NI
Uploaded byNGINX, Inc.
PDF, PPTX317 views

Deep Dive: Automating the Application and Security Pipeline with NGINX and Ansible

The document discusses the automation of hybrid cloud application delivery using Red Hat's Ansible Automation Platform and NGINX, emphasizing the shift from monolithic architectures to microservices. It outlines the benefits of this modern approach, including improved agility, productivity, and reduced downtime, supported by statistics on return on investment and efficiency. Additionally, it highlights various components and use cases, such as deployment with Kubernetes and better management of application security.

Embed presentation

Download as PDF, PPTX
F5 / NGINX REDHAT & NGINX AUTOMATION DEEP-DIVE
| ©2019 F5 2 • Automation recap • Automating with Ansible • Automating Hybrid Cloud Application Delivery • Demo • Q&A CONFIDENTIAL Agenda
The Application Evolution 3 Monolithic Hybrid Microservices Application modernization >60% Core, legacy business apps ~30% Legacy with micro- services add-ons ~10% Modernapps optimized for digital Previously…
ModernApps Requirea Modern Architecture From Monolithic... ... to Dynamic Three-tier, J2EE-style architectures Complex protocols (HTML, SOAP) Persistent deployments Fixed, static Infrastructure Big-bang releases Silo’ed teams (Dev, Test, Ops) Microservices Lightweight (REST, JSON) Containers, VMs, Functions Infrastructure as Code Continuous delivery DevOps Culture Previously…
ModernApproach - The Value of Red Hat + F5 Previously…
| ©2019 F5 6 Automating with Ansible Ansible Automation Platform and NGINX Controller CONFIDENTIAL
Red Hat Ansible Automation Platform Combining the universal automation language with cloud services and certified content for automating, deploying, and operating applications, infrastructure and services securely at enterprise scale. Providingscalable, secure implementationfor describing, building,andmanagingthe deploymentofenterprise IT applications across diverse enterprise architectures. Ansible automation Cloud services that facilitateteam collaboration and provideoperational analytics for automating heterogeneous,hybridenvironments. Cloud services Extendsnative platformcapabilities with certified,supported content designedto expandthe automationdomainand accelerate adoption for enterprise customers. Certified content
Red Hat Ansible Tower Automation Hub Automation Services Catalog Fueled by an open source community Insights for Ansible Automation Platform Ansible command line Ansible Cloud Services On-premises Ansible content domains Infrastructure Cloud Network Security Linux Windows Content creators Operators Domain experts Users Red Hat Ansible Automation Platform
90+ Network Security Infrastructure Cloud certified platforms Red Hat Ansible Automation Platform
What makes up an Ansible playbook? Plugins Modules Plays Red Hat Ansible Automation Platform
11 nginx_core ├── MANIFEST.json ├── playbooks │ ├── deploy-nginx.yml │ └── ... ├── plugins ├── README.md └── roles ├── nginx │ ├── defaults │ ├── files │ │ └── … │ ├── tasks │ └── templates │ └── ... ├── nginx_app_protect └── nginx_config --- - name: Install NGINXPlus hosts: all tasks: - name: Install NGINX include_role: name: nginxinc.nginx vars: nginx_type: plus - name: Install NGINXApp Protect include_role: name: nginxinc.nginx_app_protect vars: nginx_app_protect_setup_license: false nginx_app_protect_remove_license: false nginx_app_protect_install_signatures: false deploy-nginx.yml Collections Red Hat Ansible Platform 90+ certified platforms
