SlideShare una empresa de Scribd logo

Cloud Native 下的應用網路設計

inwin stack
inwin stack

20181120-Cloud Native Forum Citrix 何浩祥

Tecnología
1 de 34
Descargar para leer sin conexión
© 2018 Citrix | Confidential . @ . NOVEMBER 23, 2018
2 © 2018 Citrix | Confidential Cloud-Native A
3 © 2018 Citrix | Confidential - Microservices APIs Performance Resilience Security Visibility Continuous Delivery AutoScale Circuit Breaker Load Balancing Throttling Discovery Audit Segmentation E2E Encryption Routing Chaos Monkey Distributed Debug Back-off Lifecycle Management Auth
4 © 2018 Citrix | Confidential LB W W W A A A A D D LB 3 From 3-tier to microservices, container orchestrations, service mesh 3-tier app architecture Service Mesh architectureHairpin architecture L7 Hairpin with L4 Mesh architecture M M M M M M M M M M LB M M M M M M M M M M LB M M M M M M M M M M N-S traffic E-W traffic
5 © 2018 Citrix | Confidential D CD = / Citrix ADM REST REST
6 © 2018 Citrix | Confidential Server Linux OS Docker Engine AppA bin/libs App B bin/libs App C bin/libs C P X bin/libs • 1 S RU L. . • BA :A A • :ECBA :D • : D: • : D : • . B A • B • / B 7 A A • N 14 BD: P -) X a • O D ( 1 CD:EE CE D B CDB G E D C : CD:EE
7 © 2018 Citrix | Confidential G N1 N D N1 N D 6 A S E I I I S U P U D D M N AP I I S7CT I I H I I
8 © 2018 Citrix | Confidential CPX Microservice D Microservice A Microservice B Microservice C )( )
9 © 2018 Citrix | Confidential CPX Microservice A Microservice B Microservice D Microservice D 7
10 © 2018 Citrix | Confidential • C A • D • D
11 © 2018 Citrix | Confidential • • • •
12 © 2018 Citrix | Confidential w i whrD hx l • c w notdr • i w h D G • GN m yu l • e f e • l a C i l es l S
13 © 2018 Citrix | Confidential Microservice IoT Client B IoT Client C IoT Client A NetScaler MQTT 7 HiveMQ Server1 HiveMQ Server2 HiveMQ Server3 MQTT.Lua
14 © 2018 Citrix | Confidential CPX CPX App AppApp North - South East - West IDP Oauth – OIDCTLS WAF Local Auth: App SSL cert proper name + URL path Mutual TLS App X
15 © 2018 Citrix | Confidential α1 β1 HostH1 β2 α2 HostH2 α3 α4 HostH3 Ingress LB α5 α6 HostH4 ClusterManager LB Controller Cluster API Container Events Reconfigu ration Container State Container State Query
16 © 2018 Citrix | Confidential Overview Diagram for Kubernetes Use Case Kubernetes NodeKubernetes NodeKubernetes NodeKubernetes NodeKubernetes Node CPX CPX CPX CPX CPX Log Stream Log Stream Kubernetes Cluster Manager & API Server Citrix Application Delivery Management Use Case 4: CPX is each pod taking over role of Kube Proxy VPX or CPX Citrix ADC as ingress load balancer for Kubernetes clusters Log Stream Kube Proxy Kube Proxy Kube Proxy Kube Proxy Kube Proxy Kubernetes Ingress Controller ConfigChanges
17 © 2018 Citrix | Confidential Node-3 Pod-5 M1 Pod-6 M2 Node-2 Pod-3 M1 Pod-4 M2 MPX Node-1 Pod-1 M1 Pod-2 M2 M1 to M2 via CPX PodPod Pod CPX Citrix K8s Controller CPX Citrix K8s Controller CPX Citrix K8s Agent Citrix K8s Agent Prometheus Splunk Infoblox IPAM K8s API Server K8s DNS Citrix K8s Controller Calico/Flannel Control Plane Pod Citrix Ingress Controller (self- contained) Pod Logging AppGraph Analytics Licensing Inventory Front-End (UI) Pod Pod PG-SQL Redis Node-4 Config Engine (StyleBooks) Citrix K8s Controller Deployment Architecture: Proxy per Node N-S traffic E-W traffic Add on (optional) 3rd Party Open source K8S Controller (Integrated)
18 © 2018 Citrix | Confidential Node-3 Pod-5 M1 Pod-6 M2 Node-2 Pod-3 M1 Pod-4 M2 MPX Node-1 Pod-1 M1 Pod-2 M2 M1 to M2 via CPX Deployment Architecture: Service Mesh (Proxy per Pod) CPX Citrix K8s Controller CPX Citrix K8s Controller CPX Citrix K8s Controller CPX Citrix K8s Controller CPX Citrix K8s Controller CPX Citrix K8s Controller Pod Logging AppGraph Analytics Licensing Inventory Front-End (UI) Pod Pod PG-SQL Redis Node-4 Config Engine (StyleBooks) Citrix K8s Controller Infoblox IPAM K8s API Server K8s DNS Citrix K8s Controller Calico/Flannel Control Plane N-S traffic E-W traffic Add on (optional) 3rd Party Open sourceIstio Prometheus Splunk Citrix K8s Agent K8S Controller (Integrated) Pod Citrix Ingress Controller (self- contained)
19 © 2018 Citrix | Confidential • To enable external traffic to enter the OpenShift Nodes, Openshift is moving to the Kubernetes Ingress Load Balancer API stack. • CPX uses IP address of host / POD and that is exposed to external traffic • Here the Kubernetes Ingress Controller receives service location information from the Kubernetes API server and programs the CPX through Citrix Application Delivery Management (not shown) in response to changes. Paas with OpenShift MASTER API Authentication Data Store Scheduler Mgmt/Replication Kubernetes API Server Kubernetes Ingress Controller Docker Kubelet and Kube Proxy Citrix ADC CPX (host) External traffic Docker Kubelet and Kube Proxy Infrastructure Node App Node Apps Apps OpenShift SDN Citrix ADC CPX
20 © 2018 Citrix | Confidential • • A • • E • • •
21 © 2018 Citrix | Confidential Infrastructure as a Code L S V: A
22 © 2018 Citrix | Confidential
23 © 2018 Citrix | Confidential Citrix ADM
24 © 2018 Citrix | Confidential Citrix Application Delivery Management Turns Citrix ADC’s into a Pool – Control One to Thousands Citrix Application Delivery Management CPX VPX MPX Container Management: Mesos & Marathon Kubernetes Cloud Manager/ Orchestrators: OpenStack VMWare NSX Service Discovery Orchestrator: Self Service Portal Citrix Application Delivery Management Functions App-centric Life Cycle Configuration at Scale Visibility and Insights
25 © 2018 Citrix | Confidential Metadata from Citrix ADC is Powerful Information Citrix ADC Total DNS request Total invalid DNS requests Total server time to first byte Transaction logs Total server hits Surge Queue count Client / user # Users using SSL v3 # Users using ECDHE # Users using ECDSA SSL Chip utilization
26 © 2018 Citrix | Confidential App Health Score Tied to Citrix ADC Metadata User Experience Caused by Latency Availability Anomalies Errors ADC Health: CPU, Memory Server Latency and availability Security Attacks: Threat Index, DNS DDoS App HealthScore Citrix ADC Metadata Anomalies: Surge Queue, Uneven LB HTTP Errors
27 © 2018 Citrix | Confidential ? ? ? ? ? ? . . .
28 © 2018 Citrix | Confidential
29 © 2018 Citrix | Confidential Top Parameters & Trends • Which are the top vservers causing low health score? • What is the key app usage metric variation? • What is the total event variation trend for this app? Top 5 vservers with lowest health score How are the total events trending over the time? How are the total events trending over the time? Deep-dive with the application activity investigator
30 © 2018 Citrix | Confidential Which are the top Apps with high threat index? Who are the top Clients with high number of violations association? Which locations attacks are originated from? What is the total attack variation across all apps? New Threat Detection added Application security threat exposure assessment
31 © 2018 Citrix | Confidential North – South • Leverage Citrix ADCs as ingress devices • MPX/SDX/VPX • CPX inside cluster • Expose L7 features in Kubernetes through CRDs, annotations East-West • CPX for visibility and security • CPX per node • CPX per pod • Lightweight CPX Security and Analytics • Tie security capabilities to solve new problems • API security • App-to-app security • Service graph • Prometheus exporter Scale • From hundreds to thousands of nodes per cluster CICD • Integrate with cloud native DevOps tooling
32 © 2018 Citrix | Confidential S AI M ) D **(/ C C ITSM ITC SDN NetScaler API’s Citrix ADM T PaaS
34 © 2018 Citrix | Confidential

