Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently...
Transcript of Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently...
![Page 1: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/1.jpg)
![Page 2: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/2.jpg)
Sanjay Shitole, Principle Solutions Engineer
![Page 3: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/3.jpg)
•••• Ansible, Terraform, Puppet••
![Page 4: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/4.jpg)
•••
Customer Feedback
React to Opportunities
CICD Reap Early Benefits Fix Issues quickerAUTOMATE, AUTOMATE, AUTOMATE!
![Page 5: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/5.jpg)
My application needs SSL encryption and
availability
![Page 6: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/6.jpg)
•••
![Page 7: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/7.jpg)
![Page 8: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/8.jpg)
What we can do with Automation ?
![Page 9: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/9.jpg)
Provisioning Tool
Private Data Center
x1000 BIG-IP devices
Public Cloud
x100 BIG-IP VE
Onboard F5 BIG-IP in Private / Public Cloud
![Page 10: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/10.jpg)
SecurityPolicy
Admin Provisioning Tool
iApps
Manage & deploy security policies consistently across your infrastructure or for yourtenants
BIG-IP devices
Development environment
Test environment
Production environment
• Build BIG-IP LTM policies & deploy across multiple environments with consistency
• Deploy ASM/APM/AFM polices using iApps
• Forgetting, or missing, a device when patching or deploying secure config could expose your corporation to attackers both internal and external.
![Page 11: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/11.jpg)
BIG-IP
• Automate routing traffic & connection termination by managing LTM and BIG-IP DNS configurations
• Upgrade/Deploy new applications on the BIG-IP consistently & with low risk
Manage Blue-Green deployments during applications roll up for zero down time
Data Center 1 Data Center 2
![Page 12: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/12.jpg)
Cloud Migration• Provision & Automate BIG-IP infrastructure& configurations in
VMware, OpenStack, AWS, Azure• Using CFT, HEAT templates and so on
• An application can begin in VMware environment but expand to AWS & Azure.
Orchestrate & Automate in multiple private & public cloud environments
![Page 13: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/13.jpg)
F5 & Ansible
![Page 14: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/14.jpg)
Ansible hostBIG-IP Platform
other
Versions 12.X +3
REST/SOAP API calls
• Easy to install • Agentless• ‘Playbooks’ use YAML
![Page 15: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/15.jpg)
Ansible host
FACTS
BIG-IP Platform
other
Versions 12.X +Versions 2.2 + BIG-IP VE
Bigsuds, f5-sdk
1
2
3
REST/SOAP API calls
![Page 16: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/16.jpg)
![Page 17: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/17.jpg)
Name of Ansible module
Parameters
Name of Task
”{{ myVirtualServer_IPAddress }}”
![Page 18: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/18.jpg)
1. Grab template
2. Upload iAppto BIG-IP
3. Deploy Application
from GitHub/F5 Downloads
Input/Parameters provided as JSON
payload
- name: Get iApp from Githubget_url:
url: https://github.com/F5Networks/f5-application-services-integration-iApp/releases/download/v2.0.003/appsvcs_integration_v2.0.003.tmpl
dest: /var/tmpvalidate_certs: False
- name: Add iApp templatebigip_iapp_template:
server: “((inventory_hostname}}"user: “admin"password: “admin"content: "{{ lookup('file', '/var/tmp/appsvcs_integration_v2.0.003.tmpl') }}"state: "present"validate_certs: False
delegate_to: localhost
- name: Deploy iAppbigip_iapp_service:
name: “HTTPApp"template: “<<template_name>>"parameters: "{{ lookup('file',’<<payload.json file>>') }}"server:”((inventory_hostname}}”user: "admin"password: "admin"state: "present"
delegate_to: localhost
![Page 19: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/19.jpg)
SaaS & Multi-tenancy
Introduction•••
Use Case:•••
![Page 20: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/20.jpg)
Introduction••••
Use Case•••••
![Page 21: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/21.jpg)
Introduction•••
Use Case•••
![Page 22: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/22.jpg)
Introduction••••
Use Case•••••
![Page 23: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/23.jpg)
F5 & Terraform
![Page 24: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/24.jpg)
F5 Provider Plugin
Download F5 Provider Binary from Github
Download terraform
Terraform 0.8.1
AWS
Digital Ocean
VMware
Google Cloud
Terraform 0.8.1
AWS
Digital Ocean
F5
Google Cloud
VMwareDevOPs Workstation
Repository
1 2
![Page 25: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/25.jpg)
![Page 26: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/26.jpg)
![Page 27: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/27.jpg)
••
•••
•
![Page 28: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/28.jpg)
••
•
•
•
![Page 29: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/29.jpg)
••
•
•
• Use Terraform as part of infrastructure as code initiative• Deploy F5 in AWS & manage the configuration using Terraform • Deploy F5 configurations from repository using terraform.• Looking to leverage Terraform for auto scaling and automating
development environments
![Page 30: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/30.jpg)
F5 & Puppet
![Page 31: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/31.jpg)
F5 BIG-IP
• Has GEM resource files to communicate and configure BIG-IP
• Ruby SDK to make rest calls
Puppet Forge: https://forge.puppet.com/puppetlabs/f5© 2017 F5 Networks
![Page 32: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/32.jpg)
Configure iApp on BIG-IP device
Use FACTER_urlPuppet command to get Manifest (DSL format)
Modify Manifest parameters for other
BIG-IP devices
Deploy modified Manifest through
Puppet
![Page 33: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/33.jpg)
Introduction•••
Use Case•••
![Page 34: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/34.jpg)
![Page 35: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/35.jpg)
![Page 36: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/36.jpg)
Ansible informationwww.ansible.com/f5Ansible feature requests or issueshttps://github.com/F5Networks/f5-ansible/issuesPuppet Forgehttps://forge.puppet.com/puppetlabs/f5Terraform Providershttps://www.terraform.io/https://github.com/scshitole/terraform-provider-bigipF5 DevCentralhttps://devcentral.f5.com
![Page 37: Sanjay Shitole, Principle Solutions Engineer€¦ · Manage & deploy security policies consistently across your infrastructure or for your. tenants. BIG-IP devices. Development environment.](https://reader034.fdocuments.us/reader034/viewer/2022042221/5ec7ecc1cacf9a30cf146bb3/html5/thumbnails/37.jpg)
Give Feedback – Get Points!•Survey will pop up in Mobile App.•Answer the multiple choice.•Submit your question to complete.•Receive 5 points!
Follow us on Twitter and use the #F5Agility17 hashtag!