Automate DevOps/SecOps with CI/CD using F5 BIG-IP, SovLabs, and VMware vRA

Matt Mabis

Deploying applications at the speed of users can paradoxically be something of a slog. IT, DevOps, and SecOps organizations may spend hours/days/months trying to figure out ways to simplify the delivery of applications while providing the safety and security required by today's users.

The pervasive challenge is to enable process, technology, and team integration without running into common pitfalls such as aggressively siloed infrastructures and the dreaded vendor lock-in. One major step in the right direction is finding a way to ensure that you’re positioned to deploy applications with best-of-breed load balancing and security capabilities that can easily be automated.

It’s true, many vendors may try to push all-in-one-type solutions that deliver basic functionality or the dicey "Almost Good Enough" security and load balancing. The recurring drawback with these types of all-in-one bundles is that—for lack of a better way to put it—you live in their box, only able to access the limited tools available inside that box.

Obviously, this doesn’t so much fly with developers, long since conditioned on the benefits of straying outside previously defined parameters in the name of achieving targeted business results. The trick is, of course, combining developer flexibility with reliable safeguards rigorous enough to satisfy security teams accustomed to a lack of compromise.

So…Is there such a solution?

Well, I’m gratified to tell you that, in working with leading technology partners, we have a fine candidate to address the scenario described above. It starts with F5 BIG-IP functionality (via physical or virtual appliances) such as load balancing, global server load balancing, and application security that can be created, managed, scaled, and managed from a lifecycle perspective within the VMware vRealize Automation (vRA) catalog using SovLabs solutions.

At this point, I’ll respectfully defer to David Coulter from SovLabs for a detailed description and commentary outlining how the solution works:

The entire request, scaling, and de-provisioning process is powered by SovLabs RESTipe®, a framework feature that enables customizable template-based consumption of vRealize Automation metadata and REST-based endpoints.

From a single request, users can specify the load balancer virtual server creation or re-use, utilize SovLabs naming policies for virtual servers and pools, specify node-level settings such as member port, connection and rate limit, priority, ratio and virtual-level settings such as port number, VIP, SSL profiles, iRules, Health monitors, Load balancing methods, etc. There is also built-in support for multiple IPAM and DNS providers for virtual IP address (VIP) allocation and registration, such as SolarWinds, BlueCat, Infoblox, Men & Mice, BT Diamond IP, and Microsoft. And anything a user can request, an admin can pin in a vRealize Automation blueprint to further simplify complex requests for end-users – reusability is automatic.

____

Working with each other's strengths, F5, SovLabs, and VMware have found a way to reduce the amount of work needed to deploy and deliver BIG-IP solutions (Load Balancing/Security/Global DNS) in this desired model down to a simple click and deploy of RESTipe.

And all without custom code!

Admittedly, that is a fair amount of technical and vendor-specific detail for this blog, so these resources are also provided for your consumption:

• Video demo of the integrated solution
• Guidance documentation for the SovLabs F5 Module for vRealize Automation

A Word about Ansible and Automation

While the integration described above doesn't require the use of Ansible, organizations can certainly benefit from the integration with this as a component of their infrastructure. That is, for customers interested in using vRA as an infrastructure automation engine while using Ansible (or Ansible Tower) to automate the deployment of their workloads, the advantages of this integration are completely compatible.

For more information on this element, these resources are a good place to start:

• Integrating vRealize Automation and Ansible Tower
• SovLabs Ansible Tower Module for VMware's vRealize Automation – Provisioning

In addition, F5 and SovLabs experts will be on-hand at VMworld 2019, taking place Aug. 25–29 in San Francisco. Stop by the F5 booth (#1443 in the Solutions Exchange) during open hours to discuss any of this in more depth. And thank you again to SovLabs and VMware for their collaboration—looking forward to seeing everyone at the event!

About the Author

Matt Mabis

More blogs by Matt Mabis