SYS-CON MEDIA Authors: Elizabeth White, Yeshim Deniz, Roger Strukhoff, Jason Bloomberg, Pat Romanski

Blog Feed Post

v.10 - iSessions in the Cloud (or a remote data center, you choose)

Well, I’ve covered the basics of iSessions – a secure, optimized tunnel between two BIG-IPs – so now it’s time to talk about usefulness, both today and going forward. Since iSessions are an infrastructure issue, the following works for redundant data centers also, assuming they have BIG-IPs in them, it’s just that cloud is the buzzword du-jour, and there’s actually a teentsy bit more benefit to using them for the cloud.

First off, I assume that your cloud vendor has BIG-IPs (that is a safe assumption as of today), but you’re living in the real world, check with them first, there are a few that haven’t yet realized that BIG-IP should be a key part of their adaptive infrastructure.

Many of you – probably most of you – are not out throwing your proprietary data at clouds any more than most of you threw your proprietary data at SaaS. There are security, control, and ownership issues that (real or not) limit the level of real-world interaction with the cloud. But not all of your systems work with proprietary data, and if your applications are modularized (they are if you have web services interfaces to them), then you can move just the code that doesn’t have data critical to the success of your organization out to the cloud, or as some large organizations are doing, build your own internal cloud services.

 

iSessions.Cloud

Having said that, you then have to worry about performance and security. It’s one thing to move an entire application out to a service provider, another to have your application in your data center need to go to a cloud provider to service its requests. And since it’s over the public Internet, the data going to the cloud provider should be encrypted in some manner. You’d be surprised what information can be surmised about your organization just by watching non-critical unencrypted traffic, and in some industries you’d be surprised who’s looking (insurance, for example, has long had competitive intelligence teams that are very Internet savvy).

That’s where iSessions come in. A secure, optimized pipe between two BIG-IPs means that you can move code unchanged out to a cloud provider or another data center – you’ll have a local IP for the service, and that will automatically be forwarded to the remote BIG-IP for routing. Forwarded in an encrypted and optimized tunnel. Of course real-world modularized applications often aren’t that easy to pare out of a core system (ever notice how database lookups sneak their way into the most generic of code in a complex system?), but the direction the data center is headed these days says that you’d better be modular – and truly modular – relatively soon anyway, so I’ll leave the vagaries of your implementation in your capable hands. One suggestion is to make a database proxy in your datacenter and use iSessions to route DB requests through it. You might be able to just use database connections – lots of people are starting to use BIG-IP to load balance databases – but I’ve not tried a database protocol through iSessions yet, and they’re new enough that I don’t know anyone who’s tried. But back to the point, you forward requests and get responses like you’re talking to a local server, and you can put as much power as you need behind the BIG-IP  on the other end. A simple application that just does a couple of quick things and sees medium utilization? A single server is behind that remote BIG-IP. A horrifically complex system that uses seconds of actual computation time to come up with a response? Put a pool of servers at the other end and load balance them (preferably with one of the advanced “Application Delivery Network” algorithms that considers server load in making load balancing decisions).

 

iSessions.DCs

Then it’s in the cloud, but it’s not like it’s in the cloud. You’re splitting off reasonable and not-too-worrisome parts of your application infrastructure and offloading them to a more dynamic environment, while the code that doesn’t move doesn’t change. Could you do this other ways? Yes. Would it be this easy? Nope. And in the end that’s what adaptive infrastructure should do for you – increase your options without requiring you to re-architect your applications. No doubt they’ll require some tweaks, but full-blown re-architecting is out for most of us in good years, and this isn’t a good year, so tweaks are our answer to your dilemma.

It’s fast, it’s secure, it’s not a massive change to your apps, what’s not to like?

I have some intriguing inter-datacenter replication ideas with iSessions too, but they’ll have to wait until I can test them, and a series of issues – including a new home NAS – have kept me from upgrading my BIG-IP to v.10. Once I get that done, Jason Rahm and I will set up some iSessions tunnels on our BIG-IPs and I’ll start talking more to you about the pie-in-the-sky stuff I’ve been blue-skying.

And yeah, few ideas come out of nowhere these days, so credit where it’s due, Lori and I’ve been talking cloud forever (she has much more tolerance for the hype cycle than I, if XML didn’t show you that, I want usable, not hype), and Erik, one of our VPs sent out some literature that actually spurred me to write this post.

Until next time,

Don.

