I had the privilege of attending an onsite, two-day deep dive training at AVI Networks on their Next Gen Application Delivery Platform (LoadBalancer). I wanted to share my thoughts on the product and the class.
AVI – What is it? Short answer is that AVI is a software only LoadBalancing Platform, built for use in Cloud – AWS, Azure, GCP – built for use in Containers, in VMware and yes even built for use in …. BARE METAL.
AVI – What makes it special?
AVI Software LoadBalancer was written to work in modern cloud environments and NOT a product that was ported from old-school data centers and shoe-horned into the Cloud. AVI Load Balancers can scale up or down in response to traffic load without manual intervention, as you would expect from a solution born in the Cloud era – and they scale BIG! How big? Zero to One million transactions per second!
* AVI also completely separates Control Plane and Data Plane into different instances and functions; to the point that you could have a single AVI Controller and have many Service Engines(SE) across multiple different, hybrid environments. ( Service Engines are the Data Plane work-horses that do the CPU intensive Load-Balancing )
* What does this mean? Well, A single AVI Controller can administer a Service Engine in Azure, a Service Engine in AWS, and a Service Engine on-site running in VMware or a Service Engine in your bare metal box – yes Controller operation of Service Engine management is Cloud/Environment agnostic – it does not matter where your Service Engines live, as long as the controller can reach them over the network.
The Controllers are not passive, like, say … a CheckPoint admin console box that collects logs and stores policies, in fact ,just the opposite – the Controllers are actively incharge of 100% of the orchestration of the deployment, scaling, health and configuration of its Service Engines.Full API control and SDK are available for AVI as well, so that means full automation.There are also full Ansible playbooks for AVI.
* AVI gives Great metrics around virutal service analytics. End-to-end, client RTT, Server RTT and App response, and more- so no more ‘guilty until proven innocent’ for the Network Team.
But wait . . . there’s more! AVI also has a Web Application Firewall that can attach directly to each Virtual Service( Pool ). The WAF uses the OWASP Core Rule Set (CRS ruleset) and the AVI WAF interface is laid out in an intuitive, easy to use manner.
What else? Many of the AVI features in the GUI are what you might expect to be the equivalent of an “i-rule”, but instead of having to code out a rule, you just tick a box. A common example where AVI does this is ‘http to https redirection’ on the front end. Configuring certificate ciphers are easier in AVI as well compared to other popular legacy load-balancers. If you want to do custom rules, AVI does have a DataScript language
The instructor, Nathan, knew is stuff – he has been in the Load-Balancer space for many years and had many bridge strategies an examples from old-school load-balancers to AVI. The class was engaging and fun. Slide decks were well done. If I had my way, I would have wanted more labs, but I always want more labs. Nathan is a practiced presenter and was clear and concise in delivering the material.
There were a lot of students who are Engineers from Cisco in the class. I think there is more to it than Cisco HQ in San Jose being nearby the AVI HQ building. Cisco appears to have an interest in AVI, also noted by this Reseller partnership. https://blogs.cisco.com/cloud/avi-networks-and-cisco-join-forces-by-entering-into-a-strategic-reseller-agreement
The class could have easily been a full 5 days, due to the technical material covered, but the deep dives were in the right spot and they somehow managed to fit the meat and potatoes into two full days.
If you want to try AVI for yourself on AWS, you can spin it up from the Marketplace
but, no FREE tier, the Controller needs a t2.xlarge at least – but if you play with it for a few hours and kill it’s not much $$, you can probably keep it under ten bucks.
AVI CEO, Amit Pandey came to meet the class. First time a CEO has ever visited a technical class I attended. Amit was warm and personable. We also met Murali Basavaiah, one of the co-founders and Lead Engineers, who was also pleasant and helpful. The AVI culture seems to follow. One of the employees brought in his own personal Esspresso machine and made coffee for anyone in the class who wanted it. Good experience being on site with them for two days, I am grateful for the opportunity.
disclaimer: I do not work for AVI Networks, I am not paid by AVI Networks.