About the talk
IT transformation, cloud, and new application development technologies are changing the face of cloud-native app environments, and app delivery technology must innovate to address the new use cases. Learn how one Citrix customer is managing their cloud-native app environment with Citrix Application Delivery Management and Citrix ADC.Note: This session will be available for on-demand viewing post-event on Citrix Synergy TV.
Okay. Good morning. Everybody. I may go to see me. I am this is 10116. We'll talk about how customers are managed service networking for cloud native application and with me is because, yeah, I'm Richard Sherman from Duke Energy. I mean and I'm an architect with a focus on infrastructure and operations kubernetes microservices projects to learn about this technology as well as the transformation of companies goes through cuz you're probably in the process of going the same thing. Thanks. It's good to know great. So I will talk about
around digital transformation. No talk about the rice if I caught the platform teams and explain what that means and then a customer Journey. What do you customize our customers go through this process? And deploy kubernetes platforms and an example of the patient. So just let me start and sore spots like this at this pic spin diagram. I can see you want to go fast. I want to get closer to our customers. It's about customer engagement and to do that. They they want to be able to connect my building apps
custom maps mobile apps and move quickly the challenge though. Is that one of that the developer and to multiply the app Nick me we can get you an example so you can take some time. Adopt a child in how do you move fast if your organization for Silo and and therefore it can't can't move at the speed of the business. So what happens is that happening is at the executive level. There is a decision made to change and that's part of that is how can you move fast. We need to look at our business processes business people into a
nap if I could change and inference off of process. It's also comes down to it break them into Microsoft assassin Academy fast and blind auditions. And so what happened that's one team and chicken place to move to transform the organization. That's one team is a team that actually runs a microservice platform container platform is a solution the same platform that Google that's open source, and many companies have contributed to put the point here is that you're so warm. It's typically parts off
another organization, but probably it's part of the CIO organization Parts off of the cloud off steam or can you part of the Enterprise Computing butter spider goalie specifically designed to run all the communities project and is composed of Architects and middleware architect because there's a need to go where Architects are the websphere people did they deployed web app and so they're familiar with applications to a supervisor responsibilities for a platform. Results of devops person there's a security architect and a black from admin
and stopping being typically seek Enterprise gate Solutions. All right. So, what did I say? What you want to do? One of the only be couple of the apps from the infrastructure and you do that but really by not using vms2 diaper visor should use containers with inner the right portable. I can run him on Friday and I'm in the clouds could use containers for that and you wanted a couple teams from one another so you could do you want things to work on their part of the app separate from other teams that can use their own programming language. They
can deploy you have to deal with speed speed and so on. A goal is to find a couple of the application development process from the operations process. So a platform peep-toe platform the update the platform for Life policies on the platform in the application apps on the platform desired face with a bad pun team. It looks like this. So this thing from Gardner sodium in a sarcomere provided this diagram pointers add there on the far. I bought them. There's a container cluster that can be on Fram. It's going to be in the cloud or both hypothetically
and your stupid app development on top and their infrastructure and operations passed below turn off recents pads really about managing the platform. So they provide policies. That's what this passes right through the application development use the platform to deploy the apps and they're giving the reader given waste for them waste developers would be polite apps using any of your face and there's a full set of tools that goes through the blind fat before and after this.
Okay, so far me questions. So how do you search deck platform in a data center in a typical seed architecture compute a hypervisor into the apps are on top there is a platform to getting started and it's pretty cool bananas that gets inserted and there's an ADC on Top Gun by jdcteam. There's a platform again from the Arlo. Answers as well as Lord answers that's run by and by the bathroom and then there's a computer hacker visors. That's a load balancer is similar to the one on top by softer days, and it's inside the cluster. So that's a Jamaican phrase straightforward.
Typically what happens when customers make me some Journey they spend up open source tools open source in graettinger apps and remove them over open source of which means they have to like text apps if that's a problem. That's money that they gave me hear about the situation isn't that involve? The second thing is that a state employees apps? Do you need to transfer policies existing load balancer donkey. Kubernetes cluster and the ink has no talents or so.
