Duration 44:08
16+
Play
Video

Citrix Synergy TV - SYN223 - Going cloud native with Citrix ADC

Michael Disini
Sr. Director of Product Management - Cloud Native at Citrix
  • Video
  • Table of contents
  • Video
Citrix Synergy Atlanta 2019
May 23 2019, Atlanta, GA, United States
Citrix Synergy Atlanta 2019
Video
Citrix Synergy TV - SYN223 - Going cloud native with Citrix ADC
Available
In cart
Free
Free
Free
Free
Free
Free
Add to favorites
473
I like 0
I dislike 0
Available
In cart
Free
Free
Free
Free
Free
Free
  • Description
  • Transcript
  • Discussion

About speakers

About the talk

Topic: IT

Enterprises are adopting a cloud-native strategy to become more agile, move faster, and innovate new business ideas. Cloud-native technology usually means using containers, Kubernetes, and multiple public clouds. Going cloud native also means changing the way you develop and operate applications, which has enormous implications for the network supporting the applications. Citrix ADC is well adapted to help you on your cloud-native strategy. This session will highlight what it takes to build a comprehensive containers-as-a-service solution for the enterprise using Kubernetes and how Citrix ADC can implement key features in Layer 7 load balancing including ingress, CI/CD, SRE operations, and cluster autoscaling.Note: This session will be available for on-demand viewing post-event on Citrix Synergy TV.

Share

No, good afternoon and product manager for a friend with me to straighten teeth out. So the session is sent two 00:03 to three. I think it's working. looking for 00:13 I love you forward from you. 00:25 Adele talk about talk about White Cloud native and how and why companies are going through this process and how are you doing it 00:41 and building their platforms and then the stakeholders involved in that form. And then how does 00:50 Citrix play in the play in this environment and Javi play System of chlorinated / the end? So 01:00

why Cloud made him feel about the velocity of the business what's going on is that companies are going through a dramatic change that you're looking 01:10 for more things are being able to be closer to their customers building what apps custom maps for example and jaguars a lot of requests to VIP team 01:18 and I think it's a walleye thinking that that was fast as the company so did a lot of regrets, so i d and I did all these processes in place people 01:28 are in the wrong are oranges are siloed. And so there's a requirement for the company to change to overcome this Gap and at least the transformation 01:36

of the company where they look at how do we look at people prophecies and tools and then address be able to move quickly and then that needs to be the 01:44 transformation where they search for example, I thought process and so on. Part of that is the move to Cloud native infrastructure and what 01:54 that means is their building apps as microservices was the inspiration for this came from the web scale companies companies like Google for example, 02:03 like apple fritter made ghost apps and the 02:12

dog pulling around us and they do apostrophes in place so that they're able to the most likely the co-optional much faster instead 02:21 of days. It's in it's in the evenin in hours or minutes. So this is my services 02:31 platform. This is an open source 02:40 project that was open Voice by Google and it's been taking a lot of an adoption by many many companies Compass Lake Red Hat IBM, for example 02:50 Kubernetes, and and these companies have also adopted devil practices so that they have an automated way to deploy app into production and use apis 02:59

outside to access the app of 03:09 the day, you'll find that perhaps 5% of the apps 03:16 already cloud-native somewhere in Walking. The dreams was only a small amount more than half their app. 03:26 So it's all Native app. So he's not closer to 75%. So be chlorinated to be a big push and rotating Cloud native 03:36 culture automation security monitoring and not working. 03:44 To go with speed so companies trying to adopt both speed and stability by working with vendors and and putting in place production consistent. 04:00