| ©2019 F5 12 Automating Hybrid-Cloud Application Delivery NGINX Controller, Ansible Automation Platform and Kubernetes CONFIDENTIAL
ModernApproach - The Value of Red Hat + F5 Previously…
EnterpriseAutomation NGINX Controller • Enterprisefeatures for NGINX Plus • Declarative API for pipeline integration • High level abstraction for ADC/APIM • Metrics collection and forwarding • WAF (NGINX App Protect) Management • RBAC for Security
Kubernetes Automation NGINX Ingress • NGINX Ingress Controller (KIC) • Fullymanaged through K8s API • Ansible configuration through Kubernetes.Core collection • Prometheus/Grafana/OpenTracing • WAF (NGINX App Protect) • RBAC through K8s CRDs
Components Source: https://kubernetes.io/docs/concepts/overview/components/ Kubernetes Controller
Control Loop “In robotics and automation, a control loop is a non- terminating loop that regulates the state of a system.” “In Kubernetes, controllers are control loops that watch the state of your cluster, then make or request changes where needed. Each controller tries to move the current cluster state closer to the desired state.” Source: https://kubernetes.io/docs/concepts/architecture/controller/ Kubernetes Controller
• HTTP layer 7 routing based on host header and paths • TLS termination (officially no re-encryption) • Advanced features need to be enabled via: • Annotations • ConfigMaps • Extensions via annotations are not validated • CRs are fully validated within K8s API • HTTP layer 7 routing based on all application data (Host, Path, Cookie, Header, Method, etc) • Support for HTTP2, GRPC, TCP, UDP • Application security (WAF support) • Layer 7 traffic policies (rate limit, ACL, etc.) • Traffic splitting, Blue/Green, Canary • Circuit breaker patterns Kubernetes Ingress Custom Resources Ingress Controller KubernetesIngress vs Custom Resources
• RBAC Enabled • Custom Resources for ingress: • Security policies • Service protection policies • Virtual server • Application routing • Ingress Link David NetOps Olivia DevOps Tony AppDev Alice SecOps NGINX Controller Secure Self Service with Custom Resources
Demo Setup • Automation with Ansible Tower • Ansible Collections • Nginxinc • Kubernetes.core • Data Plane Path • NGINX Plus → • NGINX KIC → • Containerized Application • Secured with RBAC • Tower, Controller, K8s • Secured with WAF • NGINX Plus, NGINX Ingress
| ©2019 F5 21 Demo’clock CONFIDENTIAL
Summary HOPEFULLY THE DEMO WENT WELL • Ansible Tower • Automation of traditional infrastructure and modern container platforms • Configuration Management • Ansible Collections • NGINX Ingress Controller provides a better Kubernetes Ingress by: • Not using Ingress ☺ • Deployable on K8s and OCP with a life-cycle operator • Custom Resources inherit RBAC • Brings all functionality into a well defined API Spec
Business value by the numbers Source: - IDC White Paper, sponsored by Red Hat. “Red Hat Ansible Automation Improves IT Agility and Time to Market. - The State of Modern App Delivery 2020 in the NGINX Open Source Community 498% 5-year return on investment with 5 months to payback 68% more productive IT infrastructure management teams 135% more applications developed per year 53% reduction in unplanned downtime
| ©2019 F5 24 Qs & As And links…. CONFIDENTIAL
Get Started! youtube.com/c/Nginxinc nginx.com/partners/red-hat/
Increase your Knowledge (ansible.com/get-started) Start your Automation Adoption Journey (ansible.com/contact-us) Evaluate your Savings (redhat.com/savetime) What’s next ? See how NGINX and Red Hat Work Together (nginx.com/partners/red-hat/)
| ©2019 F5 28 RedHat Tekton: https://tekton.dev/ CONFIDENTIAL Any Questions….

