Post on 28-Jul-2015
Implementing ITIL v3Practices with A10 Networks Solutions
“Documented Common Sense”
September 3rd, 2009
Chris Johnson, PresidentOpen Access Systems Corporation
chrisj@oasyscorp.com
AX Series Advanced Traffic ManagerApplication Delivery
Steve Sacchi, Sr. Systems EngineerA10 Networks
ssacchi@a10networks.com
2
AX Series Performance Comparison Chart
ModelsApplication Throughput
AX 1000 2.4 Gb
AX 2000 4 Gb
AX 2100 6 Gb
AX 2200 7.4 Gb
AX 3100 8 Gb
AX 3200 8.7 Gb
AX 5200 40 Gb
5
A10 AX Architecture Overview(win) Service Strategy: Demand Management
•SSL Acceleration Module – SSL Processing
•Application Memory – Session Tables, Buffer Memory, Application Data
•L4-7 CPUs – L4-7 Processing, Security, NAT
•Control Kernel – CLI, GUI, Management Tasks and Health Checking
•Flexible Traffic ASIC (FTA) –Distributes Traffic Across L4-7 CPUs, Efficient Network I/O, DDoS
•Switching & Routing ASIC –L2 & L3 Processing and Security •High Speed Switching Fabric
•Interconnect SR ASIC, FTA, L4-7 CPU
6
Up to 7 Processors handle traffic simultaneously
AX’s True Parallel Processing• ACOS Architecture designed for
multiple CPUs
• Advanced Super Computing Technologies bring true parallel processing capability
• No interference among processors
• No data copy among processors
Processor 5
Processor 6
L4/7Traffic
L4/7Traffic
Processor 7
Processor 8
Processor 1
Processor 2
Processor 3
Processor 4
•Control Protocol/ Management
7
AX Series Performance Comparison Chart
ModelsApplication Throughput
AX 1000 2.4 Gb
AX 2000 4 Gb
AX 2100 6 Gb
AX 2200 7.4 Gb
AX 3100 8 Gb
AX 3200 8.7 Gb
AX 5200 40 Gb
8
Scalability, High Availability, Optimization(WINs) Service Design: Service Level Management, IT SecurityService Transition: Service & Eval Testing
• Application Load Balancing (SL& Avail)
– Round Robin– Least Connections– Fastest Response– Weighted– Priority
• Monitor Server Health (Ser & Eval)
– TCP Level Health Checks– Application Layer Health Checks– HTTP and HTTPS (IT Security)– Scriptable Health Checks
• Session Persistence (SL)– Source IP– Cookie-based– URL
• AX Redundancy (Avail)– Active-Active– Active-StandbyLoad Balanced Servers
9
Scalability, High Availability, Optimization(WINs) Service Design: IT Security, Service Level Management, Capacity Management, Availability Management
Load Balanced Servers
Recover Server Cycles and Speeds up Servers Responses
• TCP (S L & Cap)– Connection reuse– Dynamic window sizing– TCP multiplexing
• Compression (SL)– HTTP hardware
• Caching (SL& Cap)– Static HTTP RAM cache– Dynamic HTTP RAM
cache– Future Disk Caching
• SSL (IT Security &Cap)– Acceleration and
Management
• Hardware based DDOS (IT Security & Avail)
10
Connection lim
it = 150
Limit Period = 100ms
}
Connection Rate Limiting(Win) Service Design: IT Security, SLM, Capacity
By adding Source-IP based connection rate limiting this protects the system from excessive connection requests from individual clients.
11
High Availability – GSLB (DNS Intelligence)(WIN) Service Design: IT Continuity, Service Level Management, Capacity Management, Availability Management
• DNS Proxy (IT Continuity)• This method is the most commonly used
global server load balancing as it does not disrupt customers’ existing name resolution
• Disaster recovery (Availability)• Provide extra level of High availability to
important applications
• RTT (SL)• Send client connections to the fastest
responding datacenter
• Geo-location (SL)• Send client connection to the “closest”
datacenter
• Session capacity (SL)• Send client connection to the datacenter
with the most available capacity
• Weighted values (SL)• Send client connections to the
datacenter with the highest combined score
• Most active servers (SL)• Send client connections to the
datacenter with the most available active servers
Disaster Recovery
Site1
Site2
12
aFleX - ADVANCED SCRIPTING
• Inspect all application traffic types beyond traditional Layer 4-7
• Looks into application traffic flow to identify decision criteria
• Switch, drop, or redirect based on aFleX policies
• aFleX’s development environment simplifies policy creation and maintenance
1313
aFleX : (Win) Service Design: SLM & Service Operation: Application Management Function
Reallocate requests by content type to optimize data center resources:
Transparent to the user, splits requests for static images (jpgs and gifs) to a separate caching server tier.