So the strategy for the business in looking at it all day. It is really the following to look at the scale and Agility how to think how can I just 04:11 focus on my business process in my business logic and take everything away and outdoor Gourmet kit for Warren give the less important projects 04:18 elsewhere and allow me to go to market faster and then helping with that. Can I invite more quickly launch new products there for being able to 04:26 quickly and enable there for a new business opportunities time to other Platforms 04:35

in charge. I need a liability and scale if I want to go fast 04:43 scale for things like you saying again inspired Technologies, like on demand 04:51 elastic compute be able to call an API to turn up a complete lack of confusion to buy a nap and being able to Van also deploy after cause multiple 05:01 availability. I have a trade and I have a Dr. And then being able to get instant feedback traceability in transparency wants me back. 05:10 What's happening like that form? I don't know what's happening to my apps. Play fall apart of that. Can I drop 05:20

my cost at cost? And he's really open-source platforms and there and he needs Engineers through Sundancer. What companies are doing. This 05:30 instead of focusing on running is not forms or developing Wingstop on sale by Enterprise Baton Rouge in and eliminate the need for developers to focus 05:40 on developing. The product and the order business instead. So, how did the black cloud native? Did you. By 05:48 breaking monolith to microservices? So which are multiple 05:58 processes in place inside with a lot of system called bacon for small microservices didn't like the service can be done by a different team. We can 06:07

build on that microservice after speed independent of other microservices Santini's and he's all tied together using API 06:17 calls. So now you have a way to run independently by themes by apps and it's apply for the largest scale is microservices and use API set the 06:27 boundary between is microservices so they can put all talk to each other. And the unit that uses containers 06:37 containers have been around for a long time and Lexie containers with Linux. The more popular one is dr. Bass. They provide us a run time with 06:46

systems and tools to be able to deploy a container to container is a unit of measurement that you can run it anywhere little a portable work on it in 06:56 the flowers on it on top of the next to the dinner is a fathom. That is the year that people use for building microservices. And he's pooping address 07:06 is a is a kernel for distributed systems. It's like a Dimensions build by initially built by Google. What is a way for you 07:15 to slap Forum make a request and I can request resources compute memory. For example, I can request scalability want one or more of 07:24

these instances to turn up. I can acquire a civil liabilities my Instagram. Can you please pull up another one somewhere else and make sure that my 07:34 app to use reruns and it's built across a masternode and it worked out of work or no to the master note is 07:42 the control thing which a the developer to use flax of me that the platform and there's app users who Dan to play apps using 07:51 it for the boy. Remind me to keep track of where the reports that are across the worker knows the Chilean and the natural and effective you 08:00

was hoping that this is just a lot of companies supporting just asked for my mentioned earlier a pivotal VMware. 08:10 But in kubernetes vs choices, so weed eater on your platform on Fran in the cloud or both by their self service hybrid hybrid Cloud scenario 08:24 masternode. Do you get master node in carbonado the framework changes everything 08:34 to six months so I can use a change in the API server in all the components inside. So you are going to buy a managed service that they take care of 08:44

all that change or you do it yourself or you buy a distribution from somebody else and they provide you with the updates and you deploy these update 08:53 yourself that's the case and then the applications with applications with 09:01 what all of the above. Not that important to take into 09:06 account when you build a platform and then networking networking is nothing come naked to go bad. If I did have a how do you send traffic from the 09:16 outside world into the cluster? Do you send HTTP traffic you send TCP traffic if you leave the traffic, how would you do that? It's a constant pain in 09:24

grass in kubernetes. And then to send traffic East-West. Do you use the Ingress device for a Catholic to go in stress or need to buy service map which 09:33 is now the big Buzzard on ServiceMaster has awakened traffic East-West and how do you connect a containers together? There's something called 09:42 connect a computer network interface and there are several versions of this which one select. They finally security. How do you secure your plan for 09:51 how do you secure the traffic like coming to the platform? Do you use an API Gateway. Can they still in the traffic? And then I just can't acacian. Do 10:01

you have any service smash where you can apply control on applications to us traffic call me. Please of the pods. Do you do you scan containers? So 10:10 that date before they get deployed to to find out if any of our abilities encryption and decryption and the 10:19 keys All compartment and looking after people call Dad on 10:29 speaker. So once you make all these choices when they're running in the public Cloud choosing your industrial what kind of working do what kind of 10:39

stories to use are due to security and so on so forth. If you're building on this platform your job is not done and I like to call this 10:48 Google In This Place Plus where you're also taking care of your stakeholders. So who's going to operate the plaster? And how do you make their life 10:58 easy? It is to give them the level Automation and book feels that that they need to Smoothie operate these covenants clusters. A 11:07 devops was interested in moving quote from from the Social Plaza Tree in reproduction. And how do they manage the secrets? How do they manage things 11:17

