Developers – and the DevOps who support their apps – long for greater observability. That’s visibility, but with greater alacrity. That means APIs and integration into the tools and dashboards they use to keep them informed about the performance, availability, and security of their applications.
That’s particularly challenging in the cloud, where only some components of the application and its delivery stack are truly integrated with cloud consoles and services.
Consider the finding from Gitlab’s 2018 developer survey on the top three challenges faced by developers using technology to support investments for 2018.
Integration with other tools in their stack ranks pretty high at number two. More than a third (37%) consider that integration to be a top challenge.
One of the reasons tools aren’t integrated is that some of them are ‘owned’ by someone else. Someone else being NetOps or SecOps. So it’s incumbent on DevOps (and Dev) to communicate their need, yes, but it’s likely that the responsibility to do something falls on the shoulders of some other *Ops.
The urgency of providing that visibility through integration with cloud-native services is growing. A 2017 survey from SailPoint uncovered a disturbing number of respondents (73% to be exact) who, when "given the hypothetical situation of the CEO’s identity being compromised … admitted they wouldn’t immediately know how and where their data was at risk." That’s likely in part because of a lack of integration between the application services that detect and report malicious activity – like application access control and web application firewalls – and the logs and dashboards used by operations to monitor the health and security of apps.
That’s why community and open source is so important. Not just to support solutions and expand or extend software, but to share and improve on ways to enable the integration required to unlock observability. Especially in the cloud. Especially if it actually is Dev or DevOps who are responsible for making it happen.
One of the ways F5 is doing that is through iApps (templates) that do the difficult work of integration and offer NetOps and SecOps a way to support their DevOps and Dev counterparts need for observability in cloud environments.
F5 Cloud Logger iApp
The iApp configures BIG-IP to export logs via JSON to cloud services including Azure OMS, AWS S3, and AWS CloudWatch. All CloudFormation Templates (CFT) and Azure Resource Management (ARM) templates provision a BIG-IP that includes the Cloud Logger iApp pre-loaded for your convenience. Don’t forget to configure the cloud logging service to receive the stream before running the iApp, and make sure the appropriate application services on BIG-IP are logging the information you want.
Per the need for security – and to identify what’s going on – the iApp can log web application firewall policy violations and violation types, DoS-related incidents, as well as those associated with access control, right in the respective cloud management console. That’s on top of system level logs that give you all kinds of visibility into the performance and availability of applications being monitored by BIG-IP.
Pre-loaded is great, but you might want to use it as part of your deployment process (and automation toolchain) or customize the iApp for your particular needs. You can get the source for the F5 Cloud Logger iApp on Github (https://github.com/F5Networks/f5-cloud-iapps/tree/master/f5-cloud-logger) for either or both purposes. The Github project also includes a handy example CuRL command and associated JSON to deploy the iApp programmatically using F5 iControl REST for Azure OMS.
Whether you use the pre-loaded iApp or the open source version with modifications, NetOps and SecOps alike can provide a new level of visibility to Dev and DevOps (and themselves) by taking advantage of integration with the tools you use in the cloud.
About the Author
Related Blog Posts
F5 accelerates and secures AI inference at scale with NVIDIA Cloud Partner reference architecture
F5’s inclusion within the NVIDIA Cloud Partner (NCP) reference architecture enables secure, high-performance AI infrastructure that scales efficiently to support advanced AI workloads.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
F5 Silverline: Our Data Centers are your Data Centers
Customers count on F5 Silverline Managed Security Services to secure their digital assets, and in order for us to deliver a highly dependable service at global scale we host our infrastructure in the most reliable and well-connected locations in the world. And when F5 needs reliable and well-connected locations, we turn to Equinix, a leading provider of digital infrastructure.
Volterra and the Power of the Distributed Cloud (Video)
How can organizations fully harness the power of multi-cloud and edge computing? VPs Mark Weiner and James Feger join the DevCentral team for a video discussion on how F5 and Volterra can help.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.
The Internet of (Increasingly Scary) Things
There is a lot of FUD (Fear, Uncertainty, and Doubt) that gets attached to any emerging technology trend, particularly when it involves vast legions of consumers eager to participate. And while it’s easy enough to shrug off the paranoia that bots...