INTENT-BASED NETWORK LOAD BALANCER AND ANSIBLE Andrius Benokraitis, Product Management, Red Hat Jeevan Sharma, Solution Architecture, A10 Fadi Hafez, Systems Engineering, A10 Michael Durrant, Software Engineering, A10 Cynthia Hsieh, Strategic Cloud Alliance, A10 Reliable Security Always™ 1
Webinar Agenda • Ansible for Network Automation and Security (Red Hat) • A10 Introduction • A10 Intelligent Automation Solutions and Integration • Real-World Ansible Use Cases for Telecom Operators Telco and Global Enterprise • Demo • Q&A 2
3
4
5
Protecting the Biggest Brands 200 6200 900 80 PATENTS CUSTOMERS EMPLOYEES COUNTRIES + + + + ACOS PLATFORM VIRTUAL & PHYSICAL SSL VISIBILITY, DDoS & MULTI CLOUD & INTELLIGENT AUTOMATION & APPLICATION DELIVERY ADC, CGN FIREWALLS SERVICES CONNECTED INTELLIGENCE 6
Intelligent Automation Solutions MACHINE LEARNING aGALAXY A10 HARMONY CONTROLLER DATA ANALYTICS DDoS Mgmt. Central Management & Analytics THREAT INTELLIGENCE DDoS SSL CONVERGED LOAD IPv4 PROTECTION INSPECTION FIREWALL BALANCING PRESERVATION (TPS) (SSLi) (CFW) (ADC) (CGN) SECURITY APPLICATION DELIVERY 7
Seamless Integration in DevOps & SecOps REST API A10 HARMONY CONTROLLER Open API Enabled Security & App Networking Functions 8
Multi-Cloud Deployments & A z u r e s t a c k C L O U D D A T A C E N T E R CONTAINER APPLIANCE VIRTUAL BARE METAL 9
Automation Matters 0% 90% 100% Human Error Faster DDoS Attack Visibility To Target Detection Time Data Breaches 10
Ansible Use Case for IT Software Automation • Deploy Software Automation • Orchestration Configure Systems • Users Automate IT tasks • Continuous deployments • Service provisioning A10 Module Ansible • Playbook Network provisioning 11
Ansible Use Case for ADC • Network Automation & Provisioning Internet • Reduce manual work • Reduce human input errors Private Cloud / DC • Previously used CLI scripts, but not scalable A10 ADC • Requirements vThunder Thunder • Open APIs • Ansible playbooks & modules • SLB (server, service group, virtual server, health monitor) • Manage config state and change management 12
Ansible Use Case from a Communications & Media Customer Must-Haves • Must be able to configure hardware appliances (A10 Thunder ADC) and virtual instances (vThunder ADC ) • Must support ACOS 2.x and ACOS 4.x • Must be repeatable and idempotent • Must be able to ADD, CHANGE and REMOVE ACOS elements • Must support IPv4 and IPv6 • Must support ACOS Partitions 13
Ansible Use Case from a Communications & Media Customer Must-Haves Continued ADC Load Balancing • Server, Service-Group, VIP Management Network • Health Monitors • SNMP • Interfaces • Templates: TCP , HTTP , UDP • TACACS • Routings etc • SSL Certificate Upload/ • Syslog • NAT Pools Download • aFleX Script Upload/Download 14
Ansible Use Case from Global Manufacturing Giant Customer Must-Haves • Must be able to configure hardware appliances (A10 Thunder ADC) and virtual instances (vThunder ADC ) ADC Load Balancing • Must support ACOS 2.x and ACOS 4.x • Server, Service-Group, VIP • Must be repeatable and idempotent • Health Monitors • Templates: TCP , HTTP , UDP • Must be able to ADD, CHANGE and REMOVE SLB elements Management etc. • SNMP • Must be able to enable / disable SLB objects • SSL Certificate Upload/ • TACACS Download • Perform system maintenance jobs (upgrades/downgrades) • aFleX Script • Syslog • Upload / Download SSL certificates and keys Upload/Download • Upload / Download files (aFlex Rules, Templates etc.) 15
Demo on ADC Functions • Basic TCP LB graph with health monitors – most common architecture • Configuration of network interfaces and routing • Configuration of management/SNMP/TACACS function • L7 Filtering / SSL Termination 16
A10 DDoS with Ansible #ansiblefest 17
Q&A https://github.com/a10networks/a10-ansible https://www.ansible.com/integrations/networks/a10 For more info, email ansible@a10networks.com 18
Recommend
More recommend