Welcome!

Blog Feed Post

Achieving Command and Control through Requests and Responses

I’ve been talking about layer 7 load balancing (L7 LB) since, well, for a long time. From the first inception of it back in the day when someone decided that routing requests using URIs and host headers was a pretty innovative thing to do. bifurcated-network-stateful-statelessIf you must know, that was back in 2001.

And it was innovative then. Because at the time, load balancing and routing was something addressed at layers 3 and 4 – that’s TCP/IP – in the network using routers and switches and load balancers and network architecture.  You didn’t commonly see network devices operating at L7. You just didn’t, except in the app infrastructure.  

Today you see it all the time in the network. That virtual server definition in httpd.conf that relies on HTTP host header? That’s part of L7 LB. Rewriting URLs? Part of L7 LB. Persistent (sticky) sessions? You got this, right? Right. L7 LB.

So basically I’ve spent most of this century preaching about L7 LB.

One Monday morning in May I was reading the Internet (cause I do that on Mondays) and came across a lengthy discussion of microservices and L7 LB.

Guys, I must tell you I was totally excited by this blog. I was excited by the content, by the focus on the role of L7 LB in microservices and emerging app architectures (he mentions canary deployments), and by the words the author used to seamlessly move what has been a traditionally network-focused technology into an ops-focused technology. This is, without a doubt, one of the best (and most concise) descriptions of L7 LB I’ve read on the Internet:

It’s this experience that motivated linkerd (pronounced “linker dee”), a proxy designed to give service operators command & control over traffic between services. This encompasses a variety of features including transport security, load balancing, multiplexing, timeouts, retries, and routing.

In this post, I’ll discuss linkerd’s approach to routing. Classically, routing is one of the problems that is addressed at Layers 3 and 4—TCP/IP—with hardware load balancers, BGP, DNS, iptables, etc. While these tools still have a place in the world, they’re difficult to extend to modern multi-service software systems. Instead of operating on connections and packets, we want to operate on requests and responses. Instead of IP addressees and ports, we want to operate on services and instances.

I highlighted that one part because man, there’s just so much wrapped up in that single statement I can’t even. Literally.

The concept of operating on requests and responses is the foundation of entire solution sets across security, scale, and performance. A proxy capable of inspecting requests and responses is able to note only deal with transport security (TLS/SSL offload) and load balancing, but app security, as well. Request and response inspection is a critical component of app security, scanning and scrubbing of content deep down in the payload (the JSON, the HTML, the XML) to find exploits and malicious content is the premise of a web application firewall.

And then there’s access control, which increasingly cannot simply rely on IP addresses and user names. The proliferation of cloud and roaming, mobile employees and users alike means a greater focus on controlling access to applications based on context. Which means operating on requests and being able to extract a variety of information from it that will provide richer access policies able to cross the chasm from users to things (devices).

And of course there’s scale. Scale today is not about load balancing algorithms, it’s about architecture. Application and operational architecture alike. The use of DevOps-driven deployment patterns like canary and blue-green deployments as well as sharding and partitioning architectures are critical to achieving not just the seamless scale required today but the efficacy of those architectures. L7 LB is key to these endeavors, enabling fine-grained control over the routing of requests and handling of responses between apps (micro or monolith) and users (thing and human). 

And that’s really what the aforementioned (did I mention it was awesome, already?) is talking about: L7 LB. Whether it’s hardware or software, in the cloud or on-premises, isn’t really all that important. That’s an operational detail that is (or should be) irrelevant when we’re talking about architecting a scalable application composed of “services and instances.”

I cannot reiterate often enough the importance of L7 LB as part of modern application architectures. And it’s exciting to see the dev and ops side of the world starting to shout the same thing as they encounter the operational challenges of scale and routing amidst a highly interconnected and interdependent set of services that are the foundation for apps (and business) today.

Read the original blog entry...

More Stories By Lori MacVittie

Lori MacVittie is responsible for education and evangelism of application services available across F5’s entire product suite. Her role includes authorship of technical materials and participation in a number of community-based forums and industry standards organizations, among other efforts. MacVittie has extensive programming experience as an application architect, as well as network and systems development and administration expertise. Prior to joining F5, MacVittie was an award-winning Senior Technology Editor at Network Computing Magazine, where she conducted product research and evaluation focused on integration with application and network architectures, and authored articles on a variety of topics aimed at IT professionals. Her most recent area of focus included SOA-related products and architectures. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University.

