A look at AVI networks, a BADaas in load balancer land
A look at AVI networks, load balancer redesigned
At VMworld I was talking to my dear friend Swarna from AVI networks, we got to talk about what AVI Networks does and her role there. As load balancers (now I would get smacked on the head if she was close enough) are not really my thing I didn’t look that much at them. A load balancer is a load balancer, right? Wrong, since VMworld I’ve been reading up on AVI Networks and I feel pretty dumb that I didn’t notice them before.
First I will look at what they are offering without actually deploying one. Lets understand what they do and move from there.
Old skool Load balancer
When I think of load balancers I think of dumb appliances that have a specific task, a very important but also a very boring task;
- Load balancing traffic between two components
- Making sure a connection is going to the same component every reconnect
- Offering high availability in case of disaster
Load balancers are defined as ADC (Application Delivery Controllers) and that is what they basically do, they offer the datacenter application access to users. most load balancers are deployed and are hard to tune so most are left alone after deployment. Some are a bit more smart in determining whether the application or service is running, others are less smart. In general load balancers are appliances where the control plane and the data plane are soldered (software) together. Need expansion due to more traffic? get a new license to upgrade or deploy a new one.
This all worked fine when the world was simple, the world before we all got into the cloud. With the cloud everything changed. One thing that did change is the way the users connect, was Citrix using the Any Any Any slogan in the 90/00’s, this is even more applicable in this cloud era. With this Any any any scenario we need information to tune and control. we need to know who is connecting from where, with what device, accessing what application and so on and so on.
We need that information to help the user if they run into issues but we also and perhaps even more need it to make sure we know what is coming in. Is our data, are our applications save? With the standard load balancers you can’t do any of this, they are more or less designed to be the dumb device offering the access only. In this era we need more and AVI Networks realized that. Let’s go on and take a look at what they offer.
AVI Networks – AVI vantage platform
The AVI Network AVI Vantage platform consist of three components;
- AVI Console
- AVI Controller cluster
- AVI service engine
The Console of course is a web console used to administer and manage the other components. From the console you will see the application performance and round trip times for the applications you are load balancing. I will show this later but the data you see from the console is pretty awesome. The console connects to the controller.
The Controller is the one that is doing the smart things, it will know when to scale up and scale down the service engine depending on the load that is currently hitting your environment. The controller will also monitor the application performance and will be used to troubleshoot any application issues. This is the heart of the solution. The controller is typically deployed as a three node cluster to provide high availability and is REST API manageable.
AVI Service Engine
The service engine, the data plane so to say, will be the component that actually is the load balancer, collect application performance, client data and so on. it is the component that will be scaled up horizontally when the load grows. The service engine will execute instructions received from the controller. These service engines can be deployed on any x86 commodity servers, a cloud environment, containers, inside a virtual environment like VMware or OpenStack or on bare metal servers..
Below is a standard architecture of the AVI Networks solution and I think it shows the components clearly. The Console communicates (send and receives) data with the AVI controller. The controller on the other hand will communicatie (send command and receive telemetry) with the AVI service engines.
If application traffic dictates the controller will deploy a second, third and so on AVI service engine. This is done without you touching it with your hands. This is a very big plus for AVI Networks as with other solutions you need to manually deploy extra load balancers if the load is growing. Adding more load balancer is not something you do in a minute, you need to get the configuration right and the licenses loaded not to talk about load balancing the traffic afterwards.
So that’s the basics but wait there is more where that came from, because I’m sure you wonder what is different from other vendors?
What AVI Networks does different is that they do analytics in the path of the application. They monitor and collect valuable data from the clients connecting whether they are connected with a laptop, computer or any mobile device anywhere in the world. With that they got information on what device you work on, what the health of your connection is and what kind of browser you work from (if you work from a browser).
Add information and data of the application that they offer as a service together with the information of the application backend running in your data center and you got gold in your hand. Depending on what the user is using to connect and where they are AVI Networks can alter the offering to make the experience better. Standard load balancing has no knowledge of the whole chain and will never alter your connection, it will only offer you the service but will not assist you getting the best experience.
Being able to provide this kind of service and with that the ability to scale up and down without any manual action is pretty awesome I think. I can’t think of any other vendor that is doing that of the top of my head.
Scale up and down without no additional manpower
The biggest plus in management is the fact that AVI Networks works from a central point of view and can scale up and down without any manual taks, no man hour is wasted. In large environment scaling up and down rapidly this is something no other company can offer. Now you can tackle issues within minutes or hours instead of having to go through lengthy processes and wasted manpower.
The AVI Networks console
Let’s take a look at the console, I borrowed the pictures from AVI Networks site as my deployment is not giving that much data that you would see the awesomeness of the solution. From a console of any other load balancing solution you would see if the service you offer is up and running, you see the virtual server, the certificate and a little bit more. What they won’t show you is what you would like to know, you would like to see the end to end performance of the service you are delivering.. (hmm sounds like a monitoring solution).
If you look at the console shown below you see that because they are in the path of the service they can show you a huge amount of data. With this you can provide end to end service load balancing where you see the performance of the service from the client to the data.
This will make troubleshooting service delivery very very easy I’d say. A different view on this shows the connection between the service you are offering and the servers or resources internally. If this doesn’t give you enough data to support your users I don’t know what will.
I see more and more vendor develop this kind of diagrams and I like them, they got a very nice touch to them and give instant overview. It would be great if you could connect this with an end to end monitoring solution – wrote an article on that – link – and combine the information so you could support your users even better.
Products like Splunk or vLog insight offer log browsing but so far I can’t say I’ve seen interactive log browsing capabilities in other load balancer. AVI Networks offers this and it enables you to search for specific users, devices etc. So here the search was for any iPhone connection and there was one that had a pretty long time connecting.
On the right side of the screen different options to filter on are visible making it very easy to get down to the nitty gritty details. so if we dig in to that one all this information opens up. suddenly we see the client to data end to end details and we can determine what is happening that is giving the user such a crappy experience. We can see the certificate used, the browser used and more details that will help you debug.
One last thing I wanted to show is the security part of the dashboard. These days with all the attacks we can’t let security just be something dangling on the side. We need to know what is happening so we can act if needed. In the dashboard you see the certificates used, the TLS version used, the SSL score and if there are DDoS attacks.
Adding all this information in one console and having the ability to automate scaling up and down with separating the data plane (the service engine), the controller and the console is a huge step in the right direction. We use other products until now but I’m gonna look into whether AVI Networks is a better offering for our customer.
In a next blog (don’t hold me to a data) i will show the deployment and configuration… time is hard and projects are pushing…. be patient 🙂