AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC
-
Upload
darrell-king -
Category
Technology
-
view
164 -
download
1
Transcript of AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC
![Page 1: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/1.jpg)
Chris Kawchuk ([email protected])Systems EngineerBrocade
Brocade vADC Cloudformation and TrafficScript
![Page 2: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/2.jpg)
Fill out the feedback form and go in a draw to win
a drone today.
Drone to be Won Today!
![Page 3: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/3.jpg)
3
Agenda• What is the Brocade vADC‒ Quick Intro ‒…as you likely already know what a Load Balancer is
• I already have AWS’s ELB– Why do I need a vADC? What’s so special about it?
• Walkthrough of the CFT‒ From Heavy Lifting to Automated CloudFormation Builds ‒ TrafficScript – the Swiss Army Knife of HTTP
• Summary‒ Sample Deployments in AWS
![Page 4: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/4.jpg)
Brocade vADC Introduction
![Page 5: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/5.jpg)
High-level view of Traffic Manager
?Web and
Application Servers
? ?
Brocade vADC provides
visibility and control
Brocade VirtualTraffic Manager
Optimize Infrastructure- to improve performance and increase capacityOptimize Content- to improve response time and brand valueDifferentiate and Prioritize- to optimize user experienceInspect and Secure- to block attackers and secure data
![Page 6: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/6.jpg)
Under the Hood
Web andApplication
Servers
Request Rules
SSL DecryptionService ProtectionTCP OffloadRate ShapingHTTP/2Application Firewall
Load BalancingSession PersistenceBandwidth ShapingSSL EncryptionHTTP MultiplexingConcurrency ControlApplication Auto-Scaling
Request
Response Monitors
Virtual Server Client
Connections
PoolServer
Connections
Response Rules
TCP OffloadHTTP CachingContent CompressionService Level MonitoringBandwidth ShapingTransaction LoggingHTTP/2Application Firewall
![Page 7: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/7.jpg)
7
Ok, that’s great……but I already have AWS ELB
© 2016 BROCADE COMMUNICATIONS SYSTEMS, INC. INTERNAL USE ONLY
![Page 8: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/8.jpg)
8
vADC is “ In Addition to…”ELB okay for most; vTM best for the rest…
As an abstracted service, Amazon ELB (Elastic Load Balancer) functions well as a basic web service load balancer. However, the demands of many modern global businesses require the greater sophistication that only an application delivery controller can offer.
Only recently has AWS released an upgraded ELB in the form of an Application Load Balancer (ALB) which operates at the Layer 7 Application Layer and allows you to define routing rules based on content across multiple services or containers running on one or more Amazon Elastic Compute Cloud (EC2) instances.
Brocade Virtual Traffic Manager (vTM) is designed to seamlessly integrate with any application deployed on Amazon Web Services to provide load balancing, user experience optimization, application scalability, and fine-grained application control.
Brocade vTM nicely complements (or replaces!) Amazon ELB/ALB for creating highly reliable global cloud deployments requiring advanced ADC features. © 2016 BROCADE COMMUNICATIONS SYSTEMS, INC.
![Page 9: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/9.jpg)
Would you like to try it?We have a nice CloudFormation Template you can try now!
![Page 10: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/10.jpg)
Brocade AWS Cloud Formation Template• A pre-canned Redunant vADC Deployment to try!‒ Dual vADCs in multiple AZs w/Clustering‒ vADC Management and Dual public EIPs allocated for Traffic‒ vADC Config Automation via Puppet Scripting/Automation‒ Autoscale Apache2 WebServers pre-built for you‒ Github integration for externally editable config
10© 2016 BROCADE COMMUNICATIONS SYSTEMS, INC. INTERNAL USE ONLY
![Page 11: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/11.jpg)
11
URL for the CFT and Instructions
• https://github.com/dkalintsev/Brocade/tree/master/vADC/CloudFormation/Templates/Variants-and-experimental/Configured-by-Puppet
© 2016 BROCADE COMMUNICATIONS SYSTEMS, INC. INTERNAL USE ONLY
![Page 12: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/12.jpg)
Brocade AWS Cloud Formation Template
12© 2016 BROCADE COMMUNICATIONS SYSTEMS, INC.
![Page 13: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/13.jpg)
Traffic ScriptThe “Swiss Army Knife” of HTTP(or when you need to get stuff done)
![Page 14: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/14.jpg)
Brocade vTM Traffic Management Tool: TrafficScript• An intuitive and powerful scripting language that lets you
manipulate your traffic as it passes through the Traffic Manager:‒ Request Rules ‒ Response Rules‒ Transaction Completion Rules
14© 2016 BROCADE COMMUNICATIONS SYSTEMS, INC. INTERNAL USE ONLY
![Page 15: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/15.jpg)
SIMPLE STATE MACHINE: TWO EVENTS, REQUEST AND RESPONSE
A Simple Model for Application Rules
Brocade VirtualTraffic ManagerClient Server Nodes
Write to server
Write to client
Retryrequest
1. Receives requestand runs Request Rules
2. Runs Response Rules then forwards on to the client
![Page 16: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/16.jpg)
A More Detailed Look…..
