SYS-CON MEDIA Authors: Liz McMillan, Carmen Gonzalez, Zakia Bouachraoui, Roger Strukhoff, David Linthicum

Blog Feed Post

v.10 - iSessions in the Cloud (or a remote data center, you choose)

Well, I’ve covered the basics of iSessions – a secure, optimized tunnel between two BIG-IPs – so now it’s time to talk about usefulness, both today and going forward. Since iSessions are an infrastructure issue, the following works for redundant data centers also, assuming they have BIG-IPs in them, it’s just that cloud is the buzzword du-jour, and there’s actually a teentsy bit more benefit to using them for the cloud.

First off, I assume that your cloud vendor has BIG-IPs (that is a safe assumption as of today), but you’re living in the real world, check with them first, there are a few that haven’t yet realized that BIG-IP should be a key part of their adaptive infrastructure.

Many of you – probably most of you – are not out throwing your proprietary data at clouds any more than most of you threw your proprietary data at SaaS. There are security, control, and ownership issues that (real or not) limit the level of real-world interaction with the cloud. But not all of your systems work with proprietary data, and if your applications are modularized (they are if you have web services interfaces to them), then you can move just the code that doesn’t have data critical to the success of your organization out to the cloud, or as some large organizations are doing, build your own internal cloud services.

 

iSessions.Cloud

Having said that, you then have to worry about performance and security. It’s one thing to move an entire application out to a service provider, another to have your application in your data center need to go to a cloud provider to service its requests. And since it’s over the public Internet, the data going to the cloud provider should be encrypted in some manner. You’d be surprised what information can be surmised about your organization just by watching non-critical unencrypted traffic, and in some industries you’d be surprised who’s looking (insurance, for example, has long had competitive intelligence teams that are very Internet savvy).

That’s where iSessions come in. A secure, optimized pipe between two BIG-IPs means that you can move code unchanged out to a cloud provider or another data center – you’ll have a local IP for the service, and that will automatically be forwarded to the remote BIG-IP for routing. Forwarded in an encrypted and optimized tunnel. Of course real-world modularized applications often aren’t that easy to pare out of a core system (ever notice how database lookups sneak their way into the most generic of code in a complex system?), but the direction the data center is headed these days says that you’d better be modular – and truly modular – relatively soon anyway, so I’ll leave the vagaries of your implementation in your capable hands. One suggestion is to make a database proxy in your datacenter and use iSessions to route DB requests through it. You might be able to just use database connections – lots of people are starting to use BIG-IP to load balance databases – but I’ve not tried a database protocol through iSessions yet, and they’re new enough that I don’t know anyone who’s tried. But back to the point, you forward requests and get responses like you’re talking to a local server, and you can put as much power as you need behind the BIG-IP  on the other end. A simple application that just does a couple of quick things and sees medium utilization? A single server is behind that remote BIG-IP. A horrifically complex system that uses seconds of actual computation time to come up with a response? Put a pool of servers at the other end and load balance them (preferably with one of the advanced “Application Delivery Network” algorithms that considers server load in making load balancing decisions).

 

iSessions.DCs

Then it’s in the cloud, but it’s not like it’s in the cloud. You’re splitting off reasonable and not-too-worrisome parts of your application infrastructure and offloading them to a more dynamic environment, while the code that doesn’t move doesn’t change. Could you do this other ways? Yes. Would it be this easy? Nope. And in the end that’s what adaptive infrastructure should do for you – increase your options without requiring you to re-architect your applications. No doubt they’ll require some tweaks, but full-blown re-architecting is out for most of us in good years, and this isn’t a good year, so tweaks are our answer to your dilemma.

It’s fast, it’s secure, it’s not a massive change to your apps, what’s not to like?

I have some intriguing inter-datacenter replication ideas with iSessions too, but they’ll have to wait until I can test them, and a series of issues – including a new home NAS – have kept me from upgrading my BIG-IP to v.10. Once I get that done, Jason Rahm and I will set up some iSessions tunnels on our BIG-IPs and I’ll start talking more to you about the pie-in-the-sky stuff I’ve been blue-skying.