Recomendados

運用高效、敏捷全新平台極速落實雲原生開發
運用高效、敏捷全新平台極速落實雲原生開發運用高效、敏捷全新平台極速落實雲原生開發
運用高效、敏捷全新平台極速落實雲原生開發inwin stack
 
Migrating to Cloud Native Solutions
Migrating to Cloud Native SolutionsMigrating to Cloud Native Solutions
Migrating to Cloud Native Solutionsinwin stack
 
Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?DevOps.com
 
Edge Orchestration & Federated Kubernetes Clusters - Open Networking Summit 2018
Edge Orchestration & Federated Kubernetes Clusters - Open Networking Summit 2018Edge Orchestration & Federated Kubernetes Clusters - Open Networking Summit 2018
Edge Orchestration & Federated Kubernetes Clusters - Open Networking Summit 2018Cloudify Community
 
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMigrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMitchell Pronschinske
 
Hitting the Enterprise Sweet Spot—A Real-World View of PKS Deployment and Suc...
Hitting the Enterprise Sweet Spot—A Real-World View of PKS Deployment and Suc...Hitting the Enterprise Sweet Spot—A Real-World View of PKS Deployment and Suc...
Hitting the Enterprise Sweet Spot—A Real-World View of PKS Deployment and Suc...VMware Tanzu
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...DevOps.com
 
Pivotal Container Service : la nuova soluzione per gestire Kubernetes in azienda
Pivotal Container Service : la nuova soluzione per gestire Kubernetes in aziendaPivotal Container Service : la nuova soluzione per gestire Kubernetes in azienda
Pivotal Container Service : la nuova soluzione per gestire Kubernetes in aziendaVMware Tanzu
 

Recomendados

運用高效、敏捷全新平台極速落實雲原生開發
運用高效、敏捷全新平台極速落實雲原生開發運用高效、敏捷全新平台極速落實雲原生開發
運用高效、敏捷全新平台極速落實雲原生開發inwin stack
 
Migrating to Cloud Native Solutions
Migrating to Cloud Native SolutionsMigrating to Cloud Native Solutions
Migrating to Cloud Native Solutionsinwin stack
 
Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?DevOps.com
 
Edge Orchestration & Federated Kubernetes Clusters - Open Networking Summit 2018
Edge Orchestration & Federated Kubernetes Clusters - Open Networking Summit 2018Edge Orchestration & Federated Kubernetes Clusters - Open Networking Summit 2018
Edge Orchestration & Federated Kubernetes Clusters - Open Networking Summit 2018Cloudify Community
 
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMigrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMitchell Pronschinske
 
Hitting the Enterprise Sweet Spot—A Real-World View of PKS Deployment and Suc...
Hitting the Enterprise Sweet Spot—A Real-World View of PKS Deployment and Suc...Hitting the Enterprise Sweet Spot—A Real-World View of PKS Deployment and Suc...
Hitting the Enterprise Sweet Spot—A Real-World View of PKS Deployment and Suc...VMware Tanzu
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...DevOps.com
 
Pivotal Container Service : la nuova soluzione per gestire Kubernetes in azienda
Pivotal Container Service : la nuova soluzione per gestire Kubernetes in aziendaPivotal Container Service : la nuova soluzione per gestire Kubernetes in azienda
Pivotal Container Service : la nuova soluzione per gestire Kubernetes in aziendaVMware Tanzu
 
Dynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesDynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesMitchell Pronschinske
 
Tectonic Summit 2016: Betting on Kubernetes
Tectonic Summit 2016: Betting on KubernetesTectonic Summit 2016: Betting on Kubernetes
Tectonic Summit 2016: Betting on KubernetesCoreOS
 
stackconf 2021 | Data Driven Security
stackconf 2021 | Data Driven Securitystackconf 2021 | Data Driven Security
stackconf 2021 | Data Driven SecurityNETWAYS
 
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSWeaveworks
 
stackconf 2021 | Stretching the Service Mesh Beyond the Clouds
stackconf 2021 | Stretching the Service Mesh Beyond the Cloudsstackconf 2021 | Stretching the Service Mesh Beyond the Clouds
stackconf 2021 | Stretching the Service Mesh Beyond the CloudsNETWAYS
 
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed Service
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed ServiceCloud-Native Patterns and the Benefits of MySQL as a Platform Managed Service
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed ServiceVMware Tanzu
 
Cloud-Native Operations with Kubernetes and CI/CD
Cloud-Native Operations with Kubernetes and CI/CDCloud-Native Operations with Kubernetes and CI/CD
Cloud-Native Operations with Kubernetes and CI/CDVMware Tanzu
 
Concourse, Spinnaker, Cloud Foundry, Oh My! Creating Sophisticated Deployment...
Concourse, Spinnaker, Cloud Foundry, Oh My! Creating Sophisticated Deployment...Concourse, Spinnaker, Cloud Foundry, Oh My! Creating Sophisticated Deployment...
Concourse, Spinnaker, Cloud Foundry, Oh My! Creating Sophisticated Deployment...VMware Tanzu
 
Making Microservices Smarter with Istio, Envoy and Pivotal Ingress Router
Making Microservices Smarter with Istio, Envoy and Pivotal Ingress RouterMaking Microservices Smarter with Istio, Envoy and Pivotal Ingress Router
Making Microservices Smarter with Istio, Envoy and Pivotal Ingress RouterVMware Tanzu
 
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...DevOps.com
 
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes Strategy
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes StrategyTectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes Strategy
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes StrategyCoreOS
 
CDK - The next big thing - Quang Phuong
CDK - The next big thing - Quang PhuongCDK - The next big thing - Quang Phuong
CDK - The next big thing - Quang PhuongVietnam Open Infrastructure User Group
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)DevOps.com
 
The good, the bad, and the ugly of migrating hundreds of legacy applications ...
The good, the bad, and the ugly of migrating hundreds of legacy applications ...The good, the bad, and the ugly of migrating hundreds of legacy applications ...
The good, the bad, and the ugly of migrating hundreds of legacy applications ...Josef Adersberger
 
Monitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with DatadogMonitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with DatadogDevOps.com
 
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020VMware Tanzu
 
Pivotal Developer-Ready Infrastructure Slides
Pivotal Developer-Ready Infrastructure SlidesPivotal Developer-Ready Infrastructure Slides
Pivotal Developer-Ready Infrastructure SlidesVMware Tanzu
 
Enterprise Application Migration
Enterprise Application MigrationEnterprise Application Migration
Enterprise Application MigrationVMware Tanzu
 
Pivotal Container Service Overview
Pivotal Container Service Overview Pivotal Container Service Overview
Pivotal Container Service Overview VMware Tanzu
 
Pivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry MeetupPivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry Meetupcornelia davis
 
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...DevOps.com
 
Citrix adc technical overview
Citrix adc technical overviewCitrix adc technical overview
Citrix adc technical overviewRoshan Dias
 

Más contenido relacionado

La actualidad más candente

Dynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesDynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesMitchell Pronschinske
 
Tectonic Summit 2016: Betting on Kubernetes
Tectonic Summit 2016: Betting on KubernetesTectonic Summit 2016: Betting on Kubernetes
Tectonic Summit 2016: Betting on KubernetesCoreOS
 
stackconf 2021 | Data Driven Security
stackconf 2021 | Data Driven Securitystackconf 2021 | Data Driven Security
stackconf 2021 | Data Driven SecurityNETWAYS
 
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSWeaveworks
 
stackconf 2021 | Stretching the Service Mesh Beyond the Clouds
stackconf 2021 | Stretching the Service Mesh Beyond the Cloudsstackconf 2021 | Stretching the Service Mesh Beyond the Clouds
stackconf 2021 | Stretching the Service Mesh Beyond the CloudsNETWAYS
 
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed Service
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed ServiceCloud-Native Patterns and the Benefits of MySQL as a Platform Managed Service
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed ServiceVMware Tanzu
 
Cloud-Native Operations with Kubernetes and CI/CD
Cloud-Native Operations with Kubernetes and CI/CDCloud-Native Operations with Kubernetes and CI/CD
Cloud-Native Operations with Kubernetes and CI/CDVMware Tanzu
 
Concourse, Spinnaker, Cloud Foundry, Oh My! Creating Sophisticated Deployment...
Concourse, Spinnaker, Cloud Foundry, Oh My! Creating Sophisticated Deployment...Concourse, Spinnaker, Cloud Foundry, Oh My! Creating Sophisticated Deployment...
Concourse, Spinnaker, Cloud Foundry, Oh My! Creating Sophisticated Deployment...VMware Tanzu
 
Making Microservices Smarter with Istio, Envoy and Pivotal Ingress Router
Making Microservices Smarter with Istio, Envoy and Pivotal Ingress RouterMaking Microservices Smarter with Istio, Envoy and Pivotal Ingress Router
Making Microservices Smarter with Istio, Envoy and Pivotal Ingress RouterVMware Tanzu
 
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...DevOps.com
 
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes Strategy
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes StrategyTectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes Strategy
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes StrategyCoreOS
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)DevOps.com
 