Finally if you want to operationalize that load balancer, you have to buy support from the open-source vendor and you do that match the newest update the ciphers for example new versions new features and so on make sure it's compatible with all the equipment at this system and that the police have challenged and so what happened to those that his Auntie Em's Century look for in a production Green Solutions. And what city has done is that they've looked at the limitations of what's available and
functions to the specifications for a call from the function that describe your family a specific functions and graphs and routing and see if it's time to do to support Legacy apps. So UDP TCP SSL PCP other day. I just know ways to do devops by using by doing Cannery Commander our policies making them available as an expanded. What's the definition of internal load balancer clothing routes to what you what you do you need to use to deploy your apps in production. Wright products in the space of an agency multiple times
today or yesterday and the indications left for the echo system Integrations to CNC of projects. We have the patience to cloud-based applications to Enterprise paper bananas. Let me bring into the booth. We will talk about their experience. All right, so little bit about Duke Energy how we do this journey and and where we are. So we are Duke Energy we have been in service for over 50 years. We are the largest utility providing or power from all different areas. You don't even
bother trying to cut that down, of course nuclear and all that so vs. 7.6 million electric customers. We have 1.6 million natural gas customers and what this is all about is we are transforming we are seeing that we need to talk. We already customer-focused. We are very dedicated to our employees. So do you need it to take this journey and as we are transforming our customers experiences, we are modernizing our energy grid generating clear cleaner energy and expanding on natural gas infrastructure to create a smarter Energy
Future for people and communities that Preserve So as we know we talked about we are Industries changing we have very low or almost no growth, you know impact to the Duke. Why is that because we are seeing on solar wind battery storage and some of the cell generation those all the things are impacting our Dukes business so are our customers expectations. Increasing they are they are needing more mobile applications the way to interact with our company to pay bill to look at their data to look at their
consumption and and and to maybe conserve energy. So they are looking for more and more applications that we need to provide to them. And that's where we know technology is becoming very very infused in every aspect of this business as I talked about the disruptive Innovations are driving that would change so Duke Energy must transform to stay ahead of Industry changes. If you want to be in business if you want to stay on the top and and you know, We have to transform accordingly. So as a critical in Ableton of the time please the strategy we know it must transform is it is
not about I T is about business we have to help business. So it's keeping all those things in mind. We must provide high-quality reliable Innovative Technical Services boat at a rapid Pace in a very call the Stadium when Manor So keeping all those things in mind being faster cheaper battle we have to be on Duke started this initiative call list. It was really with keeping me in mind for the business that is up in Cumming lifts Ducatis transformation program that was fundamentally improve the
operations and deliver the sustainable card bill delivered a culture of empowered employees and who who wrote across organizational boundaries and drive business outcomes. We wanted to get out of silos. We needed to be leaner. We need to be agile. We need to be shifting last. We need to give dad walks in mind and of course manager Supply change chain because line is so glad so basically what happened was that you're saying there's a lot of requests a VIP themes for projects as your business needs to do more things and
discovered that is hard to do. Do I sell the effective leadership decided his lips lipstick look at tools processes and platforms and people and figure out how to you how come you're purchasing a raise in a very logical way so we can do more things with the people we have right to the initiative where you became a software and then we've been able to push apps faster from what was perhaps months and perhaps years now they may be days and days and I got the devil Ops
you limited some ways you took some processes out and then there for y'all to move people around. I mean ideal patient. So even in Knightdale patient silos, you got Silas it inside those but some people are just doing primarily compute the other stories people if you need me if we request a VM DMV Go to stores and they said give me some storage and then we will go to our networking people gave us all my T's we will go to or different areas. So that the process every sequential chain process when we
create memo created tickets are waiting for people to give us a ring before next process can move on. That's the way we were so we took all that out with visitors are going to talk about the timeline are our CIO basically said this is not working. We are so bummed all bogged down in the paperwork. We are really not doing any service to the business. We are just delaying the months and years to get a project to start initiative has launched and that's what we said. We all need to be dug up them are not the devil off Dev Dev. Net in Frost net Cyclops in every every way in networking and
security and infrastructure and operations. We all need to be agile. We all need to create we all need to move shoes. An automated processes we all need to be leaner management resources better. So that's how this lift process has started the soup. All right. This is just a timeline of the took. I'm just going to fast forward that way we started really as I talked about in 2015. We started small projects in 2016 based on the new methodology and then we expanded to large project. Our CIO basically said in LA in 2020 will before you had a child.
