Traffic Management, Monitoring and Security with Citrix NetScaler in Microservices Architecture

Traffic Management, Monitoring and Security with Citrix NetScaler in Microservices Architecture

Microservice Architecture and Requirements

Today, many companies are moving their applications from Monolithic Architecture to Microservice Architecture. In Microservice Architecture, different functions of the applications run as separate services independent of each other. The traffic between these services is called east-west traffic. It is critical to manage, monitor and secure this east-west traffic in the Microservice Architecture. At this point, Citrix Netscaler, Citrix’s load balancing solution, stands out with its flexible installation options, licensing and Citrix ADM (Application Delivery Management), a centralized management solution.

Citrix NetScaler Solutions

Citrix NetScaler has solutions in different forms using the same software code. These are MPX as a device, SDX (multi-tenant), VPX (Virtual solution), BLX (Bare-Metal solution) and CPX (Container solution). Since each factor uses the same software code, they are easy to manage and stable. In addition, with the Pool Licensing Model provided, capacity management can be carried out in a very efficient and flexible way. License capacities can be changed according to the need and without time constraints, without traffic impact between each factor. In this way, idle resources are utilized.

Installation Topologies in Microservice Architecture

Single-tier, dual-tier and Service-Mesh Lite are the most commonly used topologies.

An example of this topology is Service Mesh Lite, a detailed analysis of each layer and its tasks through the topology:

Service Mesh Lite

There are basically 2 layers in the Service Mesh Lite topology. The first layer is the NetScaler, which is located outside the Kubernetes environment. This is the Netscaler solution that is already in your data center:

  • The main task of this NetScaler is to manage north-south traffic. It ensures that traffic from the user is routed to the relevant CPX in the Kubernetes environment.
  • In addition, thanks to the SSL Offloading feature, it takes the encryption task off the application and performs it on itself. This reduces the resource requirement of the application.
  • The second most important task is to ensure security. The WAF (Web Application Firewall) feature protects the application against known and unknown attacks. Thanks to learning, the application is known in detail and protection is provided within the specified framework. In addition, it detects and blocks malicious bots with its Bot Management feature. DDoS protections and Rate Limit features prevent attacks on applications.
  • In addition, it provides optimization of traffic and application. Thanks to the optimization it applies at the TCP level, it ensures that network resources are used efficiently. In addition, thanks to its Caching and Compression features, it ensures that the data reaches the user faster and increases the user experience.

The second layer is the environment where applications running in microservice architecture reside:

  • Citrix CPX, Citrix’s solution that runs as a pod and has the same source code as other NetScaler solutions. Citrix CPX is responsible for load balancing the traffic from the upper layer to the pods for the relevant applications and managing the east-west traffic between the pods.
  • SSL Offloading is also performed at this layer.
  • In addition to other solutions in terms of traffic management, it supports advanced load balancing algorithms. For example Least Connection, Least Response Time etc.
  • Since it can see inside the traffic, it allows the traffic to be routed and allowed or blocked according to any parameter in the traffic.

Since both north-south and east-west traffic all pass through NetScaler devices, it provides enhanced visibility for traffic circulating within the data center. One of the gray areas in the transition to a microservice architecture is the ability to analyze the problem in case of a potential problem. This becomes very difficult when there are many pods and different services. At this point, Citrix’s ADM product comes to the fore. Citrix ADM is a management software that allows all Citrix NetScaler devices to be managed from a single point, automates processes and allows detailed reports on application traffic thanks to Web Insight.

Thanks to the Appflow Data provided by Citrix CPX, ADM Service Graph provides visibility at each layer in terms of application traffic with performance, statistics and analytical data. Response time values in application traffic provide pinpoint information about the point at which the problem occurs thanks to the errors received.

Citrix Application Delivery Management Service Citrix Application Delivery Management Service Graph
In addition, Citrix NetScaler has integration with many open source software. The main ones are Kibana, Elastic Search, Prometheus, Grafana, Harpoon etc.

As a result, Citrix NetScaler product family offers solutions to meet the needs in every area of the transition to Microservice Architecture.

Leave a Reply

Your email address will not be published. Required fields are marked *