The good, the bad, and the ugly of migrating hundreds of legacy applications ...
The good, the bad, and the ugly of migrating hundreds of legacy applications ...The good, the bad, and the ugly of migrating hundreds of legacy applications ...
The good, the bad, and the ugly of migrating hundreds of legacy applications ...Josef Adersberger
 
Monitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with DatadogMonitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with DatadogDevOps.com
 
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020VMware Tanzu
 
Pivotal Developer-Ready Infrastructure Slides
Pivotal Developer-Ready Infrastructure SlidesPivotal Developer-Ready Infrastructure Slides
Pivotal Developer-Ready Infrastructure SlidesVMware Tanzu
 
Enterprise Application Migration
Enterprise Application MigrationEnterprise Application Migration
Enterprise Application MigrationVMware Tanzu
 
Pivotal Container Service Overview
Pivotal Container Service Overview Pivotal Container Service Overview
Pivotal Container Service Overview VMware Tanzu
 
Pivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry MeetupPivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry Meetupcornelia davis
 

La actualidad más candente (20)

Dynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesDynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD Pipelines
 
Tectonic Summit 2016: Betting on Kubernetes
Tectonic Summit 2016: Betting on KubernetesTectonic Summit 2016: Betting on Kubernetes
Tectonic Summit 2016: Betting on Kubernetes
 
stackconf 2021 | Data Driven Security
stackconf 2021 | Data Driven Securitystackconf 2021 | Data Driven Security
stackconf 2021 | Data Driven Security
 
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
 
stackconf 2021 | Stretching the Service Mesh Beyond the Clouds
stackconf 2021 | Stretching the Service Mesh Beyond the Cloudsstackconf 2021 | Stretching the Service Mesh Beyond the Clouds
stackconf 2021 | Stretching the Service Mesh Beyond the Clouds
 
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed Service
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed ServiceCloud-Native Patterns and the Benefits of MySQL as a Platform Managed Service
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed Service
 
Cloud-Native Operations with Kubernetes and CI/CD
Cloud-Native Operations with Kubernetes and CI/CDCloud-Native Operations with Kubernetes and CI/CD
Cloud-Native Operations with Kubernetes and CI/CD
 
Concourse, Spinnaker, Cloud Foundry, Oh My! Creating Sophisticated Deployment...
Concourse, Spinnaker, Cloud Foundry, Oh My! Creating Sophisticated Deployment...Concourse, Spinnaker, Cloud Foundry, Oh My! Creating Sophisticated Deployment...
Concourse, Spinnaker, Cloud Foundry, Oh My! Creating Sophisticated Deployment...
 
Making Microservices Smarter with Istio, Envoy and Pivotal Ingress Router
Making Microservices Smarter with Istio, Envoy and Pivotal Ingress RouterMaking Microservices Smarter with Istio, Envoy and Pivotal Ingress Router
Making Microservices Smarter with Istio, Envoy and Pivotal Ingress Router
 
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
 
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes Strategy
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes StrategyTectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes Strategy
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes Strategy
 
CDK - The next big thing - Quang Phuong
CDK - The next big thing - Quang PhuongCDK - The next big thing - Quang Phuong
CDK - The next big thing - Quang Phuong
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
 
The good, the bad, and the ugly of migrating hundreds of legacy applications ...
The good, the bad, and the ugly of migrating hundreds of legacy applications ...The good, the bad, and the ugly of migrating hundreds of legacy applications ...
The good, the bad, and the ugly of migrating hundreds of legacy applications ...
 
Monitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with DatadogMonitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with Datadog
 
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
 
Pivotal Developer-Ready Infrastructure Slides
Pivotal Developer-Ready Infrastructure SlidesPivotal Developer-Ready Infrastructure Slides
Pivotal Developer-Ready Infrastructure Slides
 
Enterprise Application Migration
Enterprise Application MigrationEnterprise Application Migration
Enterprise Application Migration
 
Pivotal Container Service Overview
Pivotal Container Service Overview Pivotal Container Service Overview
Pivotal Container Service Overview
 
Pivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry MeetupPivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry Meetup
 

Similar a Cloud Native 下的應用網路設計

Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...DevOps.com
 
Citrix adc technical overview
Citrix adc technical overviewCitrix adc technical overview
Citrix adc technical overviewRoshan Dias
 
Implementing Docker Load Balancing in Microservices Infrastructure
Implementing Docker Load Balancing in Microservices InfrastructureImplementing Docker Load Balancing in Microservices Infrastructure
Implementing Docker Load Balancing in Microservices InfrastructureDevSecOpsSg
 
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft AzureModernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft AzureMitchell Pronschinske
 
Dev conf .in cloud native reference architecture .advance
Dev conf .in cloud native reference architecture .advanceDev conf .in cloud native reference architecture .advance
Dev conf .in cloud native reference architecture .advanceChristina Lin
 
eG Express Cloud for Citrix Workspaces
eG Express Cloud for Citrix WorkspaceseG Express Cloud for Citrix Workspaces
eG Express Cloud for Citrix WorkspaceseG Innovations
 
Wavefront by vmware june 2019 - legraswindow
Wavefront by vmware june 2019 - legraswindowWavefront by vmware june 2019 - legraswindow
Wavefront by vmware june 2019 - legraswindowAnil Gupta (AJ) - vExpert
 
Are you ready to be edgy? Bringing applications to the edge of the network
Are you ready to be edgy? Bringing applications to the edge of the networkAre you ready to be edgy? Bringing applications to the edge of the network
Are you ready to be edgy? Bringing applications to the edge of the networkMegan O'Keefe
 
How HSBC Uses Serverless to Process Millions of Transactions in Real Time (FS...
How HSBC Uses Serverless to Process Millions of Transactions in Real Time (FS...How HSBC Uses Serverless to Process Millions of Transactions in Real Time (FS...
How HSBC Uses Serverless to Process Millions of Transactions in Real Time (FS...Amazon Web Services
 
