Automating the End-to-End Application Deployment using AppViewX
As the application designer’s job is mostly done after the code is written and tested, the NetOps team’s work is just beginning, as they need to configure the ADCs, open firewalls, and provision and set up other network elements to make sure the new application functions as expected and is available to users at all times.
Since enterprise networks are a collection of devices from a variety of vendors, the first step is to sign into each of those devices and start it up. These steps need to be performed hundreds, if not thousands of times, consuming precious time and adding repetitive, redundant tickets to NetOps engineers’ to-do list. And there’s often no centralized network management practice across the organization, each team and business unit tends to do it differently, with no portability, repeatability, or best practices across the organization.
Here are some of the steps that NetOps need to perform to deploy an application:
- Deploying the application on the end server(s)
- Creating a load balancer on the local traffic manager
- Configuring load balancing across datacenters
- Providing the firewall rules on available firewall devices
- Creating a DNS record
Deploying the Application in the end server(s)
The ultimate goal of application “deployment” is to have all the underlying infrastructure ready for the end-user to point their browser to the required URL and have the application appear on their screen — fully functional and available.
Creating a Load Balancer on the Local Traffic Manager:
Let’s start by defining what we mean by “local” load balancing. It’s load balancing within the datacenter — directing traffic between multiple servers running specific applications. Typically, organizations need at least 2 backend servers to ensure application availability, and load balancing ensures that if one of those servers is offline, the other one(s) will pick up its workload. A load balancer also functions as a controller, even if you only have a single backend server. Having a controller gives you flexibility to manage traffic flows, add filtering rules, and change backends during deployments. It gives you the ability to change how your service is implemented on the backend without exposing those changes to the people who consume your service on the frontend, which could be external customers, internal users, or even another service in the datacenter.
Providing Load Balancing across data centers
Global Server Load Balancing (GSLB) is a method of distributing internet traffic to a network of servers across the globe, creating a faster and more reliable user experience.
How does GSLB reduce latency?
Even before an origin server overloads and stops fulfilling requests, high amounts of traffic to that server can still cause significant latency issues. A GSLB system can distribute that traffic among several different locations, ensuring that no single location is handling so many requests that it causes delay.
Additionally, GSLB can greatly reduce the travel time of requests and responses between users and servers. If a user is in Los Angeles and they are using a web service with a Paris-based origin server, then both the requests and responses will have to travel a very long distance, cut up into smaller travel segments called ‘hops’. This can cause significant delays in load time.
Using GSLB, a worldwide pool of servers ensures that each user can connect to a server that is geographically close to them, minimizing hops and travel time. In the example above, if the Paris-based company was utilizing GSLB, the Los Angeles user could connect to a server within 100 miles of their location, resulting in much snappier user experience.
Providing the firewall rules on the necessary firewall devices
Once the load balancer is provisioned, the next step is to allow the websites to be accessible from both within and outside the organization. To shield network traffic from cyberattacks, organizations rely on firewalls, which need to be configured for each deployment.
Creating DNS Record
DNS records tell the DNS server which IP address each domain is associated with, and what to do with requests sent to these domains.
How Does AppViewX Automate the complicated process?
AUTOMATION+ helps enterprise IT manage, automate, and orchestrate application delivery and network security services. AUTOMATION+ provides an application-centric view into the state of application delivery and network security infrastructures running in multi-cloud environments. Application, network and security engineers can build and self-service automation workflows to enable compliance and true business agility
Since every enterprise has its own processes for application deployment, AUTOMATION+ provides building blocks to help each team create their own flows. Here’s an example of a workflow for a Single Touch Provisioning that AppViewX has provided to one of our customers:
- Input Gathering
Input for creating a load balancer is collected using a custom-built form. It is controlled by role-based access (RBAC) for compliance and seamless flow of information between application and network teams.
- LTM and GTM Configuration Creation
Using the information provided by the requester, the Python Logic inside the automation platform creates commands to be implemented on the device, which could be SSH commands or REST API..
- Approval
AppViewX never implements the change on the device without first receiving approval from the user. Approvals can be defined as part of the process flow.
- Firewall Rule Creation:
Once the load balancer is created, , the workflow moves on to provision the firewall. The solution in this example involves provisioning of two firewalls — Cisco ASA and Palo Alto.
- DNS Record Creation:
Once application deployment is completed, the workflow will go to the Infoblox to create CNAME and A record for the users to access it.
- Notification and Validation:
Notification is sent to the team of approvers and requesters via Slack and email, informing them of the status of the change and all the relevant details. AppViewX performs a set of validations at every step to make sure the device performs well after and before the change.
Application delivery automation is definitely gaining popularity, but many IT organizations are still at the early stages of implementing it. We hope that this article showed you how easy and straightforward the automation process can be, and will help you get started on your automation journey.
