NGINX at its online Sprint conference today launched a bevy of offerings including a service mesh as part of an expanded effort to meld network and security operations within the context of a larger DevOps workflow.
Rob Whiteley, chief marketing officer for the subsidiary of F5 Networks, said NGINX Service Mesh 1.0 provides an easier alternative to deploy a service mesh based on the open source NGINX proxy server software already widely employed in enterprise IT environments. That lighter-weight service mesh is also integrated with the NGNIX ingress controller to enable it to be employed across microservices spanning both legacy virtual machine environments and Kubernetes clusters, he said.
In general, Whiteley noted, most organizations will not need a service mesh unless they are looking to integrate more than a thousand microservices. If an organization only has hundreds of microservices, an ingress controller should suffice, and anything involving less than a hundred microservices can be handled by proxy software.
NGINX Service Mesh 1.0 will be offered by NGINIX and F5 Networks will continue to offer a service mesh based on the Istio project for Kubernetes environments that relies on Envoy proxy software, which is not as lightweight as the NGINX platform, noted Whiteley. DevOps teams will have to decide which service mesh to deploy.
In the meantime, NGINX is also updating its NGINX Controller to add support richer analytics, a declarative application programming interface (API) for continuous integration/continuous delivery (CI/CD) integration, role-based access controls and enhancements to the developer portal for API management.
NGINX is also driving tighter integration between Controller and NGINX App Protect, a web application firewall that will inherit the API, analytics and self-service capabilities of Controller. NGINIX App Protect is also now being integrated with NGINX Ingress Controller for Kubernetes. The Controller App Security tool that enables those integrations is in private beta now, with general availability expected by end of 2020.
Finally, NGINX is now leveraging services made available by F5 Networks via software-as-a-service (SaaS) platforms in the form of NGINX Analytics Cloud, which replaces NGINX Amplify. That capability will be available in the first quarter of 2021.
In general, Whiteley said NGINX is trying to serve the needs of traditional network operation teams that want to provide self-service capabilities to development teams as well as via programmatic interfaces to DevOps teams. In many cases, enterprise IT organizations are employing both approaches to expose network services, noted Whiteley.
Of course, the issue that ultimately might drive the convergence of NetOps and DevOps is the rise of the service mesh. In addition to integrating microservices, the service mesh provides developers with a consistent set of interfaces for invoking network and security services spanning a dizzying array of servers and appliances. As that transition occurs, IT teams will become much more agile than they are today. The challenge, of course, will be melding network operations and DevOps cultures that today don’t have all that much in common.