like an Aries and blue-green deploys adelipour so interested in getting traffic into the cluster into the application and then when something goes 11:26 wrong they want to be able to do some deep tracing to find out where their application to an exceptional read the weather at a problem. And then 11:33 the Atari who's in charge of meeting in the Civil civil objektiv, let's it had a social logical 99.5% So in order to figure out problems when they 11:43 happen to need the logs that needs metrics and so how does kubernetes or how does the platform enable them to be faster and be 11:53

quicker and be more not build custom of Applause for all these things and just make it easier for them and last but not least 12:03 the security in wants to make sure that everything is tightly buttoned up. Nothing is leaking. Everybody is falling the best security practices. I'm 12:13 so when you install kubernetes off to you make all these choices. Now. This is obvious. You still have to build all these things. You still have to 12:21 make choices on the tooling and the work clothes. I'll let you need to build out to support your stakeholders. 12:29

And so that so English 12:34 route is just the way of saying that if this traffic is coming in the cluster has this or 12:44 this certificate or this header then send it to that Microsoft is the War of 1812 brake limiting or 12:54 Authentication and salt to put they want to be able to do tracing in the buggy if you want to get into production. So you're in charge of the 13:05 CI CD pipeline. How does that happen? How do you think code which is in your repository and then bring it out into containers containers 13:15

and then make sure that the newly the pie code actually needs the service of an object. Is that of the old code? So you 13:24 like Canary and Lo Green's a canary is a technique where you deploy the new code into production for the only send little bit of the traffic to the 13:33 new code. And then you test the new code with real production traffic you compared with the old version and then you're dead. Then you declare success 13:42 indicator failure. If you declare success, then you can move a hundred percent of the traffic to the new version. I was looking at something similar 13:51

regular trying to do things like brand new version of the application you start sending traffic to the brand new version, but you keep the old one 14:00 around so in case that the new version fails, they're able to switch back to the old version very easily. Are the cluster Edmond 14:10 largest operating typical not operating just one cluster some of our customers are operating dozens of pastors. And so again to where it doesn't 14:19 offer anything out of the box for that. Somebody sent traffic to different classes how to communicate with each other. 14:29

And and then V mission service match, so there's a service match which is monitoring and intercepting all the traffic between microservices. How 14:38 is that? And for the asari who's interested in maintaining Civil Service level objectives, they need the detail Telemetry into the 14:48 into the applications as well as infrastructure. And Social Security in there faster than making sure that in Ingress traffic is security SSL. They 14:58 want to make sure that the Epi is are protected against DDOS against wasps attack symptoms for food and they're also interested in the service 15:08

match because the service mesh offers a automatic encryption and authentication inside the inside the plaster. so the 15:18 ciencia pictures of cloud native Computing Foundation that runs the Covenant is Project has recognized the need for a broader solution to 15:28 do they have a lot of projects for different parts of the solution stack of the talked about do they all say encourage 15:36 vendors like Citrix to come in and integrate with with with a CNC up Solutions like overnight as we are a partner in La ciencia 15:46

foundation and some of the Anansi NC of projects are here like I talked about how do you get cold from repository to Productions of 15:56 Kennedy Airport from Google around act as a service mesh project again from Google regarding IBM call Linda 16:06 cncf tekton and Spinnaker are continuous deployment tools to be made and typically if 16:15 you are trying to do this Session this morning where Duke Energy to cause to to their Journey. It's a pretty involved any text you a couple of months, 16:25

maybe several months to figure out all the pieces of a solution stack. So we talked a lot about the kubernetes Ingress because that's 16:33 one of the primary Solutions offered by Citrix in the space select explain. What is kubernetes ingress is all about. So you want to send traffic from 16:43 outside the cluster into the cluster, but you don't want you want to be able to control the traffic. So you want to be able to say that if the HTTP 16:52 header has a certain value want to send it to certain micro micro service. If BSN I certificate has a certificate has an indication of a certain 17:02