That's the way it is to be changed our culture which changed our processes you're still learning to that is not easy. It is hard but we took the people out from their silos from their comfort zone from their level and they said you are going to be customer-focused you are this is the role we have a customer-focused application teams. We have teams with Call Data Center in integration team. We have people from network from from acid from middleware from computer from the storage from provisioning all those people became came to an agile team so that our goal is
to completely transform the way we used to do things. So now this is just the background on the culture. Now. I'm going to start getting into some just like all the journey we took where we came from where we went where we are today. So as as we talked about as me for talked about window Cloud Journey starts with containers being agile, being fast and all that it containers and microservices. They play very big role in there, and we need to adopt. We need to leverage open source and in Innovation, basically, if you think of if you are in
your company's it is being induced, We were told you cannot use cannot do any open stores products used cannot use open sore spot if we were paying of course millions of dollars hundreds on hundreds of applications running in websphere and the Clusters and it takes a long time to do the patching and upgrade and planning version 2 version and all that. So that is what we are today. But as we started to how to become a Jedi how to get there. We need to we need to
concentrate if you need to focus on containers and microservices. So every talked about the challenges that we looked into we know we need to drive for Innovation. We also need to keep an eye on disruptive Technologies. We need to have to work to his data transformation internet-of-things artificial intelligence hybrid cloud is on Horizon Blvd to Depart of hybrid Cloud not just on print we need to do a French braid into a combination of both because that's a very critical component of the off of the moving forward process as a dynamic business.
We need to make sure we we are automated we are making a integrated can make an effective use of resources for all key areas. We need to encourage automation. We need to encourage agility forward. We still had a big base to support for legacy applications. We cannot forget that we have to maintain Windows 2008 going away soon. Leaving. But what do you do about those applications? How do you take them forward? How do you modernize those applications? And and of course we have Parts application to have
in-house written application for 3 buy all the shelves packages. They need to be able to we need to provide a platform to run and deploy those application. And of course, we need to meet our divorce with teams requirements. We need to have cicd pipeline full integration from end-to-end from your you know, Jenkins Maven Nexus to all the way by blowing and envying number to update applications faster. So we need to include all that. So those were the challenges we were looking at as as we started to take this journey. So once they did that you said, okay now we know what the issues
are or where we want to go. You know, what is the direction we want to take how do we focus ourselves? So we are we are just not getting you know, I'm going nowhere are getting confused. I know we want to be a dry, but we want to also give ourselves some some focus on that. So he said what is that we want to do so we never talked about we said we want to focus on open-source Open Standards and and and we want to avoid proprietary technology. We want to avoid vendor lock-in. We want to have our design architecture. Dr. Weiss flexibility. We also want to have you know, many different
Alternatives plug-and-play technology that can be used in multiple places and Andrew and I'll be all all of us have the big investment in the network and load balancing and monitoring and logging already. How do we also utilize that and not spend so much money that we are changing every little piece maybe he can take advantage of the existing technology. Maybe we need to go to our vendors and say what how do you provide to move forward in terms of container management and what you don't have all the money being hauled the load balancing will work. So we want to go back to her
and I sent off those questions and and so of coarse focus on Android automation with security building when we started this journey security, you know security also has to learn along with you. They don't know, you know, they haven't done enough research tell me someone has to start. So what does it mean to rent check near me open? What does it mean in terms of cyber security how your platform and how your networking and how divorce and all those things will be met is how much an application should be talking to each other? So that's where you need to make sure you are
integrating the security from the very beginning and end. That's what we did. So we have to keep that in mind Integrated Security integrated devops tools. Anime Auto Mesa Linda processes which are not there be before and in the other thing that we started to look into the ones we realized our challenges. Once we know what we want to focus on. We also wanted to make sure that we are making the right decision and that's where some of the research and some of the some of the people that he needed to talk to some of the articles that you need to read and n n Go by Louis Vuitton your gut
feeling, you know, what was happening at the time cool nights kubernetes, but just coming up it wasn't what it is today. People started potatoes is good. We want to go containers with how do you go about doing containers containers Docker there a lot of internal research on that so doctor technology to people's heart doctor run time. Meaning doctor Inc. Docker Inc device is it was the owner of the run time, but of course it became a you know, open source and all that so Sort of Tour de are there together. So then I started
