In 2016, we sowed the seeds of putting a Citrix NetScaler application delivery proxy in the hands of developers to roll out apps quickly with CPX Express, a NetScaler in a Docker container. At DockerCon 2017, we are completing the equation by arming the DevOps professional and members of the Cloud and Digital teams with the means to productize, maintain and troubleshoot microservices and containerized apps with Kubernetes, NetScaler and NetScaler Management and Analytics System (MAS).

Enterprises are moving new apps from development to production and need operational simplicity and performance. They are now able to leverage their current investments with NetScaler to achieve this. Citrix now provides support for all NetScaler form factors (containerized CPX, VM-based VPX, MPX and SDX appliances) as an application delivery controller for Kubernetes clusters. As part of the solution, NetScaler MAS allows DevOps to troubleshoot apps and remediate, especially hard to detect trouble spots through machine-guided analytics.

As a Kubernetes ingress controller, NetScaler exposes applications to external clients aggregating services into common virtual IP addresses, with SSL offload using the most stringent ciphers, DDoS protection, optimization, load balancing and application health analytics. What’s more, NetScalers support a broad range of traffic from HTTP, HTTPS, DNS, Diameter and UDP based traffic.  

Digital teams have been deploying new applications in production only to find that competitive solutions do not have the required performance, scale, compatibility support, security and operational simplicity; leaving applications and APIs exposed to potential down time or deployment delays. When DevOps teams flips the switch to launch an application, they don’t expect it to go down or compromised by a flood of attacks. NetScaler has been protecting and delivering applications at scale for over fifteen years across the enterprise and cloud.

Get me to production safely

When our customers deploy their apps on cluster management platforms like Kubernetes, they can be assured that their applications will scale and stand up to external threats. They can use their existing management stack to extend app delivery across all types of applications:  containers, bare metal and virtual machines.

We have integrated NetScaler with Kubernetes as an Ingress Controller, exposing external virtual IP addresses to apps with a highly robust content switching, rate limiting, rewriting and SSL offload feature set. DevOps teams care about getting apps into production, rolling a new app into deployment on the fly and getting instant information about the health of apps all in an automated fashion.  NetScaler solves these problems in several ways:

  • Breaking the boundaries between software and hardware: NetScaler MAS is integrated with Kubernetes. NetScaler MAS acts as a NetScaler controller allowing any NetScaler CPX, VPX, MPX and SDX to serve as an ingress controller. NetScaler customers can leverage their existing appliance inventory from IT/Ops for the benefit of the Cloud and DevOps teams for microservices deployments.  Or, if a VM based or containerized solution is required, VPX or multi-core CPX instances can be deployed as an ingress controller in front of Kubernetes clusters. The enterprise now has expanded options to accelerate the deployment of new app architectures.
  • NetScaler CPX as Kube Proxy replacement: We announced our integration with Google Cloud Platform during Dockercon 2016.  That integration allowed CPX to act as a micro proxy for all containerized apps within a Kubernetes cluster across East-West traffic for back end applications. CPX offers capabilities that extend beyond Layer 4. CPX can provide stringent SSL ciphers, expose all services through a single virtual IP address, support a broad range of traffic types, switch content based on essential header and payload information or respond on behalf of the application and rate limit. This tool set is valuable when migrating various monolithic applications into microservices.
  • Automated and sophisticated configurations using templates: NetScaler MAS, as a NetScaler controller, provides the ability to deploy rich configuration templates called Stylebooks. Stylebooks are tied into the service discovery framework and MAS listens to Kubernetes events. A Stylebook can be configured automatically via MAS with the parameters required by Kubernetes application endpoints. A Stylebook is deployed automatically to a NetScaler ingress controller or CPX within the cluster to provide application delivery configurations. These automatic configurations enable auto scaling, rolling deployments and required configurations for a new application endpoint.

My app is misbehaving – Spotting a needle in a haystack

We have insights from customers indicating that the complexity of new app architectures makes it difficult to troubleshoot and remediate issues without parsing through infinite log files and data records. Some issues may be borderline or intermittent (e.g. the app passes a health check but is still responding slower than expected). It can be troublesome to remediate these issues, not unlike looking for a needle in a haystack (of files of logs). NetScaler has historically supported many types of app architectures, and provides special tools for machine guided trouble shooting.

  • App health scoring with NetScaler MAS: NetScaler provides a straightforward indicator to the app administrator in the form of an application health score (from 0-100). NetScaler MAS tracks application latency, impact of security threats, application error responses, and the behavior of NetScaler for each transaction. It can detect anomalies related to an application such as when more connections are sent to one application endpoint or another or when an application endpoint is responding significantly slower for a time period. All these data types are collected, indexed and operated with machine guided algorithms so an administrator does not have to look for trouble spots. They can be alerted proactively when low scoring apps arise.

No more trade-offs

In the past, DevOps and Digital teams had a small number of options to get their microservices and containerized apps into production. They didn’t have the option to leverage the business’ existing NetScaler investments. No more. For DevOps and Digital Teams to be successful, they need all the tools available to productize their apps with the same robust level of scalability, performance and operational simplicity of their production mainstream apps delivered through Citrix NetScaler.