A10 NFV Ecosystem

Integration Overview
 Agenda
• NFV
• Openstack
• Private Cloud
• VMware
• Cisco
• Automation (Private Cloud & NFV)
• Ansible
• Containers/Kubernetes Integration
• FlexPool Licensing
Private & NFV: Requirements
SDDC (Enterprise) NFV (SP)

Use cases Self Service -> Agility Use cases

§ Ent. DC automation § vEPC, vCPE etc.
§ Ent. Private/ Hybrid Cloud § Service Chaining
Automation -> Efficiency
Ecosystem Ecosystem
§ VMware § Openstack
§ Containers § Containers
§ SDN: Cisco ACI, VMware NSX, Consumption -> Flexibility § SI: Ericsson, NEC, Huawei etc.
etc.
Private Cloud / NFV Adoption
Private Cloud / NFV Requirements
SELF SERVICE PORTAL / CATALOG • Self Service / On-Demand

• Automated Provisioning
TEMPLATES BLUEPRINTS METERING

• High Availability
Orchestrator & Automation
• Elasticity
INFRASTRUCTURE
Virtualization
• Pooled Consumption
Network Storage Computing
• Analytics
 A10 NFV Solution
SELF SERVICE / CATALOG Orchestrator

SERVICES

Secure
Application ADC CGN Security Virtual Function Harmony
Services (VNF) (VNF) (VNF) Manager(s) Controller

INFRASTRUCTURE
Software: A10
vThunder Virtual Virtual Virtual Integrations:
Bare Metal Network Storage Computing
Cloud/SDN
Openstack
Management
VMware
Hardware: Cisco
Thunder Network Storage Computing

©
A10 Networks, Inc. | Confidential
A10 VNFs
Hypervisor Software/COTS Containers
(VM) (Bare Metal)

o Optimized o High Performance o Container/Dockers

performance
o Qualified o Quick provisioning
o KVM reference designs
o Multi-Cloud
o VMware ESXi o Choice of OEM
o Kubernetes
o Microsoft HyperV Integration*

ADC CGN TPS CFW SSLi ADC CGN Lightning ADC

ACOS Containers*

*Roadmap
 Ecosystem Integrations
Private Cloud Virtual Network
o VMware vRO, Cisco UCSD o Cisco ACI
o Openstack, RedHat, Huawei, ZTE o VMware NSX*
o Docker/Kubernetes
CLOUD SDN
AUTOMATED
POLICY

Private Cloud
Automation
o AWS, Azure
DEVOPS o Puppet
o Google, Alibaba
o Chef
o Ansible

Automated Policy with A10’s Open API

*roadmap
VNF LifeCycle
Provision Orchestrate Deploy
Infrastructure Infrastructure Software
ONBOARD DEPLOYMENT INSTANTIATE

System
START SETUP
Configuration

DELETE TERMINATION STOP SCALE

Change Management
Automation Tools & Frameworks
Onboard Deploy Instantiate Setup, Start Scale, Stop

Provision Orchestrate Deploy System Change

Infrastructure Infrastructure Software Configuration Management

Openstack / HEAT

Ansible

Puppet, Chef

VMware vRA / vRO, Cisco UCSD

NFV
 Openstack: Use Cases
Use Cases

1. Auto Provisioning
• vThunder spin up/down
• ADC, CGN, CFW, SSLi

2. ADC as a Service
• ADC configuration
• vThunder, Thunder, Bare Metal

LBaaS
2. vThunder – ADC

1. vThunder – ADC, CGN, CFW, SSLi

Who uses Openstack?