to look at you know, when we are doing containers. Should we do Docker swarm, but as we looked into Docker swarm of us finding so many some drawbacks in there their they're networking the CNN versus t&i if you read up on that is but container networking interface. This definitely was better with the kubernetes was on the road map. It was all in the roadmap, but that was more promising that was more Progressive an are out doing it that way more focused on going to be as I started to do some research and as compared to Docker swarm, so and some of the auto scaling of
your containers Dynamic agility that was missing in in the orchestration the docker swarm. Some of those things came along and and we basically also other thing is that we have we had PCS we have PCF in house also, so we wanted to provide a complimentary technology. You have PCF you are already doing right is it little bit proprietary container ship built in there and and but it's as good as gold good for development, but it's very rigid is not flexible off of quarter containers in kubernetes is very flexible. So but we wanted to provide a complimentary technology
and and not a competing one because we had him a big we had made a big investment in PCF past. So keeping all those things in mind. This is our Focus. This is this is our Direction. This is what we want to do. So knowing all that we gave ourselves a mission statement. What is that we are about to do and what eventually our goal is. We said we're going to provide an infrastructure that is hybrid modern open and engineered to run containers for legacy and Greenfield applications and with Integrated Security and Agility.
So annoying. What does that mean? How we going to put together that platform? This is what we going to see what eventually this will all result in result in to improve the efficiency of a process. Greater consistency and quality faster time-to-market greater skill in Innovation and of course greater Synergy with an ID silos. So that was a reason at that point. So important things in decided to go to bananas with a Enterprise correct at the same time. You had multiple data centers new wanted to blow hyper-converged platform
what we have today. We got a couple of Big Data Centers, you know, but we also have multiple remote or small data center operations architecture as an architect. We always look through the years ahead. What is that mean? What is coming? You know it it may be snow tomorrow. We going to Mars. Is that something coming in? 50th Mario Tennis. So what is coming into to five years to Container Store on the horizon and Hyper converged infrastructure was also is starting to come up hyper converged infrastructure. As you may
know is your storage. Your networking is everything in the Box you are not putting the pieces together is all in one in one that makes your job easier. So when we looked at our remote data centers are all over with hard hyper converged infrastructure can be a good good good thing for us is researching other than I was researching on containers. They were people who are researching on hyper converged infrastructure. They were other people were in or researching the store and go that's our role will be want to look ahead what technologies doing. So as if we were very
confident that something is something we want to start rolling out in in in in company. So when we did that Started to look at the vendors we decided we going to do kubernetes and and be able to do all those things. So I started to look at different vendors. They were vendors which were doing. Some of them in the open shift was obviously there but opposite of very competing with the path PCS passing. So we didn't want to go to bring open shift because they were very similar it was coming up. So I started to look at different vendors we talked about should we do
all in one went to write a venti single vendor For Whining the whole support DACA rink in kids in there be a few others, you know, we also look at suitcase container shape. We looked at vendors we gave ourselves say a weight how much weight each each criteria has and and we did we'd held about about T25 POC. We work with vendors and Sage show what you can do we want to deployed in are in an in-house app in-house Within We want to deploy a car's package and we want to maybe
deployed all of you also deployed to SQL database Microsoft sequel to 2017 which was coming up as a container image. So when we did the POC is we are all these vendors called in the POC to see what it will look like if you deploy do all these deployments as a container. So that's where that's where one of the things that we looked about knowing the hyper-converged knowing, you know infrastructure be with sort of started it. They provide it say they provide the storage the
computer networking. They provide the Dockers the kubernetes, you know, and not only that other thing which I want to mention is that we want to be h a u know how highly available at applications running. So is it one day the sensor goes down? It's not just that one note goes down within one data center. You want to design a and infrastructure if one data center goes down. Are you still working on your application is still up and running? So we were looking for a solution that is
4084 a even for persistent application. Stateless application in those can be easily done. But what about persistent? What about statefulness? What about your database is how you going to contain those in a multi Datacenter environment? Our goal was to have that available. So when we saw that we saw all those things that they want to provide to talk to some of their customers Wichita and and David running databases on Diamonte container platform are they were running very critical application that