host want to send it to different Microsoft Liz Cooper and allows you to write. These rules is API object Scott English rules, but doesn't tell you 17:12 how to actually enforce those rules. So what we do is that we offer the subjects ATC as an enforcer as a proxy that enforces those rules which 17:20 controls traffic into the plaster. When you can use any form of Citrix ADC Brothers, the VPX all the container icpax, and then we give you 17:29 a controller controller controller which which area of government is the u.s. Rules and converts them into a TC 17:39

configuration. A little bit more about what is a service mesh. So if you have to microservices 17:49 residing different parts has nothing but a container 17:58 has terminology. They want to talk to each other over the network. This is a regular pot. 18:06 So it goes through its own network stack and then reaches out to the network stack of the other part. So 18:14 if you want to be able to control the traffic here, if you want to relieve the burden of developer interest in doing things like load balancing or 18:24

retry II braking and you fit in here security-minded anyone automatic encryption and authentication between microservices, then you might say that 18:32 he wanted to send the traffic to a proxy not just one proximity send it to two proxies. Amazon all the traffic looks like 18:42 this and when you want to do this suddenly able to exert a lot of control over the traffic between is microservices and you can do things like Mutual 18:52 TLS Mutual TLS will ensure that the traffic between them is authenticated and it's encrypted you can if you don't trust your developers to do the 19:01

right level of timeouts and retries and go dancing, then you can do that kind of enforcement in the proxy as well and you're tired all together you 19:11 run a control plane like it's still which will control these proxies and and deliver what you intended, but they wanted encrypted what he wanted the 19:21 type of load balancing you can deliver that to the proxies. I'm so this is independent of communities but works very well with carbonated. So the 19:30 control plane is a typically another set of cabinets objects. And it runs as a a covenant is controller. So, how'd it go account needed 19:39

with Citrix ATC? So our solution set consists of Ralph. First of all, 19:49 there is a TC and you can use any form factor of the ADC. Like I said before I would like to see mpx3 pix2pix and now we have the bare metal 19:58 DLX as well. Does the English control of which control which converts the covenanters if you and the Covenant of commands into? 20:08 Search ADC configuration. Edit it's a it's a it's an English controller runs inside the kubernetes infrastructure 20:18 stop. So it takes advantage of cool features like high reliability autoscale and reliability. And 20:28

then does the ATM so they did the ATM is where you send your logs there metrics and then you get the things like Subways graph you can deep 20:38 into your metrics and so we can do things like anomaly detection and you can run this EDM weather on 20:47 inside the cabinets faster. You can write it in the cloud or you can ride it inside a VM. If you have a broad range of Integrations with the 20:56 ecosystem, we can integrate with according to American Writers and Destroy like open shift or whether it's a 21:05

cloud managed kubernetes like Azure kubernetes service. We will still work with that to provide the green grass with Citrix ATC 21:15 tools like for me to scrap an affluent and unrelated ecosystem flu-like 21:22 Spinnaker's to give you all the choices that you need to build up your kubernetes platform. The same mom 21:32 what I just said in a slightly different form factor. So at the bottom you have the the the kubernetes nodes are the commentators 21:42 distributions and the containers running on them. And then the solution B provider the Ingress service match 21:50

observability and they brought integration with all the open source tuning. 22:00 So when you do this to me go to talk about the 22:13 nearest typically is actually specified as HTTP 22:19 https only with rotting encryption TLS in the right lane Legacy 22:28 apps for example, and so do you need additional special features such as PCP PCP have to sell UDP Canary routing 22:38 and then later seven functions like you guys responders to keep abilities authentication and laugh as part of Ingress do not know if you 22:48

don't need any more than Ingress anything just pass plus everything billed as part of our 22:56 solution. yeah, if you look at the other Ingress Solutions out there, it's nobody uses Ingress out of the box as 23:06 because it's it's so what what's the mathematical necessary but insufficient so you need Ingress but it's not sufficient. So you need to add all these 23:15 other traditional are 7 proxying functions, which is what does extinguish plus plus provide you with. 23:25

