F5 Container Ingress Services provide a powerful app services platform that integrates with the leading container management solutions to deliver robust application security and performance.
Much of what makes containers so attractive—portability, scaling, increased development and deployment efficiency, etc.—can also be risk factors because they introduce more points of exposure. While there are some native services available within container platforms like Kubernetes and OpenShift, they lack critical features such as web application firewalls and protocol gateways that can protect you from hacks, bots, and data exfiltration that can put your customer data at risk.
You need a platform that understands the transient nature of events within the cluster and can provision application services appropriately in response.
With a microservices-based solution, you need security and networking solutions that are aligned with that highly dynamic and transient architecture. These application services should include enterprise-grade front door security and comprehensive end-to-end visibility. F5 makes it easy to integrate app services directly into the cluster management system, regardless of where it’s hosted, allowing the security and network teams to keep services up to date without slowing down development.
F5 provides your organization with a powerful application services platform, Container Ingress Services, that integrates with your container management solution to deliver tighter application security and optimized performance of containerized applications.
F5 does this via two key components:
In the F5 Container Ingress Services architecture below, the container connector component (labelled CIS) listens for container management events, like new clusters or pods being created, and makes configuration changes on BIG-IP to manage traffic to new container resources. Meanwhile, BIG-IP, as well as protecting and accelerating application traffic, is supplying rich telemetry to management and visualizations services, which can then propagate changes in the container management system, closing the circle of observation to action.
Container platforms such as Kubernetes or Red Hat OpenShift combine with agile development methodologies to speed up application development and deployment. Containerized apps are no less vulnerable to application-layer vulnerabilities, denial-of-service attacks, and the impacts of client-side network latency—which means they still need app delivery and security services such as web application firewalls, TCP optimization, and protocol gateways.
But a traditional solution with a static configuration changed only by an IT operator conflicts with the agile container paradigm where new microservice containers might be created dynamically for just a few minutes to service a spike in demand or roll out an upgrade by simply replacing old containers with new ones.
How do you ensure that your app services deployments keep up with your rapid release cycles in containerized environments?
You need powerful application security and optimization services integrated with the container platform management plane.
Integration allows your app services to automatically respond in real time to container events (such as the creation of a new container, or a whole new service)—without an application developer or container platform manager needing a lot of domain-specific knowledge.
You can provide robust protection and advanced traffic management for container applications by combining the market-leading BIG-IP application delivery platform, an extended container network fabric, and a management container that integrates into the container management plane.
To deliver consistent and powerful multi-cloud application services in containerized environments, organizations can leverage a few F5 components.
F5 works closely with its technology partners to help you optimize your apps in containerized environments.