Read the original blog entry...

More Stories By Don MacVittie

Don MacVittie is founder of Ingrained Technology, A technical advocacy and software development consultancy. He has experience in application development, architecture, infrastructure, technical writing,DevOps, and IT management. MacVittie holds a B.S. in Computer Science from Northern Michigan University, and an M.S. in Computer Science from Nova Southeastern University.

Latest Stories
The Japan External Trade Organization (JETRO) is a non-profit organization that provides business support services to companies expanding to Japan. With the support of JETRO's dedicated staff, clients can incorporate their business; receive visa, immigration, and HR support; find dedicated office space; identify local government subsidies; get tailored market studies; and more.
Tapping into blockchain revolution early enough translates into a substantial business competitiveness advantage. Codete comprehensively develops custom, blockchain-based business solutions, founded on the most advanced cryptographic innovations, and striking a balance point between complexity of the technologies used in quickly-changing stack building, business impact, and cost-effectiveness. Codete researches and provides business consultancy in the field of single most thrilling innovative te...
CloudEXPO has been the M&A capital for Cloud companies for more than a decade with memorable acquisition news stories which came out of CloudEXPO expo floor. DevOpsSUMMIT New York faculty member Greg Bledsoe shared his views on IBM's Red Hat acquisition live from NASDAQ floor. Acquisition news was announced during CloudEXPO New York which took place November 12-13, 2019 in New York City.
With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @ThingsExpo, Nevi Kaja, a Research Engineer at Ford Motor Company, discussed some of the security challenges of the IoT infrastructure and related how these aspects impact Smart Living. The material was delivered interac...
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
In his session at 23rd International CloudEXPO, Raju Shreewastava, founder of Big Data Trunk, will provide a fun and simple way to introduce Machine Leaning to anyone and everyone. Together we will solve a machine learning problem and find an easy way to be able to do machine learning without even coding. Raju Shreewastava is the founder of Big Data Trunk (www.BigDataTrunk.com), a Big Data Training and consulting firm with offices in the United States. He previously led the data warehouse/busine...
CloudEXPO has been the M&A capital for Cloud companies for more than a decade with memorable acquisition news stories which came out of CloudEXPO expo floor. DevOpsSUMMIT New York faculty member Greg Bledsoe shared his views on IBM's Red Hat acquisition live from NASDAQ floor. Acquisition news was announced during CloudEXPO New York which took place November 12-13, 2019 in New York City. Our Silicon Valley 2019 schedule will showcase 200 keynotes, sessions, general sessions, power panels, and...
ShieldX's CEO and Founder, Ratinder Ahuja, believes that traditional security solutions are not designed to be effective in the cloud. The role of Data Loss Prevention must evolve in order to combat the challenges of changing infrastructure associated with modernized cloud environments. Ratinder will call out the notion that security processes and controls must be equally dynamic and able to adapt for the cloud. Utilizing four key factors of automation, enterprises can remediate issues and impro...
Intel is an American multinational corporation and technology company headquartered in Santa Clara, California, in the Silicon Valley. It is the world's second largest and second highest valued semiconductor chip maker based on revenue after being overtaken by Samsung, and is the inventor of the x86 series of microprocessors, the processors found in most personal computers (PCs). Intel supplies processors for computer system manufacturers such as Apple, Lenovo, HP, and Dell. Intel also manufactu...
When you're operating multiple services in production, building out forensics tools such as monitoring and observability becomes essential. Unfortunately, it is a real challenge balancing priorities between building new features and tools to help pinpoint root causes. Linkerd provides many of the tools you need to tame the chaos of operating microservices in a cloud native world. Because Linkerd is a transparent proxy that runs alongside your application, there are no code changes required. I...
BMC has unmatched experience in IT management, supporting 92 of the Forbes Global 100, and earning recognition as an ITSM Gartner Magic Quadrant Leader for five years running. Our solutions offer speed, agility, and efficiency to tackle business challenges in the areas of service management, automation, operations, and the mainframe.
The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete at launch. DevOps may be disruptive, but it is essential. DevOpsSUMMIT at CloudEXPO expands the DevOps community, enable a wide sharing of knowledge, and educate delegates and technology providers alike.
Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understa...
Cloud-Native thinking and Serverless Computing are now the norm in financial services, manufacturing, telco, healthcare, transportation, energy, media, entertainment, retail and other consumer industries, as well as the public sector. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that pro...
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embr...