Kubernetes Ingress Controller with Advanced Application Services

The VMware NSX Advanced Load Balancer Kubernetes Ingress Services Solution

Modern application architectures based on microservices have made appliance-based load balancing solutions obsolete. Containerized applications deployed in Kubernetes clusters need scalable and enterprise-class Kubernetes Ingress Services for load balancing, global and local traffic management, service discovery, monitoring/analytics and security. NSX ALB offers an advanced Kubernetes ingress controller with multi-cloud application services that offer enterprise-grade features, high levels of automation based on machine learning, and observability are needed to help bring container-based applications into enterprise production environments.

Image depicts Avi Networks kubernetes services, showing how Avi Networks uses Kubernetes Ingress Controller for modern load balancing.

Deliver Scalable, Production-Ready Containerized Applications with NSX ALB Ingress Controller for Kubernetes

Applications based on microservices architecture require a modern, distributed application services platform to deliver an ingress gateway. Traditional appliance-based ADC solutions are no longer an option for web-scale, cloud-native applications deployed using container technology as microservices. Kubernetes container clusters can have tens and hundreds of pods, each containing hundreds and thousands of containers, mandating full automation, policy driven deployments and elastic container services for Kubernetes.

NSX ALB is based on a software-defined, scale-out architecture that provides container services for Kubernetes beyond typical Kubernetes controllers, such as traffic management, security, observability and a rich set of tools to simplify application maintenance and rollouts. You can deploy and automate in six steps:

  • Deploy a lightweight, distributed fabric of proxy services alongside nodes in the container cluster
  • Automate service discovery and dynamically map between a service name and its IP address for ephemeral containers
  • Observe and collect analytics through Service Engines and provide Kubernetes load balancing with autoscaling based on real-time traffic
  • Integrate with container orchestration platforms like Kubernetes to automate the deployment and management of containers
  • Extend application services with an ingress gateway for secure service-to-service communication in multi-cluster, multi-region and multi-cloud environments

Application and Networking Services for Kubernetes

NSX ALB provides a centrally orchestrated, elastic proxy services fabric with dynamic load balancing, service discovery, security, micro-segmentation, and analytics for containerized applications running in Kubernetes environments.

Enterprises adopting Kubernetes need a cloud-native approach for traffic management and application networking services, which NSX ALB provides.  It delivers scalable, enterprise-class container ingress to deploy and manage container-based applications in production environments accessing Kubernetes clusters.

NSX ALB provides a container services fabric with a centralized control plane and distributed proxies:

  • Controller: A central control, management and analytics plane that communicates with the Kubernetes controller, deploys and manages the lifecycle of data plane proxies, configures services and aggregates telemetry analytics from the NSX ALB Service Engines.
  • Service Engine: A service proxy providing ingress services such as load balancing, WAF, GSLB, IPAM/DNS in the dataplane and reporting real-time telemetry analytics to the NSX ALB Controller.

 

Kubernetes Ecosystem + NSX ALBʻs Kubernetes Ingress Services

NSX ALB has a cloud connector model that is agnostic to the underlying Kubernetes cluster implementations. The NSX ALB Controller integrates via REST APIs with Kubernetes ecosystems including Google Kubernetes Engine (GKE), VMware Pivotal Container Services (PKS), Red Hat OpenShift, Amazon Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), VMware Tanzu Kubernetes Grid (TKG), and more.

Image depicts all the kubernetes services integrating with REST APIs.

Multi-Cloud Load Balancing for Kubernetes

NSX ALB extends L4-L7 services with automation, elasticity/autoscaling and continuous delivery onto Kubernetes Platform-as-a-Service (PaaS). Also, it provides unprecedented visibility into Kubernetes applications showing service dependencies using application maps.

Enterprise-class load balancing for modern application deployments in Kubernetes clusters.

  • Load balancing for L4 (TCP/UDP) and L7 (HTTP, DNS) with autoscaling
  • Extension to multi-cluster, multi-cloud and global server load balancing (GSLB)
  • Session persistence for HTTP cookie, source IP, TLS ticket, caching and compression
  • URL switching and redirection, content modification for header and payload
  • Priority pool and traffic migration for blue-green, canary deployment patterns

NSX ALB Controller aggregates this information from NSX ALB Service Engines, making it available via dashboards and REST APIs for quick utilization by network administrators to create an advanced alternative to the Kubernetes controller manager.

  • Over 500 hundred individual metrics across L4/L7 application services
  • Logs of every HTTP or TCP/UDP transaction
  • End-to-end timing from end users to applications
  • Application health score, client and security insights

NSX ALB offers a secure services fabric for enterprise-class applications deployment. It includes the following high performance security capabilities for Kubernetes networking:

  • TLS/SSL protocol offload and secure TLS certificate/key management
  • Micro-segmentation for IP address and microservices-based security access policies
  • Web Application Firewall (WAF) for L7 applications
  • DDoS detection and mitigation for L4 and L7 attacks
  • Single sign-on (SSO) integration for enterprise-grade authentication and authorization

Deliver better application experience in Kubernetes production clusters

Check out Avi for Tanzu

Deliver Elastic Kubernetes Ingress Controller and Services

NSX ALB provides a proven solution to deploy container-based workloads in production environments using Kubernetes/OpenShift/Tanzu clusters.

  • Ingress Controller
  • Multi-cluster, multi-site container support
  • Dynamic service discovery
  • Application performance monitoring and analytics
  • Traffic management local and global load balancing
  • Advanced network and application security
  • Integrated DNS and IPAM
  • Performance based elastic autoscaling
Deliver Elastic Kubernetes Ingress Controller and Services