More Related Content

PDF
What's New with NGINX Application Security Solutions
byNGINX, Inc.
 
PDF
Application Security with NGINX | APAC
byNGINX, Inc.
 
PDF
Nim tames sprawl
byNGINX, Inc.
 
PPTX
Deployment Patterns for API gateways
byNGINX, Inc.
 
PDF
Monitoring NGINX Deployments with Sumo Logic
byNGINX, Inc.
 
PPTX
Controller and Coffee: Deliver APIs in Real Time with API Management
byNGINX, Inc.
 
PDF
Découvrez NGINX AppProtect
byNGINX, Inc.
 
PPTX
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
byKatherine Bagood
 
What's New with NGINX Application Security Solutions
byNGINX, Inc.
 
Application Security with NGINX | APAC
byNGINX, Inc.
 
Nim tames sprawl
byNGINX, Inc.
 
Deployment Patterns for API gateways
byNGINX, Inc.
 
Monitoring NGINX Deployments with Sumo Logic
byNGINX, Inc.
 
Controller and Coffee: Deliver APIs in Real Time with API Management
byNGINX, Inc.
 
Découvrez NGINX AppProtect
byNGINX, Inc.
 
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
byKatherine Bagood
 

What's hot

PPTX
Production-Grade Kubernetes With NGINX Ingress Controller
byNGINX, Inc.
 
PDF
Application Security with NGINX
byNGINX, Inc.
 
PPTX
Accélérez vos déploiements applicatifs avec NGINX Controller
byNGINX, Inc.
 
PDF
API Gateway Use Cases​ for Kubernetes​
byNGINX, Inc.
 
PDF
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
PDF
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero
byNGINX, Inc.
 
PPTX
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
PPTX
NGINX: Back to Basics – APCJ
byNGINX, Inc.
 
PPTX
Revolutionising IT Agility
byNGINX, Inc.
 
PDF
Secured APIM-as-a-Service
byNGINX, Inc.
 
PDF
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
byNGINX, Inc.
 
PDF
Fundamentals of microservices
byNGINX, Inc.
 
PPTX
NGINX Controller: Configuration, Management, and Troubleshooting at Scale
byNGINX, Inc.
 
PDF
Securing Your Apps & APIs in the Cloud
byOlivia LaMar
 
PDF
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
byNGINX, Inc.
 
PPTX
NGINX Unit at Scale: Use Cases and the Future of Unit
byNGINX, Inc.
 
PDF
Get the Most Out of Kubernetes with NGINX
byNGINX, Inc.
 
PPTX
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
byNGINX, Inc.
 
PDF
Driving Success In The Cloud With NGINX
byNGINX, Inc.
 
PDF
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
byNGINX, Inc.
 
Production-Grade Kubernetes With NGINX Ingress Controller
byNGINX, Inc.
 
Application Security with NGINX
byNGINX, Inc.
 
Accélérez vos déploiements applicatifs avec NGINX Controller
byNGINX, Inc.
 
API Gateway Use Cases​ for Kubernetes​
byNGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero
byNGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
NGINX: Back to Basics – APCJ
byNGINX, Inc.
 
Revolutionising IT Agility
byNGINX, Inc.
 
Secured APIM-as-a-Service
byNGINX, Inc.
 
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
byNGINX, Inc.
 
Fundamentals of microservices
byNGINX, Inc.
 
NGINX Controller: Configuration, Management, and Troubleshooting at Scale
byNGINX, Inc.
 
Securing Your Apps & APIs in the Cloud
byOlivia LaMar
 
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
byNGINX, Inc.
 
NGINX Unit at Scale: Use Cases and the Future of Unit
byNGINX, Inc.
 
Get the Most Out of Kubernetes with NGINX
byNGINX, Inc.
 
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
byNGINX, Inc.
 
Driving Success In The Cloud With NGINX
byNGINX, Inc.
 
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
byNGINX, Inc.
 

Similar to Deep Dive: Automating the Application and Security Pipeline with NGINX and Ansible

PDF
Automate NGINX with DevOps Tools
bySupachai Jaturaprom
 
PDF
NGINX DevSecOps Workshop
byNGINX, Inc.
 
PDF
Automate your NGINX Environment with the Ansible Collection for NGINX Controller
byNGINX, Inc.
 
PPTX
NGINX Kubernetes Ingress Controller: Getting Started – EMEA
byAine Long
 
PDF
Relevez les défis Kubernetes avec NGINX
byNGINX, Inc.
 
PPTX
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
byOlivia LaMar
 
PDF
Movavi Screen Recorder Studio 22.5.2 Crack
byaladdinkhana47
 
PDF
IDM Crack 2025 Internet Download Manger Patch
bywistrendugftr
 
PDF
IObit Uninstaller Pro Crack 13.2.0.5 + Key Download 2025
bymaharajput103
 
PDF
Kubernetes Networking
byNGINX, Inc.
 
PDF
NGINX ADC: Basics and Best Practices – EMEA
byNGINX, Inc.
 
PPTX
NGINX Basics: Ask Me Anything – EMEA
byNGINX, Inc.
 