So what does it look like once you've chosen to Citrix ABC solution and your children a purple dissolution? What is it all look like So this 23:35 is it your kobernus cluster weather is running in the cloud or whether you're running it on on the laptop or orange Data Center. Where's the VPX 23:45 of MPX which is outside the cluster and password because the tier-1 vpso to tr16 are easy and typically 23:55 used for especially welcome to use it in the MultiCare solution. Are you would use that for their functions are even SSL termination 24:05

and then you can run the CPX which is a container phone factor of the Pacific City see inside the plaster and this is why you do all the nearest on 24:15 functions ice maker was talking about And then these is such a thing as controller runs as a hard 24:23 or a Akinator kubernetes container inside the plaster and controls the citric CDC. You can stream the 24:33 transaction logs from the Citrix ABC's into an open source tool called elasticsearch through integration called fluently, 24:43

which is part of the cnco. Or you can send the present transaction logs to the Citrix ATM and that's all I was you to draw up to the very nice service 24:53 graph which gives you the map of all the services that are talking to each other and also provided the licensing. Are we all set for the 25:02 counters all the detail Matrix encounters right from the TCP layer all the way to layer 7 that we went registry collecting you can export that into 2 25:11 into cncf to call the Prometheus and the new beauty is in grafana dashboard of the same counters in metrics Rocco's available in an ATM where you can 25:21

do defense Advanced analytics to do things like an hour. If you choose not to use the 25:30 second tier of the CPX, you can still use your whatever you purchase is the MPX VPX as the load balance of Ingress solution into your 25:40 covid-19 Glastron investigate the cic of subjects in which controller is controlling the The the 25:49 outside the cluster and how's the traffic comes in? The datc is able to talk directly to the to the 25:58 parts the application parts inside the plaster you need to be able to make the Citrix ATC be present in the same network as 26:08

the part or set set up some kind of routing and we do have a disintegration. For example, if you use choose to use Calico C&I or fuse for a CNA 26:18 inside the inside the pasture that should be possible but it does take a little bit of Netflix march to be able to do list. And 26:28 if you're looking for the traffic inside the cluster kubernetes provides you out of the box it forward to something else to proxy which is nothing but 26:38 iptables which let's talk inside. The plaster between Microsoft was below balanced using iptables. 26:46

You can also use what I what I like what I like and what if I come in all the time is it due to your solution? So the the first chair is against 26:56 you can do type load balancer, which is a more of a cloud native type of load balancing. RL 4 functions and 27:05 then distribute traffic into the chair to sit EXs and gxs than how it will distribute traffic to the to the front end parts as well. 27:15 So that's what you have it. You can continue using Q proxy for East West traffic for traffic within the cluster. Or what you can do is that 27:25

for certain traffic if you wanted to be managed by the by the Citrix ATC to be to do the 27:34 function switch to Ingress does like SSL or rewriting responder. You can send it to the CPX. So we have this is what 27:44 we call service light because you're not running a proxy next to each part, but you're still getting the proxy functions we able 27:53 to inspect the traffic and do all the the traditional proxy functions which provides for traffic within the cluster. 28:03 You can also choose when you're running in the clouds, you can choose to run it with the cloud native load balancer. So if you're running in Amazon 28:16

uuclv, if you were running an Azure use Azure load balancer and Google YouTube Google computer load balancer and 28:25 and then use the cloud native dancer as the other four. 28:34 So once you do this, once you implemented disrespects ATC Azure Ingress and East-West, you can immediately start seeing the 28:48 benefits in the suffix ATM. You can see the Service Garage of ourselves graph is something quite unique to search up Stadium. It shows you a 28:58 real-time map of all the microservices in your custody. Talking to each other and it gives you the details of all the transactions that are going on 29:08

for instance the if you click on the Note inside themselves graph, it tells you how busy that notice how many connections are coming to Baton or are 29:17 there any errors in that note? If you click on the links between the graphs then it tells you all how many transactions are there on the errors. Are 29:26 there an SRS typically interested in the golden signals as latency availability latency saturacion and errors are 29:35 immediately visible from the service graph. And sometimes you don't have to click on it. Just a color of the the northern the edges will tell you 29:44

what's going on inside the cluster. And because it's been running around being run through as the ATM machine learning we can also 29:52 detect an armless even before you can see a problem in the inotropic. 30:02 We can also do an automated Community with those trucks under $20 in the Citrix 80-seat now, 30:12 it's being done by the basket companies like Netflix explained what it involves. I 30:19 didn't think I have time to play the demo for you. So listen to download protection version tulip the 30:29