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...Amazon Web Services
 
Choosing a Citrix Monitoring Strategy: Key Capabilities and Pitfalls to Avoid
Choosing a Citrix Monitoring Strategy: Key Capabilities and Pitfalls to AvoidChoosing a Citrix Monitoring Strategy: Key Capabilities and Pitfalls to Avoid
Choosing a Citrix Monitoring Strategy: Key Capabilities and Pitfalls to AvoideG Innovations
 
Oracle Open World 2018 - Cloud Lift Accelerator Suite
Oracle Open World 2018 - Cloud Lift Accelerator SuiteOracle Open World 2018 - Cloud Lift Accelerator Suite
Oracle Open World 2018 - Cloud Lift Accelerator SuiteIke Aniagoh
 
New Design Patterns in Microservice Solutions
New Design Patterns in Microservice SolutionsNew Design Patterns in Microservice Solutions
New Design Patterns in Microservice SolutionsMichel Burger
 
Getting the Most Value from Your Aviatrix Controller & Gateways
Getting the Most Value from Your Aviatrix Controller & GatewaysGetting the Most Value from Your Aviatrix Controller & Gateways
Getting the Most Value from Your Aviatrix Controller & GatewaysKhash Nakhostin
 
BYOIDaaS - Automating IAM Infrastructure & Operations
BYOIDaaS - Automating IAM Infrastructure & OperationsBYOIDaaS - Automating IAM Infrastructure & Operations
BYOIDaaS - Automating IAM Infrastructure & OperationsJon Lehtinen
 
Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?Cisco Canada
 
XenDesktop Master Class - Virtualising Microsoft Lync - March 2015
XenDesktop Master Class - Virtualising Microsoft Lync - March 2015XenDesktop Master Class - Virtualising Microsoft Lync - March 2015
XenDesktop Master Class - Virtualising Microsoft Lync - March 2015Lee Bushen
 
Running Kubernetes with Amazon EKS - AWS Online Tech Talks
Running Kubernetes with Amazon EKS - AWS Online Tech TalksRunning Kubernetes with Amazon EKS - AWS Online Tech Talks
Running Kubernetes with Amazon EKS - AWS Online Tech TalksAmazon Web Services
 

Similar a Cloud Native 下的應用網路設計 (20)

Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
 
Citrix adc technical overview
Citrix adc technical overviewCitrix adc technical overview
Citrix adc technical overview
 
Implementing Docker Load Balancing in Microservices Infrastructure
Implementing Docker Load Balancing in Microservices InfrastructureImplementing Docker Load Balancing in Microservices Infrastructure
Implementing Docker Load Balancing in Microservices Infrastructure
 
NetScaler ADC - Customer Overview
NetScaler ADC - Customer OverviewNetScaler ADC - Customer Overview
NetScaler ADC - Customer Overview
 
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft AzureModernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
 
Dev conf .in cloud native reference architecture .advance
Dev conf .in cloud native reference architecture .advanceDev conf .in cloud native reference architecture .advance
Dev conf .in cloud native reference architecture .advance
 
eG Express Cloud for Citrix Workspaces
eG Express Cloud for Citrix WorkspaceseG Express Cloud for Citrix Workspaces
eG Express Cloud for Citrix Workspaces
 
Wavefront by vmware june 2019 - legraswindow
Wavefront by vmware june 2019 - legraswindowWavefront by vmware june 2019 - legraswindow
Wavefront by vmware june 2019 - legraswindow
 
Are you ready to be edgy? Bringing applications to the edge of the network
Are you ready to be edgy? Bringing applications to the edge of the networkAre you ready to be edgy? Bringing applications to the edge of the network
Are you ready to be edgy? Bringing applications to the edge of the network
 
How HSBC Uses Serverless to Process Millions of Transactions in Real Time (FS...
How HSBC Uses Serverless to Process Millions of Transactions in Real Time (FS...How HSBC Uses Serverless to Process Millions of Transactions in Real Time (FS...
How HSBC Uses Serverless to Process Millions of Transactions in Real Time (FS...
 
LB for type2
LB for type2LB for type2
LB for type2
 
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...
 
Choosing a Citrix Monitoring Strategy: Key Capabilities and Pitfalls to Avoid
Choosing a Citrix Monitoring Strategy: Key Capabilities and Pitfalls to AvoidChoosing a Citrix Monitoring Strategy: Key Capabilities and Pitfalls to Avoid
Choosing a Citrix Monitoring Strategy: Key Capabilities and Pitfalls to Avoid
 
Oracle Open World 2018 - Cloud Lift Accelerator Suite
Oracle Open World 2018 - Cloud Lift Accelerator SuiteOracle Open World 2018 - Cloud Lift Accelerator Suite
Oracle Open World 2018 - Cloud Lift Accelerator Suite
 
New Design Patterns in Microservice Solutions
New Design Patterns in Microservice SolutionsNew Design Patterns in Microservice Solutions
New Design Patterns in Microservice Solutions
 
Getting the Most Value from Your Aviatrix Controller & Gateways
Getting the Most Value from Your Aviatrix Controller & GatewaysGetting the Most Value from Your Aviatrix Controller & Gateways
Getting the Most Value from Your Aviatrix Controller & Gateways
 
BYOIDaaS - Automating IAM Infrastructure & Operations
BYOIDaaS - Automating IAM Infrastructure & OperationsBYOIDaaS - Automating IAM Infrastructure & Operations
BYOIDaaS - Automating IAM Infrastructure & Operations
 
Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?
 