provided us the Dakota kubernetes and Waterman, but it's also okay. This is how do we go about adding a control plane that we provide a deployment methodology provide us a a way to do a multi tenancy using the kubernetes. That is a control plane if it's completely plug-and-play innocence completely open-source. You can add that in front of your bare metal structure. You can add that in front of a zipper in the front of AWS or your ideas or PKS or even Reddit openshift. You can take any battle
platform kubernetes based and and you can go to the Ramada what it does it on boards your clusters. Once you on board your clusters of any of these platforms I talked about then you can create you can add users and and that is all users can be your active directory base your Elder based authentication when you log into that that's the administrator can create that administrator creates an environment. What is that environment means it means the name is space so fast while working with kubernetes at this point. His name is space is the one where your parts are running parts
are the terms with kubernetes for containers containers multiple containers in a pod part in a namespace. So it just starts from inside out or you know containers part and namespaces. So what it does it manage is all that you can you can create an application in there and diploid. It's a clicking flag. You can create you can add the storage you can add anything you want. You know, what a gamma file is what all the things going there. So you can create your application in there. It will generate
a Yama for you that you can save and Export and put it in your repository or Cox application. You already given an image a container image and yam 05 you can import it in there. And you reply to the namespace that did that administrator will create for you and in the back and you can be deploying that to Diamonte your own frame platform or pts platform you may have or or we are connected to other AWS through this control plane. You can deploy and the good thing about that for development site is that they don't need to worry about it developers have enough on their
plate, you know, that is no such thing of know, all I know is that I may be hard it's all that off development teams are going to manage that that is not true. And that's their container as a service. We saw that it's really very good brand of where where your IQ of people in Daredevil of people can really work very well together. Everyone is doing their own job. So as as this provided us we didn't want people to go and she'll to communal and Duke you cut all commands and and you know security was not going to let it happen because these are Huge bare metal and Waterman
diamanti and as you need to provide multi-tenancy, you'll need to provide a way to two roads are bad to authentication authorization and isolation of off all those different different business units which are part of that. So we looked at Nevada and he put it on that Lisette. Can you give us do it for us? And and so they did a very successful POC for us? No, we started looking into. Hey, okay, we got a platform. We know what we can do we can use and it's good. We got it control play that we can use on top of it as Nico talked about
load balancing. He said, you know, how is your container routing and load balancing happening that still needs to be as traffic? We knew what to do with the north-south traffic. We have a strong team in Hollows, very knowledgeable, you know, we depend on them but you know, so be it. But we wanted you to lies. We wanted to invest into that and say how do we are container out it so that's okay. We have a subject. We had a container environment. You know, what do what should we do about her computer routing so we work with you michl and
and then we came up with the plan right this this this information is available on this and and this is this is actually or not. Correct. You are amazing be one of our Dental apps. This is the part that we did the testing we are in the process of rolling this out and that that's where they wear Citrix, you know, why does a lot of help in there we came up with the design became the process and a lot of new features you talked about how to provide camo files to hear Mada Sao can automatically configure at the
last minute to be secured with SSL. Bad on this is something putting it all together. This is actually a this is what we are doing. This is what we are using. So as you can see from there, we got a Pneumatic control play. We got kubernetes cluster into Data Centers stressed completely h a completely with Dr. Reason, you know, kiosk monkey methodology with turn the notes down with the unplugged or no. We went through the whole data center out and we wanted to see how your applications are behaving. So this is the
plant this is so as you can see if they work very well. I'm in the laundry lessons. We have to tweak a few things. We have to work with a network team some of the some of the switches in Ford Edge configurations, buy storage configuration your network configuration your management wheel and fuel container Reliance. We have to plan all that out and we have to go in tweak some of the things But that's not that was the part of it. Once we invest that time. We know this may be on autopilot. So as you can see from here we have We have you know, Eddie FS. This is a single
sign-on you log on and and behind-the-scenes Nexus registry and and and Jen kisses Jenkins and Nexus are devils. People are using for the Cantina side of things. We we were using we had a lot of investment in any Splunk and we have an investment in the CIA monitoring. So we went to those vendors. Can you provide in monitoring for for that? So CA why did they they worked on it? They gave us a way where we are deploying the part that I want a mansion over here is contagious or not just for
