NetScaler has introduced a free Kubernetes ingress proxy called NetScaler CPX Express to help DevOps teams simplify and more easily manage their application traffic routing. NetScaler CPX Express is a free and community-supported version of NetScaler CPX, which is a containerized application delivery controller (ADC) designed specifically for Kubernetes environments.
NetScaler CPX Express enables you to manage traffic in containerized applications running on Docker containers in Kubernetes by:
- Performing traffic routing, load balancing, and TLS termination, and securing incoming traffic (ingress) before it reaches the intended application container in the Kubernetes cluster
- Managing internal traffic (east-west) through mutual TLS, rate limiting, and L7/L4 parameter-based routing between application containers
Benefits of using CPX Express
The main benefit of using the free version NetScaler CPX Express is to minimize the time to take applications from development to production.
For development environments (such as test, staging, and pre-production), DevOps teams often use free open source reverse proxies or application delivery controllers (ADCs) for load balancing, content routing, TLS termination, and other ingress capabilities. However, these free, open source reverse proxies often do not cross the high bar set by IT networking and Kubernetes platform teams for security, compliance, observability, performance, automation, and management.
NetScaler CPX Express bridges this gap. DevOps teams can use the free NetScaler CPX Express in their development environments and submit the same application for production without worrying that they’ll have to reconfigure it separately for production — potentially saving days or weeks of work.
Production environment owners (networking and Kubernetes platform teams) who have paid licenses of NetScaler are already familiar with NetScaler and trust it, so extending NetScaler CPX Express to DevOps teams is straightforward. And all NetScaler form factors, including NetScaler CPX Express, are built with a software-based architecture and share the same code base, so they behave the same across environments to provide operational consistency.
How free NetScaler CPX Express compares to NetScaler CPX
The only differences between NetScaler CPX Express and NetScaler CPX are that NetScaler CPX Express is free, comes with community rather than enterprise support, and has a throughput cap. You get the same, full-featured access with free NetScaler CPX Express as you do with paid NetScaler CPX:
At a glance: NetScaler vs. open source solutions
NetScaler respects the open source community and its pivotal contribution in shaping the future of software development. Many successful commercial products have their roots in open source projects. However, there are some capabilities offered by NetScaler that set it apart from open source reverse proxies:
NetScaler Ingress Controller and the NetScaler ADC provide a clean separation of the management and data planes, unlike some open source reverse proxies. NetScaler Ingress Controller monitors Kubernetes ingress resources and apiserver and subsequently updates the NetScaler ADC when changes occur in the cluster, such as a pod going up/down. The NetScaler ADC acts upon these events and makes the necessary changes to the load balancing settings.
With its open source ingress controller, NGINX bundles the reverse proxy and controller in the same pod, which results in security, scaling, and upgrade challenges as reported by the open source community:
A user of the open source NGINX Ingress Controller reports security concerns with the combined control and data planes
NetScaler Console, formerly known as NetScaler ADM, is the unified control plane to license, manage, and monitor the lifecycle of your NetScaler ADC instances, which include NetScaler CPX (containerized ADC), NetScaler VPX (virtual ADC), and NetScaler MPX (hardware ADC). Open source proxies do not have a common management plane because the external and internal load balancers are often different.
While commercial offerings of some open source products offer exclusive features that are not available in their open source counterparts, NetScaler CPX Express has no such limitation. NetScaler CPX Express offers the same capabilities as NetScaler CPX, including L4 load balancing and content switching, SSL offloading, caching, web application firewall, and L4 DoS protection.
Get started with free NetScaler CPX Express
You can easily expose your applications to external traffic in one of several ways by using NetScaler CPX Express per node, cluster, or namespace. Please refer to the getting-started examples. To learn more, contact your NetScaler account manager or email the product team at netscaler-appmodernization@cloud.com.
Komal Bhardwaj is the Director of Product Management for NetScaler cloud native solutions.