PDF
Using NGINX and NGINX Plus as a Kubernetes Ingress
byKevin Jones
 
PDF
NGINX Controller: faster deployments, fewer headaches
byKangaroot
 
PDF
Kubernetes and the NGINX Plus Ingress Controller
byKatherine Bagood
 
PDF
Load Balancing Applications on Kubernetes with NGINX
byAine Long
 
PDF
NGINX: The Past, Present and Future of the Modern Web
byKevin Jones
 
PDF
ITB2017 - Nginx ppf intothebox_2017
byOrtus Solutions, Corp
 
PDF
Nginx app protect-for-meetup-v1.0-202006_lk
byJuraj Hantak
 
PPTX
Gain multi-cloud versatility with software load balancing designed for cloud-...
byAshnikbiz
 
Automate NGINX with DevOps Tools
bySupachai Jaturaprom
 
NGINX DevSecOps Workshop
byNGINX, Inc.
 
Automate your NGINX Environment with the Ansible Collection for NGINX Controller
byNGINX, Inc.
 
NGINX Kubernetes Ingress Controller: Getting Started – EMEA
byAine Long
 
Relevez les défis Kubernetes avec NGINX
byNGINX, Inc.
 
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
byOlivia LaMar
 
Movavi Screen Recorder Studio 22.5.2 Crack
byaladdinkhana47
 
IDM Crack 2025 Internet Download Manger Patch
bywistrendugftr
 
IObit Uninstaller Pro Crack 13.2.0.5 + Key Download 2025
bymaharajput103
 
Kubernetes Networking
byNGINX, Inc.
 
NGINX ADC: Basics and Best Practices – EMEA
byNGINX, Inc.
 
NGINX Basics: Ask Me Anything – EMEA
byNGINX, Inc.
 
Using NGINX and NGINX Plus as a Kubernetes Ingress
byKevin Jones
 
NGINX Controller: faster deployments, fewer headaches
byKangaroot
 
Kubernetes and the NGINX Plus Ingress Controller
byKatherine Bagood
 
Load Balancing Applications on Kubernetes with NGINX
byAine Long
 
NGINX: The Past, Present and Future of the Modern Web
byKevin Jones
 
ITB2017 - Nginx ppf intothebox_2017
byOrtus Solutions, Corp
 
Nginx app protect-for-meetup-v1.0-202006_lk
byJuraj Hantak
 
Gain multi-cloud versatility with software load balancing designed for cloud-...
byAshnikbiz
 

More from NGINX, Inc.

PDF
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
byNGINX, Inc.
 
PDF
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
byNGINX, Inc.
 
PDF
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
byNGINX, Inc.
 
PPTX
Get Hands-On with NGINX and QUIC+HTTP/3
byNGINX, Inc.
 
PPTX
Managing Kubernetes Cost and Performance with NGINX & Kubecost
byNGINX, Inc.
 
PDF
Manage Microservices Chaos and Complexity with Observability
byNGINX, Inc.
 
PDF
Accelerate Microservices Deployments with Automation
byNGINX, Inc.
 
PDF
Unit 2: Microservices Secrets Management 101
byNGINX, Inc.
 
PDF
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
byNGINX, Inc.
 
PDF
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
byNGINX, Inc.
 
PDF
Easily View, Manage, and Scale Your App Security with F5 NGINX
byNGINX, Inc.
 
PDF
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
byNGINX, Inc.
 
PDF
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
byNGINX, Inc.
 
PPTX
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
byNGINX, Inc.
 
PPTX
Protecting Apps from Hacks in Kubernetes with NGINX
byNGINX, Inc.
 
PPTX
NGINX Kubernetes API
byNGINX, Inc.
 
PPTX
Successfully Implement Your API Strategy with NGINX
byNGINX, Inc.
 
PPTX
Installing and Configuring NGINX Open Source
byNGINX, Inc.
 
PPTX
Shift Left for More Secure Apps with F5 NGINX
byNGINX, Inc.
 
PPTX
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
byNGINX, Inc.
 
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
byNGINX, Inc.
 
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
byNGINX, Inc.
 
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
byNGINX, Inc.
 
Get Hands-On with NGINX and QUIC+HTTP/3
byNGINX, Inc.
 
Managing Kubernetes Cost and Performance with NGINX & Kubecost
byNGINX, Inc.
 
