Load-balancing Containerized Applications
With the popularity of IaaS environments, developers started building highly available and scalable apps that are distributed across many virtual machines (VMs), each located in different Availability Zones. But this started the fight between agility and stability. While developers, taking the advantage of IaaS, wanted to be agile and deploy more frequently, operations folks wanted stability and were not ready to change often or as quickly. Issues related to packaging, distributing and compatibility with runtime environment added to the fight. This is when people adopted concept of containers from transport industry to computers.
Running applications in containers rather than virtual machines is gaining traction in the IT community. This ecosystem presently revolves around Docker, a platform for packaging, distributing and managing platform independent applications within containers. Once you start working with Docker, you’ll quickly discover that there are not only management tasks associated with containers, but also application infrastructure services are needed for ensuring that your microservices-based applications running inside containers are always available, secure and performing well. You also want to deploy your containers across a cluster or “fleet” of servers. You need be able to update a single microservice inside a container, non-disruptively, and you need tooling to help with that. In summary, as containers are deployed across a cluster, you have to figure out how to handle:
- Load balancing containers (especially for multiple containers on a single host accessed on the same port)
- Securing communication to containers
- Monitoring containers and the cluster as a whole
- Continuous upgrading of microservices inside containers without bringing down the service (non-disruptive upgrades)
A10 Lightning ADS for Docker
The A10 Lightning Application Delivery Service (ADS) optimizes the delivery and security of cloud-native applications and services running over public or private clouds. It is offered as a software-as-a-service (SaaS) platform from A10 Networks. For organizations embracing the cloud and application centricity, Lightning ADS increases operational efficiency, offloads IT administrators from cumbersome tasks and reduces risk.
With its controller based architecture, A10 Lightning ADS has a compact, efficient full proxy – A10 Lightning ADC – that front-ends cloud applications and microservices to provide innovative Layer 4-7 capabilities, including traffic management with content-switching with advanced elastic load-balancing, security and analytics for applications on public, private and hybrid clouds.
Lightning ADS also extends application services support for microservices-based applications in Docker containers. Lightning Controller and Lightning ADC are Dockerized, and A10 Lighting Portal provides a set of configurations that makes it easy to get started with applications deployed in Docker environment.
Further, Lightning ADS is managed using the Lightning Portal or A10 Lighting APIs and can easily be provisioned with additional policies, beyond load balancing, including application security, application acceleration and non-disruptive blue-green updates to work in Docker environments.
A10 Lightning ADS can automate this entire process very easily, and it is the simplest way for the application developers to optimize applications.
Setting-up Web Applications in Containers
Let’s say we have two WordPress application servers called app1 and app2 running at port 80. When we deploy them in containers on the same host (VM), they are assigned internal IPs and ports. These internal ports need to be mapped to host ports in order to be accessible from outside. As a TCP port can’t be mapped twice, the containers need to be mapped to two different host ports as following:
- docker run -p 127.0.0.1:8081:80 xyz/wordpress1
- docker run -p 127.0.0.1:8082:80 xyz/wordpress2
That means app1 is now available at port 8081 and app2 is on 8082. But asking users to access applications on a non-default port is a pain. This limitation prevents multiple containers from running on the same host. As in this example, only one container can bind to port 80 at a time. This also complicates rolling out new versions of the container without downtime since the old container must be stopped before the new one is started.
Overcoming Limitations with A10 Lightning ADS
A10 Lightning ADS allows you to accept traffic on one port and distribute it to servers running on different ports. So you can have multiple containers running in a host and mapped to multiple non-default ports. The following screenshots show how to configure Lightning ADS for this particular example:
In the screenshot above, Lightning ADS is configured to accept the traffic for app1.xyz.com and app2.xyz.com on port 80 (the default port for HTTP).
Next, as seen in the screenshot above, two services are created for the two apps and traffic is forwarded to the respective server port based on the host header information.
While upgrading the servers, new containers can be deployed on the same (or different) host and a blue-green test can be configured with precise traffic steering rolling out the new feature in a very controlled manner and with a lot of confidence. You can read more about blue-green deployment in our post Blue-Green Deployment with Traffic Steering for Phased Rollouts.
Other A10 Lightning ADS benefits include:
- Unified services: A10 tightly integrates implementation of application availability (load balancing), security, performance and continuous deployment
- Analytics and insights: Provides analytics and unique insights into application traffic
- Simple to activate: Service activation takes less than five minutes.
- Cloud-native: A10’s service is entirely cloud-native and built using cloud
Schedule a demo to see how A10 Lightning ADS can simplify your application deployments and other application delivery services. Lightning Controller is available as SaaS from A10 cloud, and Lightning ADC can be deployed anywhere in a Docker container or in AWS or Azure public clouds as a VM.