Taming Complexity and Enabling Modern App Delivery at Scale

F5 Thumbnail
Published November 19, 2020

Everyone knows about the digital pioneers, the Facebooks and Googles of the world. The companies that invented today’s rich systems of engagement and set the bar for compelling digital experiences. Even though the vast majority of you are a part of large organizations, chances are you don’t have the same software engineering resources as Facebook and Google. Yet your customers expect the same level of responsiveness, performance, and richness in the experiences you deliver.  

It’s hard to compete with hyperscale, cloud-native companies. I imagine you feel as though it is taking every ounce of effort and ingenuity to just stay a step ahead of disruption. And that was before a global pandemic accelerated digital transformation that is both creating more complexity in your systems and reducing your margin for error. In the digital worlds, customers are just a mouse click away from moving to a competitor after just one bad experience.

But with this challenge comes opportunity. The promise of modern apps is the ability to develop, deploy, and deliver applications rapidly and reliably, ensuring your customers have access to the applications they need—whenever they need them. For your teams, this means faster and more frequent deployments by integrating reusable security and networking policies into your CI/CD pipelines. This frees developers to focus on creating business value through new application development, ultimately generating revenue and competitive advantage by bringing new apps and features to market faster.

We have been working with some of you for the past 20 years to secure and deliver your most mission critical apps. And we’re here to help secure and deliver your most critical apps for the next 20 years. The key is helping you stay ahead of disruption, giving you the technology and tools that keep complexity low, while ensuring you are able to deliver secure, rich experiences that push your business forward.  

The adaptive applications vision

Last week, Kara Sprague talked about how companies can bring their monolithic and three-tier applications into the world of adaptive applications—apps that grow and shrink automatically, heal themselves, and deliver rich telemetry to continually improve. For those traditional apps, BIG-IP, iRules, and other F5 solutions can function as a wrapper to retrofit them for modern systems.  

The adaptive applications vision for modern applications at the front end of the experience complements this approach. It’s about creating an environment where you can embrace developer innovation and rapidly iterate with DevOps and CI/CD processes—but also run everything at scale in a way that still provides the performance and security needed to ensure a great customer experience.

I often refer to this as “running safely with scissors.” We all know as kids we shouldn’t run with scissors, but in the midst of digital transformation that’s what we’re asking our developers and software engineers to do. Get new services to market quickly. If you fail, fail fast and fail forward. The goal is to not to prevent the developers to run with scissors—metaphorically—but to make it as safe as possible. To ensure your modern apps are driving great experiences without putting the company at risk.

This part of our adaptive apps vision comes to life through our NGINX solutions. Here’s how that works.

Managing apps in the modern world

First, it’s worth taking a look at what’s going on in the transformation to modern architectures.

For one thing, we're seeing an orders-of-magnitude change in terms of volume. Many of you are now managing thousands of applications, not hundreds. And you have hundreds of development teams building those applications, not tens.

Imagine an organization delivering a ride hailing application: they need passenger management, trip management, driver management, payment notification, billing, maps, and so on. This enterprise would probably have a few hundred such services to run the business and probably dozens of development teams.

Unlike the days of monolithic environments, all of these modern apps are highly distributed and broken up into discrete components, networked together into a fabric of microservices and architected to run on today’s elastic clouds.

This approach allows teams to be very flexible and make changes to very finite pieces of the app. Which leads to the third and most important aspect of what separates a modern application from a traditional one: the frequency of changes. We used to deploy revisions to an application maybe twice a year. In the modern world, it’s twice an hour and, for the most advanced, twice a minute.

All of this is happening all of the time. There is so much going on so fast in a modern environment that it simply doesn’t work to manage it all at human speed. It has to be done at machine speed. Human latency—the time to complete tasks manually—is the digital bottleneck.

That’s why applications need to become adaptive. Apps that scale up and scale down, apply the right performance, enforce the right security, and do it all in an automated, intelligent way. When applications take on that work, that allows you and your teams to focus on continuous improvement and innovation.

Creativity without complexity

Another key to modern apps is the shift from top-down development with tight governance and long cycles to a process that’s more bottom-up. It's about unleashing developers to be creative and come up with features that help solve customer needs the way those cloud pioneers have done.

With developers empowered to choose their own modern app tools it should come as no surprise that there are 1,400-plus tools available in the cloud-native computing landscape. It’s fair to say that if you're going down this modern path, you will find yourself stitching together a patchwork of open source tools. And if you let your developers go wild, you could end up with hundreds of discrete tools, many of which perform redundant functions.

Add that to what’s needed to manage, patch, and secure these tools. Running a single application could involve 13 to 15 vendors in just the application delivery and security realm.

That’s way too much complexity for most organizations to handle efficiently, isn’t it? We know of large streaming provider with team of more than 100 software developers dedicated just to stitching together open source proxy tools. Another customer characterized their architecture as a Winnebago completely covered in stickers from every “state park” (a.k.a. open source tool) it has ever visited.

This might sound familiar to some of you. But rather than driving innovation to the point of accumulating unnecessary complexity, the question you can ask yourself is how do you get the agility and the adaptable digital experiences that customers expect—without all of that complexity? And without losing visibility from trying to stitch hundreds of tools together.

Visibility and insight into the entire stack are so valuable. They enable the organization to perform better, and to rein in that complexity and make better design choices.

NGINX as a pathway to adaptive apps

NGINX has taken a two-fold approach. First, we’ve broken out all the services along the data path that customers expect (and are combined for traditional apps using something like BIG-IP) into discrete, lightweight tools for modern apps.

Need to manage traffic? There’s NGINX Plus for load balancing. Need to route and authenticate APIs? Deploy NGINX Plus as an API gateway. Implementing Kubernetes in production? NGINX Ingress Controller directs traffic in and out. Managing microservices at scale? NGINX Service Mesh handles “east/west” traffic among all of these services. Worried about security? NGINX App Protect deploys natively on all of these to provide security close to the application logic.

At F5 we support your journey no matter where you are in your modern applications, from OSS and testing new environments (such as Kubernetes) to hybrid deployments and fully securing and scaling your applications in production. We offer highly available, automated, and performant container traffic management inside the cluster and out, both lightweight and advanced service mesh capabilities, and fully supported and specialized modern application security through WAF inside the cluster and not just around it—allowing threats to be caught, remedied, and contained before they affect your broader microservices environment. If you are running modern applications in production, F5 is your one-stop-shop and trusted advisor to guide you along the way.

But managing and securing the traffic is only the first part. Our second approach is to provide a solution that reins in the complexity for operations teams. NGINX makes it possible to centrally manage and monitor all of this through one tool: NGINX Controller. NGINX Controller provides orchestration of and insight into traffic and security across your modern app portfolio and toolchain, and gives you the ability to automate processes and policies through self-service portals and CI/CD pipeline integration.

The result of this is the best of all worlds. Your developers still get self-service access to use best-of-breed NGINX software they love, giving them the flexibility and agility they need to create the Facebook-like and Google-like digital experiences your customers want, while DevOps and IT Ops teams deploy centralized guardrails and get visibility and control for governance at scale. This means increased business value through reduced time-to-market without adding complexity.

Your developers get to run safely with scissors.

Many of you probably started your digital transformation refactoring traditional apps, where BIG-IP and other F5 technologies bring adaptive apps to the traditional landscape. Now, with NGINX, you get enterprise-grade solutions that make your modern applications adaptive. No matter where you are on the digital journey, we have you covered—ensuring you can compete to attract and retain customers in the digital era.