• SP/Telcos
• Academics
• Hosting Providers
• DC/Colo services
 Openstack / Heat Orchestration
HEAT

• Orchestrate Cloud application

• Declarative template or VNF

descriptor

• Automatically configures and deploys

resources (in Stacks)

• Stack is a collection of resources

associated with a template

vThunder – ADC, CGN, CFW, SSLi

A10 ADC, CGN, CFW, SSLi in OpenStack
• OpenStack Distribution Support
• A10 VNF certification on Red Hat OpenStack 10
• Canonical Ubuntu
• SR-IOV DPDK Support on KVM
 Self Service

Openstack: A10 VNF Workflow App Owner

Cloud Manager

SELF SERVICE / CATALOG Service Catalog VNF / Config

Infrastructure Mgmt. DB

SERVICES
Monitor, Manage Provision:A
10 VNF
VNF VNF VNF
CGN Harmony
descriptor
GLM Controller

I N F R A S T R U C T U R Config:
E Get License
CloudInit
Open vSwitch Deploy: IT / Operations /
CEPH Storage KVM vThunder
(OVS) Openstack Cloud Admin

Cinder /
Neutron NOVA
Swift
 Internal Only

Case Study: vCGN

Use case
Eastern Europe, Leading Mobile & Fixed Operator)

• Mobile Core Virtualization Initiative vCGN Scaleout

• Tender issued and ecosystem partners selected
• A10 CGN existing customer
• A10 invited to conduct several PoC $$$

Subscribers

Internet
• Requirements:
• Performance
• HA, Scale out
Service & Distribution Layer
• Openstack & NFV Integrations (Servers, NIC etc.)

vCGN Throughput (Net): 180G

A10 Solution
• Won three PoPs Cluster Normal Failure
• vCGN Scaleout on KVM/SRIOV (8 nodes) Per Node Per Node (N-2)
• 8 nodes Throughput 180 23 30
• ECMP, BGP Concurrent 14M 3.5M 4.6M
• N+2 Redundancy / Failover Sessions
• Openstack (future)
 Internal Only

Case Study: vCFW (GSLB, SSLi)

Use Case
US Largest Mobile Provider

• Secure cloud connect to Enterprise Customers Internet

• Provide value added services on MPLS network
• Requirements
• Integration with business intelligence layer with API
Cloud #1 Cloud #2
• Integration with openstack
• Two clouds for failover – with GSLB
SSLi
• Services: SSLi, ADC, Firewall SSLi
• Future: IPSEC between DC, Service Chaining

GSLB GSLB
A10 Solution
• vThunder ADC, SSLi (in consideration)
• Service consolidation with partitions
• Openstack / HEAT – RedHat
• Future: SFC
Corporate Users
Private Cloud
 VMware vRealize Integration
vRealize Orchestrator A10 vRO Plugin*
Workflows, Scripts
o L4-L7 Load Balancing
& Action

A10 Plugin o L7 HTTP Rules

o Health Monitoring
o SLB Templates

o SSL Offload
vCenter
o NAT Pools
o Trunk Interfaces
A10 vThunder
o Multi-tenancy w/ L3V ADP
VMware vSphere
o High Availability Cluster

* Roadmap
 VMware VRO Plugin
• Thunder ADC device orchestration workflows
• ADC (SLB) configuration workflows
• vThunder, Thunder Support
• Harmony Controller LADC orchestration
• LADC configuration workflows
• Thunder configuration workflows*
 Cisco UCS Director A10 Connector A10 UCSD Connector

aXAPI REST-based
Programmability

Thunder Series Virtual Bare

Appliance Thunder Metal

• Automated Provisioning and Management of A10 Thunder ADC Network Services

• Network configuration workflow to configure network parameters
• L4-L7 ADC Policy workflow to configure virtual services with SLB parameters
Cisco UCS Director Connector
A10 UCSD Connector*
Application Owner IT Admin IT Operations
o L4-L7 Load Balancing
Self Service Console Admin Console Dashboard
o L7 HTTP Rules
OS & VM Deployment Policy Manager Resource Pools
o Health Monitoring