code. Is this what you wanted running in production already in the developers check in Jackson a virgin to the other departments system 30:39 like Spinnaker, which is an open-source deployment tool will detect that Builder artifacts and then find deployed version 2 into production 30:49 automatically, right? So it's highly automated system. But instead of direct me to blindly to because who knows me to maybe buggy what you 30:59 do is you departed Canary mode. So what you do is you deploy to versions to new versions of the application you do do you say to new departmental 31:08

application are tiny one would we want a tiny one with V2? Next News at Citrix ADC to to send traffic to all these three deployments 31:17 so you can send you can choose to say that they send 80% of the traffic to the old wasn't running in production already 31:27 and read a funny person the traffic to the canaries and all the 20% have to be one and have to be to now you can start comparing 31:36 between B1 and B2 which one is performing better at Vito's performing just as good as we want to or better then you're safe to move the canary 31:45

into real production between real production. If it's not then you say okay when I buy on v20 Center ticket back $2 percent. Take me to Saks. 31:55 Let's try to be three next time. And the way you do that is Citrix atc's observing the traffic between all these applications and 32:05 is able to send the metrics to something like for me to use for instance. I'm showing you that everyone has more silver busy hours for the b-2s more 32:15 sober busy errors than be one. And then to like Spinnaker has a plug-in car 32:24

to look at the Prometheus metrics and make a judgment call saying that it looks like in a worse than b one based on 32:33 the metrics on the Citrix ATC. Let's make a call there. Should I kill the canary or should I grow looking into full production? And in 32:42 this case something kind of what I made the choice to kill the canary and then we'll go back a hundred percent the traffic back to be one. So we also 32:52 have a an advanced integration where we're able to step the canary past 7 to 10% and the the kind of made a judgment saying that his ass looks good. 33:02

Then be able to think reason the traffic to 20% and then 30% 40% highly automated so that there's no human in the loop with the 33:12 performance of each version and then move our traffic into full production are in automated fashion. 33:21 And in the next couple of quarters, we can offer summer smash which is pacification is to integration. So the way it works is the 33:32 singer's traffic coming into the plaster, but once it's in the cluster, how do you control the traffic within the cluster? And you do this by running 33:42

tiny ctxs? It's the same CPS actually born So the CPS can be in Ingress or it can be next to each part and this wind 33:51 is running next to each part because of the sidecar CPX and just like I showed you before if they were to intercept the traffic coming into the 34:01 parking lot at once you do that you're able to control things like is authenticated as Adventure. Can you do automatic sucking breaking in 34:08 retries and the traffic grooming? So the so that's the integration with the least. You're so what you 34:18

write the your so is smash controller commands into is still and then it's just as the commands to the CP X's and O's cbx Implement these two service 34:28 match for you. So I have a demo for this first one go through an Ingress 34:36 service match Duvall. 34:46 Play yeah, it still has a solution a replacement for English calligraphy still Gateway and we'll show you a demo with the 35:00 CPS and the standard documentation which comes with which is the booking for the booking for is just really looking for is it called a couple of 35:09

microservice the reviews microservice the details Microsoft as you can see that you're so the product page called the reviews and the details on that 35:19 side. And then it calls the ratings reviews all the ratings on Microsoft. And 35:27 and then the Ingress Gateway is where you control the traffic into the cluster. Once you're deployed this input into 35:37 interior plaster, these are the various is two objects that are being deployed. So is your policy is to Pilot is to Ingress Gateway are all the 35:47

control plane objects, which I'm going to control of the City, Texas. In the CPX department 35:56 and you can see that there's a CPS there and there's something called the East your Bridge which country which converts issue commands into CPX 36:06 configuration details as you click into the any one of these parts, you can see that there is an 36:16 additional CPX that's running inside that part and as well as the Steel Bridge as a side issue Ridge gun vs. Jiren to CPX 36:26

commands. And then you sending the the metrics into Prometheus and grafana and you can see that as you sent traffic into 36:36 Ingress the leftmost it's in the yellow bars are showing traffic into the other microservices. So I think it was like 20,000 requests spread equally 36:46 among all of all of microservices. So so that was the demo showing a simple integration office during 36:55 rest with with Mexicans with CPX. Next is the Maury show you how well we can use this to your to control traffic 37:05

between the microservices. And so you really will try and sensory up 75% of the traffic in Ingress traffic to one version of the product page 37:15 and 25% to the other page and observe this distribution in China. 37:25 On some sizzurp age does a slight difference in V2. I think it shows you looking for me to fail book. 37:37 So these are just applying it still commands. And and hear what you see is that in, this is 37:54 Joe Jama that you're right. You can just buy the waiting between the we wanted me to 7525. 38:04