And yeah, few ideas come out of nowhere these days, so credit where it’s due, Lori and I’ve been talking cloud forever (she has much more tolerance for the hype cycle than I, if XML didn’t show you that, I want usable, not hype), and Erik, one of our VPs sent out some literature that actually spurred me to write this post.

Until next time,

Don.

Read the original blog entry...

More Stories By Don MacVittie

Don MacVittie is founder of Ingrained Technology, A technical advocacy and software development consultancy. He has experience in application development, architecture, infrastructure, technical writing,DevOps, and IT management. MacVittie holds a B.S. in Computer Science from Northern Michigan University, and an M.S. in Computer Science from Nova Southeastern University.

Latest Stories
The platform combines the strengths of Singtel's extensive, intelligent network capabilities with Microsoft's cloud expertise to create a unique solution that sets new standards for IoT applications," said Mr Diomedes Kastanis, Head of IoT at Singtel. "Our solution provides speed, transparency and flexibility, paving the way for a more pervasive use of IoT to accelerate enterprises' digitalisation efforts. AI-powered intelligent connectivity over Microsoft Azure will be the fastest connected pat...
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
ScaleMP is presenting at CloudEXPO 2019, held June 24-26 in Santa Clara, and we’d love to see you there. At the conference, we’ll demonstrate how ScaleMP is solving one of the most vexing challenges for cloud — memory cost and limit of scale — and how our innovative vSMP MemoryONE solution provides affordable larger server memory for the private and public cloud. Please visit us at Booth No. 519 to connect with our experts and learn more about vSMP MemoryONE and how it is already serving some of...
Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understa...
Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the mod...
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embr...
Platform9, the leader in SaaS-managed hybrid cloud, has announced it will present five sessions at four upcoming industry conferences in June: BCS in London, DevOpsCon in Berlin, HPE Discover and Cloud Computing Expo 2019.
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
When you're operating multiple services in production, building out forensics tools such as monitoring and observability becomes essential. Unfortunately, it is a real challenge balancing priorities between building new features and tools to help pinpoint root causes. Linkerd provides many of the tools you need to tame the chaos of operating microservices in a cloud native world. Because Linkerd is a transparent proxy that runs alongside your application, there are no code changes required. I...
In his general session at 21st Cloud Expo, Greg Dumas, Calligo’s Vice President and G.M. of US operations, discussed the new Global Data Protection Regulation and how Calligo can help business stay compliant in digitally globalized world. Greg Dumas is Calligo's Vice President and G.M. of US operations. Calligo is an established service provider that provides an innovative platform for trusted cloud solutions. Calligo’s customers are typically most concerned about GDPR compliance, application p...
Modern software design has fundamentally changed how we manage applications, causing many to turn to containers as the new virtual machine for resource management. As container adoption grows beyond stateless applications to stateful workloads, the need for persistent storage is foundational - something customers routinely cite as a top pain point. In his session at @DevOpsSummit at 21st Cloud Expo, Bill Borsari, Head of Systems Engineering at Datera, explored how organizations can reap the bene...
"NetApp's vision is how we help organizations manage data - delivering the right data in the right place, in the right time, to the people who need it, and doing it agnostic to what the platform is," explained Josh Atwell, Developer Advocate for NetApp, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Druva is the global leader in Cloud Data Protection and Management, delivering the industry's first data management-as-a-service solution that aggregates data from endpoints, servers and cloud applications and leverages the public cloud to offer a single pane of glass to enable data protection, governance and intelligence-dramatically increasing the availability and visibility of business critical information, while reducing the risk, cost and complexity of managing and protecting it. Druva's...
Kubernetes as a Container Platform is becoming a de facto for every enterprise. In my interactions with enterprises adopting container platform, I come across common questions: - How does application security work on this platform? What all do I need to secure? - How do I implement security in pipelines? - What about vulnerabilities discovered at a later point in time? - What are newer technologies like Istio Service Mesh bring to table?In this session, I will be addressing these commonly asked ...
BMC has unmatched experience in IT management, supporting 92 of the Forbes Global 100, and earning recognition as an ITSM Gartner Magic Quadrant Leader for five years running. Our solutions offer speed, agility, and efficiency to tackle business challenges in the areas of service management, automation, operations, and the mainframe.