Manage Microservices Chaos and Complexity with Observability
byNGINX, Inc.
 
Accelerate Microservices Deployments with Automation
byNGINX, Inc.
 
Unit 2: Microservices Secrets Management 101
byNGINX, Inc.
 
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
byNGINX, Inc.
 
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
byNGINX, Inc.
 
Easily View, Manage, and Scale Your App Security with F5 NGINX
byNGINX, Inc.
 
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
byNGINX, Inc.
 
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
byNGINX, Inc.
 
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
byNGINX, Inc.
 
Protecting Apps from Hacks in Kubernetes with NGINX
byNGINX, Inc.
 
NGINX Kubernetes API
byNGINX, Inc.
 
Successfully Implement Your API Strategy with NGINX
byNGINX, Inc.
 
Installing and Configuring NGINX Open Source
byNGINX, Inc.
 
Shift Left for More Secure Apps with F5 NGINX
byNGINX, Inc.
 
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
byNGINX, Inc.
 

Recently uploaded

PPTX
wAIred_LearnwithoutAI_KotlinDevDay_27112025.pptx
bySimonedeGijt
 
PDF
DSD-INT 2025 3D-modelling of salt intrusion into Germany’s busiest waterway -...
byDeltares
 
PDF
DSD-INT 2025 Understanding the Paraguay River Response to Hard Bottom Dredgin...
byDeltares
 
PDF
DSD-INT 2025 Building-Aware Flood and Lifeline Scour Modeling with Delft3D FM...
byDeltares
 
PDF
inSis suite - Laboratory Information Management System
byKondapi V Siva Rama Brahmam
 
PPTX
Future of Software Testing: AI-Powered Open Source Testing Tools
bySophie Lane
 
PDF
Everything You Ever Wanted to Know About Quarkus and LangChain4j
byMarkus Eisele
 
PDF
Breaking the Vulnerability Management Cycle with Anchore and Echo
byAnchore
 
PDF
DevOps Monitoring Tools: The 2025 Guide to Performance & Observability
byalexendrascott01
 
PPTX
operating sys about shells and terminals commands .pptx
byYazeedAbdullah6
 
PDF
DSD-INT 2025 Modernizing Hydrodynamics in Large Flood Forecasting System - Mi...
byDeltares
 
PDF
DSD-INT 2025 Timor-Leste Flood exposure and Climate Change assessment - Ogunwumi
byDeltares
 
PDF
DSD-INT 2025 Quantifying Flood Mitigation Strategies Under Sea Level Rise - H...
byDeltares
 
PDF
DSD-INT 2025 DevOps - Automated testing and delivery of Delft3D FM - van West...
byDeltares
 
PDF
DSD-INT 2025 UK Coastal Flooding Incident Guide - Dam
byDeltares
 
PPTX
Zotero Software Demonstration. Biomedical Perspective
byDr Snehashis Singha
 
PDF
DSD-INT 2025 Hydrodynamic and Morphodynamic Modeling with Delft3D FM for an I...
byDeltares
 
PDF
DSD-INT 2025 MeshKernel and D-Grid Editor - Stout
byDeltares
 
PDF
Internship Project Training Report-3.pdf
byPawank36
 
PDF
IAAM Meetup #7 chez Onepoint - Construire un Rag-as-a-service en production. ...
byiaaixmarseille
 
wAIred_LearnwithoutAI_KotlinDevDay_27112025.pptx
bySimonedeGijt
 
DSD-INT 2025 3D-modelling of salt intrusion into Germany’s busiest waterway -...
byDeltares
 
DSD-INT 2025 Understanding the Paraguay River Response to Hard Bottom Dredgin...
byDeltares
 
DSD-INT 2025 Building-Aware Flood and Lifeline Scour Modeling with Delft3D FM...
byDeltares
 
inSis suite - Laboratory Information Management System
byKondapi V Siva Rama Brahmam
 