Latest Stories
Leading companies, from the Global Fortune 500 to the smallest companies, are adopting hybrid cloud as the path to business advantage. Hybrid cloud depends on cloud services and on-premises infrastructure working in unison. Successful implementations require new levels of data mobility, enabled by an automated and seamless flow across on-premises and cloud resources. In his general session at 21st Cloud Expo, Greg Tevis, an IBM Storage Software Technical Strategist and Customer Solution Architec...
Amazon started as an online bookseller 20 years ago. Since then, it has evolved into a technology juggernaut that has disrupted multiple markets and industries and touches many aspects of our lives. It is a relentless technology and business model innovator driving disruption throughout numerous ecosystems. Amazon’s AWS revenues alone are approaching $16B a year making it one of the largest IT companies in the world. With dominant offerings in Cloud, IoT, eCommerce, Big Data, AI, Digital Assista...
In his session at Cloud Expo, Alan Winters, U.S. Head of Business Development at MobiDev, presented a success story of an entrepreneur who has both suffered through and benefited from offshore development across multiple businesses: The smart choice, or how to select the right offshore development partner Warning signs, or how to minimize chances of making the wrong choice Collaboration, or how to establish the most effective work processes Budget control, or how to maximize project result...
The Founder of NostaLab and a member of the Google Health Advisory Board, John is a unique combination of strategic thinker, marketer and entrepreneur. His career was built on the "science of advertising" combining strategy, creativity and marketing for industry-leading results. Combined with his ability to communicate complicated scientific concepts in a way that consumers and scientists alike can appreciate, John is a sought-after speaker for conferences on the forefront of healthcare science,...
"We work around really protecting the confidentiality of information, and by doing so we've developed implementations of encryption through a patented process that is known as superencipherment," explained Richard Blech, CEO of Secure Channels Inc., in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
In his keynote at 19th Cloud Expo, Sheng Liang, co-founder and CEO of Rancher Labs, discussed the technological advances and new business opportunities created by the rapid adoption of containers. With the success of Amazon Web Services (AWS) and various open source technologies used to build private clouds, cloud computing has become an essential component of IT strategy. However, users continue to face challenges in implementing clouds, as older technologies evolve and newer ones like Docker c...
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, discussed the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
In IT, we sometimes coin terms for things before we know exactly what they are and how they’ll be used. The resulting terms may capture a common set of aspirations and goals – as “cloud” did broadly for on-demand, self-service, and flexible computing. But such a term can also lump together diverse and even competing practices, technologies, and priorities to the point where important distinctions are glossed over and lost.
When shopping for a new data processing platform for IoT solutions, many development teams want to be able to test-drive options before making a choice. Yet when evaluating an IoT solution, it’s simply not feasible to do so at scale with physical devices. Building a sensor simulator is the next best choice; however, generating a realistic simulation at very high TPS with ease of configurability is a formidable challenge. When dealing with multiple application or transport protocols, you would be...
As organizations shift towards IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. Commvault can ensure protection, access and E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his general session at 18th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Part...
Personalization has long been the holy grail of marketing. Simply stated, communicate the most relevant offer to the right person and you will increase sales. To achieve this, you must understand the individual. Consequently, digital marketers developed many ways to gather and leverage customer information to deliver targeted experiences. In his session at @ThingsExpo, Lou Casal, Founder and Principal Consultant at Practicala, discussed how the Internet of Things (IoT) has accelerated our abilit...
Detecting internal user threats in the Big Data eco-system is challenging and cumbersome. Many organizations monitor internal usage of the Big Data eco-system using a set of alerts. This is not a scalable process given the increase in the number of alerts with the accelerating growth in data volume and user base. Organizations are increasingly leveraging machine learning to monitor only those data elements that are sensitive and critical, autonomously establish monitoring policies, and to detect...
Two weeks ago (November 3-5), I attended the Cloud Expo Silicon Valley as a speaker, where I presented on the security and privacy due diligence requirements for cloud solutions. Cloud security is a topical issue for every CIO, CISO, and technology buyer. Decision-makers are always looking for insights on how to mitigate the security risks of implementing and using cloud solutions. Based on the presentation topics covered at the conference, as well as the general discussions heard between sessio...
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
In his session at 20th Cloud Expo, Scott Davis, CTO of Embotics, discussed how automation can provide the dynamic management required to cost-effectively deliver microservices and container solutions at scale. He also discussed how flexible automation is the key to effectively bridging and seamlessly coordinating both IT and developer needs for component orchestration across disparate clouds – an increasingly important requirement at today’s multi-cloud enterprise.