Today, let’s take a look at Application Connector.
Application Connector connects public clouds to your application service
infrastructure within cloud interconnects or data centers. This enables the use
of public cloud resources as part of your compute infrastructure while also
performing workload discovery and deploying consistent app services across your
multi-cloud environments.
The idea behind Application Connector is to have your
applications in the cloud but have them considered local to BIG-IP so they don’t
have any internet access. BIG-IP gets traffic from the nodes via secure web
sockets connection. You can use Application Connector across multiple clouds
and you can keep the same virtual server address that you use now. If you’ve
been hesitant about moving your applications to the cloud due to worries about
security, this is a way to move to the cloud while still using your BIG-IP.
This diagram shows a basic Application Connector set up. You
can see it is made up of two components – the Service Center which runs on BIG-IP and the Proxy which
runs on a Docker container in the cloud with your application.
This is what a running version of the Proxy looks like. This
webpage is running on a Docker container which is running on a lightweight
Linux instance in this example on Amazon Web Services. In the top right, you
can see we got authentication set up with AWS. Under Proxy Stats, you can also see some details about aggregate traffic passing
through the Proxy to the application servers. And under Service Center Connections, you can see the BIG-IP that is
associated with the Proxy.
And below that under Published
Nodes, you can see the list of Published Nodes. Published means that BIG-IP
has these nodes available.
Let’s take a quick look at a few possibilities for adding
and removing nodes.
Let’s say that these nodes are used in BIG-IP as pool members,
so traffic is going to them. If I want to stop sending traffic to one of the
nodes, we can simply disable it temporarily and if we’re done with a node, we
can delete it completely. This is useful if you are on the Dev Team and you
have access to the Proxy but you don’t have access to the BIG-IP. Without
contacting IT, you can start and stop traffic to the application.
What happens if I delete a node? If we scroll down a bit
more, there are three options: we can auto-publish nodes to BIG-IP or we can
easily auto discover them. This means the Proxy will show you the nodes and you
can choose whether to publish to BIG-IP.
We went ahead and deleted one of the nodes and now that node
appears under the Auto Discovery selection.
And we can decide if we want to publish to BIG-IP.
You also have the option to manually add nodes so no matter
where your nodes live, in Azure, Google, AWS or your data center, you can add
them here and they’ll communicate with BIG-IP via secure web sockets
connection.
Now let’s turn to the BIG-IP. Here is the Service Center and
it’s in the iApps section under Application
Services>Applications LX. Here, we can see a visual representation of my
active Proxy and its related nodes.
If we click Proxies, we can see the Proxy here and if we
want to stop authorizing this Proxy we can. This will stop traffic going to
these nodes.
If others in the organization add Proxies, we can go in and
authorize them.
In addition, if we click API, we get a list of all the
programmatic ways we can interact with Application Connector.
Now, on the BIG-IP, if we go to Local Traffic>Pools>Pool List we can look at the pool associated
with this deployment. Let’s click Members.
We can see that the nodes we’ve been working with are available for us to add
to a Pool.
The licensing is included with the iSeries appliance and available as an add-on for other platforms. You can watch the Application Connector – Part 1: Overview video from our TechPubs team.
ps
No comments:
Post a Comment