Future of Software Testing: AI-Powered Open Source Testing Tools
bySophie Lane
 
Everything You Ever Wanted to Know About Quarkus and LangChain4j
byMarkus Eisele
 
Breaking the Vulnerability Management Cycle with Anchore and Echo
byAnchore
 
DevOps Monitoring Tools: The 2025 Guide to Performance & Observability
byalexendrascott01
 
operating sys about shells and terminals commands .pptx
byYazeedAbdullah6
 
DSD-INT 2025 Modernizing Hydrodynamics in Large Flood Forecasting System - Mi...
byDeltares
 
DSD-INT 2025 Timor-Leste Flood exposure and Climate Change assessment - Ogunwumi
byDeltares
 
DSD-INT 2025 Quantifying Flood Mitigation Strategies Under Sea Level Rise - H...
byDeltares
 
DSD-INT 2025 DevOps - Automated testing and delivery of Delft3D FM - van West...
byDeltares
 
DSD-INT 2025 UK Coastal Flooding Incident Guide - Dam
byDeltares
 
Zotero Software Demonstration. Biomedical Perspective
byDr Snehashis Singha
 
DSD-INT 2025 Hydrodynamic and Morphodynamic Modeling with Delft3D FM for an I...
byDeltares
 
DSD-INT 2025 MeshKernel and D-Grid Editor - Stout
byDeltares
 
Internship Project Training Report-3.pdf
byPawank36
 
IAAM Meetup #7 chez Onepoint - Construire un Rag-as-a-service en production. ...
byiaaixmarseille
 

Deep Dive: Automating the Application and Security Pipeline with NGINX and Ansible