applications containers are for infrastructure. We all in idea of weed. We are all cells are doing them off at this point. We are deploying Citrix Citrix CPS. We are doing the deployment Splunk deployment at 12 set, which is a container fire. Container isolation said we should all containers. These are not any other application. These are all containers and they all go to the same level of pipeline as a developer application window to pass level 5 line. There is no different. So that is the beauty of that. We all are becoming
devops. So this is our load balancing East-West traffic. This is also deployed as a container. This is CPS citric CPS, which are nothing but you deploy the container and then as you can see so as its applications are coming coming to the Ramada deployed to this. Ingress is all automatically set up a bacon do all this in their mother because what happens we have wild card URL. So once you create the wildcard URL the device are Vapes, you can automatically create that you are else if I say Astrid. My apps. Duke energy.com,
then you can say at 1. My Astro Duke energy.com. You can free Fix You Can 3/5 and dynamically create URL based on the wild-card whips. So you said these up one time. And the devil's if you have a business unit, for example, we have Alexa customer business unit or or in a outage management business unit. So we create the Whip and Nae one time and they create multiple URL soft of that all on autopilot. You don't get involved. So as I said we still as a request
comes to comes through and goes to the VPX in the whole Citrix svsd PSL infrastructure. We have in place and then once it goes through then it comes inside after setting up to Nevada. It comes inside. Diamanti platform is going to be all so ever and then decide of the Ingress over there using the CPS and that's how your application is excess poop to browser and act as a good thing that we are working on we have on board is on a PS Plus store on Ramada. We are in the process of setting up the load balance. Dr. Ross and
a non-payment of craps. This is about what we are in the middle of doing but this is really our whole diagram that that that will utilize where you can easily bring you applications on board anything you can add the Pasty manage capacity on demand would go to Nevada and deploy using to your back and kubernetes clusters. All right, so just quickly does this one already in place. So what we did we added numata in there? We are still mad as using a standard infusino operations
devops pipeline that we have and then he added the amount you were here. So this is in any company, you know, we are not disrupting every little thing. I think that you will not be successful if You make a change we are not utilizing your existing processes. Still on ever said we all the things I talked about his journey the time it took for us to was very fast. Once we realized once we once we did the poc in 2017 in 2018, April we decided this was the architect or this is a design. We want to go with the
purchase or Hardware. We did some training sessions. We got all these environments set up in November. We did our first drive on deployed applications of first time in December and and we let it sit. You know, we said, okay and why mint is ready, everything is ready application deployed. You did not quite open. So when we get. Back after New Year's Day and all that so then Floyd we open those applications to users and and then as you can see I buy end of March it has grown even more we have a hundred thirteen applications in development
308 Users at the time. We have 19 applications in production 60 we have about 25 or so applications today running in production the timeline if you look at how fast this is this why the things we have to do we want me to be a guy if you were going to fail we were going to fail fast we needed to do it. Yes my gosh, we made a mistake and and again, I want to mention that we were able to do that because our leadership and all that the empowered us some of the journey I talked about the lift. They said we
trust you get up get up there and we did and and so we wanted to see if you were going to fail fail fast fail forward restart Lee do so, but luckily we had enough in there. We did our research and all that and we had good partnership with all of them all our renters with the trade with the Diamante with the name of it. Splunk we went to each and every one of them is a VR launch. We are doing this initiative. Can you provide what you do for containers and everyone really would they were excited for the new technology? They were very very very willing to work with
us because that's their business. They want to build a business providing their their technology to to their customers and there's a customer asking for it and said, ok bit of work on it. So it it went pretty quick. So I just wish some reason right now if we had eight clusters about 76 notes we got for Neymar X is it at that time? It's about about a month or hundreds of applications 80 some users and we have you know, this is a real picture. We have a staging environment. We have development which entry level 2 + Turtle development 1 + 32 + art of QA to cluster for
production fully ha4d are stretched into Data Centers. So so right so what went well the training the knowledge along the way be provided training to whatever we got ourselves train within the project planning with it. Collaboration with our vendors. I talked about we wouldn't be successful if you were not going to them and asking can you work with us business will come first but if you are as it as an operations architect and operations support person business will also going to be pretty fast if the day 2 is not working if that's the end of it you have to