XenDesktop Master Class - Virtualising Microsoft Lync - March 2015
XenDesktop Master Class - Virtualising Microsoft Lync - March 2015XenDesktop Master Class - Virtualising Microsoft Lync - March 2015
XenDesktop Master Class - Virtualising Microsoft Lync - March 2015
 
Running Kubernetes with Amazon EKS - AWS Online Tech Talks
Running Kubernetes with Amazon EKS - AWS Online Tech TalksRunning Kubernetes with Amazon EKS - AWS Online Tech Talks
Running Kubernetes with Amazon EKS - AWS Online Tech Talks
 

Más de inwin stack

當電子發票遇見 Google Cloud Function
當電子發票遇見 Google Cloud Function當電子發票遇見 Google Cloud Function
當電子發票遇見 Google Cloud Functioninwin stack
 
The last mile of digital transformation AI大眾化:數位轉型的最後一哩
The last mile of digital transformation AI大眾化:數位轉型的最後一哩The last mile of digital transformation AI大眾化:數位轉型的最後一哩
The last mile of digital transformation AI大眾化:數位轉型的最後一哩inwin stack
 
整合Cloud Foundry 和 Kubernetes 技術打造企業級雲應用平台解決方案
整合Cloud Foundry 和 Kubernetes 技術打造企業級雲應用平台解決方案整合Cloud Foundry 和 Kubernetes 技術打造企業級雲應用平台解決方案
整合Cloud Foundry 和 Kubernetes 技術打造企業級雲應用平台解決方案inwin stack
 
An Open, Open source way to enable your Cloud Native Journey
An Open, Open source way to enable your Cloud Native JourneyAn Open, Open source way to enable your Cloud Native Journey
An Open, Open source way to enable your Cloud Native Journeyinwin stack
 
維運Kubernetes的兩三事
維運Kubernetes的兩三事維運Kubernetes的兩三事
維運Kubernetes的兩三事inwin stack
 
Serverless framework on kubernetes
Serverless framework on kubernetesServerless framework on kubernetes
Serverless framework on kubernetesinwin stack
 
Train.IO 【第六期-OpenStack 二三事】
Train.IO 【第六期-OpenStack 二三事】Train.IO 【第六期-OpenStack 二三事】
Train.IO 【第六期-OpenStack 二三事】inwin stack
 
Web後端技術的演變
Web後端技術的演變Web後端技術的演變
Web後端技術的演變inwin stack
 
以 Kubernetes 部屬 Spark 大數據計算環境
以 Kubernetes 部屬 Spark 大數據計算環境以 Kubernetes 部屬 Spark 大數據計算環境
以 Kubernetes 部屬 Spark 大數據計算環境inwin stack
 
Setup Hybrid Clusters Using Kubernetes Federation
Setup Hybrid Clusters Using Kubernetes FederationSetup Hybrid Clusters Using Kubernetes Federation
Setup Hybrid Clusters Using Kubernetes Federationinwin stack
 
基於 K8S 開發的 FaaS 專案 - riff
基於 K8S 開發的 FaaS 專案 - riff基於 K8S 開發的 FaaS 專案 - riff
基於 K8S 開發的 FaaS 專案 - riffinwin stack
 
使用 Prometheus 監控 Kubernetes Cluster
使用 Prometheus 監控 Kubernetes Cluster 使用 Prometheus 監控 Kubernetes Cluster
使用 Prometheus 監控 Kubernetes Cluster inwin stack
 
Extend the Kubernetes API with CRD and Custom API Server
Extend the Kubernetes API with CRD and Custom API ServerExtend the Kubernetes API with CRD and Custom API Server
Extend the Kubernetes API with CRD and Custom API Serverinwin stack
 
利用K8S實現高可靠應用
利用K8S實現高可靠應用利用K8S實現高可靠應用
利用K8S實現高可靠應用inwin stack
 
Integrate Kubernetes into CORD(Central Office Re-architected as a Datacenter)
Integrate Kubernetes into CORD(Central Office Re-architected as a Datacenter)Integrate Kubernetes into CORD(Central Office Re-architected as a Datacenter)
Integrate Kubernetes into CORD(Central Office Re-architected as a Datacenter)inwin stack
 
Distributed tensorflow on kubernetes
Distributed tensorflow on kubernetesDistributed tensorflow on kubernetes
Distributed tensorflow on kubernetesinwin stack
 
Build your own kubernetes apiserver and resource type
Build your own kubernetes apiserver and resource typeBuild your own kubernetes apiserver and resource type
Build your own kubernetes apiserver and resource typeinwin stack
 
Virtualization inside kubernetes
Virtualization inside kubernetesVirtualization inside kubernetes
Virtualization inside kubernetesinwin stack
 
利用K8S實現高可靠應用
利用K8S實現高可靠應用利用K8S實現高可靠應用
利用K8S實現高可靠應用inwin stack
 
Build the Blockchain as service (BaaS) Using Ethereum on Kubernetes
Build the Blockchain as service (BaaS) Using Ethereum on KubernetesBuild the Blockchain as service (BaaS) Using Ethereum on Kubernetes
Build the Blockchain as service (BaaS) Using Ethereum on Kubernetesinwin stack
 

Más de inwin stack (20)

當電子發票遇見 Google Cloud Function
當電子發票遇見 Google Cloud Function當電子發票遇見 Google Cloud Function
當電子發票遇見 Google Cloud Function
 
The last mile of digital transformation AI大眾化:數位轉型的最後一哩
The last mile of digital transformation AI大眾化:數位轉型的最後一哩The last mile of digital transformation AI大眾化:數位轉型的最後一哩
The last mile of digital transformation AI大眾化:數位轉型的最後一哩
 
整合Cloud Foundry 和 Kubernetes 技術打造企業級雲應用平台解決方案
整合Cloud Foundry 和 Kubernetes 技術打造企業級雲應用平台解決方案整合Cloud Foundry 和 Kubernetes 技術打造企業級雲應用平台解決方案
整合Cloud Foundry 和 Kubernetes 技術打造企業級雲應用平台解決方案
 
An Open, Open source way to enable your Cloud Native Journey
An Open, Open source way to enable your Cloud Native JourneyAn Open, Open source way to enable your Cloud Native Journey
An Open, Open source way to enable your Cloud Native Journey
 
維運Kubernetes的兩三事
維運Kubernetes的兩三事維運Kubernetes的兩三事
維運Kubernetes的兩三事
 
Serverless framework on kubernetes
Serverless framework on kubernetesServerless framework on kubernetes
Serverless framework on kubernetes
 
