes, source control everything, cross functional ownership, and automating the delivery pipeline. If things are going well, you should be seeing more deployments, lower friction, and improved reliability—and hopefully this is translating into happier customers—whomever they may be.

For many (most, even?) enterprises, however, these new working patterns need to coexist alongside applications, teams, and technologies that have taken root over time and are now firmly embedded into the fabric of IT delivery. Sometimes these new systems and applications can be isolated, but often the services that the existing infrastructure can provide are either mandated by policy, or just good sense.

The question is, can the existing enterprise architecture and services be integrated into new application deployment methods? Can an enterprise application delivery controller (to use a wholly unsurprising example) that’s frequently been administered by CLI or GUI really function in a source control driven, configuration-as-code pipeline? Can a hardware appliance run by a networking team really add a lot of function and value to a dynamic, fast-changing application that’s designed, created, and delivered by a team using DevOps patterns? If there is one thing you need to know about F5, it’s that the answer to these questions is a resounding YES. (Another helpful thing to know is whether your organization uses F5’s BIG-IP platform.)

The BIG-IP platform has been designed to keep applications fast, secure, and available through a high speed proxy architecture that injects application delivery services like application performance telemetry, load balancing, network optimization, or API security—all services that can help a team deliver the best customer experience.

While the quality and power of these services is important in protecting applications and delighting users, just as important is the delivery mechanism. There is no place in the DevOps world for manual processes, waiting for other silos to pull tickets from a queue, or snowflake configurations. To be fit for purpose, security, scaling, and telemetry services need to be defined as code, stored in source control, and deployed as part of the same pipeline as the rest of the application components.

This requires investment from both platform suppliers and teams that administer them. It’s an investment in tools, training, and time, but the results provide a lot of value for everyone.

Application teams get applications that are better protected, more observable, and more resilient. Infrastructure teams can define high quality services that their app teams deploy though automation, without raising a ticket, but using templates and configurations that meet enterprise standards. Security teams can create, tune, and export application firewall or API security polices and store them under source control, where they can be incorporated into application deployments.

But enough theory and promises. What have we actually done?

Some Software: F5 Automation Toolchain

The F5 Automation Toolchain is a suite of free tools that enable you to configure advanced application delivery services like web application firewalls, content routing, and application layer load balancing using a simple, declarative API interface. All configuration is stored as JSON text files which can be managed by source control and deployed using a single API call.

Some Partnerships: Automation and Orchestration

Partnering with the organizations driving the automation technologies you already work with (like Github, Ansible, or Terraform) helps bridge the gap from configuration-as-code to configuration on your platforms. The simple nature of our declarative automation also makes it simple to integrate with whatever tools you use.

Some Training: Super-NetOps

Network professionals have deep knowledge of protocols, traffic management, and ADC technology, but there are often gaps between how a DevOps team and a NetOps team think about operations. The F5 Super-NetOps program was created to help NetOps teams extend their knowledge into automation, systems thinking, and managing systems at scale to help them better align with the needs of applications teams. The Super-NetOps course teaches a mix of general theory and specific F5 technology implementations (using the F5 Automation Toolchain components, for instance). The training is available online and free for anyone who wants it. So, if you like what you read about the F5 Automation Toolchain but your NetOps peers need some nudging toward automation, send them here.

Wrapping up, if there’s one thing you need to know about F5 BIG-IP in a DevOps practice, it’s that YES you can have truly excellent application delivery services, deployed in the same way as the rest of the application stack. Find out more about how F5 can integrate into your CI/CD pipeline.