plan for Day to you have to what happens when things go berserk when things are not working when you are sitting in SV even your own phone when your management and everyone sitting in the rule and say why things are not working you have to plan for that you have to plan for high availability and four for the support. You said use existing tools communicate with your partners plan. Well cross data center deployment rollback is very important extensive training staging that you ate. Make sure you have all those environments or active monitoring. So that's all we
took our journey and that's where we are. Set alarm. How to get some time for some questions his lunch afterwards so we have a little bit of time if any questions is microphones in both sides of 5 minutes, maybe any questions comments or thoughts. I feel like every when what was the time or the time. And why did you move away from cloud Foundry into kubernetes? Move away from cloud Foundry, I think I thought we were looking at their worst. They were some restrictions are developers were saying I cannot work
in the scheme of the Paynes what is provided they wanted flexibility they wanted control. So that's why we started looking at kubernetes and containers. We have a room for both, right we have both Platforms in house. Yesterday news case is better suited for PC, you know pccf have new skates is better for kubernetes containers. Okay. You had a HOA proxy NCT X part of your infrastructure than there are you know, we had to leave a little ahead. So we started with a t prophecy but you saw there are some limitations in there. So we are rolling out the CPX right now. Our goal is
to really busy. You know, we're going to retrofit as a new apps, They're going to go on CPS and they will not move. Word astute to the CPS at some point. Yellow, so what are your plans for the next step? What are the words coming up now when you're in production water source for the future. We are looking into the the next version what actually are looking at Windows containers. That is the next thing as you know, Windows containers can be done your master and in the cluster has to be Linux, but you can add your windows note and and management Windows note from from the same same place
or so. We all be wild looking into that. We are looking at the history of service smash, you know how we are looking at his version that is something we want in restaurant because I do think is going to provide more functionality to us for something. So that is what we're going to focus on. So, I'm sorry. So you have the amount as your on-prem, you're just leveraging like for Amazon. We want to try both options. But definitely I think of more leaning towards these preventers providing us the cluster. So we have our knows which we have control
over but they man is the master in the in the kubernetes cluster. Yes, exactly is a single instance that can onboard any of those because you know, Who's keeping in mind? You don't want to do flight from Deb. She weighs some of those rules, but otherwise single instance with work everywhere. I'll ask question of promises. Are you currently leveraging the additional features of our CPX beyond what haproxy her attention next to do already like a major project looking to do I think we should go on CPS. They have certain things how much control they want on their on their ribs. So we
don't even talk or tent acacian authorization some of that, you know, do you want to have passed through how do you don't have termination in all this kind of thing? So yes, we we are looking to get to follow on that. Yes, but we have apple Equifax security at what's a concealed container firewall isolation. You can you can create fire walls with including everything part. So you're at 4 multi-tenancy. So this part this name in space will not talk to business space. So I think we want to compare what Raff and Raff are
providers in combination with Dart Container security firewall that we have implemented. So we want to see what will work. Well, maybe use cases for both. Thank you. So I Cossack is the effects are Kotex security of the containers deployed to the kubernetes platform and and they are the one that's already created the firewalls. But outside of that. We have all Palo Alto. We got villain container Alliance are set up for different as those container Alliance or are segregated from other relax your Yorkie. Radio WGN. A fraud or separate. That's where we have Palo Alto to
so so we had external security. But then you got your internal security in the part that I did not mention is the scanning of your images where we have next Nexus and sonar type where Wendy it downloaded images. They are apart deposited in the in the repository and that they have scanned and also for wife's you. The scanning of off your images and the report what you want to build. These are found we were the problems are and what you know the reporting on that. So we are we are we are we are secure multiple levels.
Question left. Where was the Citrix control plane? Was that dedicated in the container or it's in every CPX and it by controlling an external container for that. Set the controls the Citrix control playing with in a separate container. The various workloads. Are there very eccentric Silo of the va's or sitting in that container as well. So we'll bring multiple rapes in grass is right and so to each with a fine-tooth at Ingress that that you can use. Any more questions and not then thank you for coming everyone. Thank you so much.
Buy this talk
Access to all the recordings of the event
Buy this video
With ConferenceCast.tv, you get access to our library of the world's best conference talks.