Train.IO 【第六期-OpenStack 二三事】
Train.IO 【第六期-OpenStack 二三事】Train.IO 【第六期-OpenStack 二三事】
Train.IO 【第六期-OpenStack 二三事】
 
Web後端技術的演變
Web後端技術的演變Web後端技術的演變
Web後端技術的演變
 
以 Kubernetes 部屬 Spark 大數據計算環境
以 Kubernetes 部屬 Spark 大數據計算環境以 Kubernetes 部屬 Spark 大數據計算環境
以 Kubernetes 部屬 Spark 大數據計算環境
 
Setup Hybrid Clusters Using Kubernetes Federation
Setup Hybrid Clusters Using Kubernetes FederationSetup Hybrid Clusters Using Kubernetes Federation
Setup Hybrid Clusters Using Kubernetes Federation
 
基於 K8S 開發的 FaaS 專案 - riff
基於 K8S 開發的 FaaS 專案 - riff基於 K8S 開發的 FaaS 專案 - riff
基於 K8S 開發的 FaaS 專案 - riff
 
使用 Prometheus 監控 Kubernetes Cluster
使用 Prometheus 監控 Kubernetes Cluster 使用 Prometheus 監控 Kubernetes Cluster
使用 Prometheus 監控 Kubernetes Cluster
 
Extend the Kubernetes API with CRD and Custom API Server
Extend the Kubernetes API with CRD and Custom API ServerExtend the Kubernetes API with CRD and Custom API Server
Extend the Kubernetes API with CRD and Custom API Server
 
利用K8S實現高可靠應用
利用K8S實現高可靠應用利用K8S實現高可靠應用
利用K8S實現高可靠應用
 
Integrate Kubernetes into CORD(Central Office Re-architected as a Datacenter)
Integrate Kubernetes into CORD(Central Office Re-architected as a Datacenter)Integrate Kubernetes into CORD(Central Office Re-architected as a Datacenter)
Integrate Kubernetes into CORD(Central Office Re-architected as a Datacenter)
 
Distributed tensorflow on kubernetes
Distributed tensorflow on kubernetesDistributed tensorflow on kubernetes
Distributed tensorflow on kubernetes
 
Build your own kubernetes apiserver and resource type
Build your own kubernetes apiserver and resource typeBuild your own kubernetes apiserver and resource type
Build your own kubernetes apiserver and resource type
 
Virtualization inside kubernetes
Virtualization inside kubernetesVirtualization inside kubernetes
Virtualization inside kubernetes
 
利用K8S實現高可靠應用
利用K8S實現高可靠應用利用K8S實現高可靠應用
利用K8S實現高可靠應用
 
Build the Blockchain as service (BaaS) Using Ethereum on Kubernetes
Build the Blockchain as service (BaaS) Using Ethereum on KubernetesBuild the Blockchain as service (BaaS) Using Ethereum on Kubernetes
Build the Blockchain as service (BaaS) Using Ethereum on Kubernetes
 

Último

How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 

Último (20)

