Digital transform will change the way of code development, service delivery, daily working style and more. How do we adapt to this change? We need to adopt a batch of new technologies, culture changes and promote new best practices.
From a technology point of view, a shift from monolithic way of development to cloud native, microservice based, containerized and orchestrated applications will be the first step. This transform will bring benefits with challenges: How to gain the end to end observability of tens to hundreds of, constantly migrating distributed services running from containers? What about everyday emerging new tools, open source solutions? How to handle more serious security issues with this new architecture? and lots of more questions.
I just attended the 2020 F5/Nginx virtual Agility conference and found those are common questions and concerns from the industry, technology community. F5/Nginx solutions have some very nice products and solutions for those concerns and let me share my comments on those.
Culture Change and Solution Architecture
The transformation starts from company culture change. F5 promoted 7 principles driven all their product development cycle, Which I can not agree more: Application first, multi cloud compatible / platform independent, API first, integrated with AI and end to end analytics and visibility, build in security, reusability with modular design and the last one: open source at core.
Here is the architecture diagram taken from the conference which best describes above culture change:
First of all, the code can be run in any cloud: public cloud like AWS, GCE or private cloud, communication between different services is using declarative APIs, security is built into every level of application from application level using WAF (Web Access Firewall), infrastructure level using ingress controller, service mesh, DDoS service. Telemetry is provided for all the components and full data path with integration of open source based toolsets. You get a single pair of glass views of your services from end to end with one integrated control plan. AI is used to enhance the security algorithm and service routing. With this architecture, DevOps,SecOps,AppDev and NetOps teams can do their jobs more efficiently within the same environment. That is pretty cool!
NFV/Telco Cloud needs Same Transformation
People usually think traditional IT service such as 3-tire based web application architecture is the best candidate for above digital transformation. Just like the message I got from the conference: The same transformation is coming for communication service providers. NFV is adopting containized implementation, moving close to the edge for 5G application latency concern, and migrating together with the application which consumes its collected data. This is illustrated by following diagrams:
The same 7 principles are carried out in Telco cloud with more emphasis to move containerized NFV to edge and migrate VNFs together with the applications using the data streams coming from it. Latency insensitive applications can still be hosted in traditional data centers while public cloud can be used to host other classic applications.
Actually, this already happened in the service provider world from core to edge NFV cloud. Project likes Airship from AT&T adopted container based, orchestrated architecture to take advantage of the same benefits from microservice infrastructure: agility, easy to deploy new release in CI/CD pipeline, auto scaling of services and resilience.
What I am still looking for?
All those services, solutions and architectures look pretty impressive. Things, I found missing to better facilitate this transformation, include:
- Top to down telemetry integration: The above architecture provided end to end service application tracing, metrics, logs and so on. Most of those covers east to west traffic even with service mesh. API gateway North to South integration stops at infrastructure level. Customers still need to collect telemetry data from both the communication service provider and application provider to figure out the full North to South and vice versa picture. For example, using F5 tools, you found the packets are dropped in a queue and understood this was caused by underlying cloud infrastructure, there is no integration between those F5 toolsets with telco telemetry such as SDN opendaylight to dig out where the bottleneck is.
- Still too many tools to choose from and master. F5 integrated a lot of open source tools and Nginx tools into their products. But, customers still have to use different tools from different products to fit for the best interestings of different application scenarios. If you are now using an open source or other 3rd party tool to do your daily business and those are not integrated, tested and verified with the F5 solution, we can only wish you best luck. It is not easy to DIY this without a steep learning curve and huge investment due to lack of expertise on those topics.
Overall, I am pretty excited about the solutions provided by F5/Nginx to help customers to speed up their journey to modernize their services to microservice based architecture with confidence and manageability.
Knowledge, Experience and Learning 