when HTTP_REQUEST { if { [HTTP::uri] ends_with "jpg" } { pool cache
} elseif { [HTTP::uri] ends_with "gif" } { pool cache
} else { pool web }}
.jpg
.gif.js
.cgi.html
1414
aFleX : Auto Displays Made Easy
Automatically displays a Web page based on the user’s language, using the language set in the user’s browser.
when HTTP_REQUEST {
if { [HTTP::header accept-language] contains “es” } { pool Spanish } elseif { [HTTP::header accept-language] contains “ja” } { pool Japanese } elseif { [HTTP::header accept-language] contains “zh” } { pool Chinese
} else {
pool English }}
English
SpanishJapaneseChinese
15
15
aFleX : Easy To Re-direct URLs
Provides a simple way to provide redirect: In this example users are redirected from www.A10networks.com towww.A10networks/oss/signup.php
when HTTP_REQUEST { if { [HTTP::uri] equals "/A10" } { HTTP::redirect http://[HTTP::host]/oss/signup.php } }
//www.A10networks.com
•www.A10networks.com•www.A10netwoks.com/oss/signuo.php
//www.A10networks.com/oss/signup.php
16
Ease of use & Ease of migration
• Industry standard CLI
• Graphical User Interface (GUI)
• aFleX - TCL-based scripting– IP::client_addr,
IP::protocol, TCP::server_port, TCP::payload, HTTP::uri, HTTP::header, HTTP::cookie, pool, drop, log
17
Ease of use & Ease of migration(WIN) Service Design, Transition & Op
• Industry standard CLI
• Graphical User Interface (GUI)
• aFleX - TCL-based scripting– IP::client_addr,
IP::protocol, TCP::server_port, TCP::payload, HTTP::uri, HTTP::header, HTTP::cookie, pool, drop, log
20
Management Virtualization (Role Based Administration) (Win) Service Design: Capacity Management
• Enables VA configuration create/modify/delete
• Dedicated CPU, memory, disk to each VA
• Virtualized hardware acceleration (SSL)
• RBA allows administrators to configure and view SLB statistics
21
Twice the Performance, Half the Price
• Performance & Scalability: Multi-core CPU platform– Greater connections & transactions per second at Layer 4, Layer 7
& SSL– Higher throughput– Faster content delivery– Flexible and customizable traffic management– High Availability and Security
• Answers Cost and Environmental Concerns– Hardware – Power– Cooling– Space
Solution
10 Quick ITIL Wins using A10 Networks• 1.) Service Strategy: Demand Management- Purpose Built Energy Efficient Multi-core Processor;
2x Performance For Half The Investment
• 2.) Service Design: IT Security-DDOS Protection, SSL Built In; Source-IP Based Connection Rate Limiting; Role Based Administration For Virtual Services
• 3.) Service Design: IT Continuity Management - CLI; GUI; Dash Board for KPI; LOG with full API
• 4.) Service Design: Service Level Management-aFleX Scripting Cut Development & Re-development; Establishes & maintains thresholds
• 5.) Service Design: Capacity Management -Add & Manage Virtual Services & Real Services easily without network or customer disruptions; SSL, caching, Global Geo LB to maximize under utilized servers,
• 6.) Service Design: Availability Management - HA Global Geo-LB; DNS; Health Check interdependent applications and services; Seamless Failover DR
• 7.) Service Transition: Service & Evaluation Testing -VS for new applications for “what if” scenarios
• 8.) Service Operations: Event Management -Detailed Logs of KPI reporting system-ie. HP OpenView or by API; metrics dash board
• 9.) Service Operations: Application Management Function -Easy Re-development Via aFleX Scripting; less SSL certificates to manage
• 10.) Continual Service Improvement through baseline and measurement of performance reporting, eliminating under utilized assets.