And then you apply those rules interests you. Let me see. There's two versions of the parts of the V1 Parts in the Beater Boards. 38:17 And then you can see the 75% 25% having their 75% and 25% visible in the dashboard. 38:28 videos videos videos All right. Payless 38:51 hell, yeah, this demo shows you how to encrypt and mutually authenticate between a Microsoft. So the green locks with symbols are showing you how the 39:05 hell we going to automatically ensure that the the traffic is authenticated and interpret using Mutual TLS. 39:15

What's the First Realty that Mutual TLS has not been installed. So they know which TP between all the Microsoft vs. 39:39 And as a result, you run a random container called sleep and inside the from inside the container you're able to call to the reviews Microsoft Office 39:49 and it says no problem. I can talk to you so that slightly insecure. And so now we'll install the the mutual TLS rules. 39:58 And then we'll see that you should be blocked. Will you check that the 40:09

It's not mutual TLS. enforcement between all the next services and I know from 40:21 the random part between try and call the review service and the random part is denied. Thanks to be mutual TLS being enforced by the CPX 40:31 sidecar parts. Get back to the presentation. 40:40 Next. So in conclusion in a cut when you want to go, your journey is all about you want to go faster 40:57 with some safety no kubernetes and the science of ecosystem how to build a chlorinator platform. You can make a lot of choices you going to build a 41:06

lot of stuff around kubernetes. What what why you do that you're going to make sure that you take care of your stakeholders. Otherwise York Lottery 41:15 are carne de platanos not going to be very successful. We have several products and tools to help you go chlorinated with Citrix ATC. We have the 41:23 advanced Ingress Ingress plus Paso Community solutions for devops like a canary control solutions by sorry Alexa was graph the solutions for 41:32 developers like in grassland and control Solutions of platform and security like certificate management and service measures and last but not 41:41

least you in the upcoming couple of quarters. Thank you. 41:51 So questions, please. Mike's on both sides 42:03 Jason Epithelium the cic. Could you just explain kind of glossed over the 42:14 cic and it's usability together with the CPX embedded inside the the pods. Could you just explain a little bit more? It's the same 42:24 thing you're controlling the VPX of the CPX when you deploy the CPX, it gets injected in talisay car into the CPX. 42:34 So each CPS gets his own copy of the cic. So they're always running together. 42:43

But if you wanted to control something that's outside like a VPX then you run out of the ccic as a part separately. 42:53 Russian election who's running kubernetes Simon and who's the interested 43:08 in service matters? Alright, okay. Thank you guys. Just one more than one one three 4:30 43:18 and, where is it at? C11 to 116 switch energy to 43:27 check out it was a regular expiration of Home Duke Energy and ended up running career doesn't 43:37 production with the Citrix ATC. Cool. Thanks quotes. Thank you guys. 43:47

Cackle comments for the website

Buy this talk

Access to the talk “Citrix Synergy TV - SYN223 - Going cloud native with Citrix ADC”
Available
In cart
Free
Free
Free
Free
Free
Free

Video

Get access to all videos “Citrix Synergy Atlanta 2019”
Available
In cart
Free
Free
Free
Free
Free
Free
Ticket

Interested in topic “IT”?

You might be interested in videos from this event

September 28 2018
Moscow
16
122
app store, apps, development, google play, mobile, soft

Buy this video

Video

Access to the talk “Citrix Synergy TV - SYN223 - Going cloud native with Citrix ADC”
Available
In cart
Free
Free
Free
Free
Free
Free

Conference Cast

With ConferenceCast.tv, you get access to our library of the world's best conference talks.

Conference Cast
505 conferences
19653 speakers
7164 hours of content