| |

F5 rSeries Introduction

Byadmin

F5 rSeries Overview

1. Introduction
  • F5 rSeries is a next-generation hardware platform that delivers a highly scalable, microservices-based architecture to power your mission-critical applications and network deployments.
  • rSeries replaces the current iSeries platforms.
    • rSeries platforms have many advantages over the current iSeries architecture.
      • More Performance per RU
      • Multi-tenancy by Default
      • Newer, Larger Capacity FPGAs
      • Modern SSL Cipher Support in Hardware
      • Higher-Speed Interfaces and New 25Gb Support
    • The introduction of a new Kubernetes-based platform layer (called F5OS) that allows for some exciting new capabilities.
      • Runs Current-Gen BIG-IP + Next-Gen BIG-IP
2. Kubernetes-Based Platform Layer
Figure 2-1: F5 rSeries Platform Architecture
  • F5OS: a new Kubernetes-based platform software layer
    • Open source Kubernetes distribution
      • rSeries utilizes K3S
      • VELOS utilizes K8S
    • The management of F5OS is done via CLI, web GUI, or API interfaces.
      • Intuitive GUI, CLI & API provides initial platform setup, monitoring, and tenant lifecycle.
      • The Kubernetes portion is abstracted from the administrator management.
    • F5OS allows rSeries to run different types of tenants within the same appliance, example:
      • BIG-IP TMOS tenants (specific software releases)
        • BIG-IP 14.1.x (VELOS only)
        • BIG-IP 15.1.5+ (VELOS/rSeries)
        • BIG-IP 17.1 (Future)
      • BIG-IP Next tenant (future support for next-generation BIG-IP)
      • Approved 3rd party tenants (future possibility)
  • We can migrate existing BIG-IP devices such as iSeries, or vCMP guests into tenants running on rSeries.
    • A tenant is conceptually similar to a vCMP guest running on the VIPRION or iSeries platforms.
    • Once inside the tenant, the management experience is similar to the experience on existing BIG-IP platforms.
    • The BIG-IP tenant is managed just as a vCMP guest is managed today on VIPRION or iSeries.
    • The administrator connects directly to the tenant’s webUI, CLI, or API and has the same experience as they have with their existing platforms.
  • In the future, BIG-IP Next tenants will be supported within the same rSeries appliance (except on the r2000 series, which supports one tenant only).
    • This allows customers to leverage the next generation of BIG-IP software side-by-side with the existing BIG-IP software.
    • What differs is the initial setup of the F5OS platform layer on rSeries.
3. Kubernetes Control Plane
Figure 3-1: F5 rSeries Kubernetes Control Plane
  • A combination of Docker Compose and Kubernetes is used within the F5OS rSeries platform layer.
    • The Docker Compose component brings up the software stacks as they need to be fully functional early in the startup process.
    • Then the Kubernetes component takes over and is responsible for deploying workloads to the proper CPU’s
  • Kubernetes: rSeries utilizes an open source Kubernetes distribution called K3S.
    • This is largely abstracted away from the administrator as they won’t be configuring or monitoring containers or Kubernetes components.
    • In future releases, some Kubernetes-like features might start to be exposed, but it will likely be exposed through the F5OS CLI, webUI, or API’s.
4. Multitenancy
  • The physical architecture of rSeries differs from the iSeries platforms in several ways.
    • The rSeries appliances run F5OS at the platform layer.
    • We will be able to provision BIG-IP tenants running.
  • The rSeries appliances are multitenant by default.
    • Except for the r2000, which runs a single tenant.
    • This is different from the iSeries appliances that run in either a bare-metal mode, or virtualized mode by enabling vCMP.
  • The F5OS multitenancy provides a similar experience to iSeries vCMP guests management.
    • iSeries vCMP: provision vCMP Guests on top of a vCMP Host Layer.
    • rSeries F5OS: provision Tenants on top of the F5OS platform layer.
    • To emulate a non-virtualized bare-metal mode on rSeries, we can configure one large BIG-IP tenant (assigned to utilize all CPU and memory available within the appliance).
Figure 4-1: F5 rSeries High Availability
  • When configuring High Availability (HA) between two rSeries appliances.
    • There is no HA relationship or awareness across systems at the F5OS layer.
    • All HA is configured at the BIG-IP tenant level using Device Service Clustering, similar to how HA is configured between vCMP guests in separate iSeries appliances today.
5. rSeries Hardware Architecture
Figure 5-1: F5 rSeries Hardware Architecture
  • rSeries continues to provide hardware acceleration and offload capabilities in a similar way that iSeries does.
  • Some improvements of rSeries:
    • Modern FPGAs (Field Programmable Gate Arrays)
      • The FPGA sits at the heart of the traffic passing through the appliance, inspecting traffic, making critical traffic management decisions, and offloading protocol and security processing.
      • rSeries has an improved FPGA processing pipeline consisting of customized FPGAs that provide:
        • Modern/efficient messaging systems for data transfer.
        • L2/L3 switching capabilities in FPGA, which enables more programming control.
        • Similar offloading to previous generation iSeries such as FASTL4, DDoS, and Security lists.
    • Latest Intel CPUs
      • Faster and more efficient in processing TMM traffic, control plane, device management.
    • Latest SSL/crypto offload hardware
      • rSeries has modern SSL offload hardware and support for ECC ciphers, resulting in reduced CPU consumption for SSL use cases.
6. Licensing & PAYG (Pay-As-You-Grow)
  • The license applies to the whole system, the tenants all inherit licenses from the system
    • The license service coordinates the license installation on the rSeries system.
    • It configures the same license on the system and the tenants.
  • The rSeries family of appliances has multiple hardware and software options similar to the previous generation iSeries appliances.
    • F5 has reduced the total number of distinct hardware platforms in the rSeries family.
    • But increased the number of PAYG options in the mid-range, and high-end rSeries models to allow for similar price and performance points of previous generations.
Figure 6-1: F5 rSeries Mid High PAYG
  • Instead of offering a 7000 series platform in between the 5000 and 10000 models, F5 now offers 3 PAYG tiers/licensing options for both the 5000 and 10000 models.
  • This allows for expansion of performance and resources by upgrading to the next model via a simple software license change to a higher model within the same family.
  • For example, you could start with the entry level model of the 5000 series (r5600), and if performance demand increases you could unlock more CPU resources by upgrading to the r5800 or r5900 via a simple license change.
Figure 6-2: F5 rSeries Low PAYG
  • For the 2000 and 4000 models, the number of PAYG tiers remains the same as the current iSeries, with each model having an x600 model and an x800 model just like the previous generation iSeries appliances. You can start with an x600 model and upgrade the the x800 model via a simple licensing change.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *