KubeCon 2018 is here and, like you, we at Citrix are excited to meet people at the forefront of developing cloud-native applications and solutions. Over the last couple of years, we’ve seen the challenges our customers face when migrating to the cloud-native way of delivering applications. We have some exciting solutions and ideas to share with you this year.
Citrix ADC users, including IT/systems engineers, DevOps, and site-reliability engineers (SREs) often ask us questions like:
- I love the way Citrix ADC (formerly NetScaler) fronts my traditional applications for performance and security. Can the same benefits be extended to Kubernetes cluster ingress traffic?
- One end-user request can spawn hundreds of microservices requests/responses. Is there a way to understand and troubleshoot north-south and east-west traffic?
- Can I apply organization-wide security policies across polyglot microservices?
- Can I observe and control events in the CICD pipeline that have an impact on production and staging traffic?
- Can I get a 10,000-foot view of the health/architecture/deployment of my applications that are spread across multiple clouds, different geographies, and different teams.
We’ve been working hard to solve challenges like these and many more. Here’s a summary of what you can expect to see in Citrix ADC and what you can talk with us about at KubeCon.
Layer 7 Features (CS, Rewrite, HTTP(S), TCP, UDP at scale) for Ingress/Egress Traffic
North-south traffic is extremely high stakes. This is where your end-user traffic hits all the hard work you’ve done in building your Kubernetes deployments. You can rely on Citrix ADC’s battle-tested features like traffic management and SSL offload and platforms like MPX, SDX, and VPX to manage hyper-scale N-S traffic.
Citrix Ingress Controller (CIC) is an open source ingress controller. It provides superior control of HTTP/HTTPS/TCP/UDP traffic based on familiar policies like Content Switching, Rewrite, Responder and a lot more.
For customers who need a tier of ingress devices inside the Kubernetes cluster, Citrix ADC CPX (Citrix ADC’s containerized form factor) comes with a built-in ingress controller suitable for all north-south use cases. Early in 2019, we’ll also launch a Citrix ADM-based controller that will further enhance CIC functionalities such as integration with IPAM and Stylebooks. Stop by our booth for a cool demo and see how we’re helping our customers beat N-S traffic challenges.
Load Balancing, mTLS, and Observability of E-W Traffic
In Kubernetes, east-west traffic is where the real fun begins (or stops, if you don’t get things right). With the explosion in the number of microservices (and the subsequent complexity), developers are waiting for a solution that provides visibility and troubleshooting, in addition to basic proxy functionalities like load balancing and mutual TLS.CPX replaces native KubeProxy to provide Layer 7 features to help improve the performance, security, and scale of E-W traffic.
Securing Traffic Through AAA, Zero-Trust Principles
The flexibility of polyglot architecture often increases the complexity of applying uniform security policies across all microservices. Citrix ADC helps in implementing common security policies using familiar WAF, authentication, SSL offload, cipher enforcement, and rate limiting for high-scale north-south traffic.
For east-west traffic use cases, CPX will offer lightweight mutual TLS offload with per K8s pod certificate support. CPX will also perform Layer 4 to 7 content validation/policies.
Macro-to-Micro-Level Visibility and ML-Based Analytics
Based on our assessment of our customers’ Kubernetes deployments, managing microservices is a big issue. Citrix ADM will offer a one-stop solution by weaving inputs from north-south ingress platforms and east-west proxies to provide visibility across microservices to visualize all service components, dependencies, and bottlenecks, and to understand how data flows through the application architecture.
Close Integration with CNCF Ecosystem Players
Plug into Kubernetes on Azure, Google Kubernetes Engine or Other Managed-Service Providers
Citrix ADC supports integration with popular managed Kubernetes service providers such as Azure Kubernetes service, Google Kubernetes Engine, open source and enhanced Kubernetes platforms. We understand the importance and complexities of a hybrid, multi-cloud world with hybrid K8s deployments. Our single unified codebase works across any combination of Kubernetes deployments offering you great flexibility. Citrix ADC can seamlessly plug in with your choice of infrastructure.
Seamless Integration with Monitoring, Analytics, Visualization Tools
Citrix ADC exports events to popular open-source monitoring tools like Prometheus to seamlessly provide traffic-pattern visibility and potential opportunities to optimize Kubernetes deployments.
Come see us at booth S30 at KubeCon 2018 and let’s talk about your Kubernetes deployment challenges. We might just have the solution you’re looking for.