16
RequestResponse
SSL DecryptionService
ProtectionTCP Offload
Rate ShapingApplication
Firewall
Content Compression
HTTP CachingTCP Offload
Service Level MonitoringBandwidth
ShapingTransaction
LoggingApplication
Firewall
Pool(Server
Connections)Virtual Server
(Client Connections)
Load BalancingSession
PersistenceBandwidth
ShapingSSL Encryption
HTTP MultiplexingConcurrency
ControlApplication Auto-
ScalingHealth Monitors
Request Rules
Rule BuilderTrafficScript
Java
Response Rules
Rule BuilderTrafficScript
Java
Completion Rules
TrafficScript
Web / ApplicationServers
© 2016 BROCADE COMMUNICATIONS SYSTEMS, INC. INTERNAL USE ONLY
![Page 17: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/17.jpg)
TrafficScript Example #1• Update a copyright banner:
17
# Let's only grab the response if it is an HTML document:$responseType = http.getResponseHeader( "Content-Type" );if(string.contains($responseType, "text/html")){
# We grab the body the server sent: $oldBody = http.getResponseBody(); # We replace the old copyright string with the new one (note: case insensitive!) $newBody = string.replaceAllI($oldBody, "copyright 2013", "copyright 2016");
# Then we send the new HTML body to the user. http.setResponseBody($newBody);}
© 2016 BROCADE COMMUNICATIONS SYSTEMS, INC. INTERNAL USE ONLY
![Page 18: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/18.jpg)
TrafficScript Example #2• Treat Platinum Frequent Flyers like Royalty:
18
# Let's extract the Frequent Flyer number from the URL$FFNumber = http.getFormParam("FFID");
# Let's look them up in a special web form to see what level Frequent Flyer they are:$FFLookup = http.request.get("http://fflookup.airline.com/ffLookup.php?FFID=".$FFNumber);
# If they are Platinum Frequent Flyer, let's roll out the Red Carpet:if(string.containsI($FFLookup, "platinum")){
# We have a dedicated pool of servers for Platinum Frequent Flyers: pool.select("pool_Platinum_FF");
# And apply a pair of special Bandwidth Classes so we don’t slow them down # when the site is under load like everyone else: request.setBandwidthClass("BW_Platinum_FF_REQ"); response.setBandwidthClass("BW_Platinum_FF_RES");}
© 2016 BROCADE COMMUNICATIONS SYSTEMS, INC. INTERNAL USE ONLY
![Page 19: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/19.jpg)
TrafficScript Example #3• Serverless Architecture:
19
#Input Script
# Redirect All Requests to an S3 Buckethttp.setHeader("Host", "spa-11-14-test.s3-website-ap-southeast-2.amazonaws.com");pool.use("test-SPA-s3");
# Return Script – Rewrite the nasty S3 URL$body = http.getResponseBody();$newBody = string.regexsub($body, "spa-11-14-test.s3-website-ap-
southeast-2.amazonaws.com", "test.11-14.net", "g");http.setResponseBody($newBody);http.setHeader("Host", "test.11-14.net");
© 2016 BROCADE COMMUNICATIONS SYSTEMS, INC.
![Page 20: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/20.jpg)
TrafficScript Example #4• Offload APIs to “real servers” or other sites and rewrite:
20
$client = request.getRemoteIP();$url = http.getPath();
#If the user wants to go to our “/blog”if (string.startsWith($url, "/blog")) { $path = http.getRawURL(); $newpath = string.regexsub($path, "^/blog(.*)", "/$1"); $path = string.regexsub($newpath, "//", "/"); http.setRawPath($path); http.setHeader("Host", "telecomoccasionally.wordpress.com"); pool.use("blog");}
#Return Script$body = http.getResponseBody();$newBody = string.regexsub($body, "telecomoccasionally.wordpress.com",
"test.11-14.net/blog", "g");http.setResponseBody($newBody);http.setHeader("Host", "test.11-14.net");
© 2016 BROCADE COMMUNICATIONS SYSTEMS, INC.
![Page 21: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/21.jpg)
Brocade vADC Summary
![Page 22: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/22.jpg)
Perpetual Term orSubscription
ServiceProvider
Bulk Licensefor ADCaaS
Evaluation30-day limited
DeveloperThroughput limited
Brocade vADC Licensing Models
![Page 23: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/23.jpg)
Brocade vADC Content
Whitepapers – Application Delivery
• Application Delivery for Amazon AWS• Application Delivery for Microsoft Azure
Product Materials• Brocade vADC Data Sheets• Brocade vADC Licensing Guide• Brocade vADC Performance Reference• Brocade vADC Success Stories
• Deployment Guides for Microsoft, Oracle, SAP• Technical presentations• Brainshark product videos
www.brocade.com
Thought Leadership
• Video: A New Approach to Application Delivery
• Infographic: ADC-as-a-Service
Whitepapers – Application Security
• PCI-DSS compliance with Brocade vADC• Distributed Application Security• Application Security for Microsoft Azure• Security for DoD applications• Why Web Application Firewalls Matter
![Page 24: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/24.jpg)
24
• vTM can do everything ELB can plus tons more!• Supports more protocols, more checks, integrated vWAF• Scale out your ELB without blowing your budget• Solve unexpected application problems with TrafficScript
• CloudFormation Template makes this easy to try!
Brocade vADC can help to:
![Page 25: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/25.jpg)
Over to you Ross!
i = RND(0)*32;
Drone to be Won Now!
![Page 26: AWS CloudFormation Automation, TrafficScript, and Serverless architecture with Brocade's vADC](https://reader036.fdocuments.in/reader036/viewer/2022062523/58ecf4201a28ab6e178b465b/html5/thumbnails/26.jpg)
Thank you