How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 

Cloud Native 下的應用網路設計

  • 1. © 2018 Citrix | Confidential . @ . NOVEMBER 23, 2018
  • 2. 2 © 2018 Citrix | Confidential Cloud-Native A
  • 3. 3 © 2018 Citrix | Confidential - Microservices APIs Performance Resilience Security Visibility Continuous Delivery AutoScale Circuit Breaker Load Balancing Throttling Discovery Audit Segmentation E2E Encryption Routing Chaos Monkey Distributed Debug Back-off Lifecycle Management Auth
  • 4. 4 © 2018 Citrix | Confidential LB W W W A A A A D D LB 3 From 3-tier to microservices, container orchestrations, service mesh 3-tier app architecture Service Mesh architectureHairpin architecture L7 Hairpin with L4 Mesh architecture M M M M M M M M M M LB M M M M M M M M M M LB M M M M M M M M M M N-S traffic E-W traffic
  • 5. 5 © 2018 Citrix | Confidential D CD = / Citrix ADM REST REST
  • 6. 6 © 2018 Citrix | Confidential Server Linux OS Docker Engine AppA bin/libs App B bin/libs App C bin/libs C P X bin/libs • 1 S RU L. . • BA :A A • :ECBA :D • : D: • : D : • . B A • B • / B 7 A A • N 14 BD: P -) X a • O D ( 1 CD:EE CE D B CDB G E D C : CD:EE
  • 7. 7 © 2018 Citrix | Confidential G N1 N D N1 N D 6 A S E I I I S U P U D D M N AP I I S7CT I I H I I
  • 8. 8 © 2018 Citrix | Confidential CPX Microservice D Microservice A Microservice B Microservice C )( )
  • 9. 9 © 2018 Citrix | Confidential CPX Microservice A Microservice B Microservice D Microservice D 7
  • 10. 10 © 2018 Citrix | Confidential • C A • D • D
  • 11. 11 © 2018 Citrix | Confidential • • • •
  • 12. 12 © 2018 Citrix | Confidential w i whrD hx l • c w notdr • i w h D G • GN m yu l • e f e • l a C i l es l S
  • 13. 13 © 2018 Citrix | Confidential Microservice IoT Client B IoT Client C IoT Client A NetScaler MQTT 7 HiveMQ Server1 HiveMQ Server2 HiveMQ Server3 MQTT.Lua
  • 14. 14 © 2018 Citrix | Confidential CPX CPX App AppApp North - South East - West IDP Oauth – OIDCTLS WAF Local Auth: App SSL cert proper name + URL path Mutual TLS App X
  • 15. 15 © 2018 Citrix | Confidential α1 β1 HostH1 β2 α2 HostH2 α3 α4 HostH3 Ingress LB α5 α6 HostH4 ClusterManager LB Controller Cluster API Container Events Reconfigu ration Container State Container State Query
  • 16. 16 © 2018 Citrix | Confidential Overview Diagram for Kubernetes Use Case Kubernetes NodeKubernetes NodeKubernetes NodeKubernetes NodeKubernetes Node CPX CPX CPX CPX CPX Log Stream Log Stream Kubernetes Cluster Manager & API Server Citrix Application Delivery Management Use Case 4: CPX is each pod taking over role of Kube Proxy VPX or CPX Citrix ADC as ingress load balancer for Kubernetes clusters Log Stream Kube Proxy Kube Proxy Kube Proxy Kube Proxy Kube Proxy Kubernetes Ingress Controller ConfigChanges
  • 17. 17 © 2018 Citrix | Confidential Node-3 Pod-5 M1 Pod-6 M2 Node-2 Pod-3 M1 Pod-4 M2 MPX Node-1 Pod-1 M1 Pod-2 M2 M1 to M2 via CPX PodPod Pod CPX Citrix K8s Controller CPX Citrix K8s Controller CPX Citrix K8s Agent Citrix K8s Agent Prometheus Splunk Infoblox IPAM K8s API Server K8s DNS Citrix K8s Controller Calico/Flannel Control Plane Pod Citrix Ingress Controller (self- contained) Pod Logging AppGraph Analytics Licensing Inventory Front-End (UI) Pod Pod PG-SQL Redis Node-4 Config Engine (StyleBooks) Citrix K8s Controller Deployment Architecture: Proxy per Node N-S traffic E-W traffic Add on (optional) 3rd Party Open source K8S Controller (Integrated)
  • 18. 18 © 2018 Citrix | Confidential Node-3 Pod-5 M1 Pod-6 M2 Node-2 Pod-3 M1 Pod-4 M2 MPX Node-1 Pod-1 M1 Pod-2 M2 M1 to M2 via CPX Deployment Architecture: Service Mesh (Proxy per Pod) CPX Citrix K8s Controller CPX Citrix K8s Controller CPX Citrix K8s Controller CPX Citrix K8s Controller CPX Citrix K8s Controller CPX Citrix K8s Controller Pod Logging AppGraph Analytics Licensing Inventory Front-End (UI) Pod Pod PG-SQL Redis Node-4 Config Engine (StyleBooks) Citrix K8s Controller Infoblox IPAM K8s API Server K8s DNS Citrix K8s Controller Calico/Flannel Control Plane N-S traffic E-W traffic Add on (optional) 3rd Party Open sourceIstio Prometheus Splunk Citrix K8s Agent K8S Controller (Integrated) Pod Citrix Ingress Controller (self- contained)
  • 19. 19 © 2018 Citrix | Confidential • To enable external traffic to enter the OpenShift Nodes, Openshift is moving to the Kubernetes Ingress Load Balancer API stack. • CPX uses IP address of host / POD and that is exposed to external traffic • Here the Kubernetes Ingress Controller receives service location information from the Kubernetes API server and programs the CPX through Citrix Application Delivery Management (not shown) in response to changes. Paas with OpenShift MASTER API Authentication Data Store Scheduler Mgmt/Replication Kubernetes API Server Kubernetes Ingress Controller Docker Kubelet and Kube Proxy Citrix ADC CPX (host) External traffic Docker Kubelet and Kube Proxy Infrastructure Node App Node Apps Apps OpenShift SDN Citrix ADC CPX
  • 20. 20 © 2018 Citrix | Confidential • • A • • E • • •
  • 21. 21 © 2018 Citrix | Confidential Infrastructure as a Code L S V: A
  • 22. 22 © 2018 Citrix | Confidential
  • 23. 23 © 2018 Citrix | Confidential Citrix ADM
  • 24. 24 © 2018 Citrix | Confidential Citrix Application Delivery Management Turns Citrix ADC’s into a Pool – Control One to Thousands Citrix Application Delivery Management CPX VPX MPX Container Management: Mesos & Marathon Kubernetes Cloud Manager/ Orchestrators: OpenStack VMWare NSX Service Discovery Orchestrator: Self Service Portal Citrix Application Delivery Management Functions App-centric Life Cycle Configuration at Scale Visibility and Insights
  • 25. 25 © 2018 Citrix | Confidential Metadata from Citrix ADC is Powerful Information Citrix ADC Total DNS request Total invalid DNS requests Total server time to first byte Transaction logs Total server hits Surge Queue count Client / user # Users using SSL v3 # Users using ECDHE # Users using ECDSA SSL Chip utilization
  • 26. 26 © 2018 Citrix | Confidential App Health Score Tied to Citrix ADC Metadata User Experience Caused by Latency Availability Anomalies Errors ADC Health: CPU, Memory Server Latency and availability Security Attacks: Threat Index, DNS DDoS App HealthScore Citrix ADC Metadata Anomalies: Surge Queue, Uneven LB HTTP Errors
  • 27. 27 © 2018 Citrix | Confidential ? ? ? ? ? ? . . .
  • 28. 28 © 2018 Citrix | Confidential
  • 29. 29 © 2018 Citrix | Confidential Top Parameters & Trends • Which are the top vservers causing low health score? • What is the key app usage metric variation? • What is the total event variation trend for this app? Top 5 vservers with lowest health score How are the total events trending over the time? How are the total events trending over the time? Deep-dive with the application activity investigator
  • 30. 30 © 2018 Citrix | Confidential Which are the top Apps with high threat index? Who are the top Clients with high number of violations association? Which locations attacks are originated from? What is the total attack variation across all apps? New Threat Detection added Application security threat exposure assessment
  • 31. 31 © 2018 Citrix | Confidential North – South • Leverage Citrix ADCs as ingress devices • MPX/SDX/VPX • CPX inside cluster • Expose L7 features in Kubernetes through CRDs, annotations East-West • CPX for visibility and security • CPX per node • CPX per pod • Lightweight CPX Security and Analytics • Tie security capabilities to solve new problems • API security • App-to-app security • Service graph • Prometheus exporter Scale • From hundreds to thousands of nodes per cluster CICD • Integrate with cloud native DevOps tooling
  • 32. 32 © 2018 Citrix | Confidential S AI M ) D **(/ C C ITSM ITC SDN NetScaler API’s Citrix ADM T PaaS
  • 33.
  • 34. 34 © 2018 Citrix | Confidential