UCS Director o SLB Templates

o SSL Offload

o NAT Pools
o Trunk Interfaces

o Multi-tenancy w/ L3V ADP

o High Availability Cluster
Thunder Appliance Virtual Thunder Bare Metal

* Roadmap
 Cisco ACI Integration
A10 ACI Device Package
o L4-L7 Load Balancing
o L7 HTTP Rules

o Advanced Health Monitoring

APIC
o SLB Templates
A10
Device o SSL Offload
Package
o SSL Insight
o NAT Pools

o Trunk Port (PC, VPC)

o Multi-tenancy w/ L3V ADP
Thunder:
Physical, Virtual, Bare Metal o High Availability Cluster
Harmony Controller*

* Roadmap
Automation / DevOps
Automation/DevOps Tools Survey
Ansible Use cases
IT automation software
Automation • Deploy Software
Orchestration
• Configure Systems
Users
• Automate IT tasks
• Continuous deployments
A10 Module
Ansible • Service provisioning
Playbook
• Network provisioning
 Ansible Playbook
What is a Playbook
• Written in YAML
• Collection of plays (tasks)
 A10 Ansible Playbook Ansible Playbook
Description
A10 Ansible Modules
Create real server
Configuration Management for A10 devices
Create service group
• Ansible Module comes with example playbooks
Create virtual server
• A10 Module is part of the ‘Network Modules’
• Available for download from A10 GitHub page

A10 device
Automate A10 ADC Configuration (hosts)
• Automate A10 Thunder / vThunder configuration
A10 Module
workflows
• Manage Servers, Service Groups, Virtual Servers
• Heath monitor configuration workflows

A10 Devices
 Internal Only

Case Study: ADC

Use case
Canadian Mobile Provider

• Network Automation & Provisioning

Internet
• Reduce manual work
• Reduce human input errors
• Previously used CLI scripts, but not scalable
Private Cloud / DC
• Requirements
• Open APIs A10 ADC

• Ansible playbooks & modules vThunder Thunder

• SLB (server, service group, virtual server, health monitor)
• Manage config state and change management

A10 Solution
• Thunder ADC & vThunder ADC (existing deployments)
• API
• A10 Ansible Modules -
• A10 supported modules (Future)
Containers
Kubernetes Integration
Kubernetes Master A10’s Ingress
• Integration with Kubernetes APIs Controller

• Automatic Service Discovery

• Insertion/Deletion from ADC for Harmony Service

service Controller*
Kubernetes Node 1 Service
• Benefits:
• Feature rich ADC
• Security
….
• Visibility & Control
• Analytics vThunder, Service
LADC
Kubernetes Node N Service

*Roadmap
cThunder: ACOS Container Solution
Phase 1: Containerizing the ACOS (Phase 1)
Containerization
§ Docker image for ACOS

ACOS
Packaging & Distribution ACOS (Phase 2)
§ Small footprint (memory size)
§ Distributable image hosted online
§ Integration with Kubernetes (Ingress Controller)

Phase 2:
Packaging & Distribution
Software Licensing
A10’s FlexPool
Flexible Consumption of Secure Application Services

THEN…
NOW
Instance Licenses FlexPool
o A La Carte – Fixed Instance o Solution – Capacity pooling for
licenses user defined instances

o Software License Tied to o Software License Portability

Hardware Across On-Prem & Cloud

o Perpetual per box lifetime. o Software upgrades included

Additional Maintenance Maintenance included
costs
FlexPool Overview
Capacity Pool
o 10G, 50G, 100G, Custom
FLEXPOOL
o Floating License pool
Subscription
o 1yr, 3yrs
o Enterprise License Agreements
(ELA)
o Standard & Advanced PUBLIC TRADITIONAL
CLOUD
All inclusive
o Gold support included
o Software upgrades included PRIVATE
o No feature licenses CLOUD

o Choice of Software form

factors
FlexPool Benefits

FLEXIBLE INVESTMENT OPERATIONAL

ALLOCATION PROTECTION SIMPLICITY

o Shared capacity pool o License portability o Centralized license

management
o Dynamically scale o Eliminate
capacity (no reboot) overprovisioning o Visibility and usage
monitoring
o User defined Instance o Software upgrades &
sizes maintenance included o All inclusive, Multi Services

Aligns Consumption with Business Needs

THANK YOU