  • 1.
    F5 / NGINX REDHAT& NGINX AUTOMATION DEEP-DIVE
  • 2.
    | ©2019 F5 2 •Automation recap • Automating with Ansible • Automating Hybrid Cloud Application Delivery • Demo • Q&A CONFIDENTIAL Agenda
  • 3.
    The Application Evolution 3 MonolithicHybrid Microservices Application modernization >60% Core, legacy business apps ~30% Legacy with micro- services add-ons ~10% Modernapps optimized for digital Previously…
  • 4.
    ModernApps Requirea ModernArchitecture From Monolithic... ... to Dynamic Three-tier, J2EE-style architectures Complex protocols (HTML, SOAP) Persistent deployments Fixed, static Infrastructure Big-bang releases Silo’ed teams (Dev, Test, Ops) Microservices Lightweight (REST, JSON) Containers, VMs, Functions Infrastructure as Code Continuous delivery DevOps Culture Previously…
  • 5.
    ModernApproach - TheValue of Red Hat + F5 Previously…
  • 6.
    | ©2019 F5 6 Automatingwith Ansible Ansible Automation Platform and NGINX Controller CONFIDENTIAL
  • 7.
    Red Hat AnsibleAutomation Platform Combining the universal automation language with cloud services and certified content for automating, deploying, and operating applications, infrastructure and services securely at enterprise scale. Providingscalable, secure implementationfor describing, building,andmanagingthe deploymentofenterprise IT applications across diverse enterprise architectures. Ansible automation Cloud services that facilitateteam collaboration and provideoperational analytics for automating heterogeneous,hybridenvironments. Cloud services Extendsnative platformcapabilities with certified,supported content designedto expandthe automationdomainand accelerate adoption for enterprise customers. Certified content
  • 8.
    Red Hat Ansible Tower Automation Hub Automation ServicesCatalog Fueled by an open source community Insights for Ansible Automation Platform Ansible command line Ansible Cloud Services On-premises Ansible content domains Infrastructure Cloud Network Security Linux Windows Content creators Operators Domain experts Users Red Hat Ansible Automation Platform
  • 9.
    90+ Network Security Infrastructure Cloud certifiedplatforms Red Hat Ansible Automation Platform
  • 10.
    What makes upan Ansible playbook? Plugins Modules Plays Red Hat Ansible Automation Platform
  • 11.
    11 nginx_core ├── MANIFEST.json ├── playbooks │├── deploy-nginx.yml │ └── ... ├── plugins ├── README.md └── roles ├── nginx │ ├── defaults │ ├── files │ │ └── … │ ├── tasks │ └── templates │ └── ... ├── nginx_app_protect └── nginx_config --- - name: Install NGINXPlus hosts: all tasks: - name: Install NGINX include_role: name: nginxinc.nginx vars: nginx_type: plus - name: Install NGINXApp Protect include_role: name: nginxinc.nginx_app_protect vars: nginx_app_protect_setup_license: false nginx_app_protect_remove_license: false nginx_app_protect_install_signatures: false deploy-nginx.yml Collections Red Hat Ansible Platform 90+ certified platforms
  • 12.
    | ©2019 F5 12 AutomatingHybrid-Cloud Application Delivery NGINX Controller, Ansible Automation Platform and Kubernetes CONFIDENTIAL
  • 13.
    ModernApproach - TheValue of Red Hat + F5 Previously…
  • 14.
    EnterpriseAutomation NGINX Controller • Enterprisefeaturesfor NGINX Plus • Declarative API for pipeline integration • High level abstraction for ADC/APIM • Metrics collection and forwarding • WAF (NGINX App Protect) Management • RBAC for Security
  • 15.
    Kubernetes Automation NGINX Ingress •NGINX Ingress Controller (KIC) • Fullymanaged through K8s API • Ansible configuration through Kubernetes.Core collection • Prometheus/Grafana/OpenTracing • WAF (NGINX App Protect) • RBAC through K8s CRDs
  • 16.
  • 17.
    Control Loop “In roboticsand automation, a control loop is a non- terminating loop that regulates the state of a system.” “In Kubernetes, controllers are control loops that watch the state of your cluster, then make or request changes where needed. Each controller tries to move the current cluster state closer to the desired state.” Source: https://kubernetes.io/docs/concepts/architecture/controller/ Kubernetes Controller
  • 18.
    • HTTP layer7 routing based on host header and paths • TLS termination (officially no re-encryption) • Advanced features need to be enabled via: • Annotations • ConfigMaps • Extensions via annotations are not validated • CRs are fully validated within K8s API • HTTP layer 7 routing based on all application data (Host, Path, Cookie, Header, Method, etc) • Support for HTTP2, GRPC, TCP, UDP • Application security (WAF support) • Layer 7 traffic policies (rate limit, ACL, etc.) • Traffic splitting, Blue/Green, Canary • Circuit breaker patterns Kubernetes Ingress Custom Resources Ingress Controller KubernetesIngress vs Custom Resources
  • 19.
    • RBAC Enabled •Custom Resources for ingress: • Security policies • Service protection policies • Virtual server • Application routing • Ingress Link David NetOps Olivia DevOps Tony AppDev Alice SecOps NGINX Controller Secure Self Service with Custom Resources
  • 20.
    Demo Setup • Automationwith Ansible Tower • Ansible Collections • Nginxinc • Kubernetes.core • Data Plane Path • NGINX Plus → • NGINX KIC → • Containerized Application • Secured with RBAC • Tower, Controller, K8s • Secured with WAF • NGINX Plus, NGINX Ingress
  • 21.
  • 22.
    Summary HOPEFULLY THE DEMOWENT WELL • Ansible Tower • Automation of traditional infrastructure and modern container platforms • Configuration Management • Ansible Collections • NGINX Ingress Controller provides a better Kubernetes Ingress by: • Not using Ingress ☺ • Deployable on K8s and OCP with a life-cycle operator • Custom Resources inherit RBAC • Brings all functionality into a well defined API Spec
  • 23.
    Business value bythe numbers Source: - IDC White Paper, sponsored by Red Hat. “Red Hat Ansible Automation Improves IT Agility and Time to Market. - The State of Modern App Delivery 2020 in the NGINX Open Source Community 498% 5-year return on investment with 5 months to payback 68% more productive IT infrastructure management teams 135% more applications developed per year 53% reduction in unplanned downtime
  • 24.
    | ©2019 F5 24 Qs& As And links…. CONFIDENTIAL
  • 25.
  • 26.
    Increase your Knowledge (ansible.com/get-started) Startyour Automation Adoption Journey (ansible.com/contact-us) Evaluate your Savings (redhat.com/savetime) What’s next ? See how NGINX and Red Hat Work Together (nginx.com/partners/red-hat/)
  • 27.
    | ©2019 F5 28 RedHatTekton: https://tekton.dev/ CONFIDENTIAL Any Questions….