Not All Software Load Balancers Are Created Equal
According to findings by InformationWeek and Interop ITX, 50% of organizations have implemented DevOps methodologies or plan to implement them soon. But DevOps methodologies require solutions that deliver the agility and flexibility required to rapidly achieve scale and high feature velocity.
In a recent blog, NGINX CEO Gus Robertson described how load balancers are a critical component in DevOps tooling, but only if they’re the right kind: hardware‑based load balancers are in fact roadblocks to agile development. A software approach is mandatory.
But not all software‑based load balancers are created equal. Broadly speaking, there are two varieties:
- Software appliances that run on virtual machines (VMs), such as F5’s BIG‑IP Virtual Edition (VE) or Citrix’s ADC (formerly NetScaler) Virtual Appliance. These are typically not binaries but are packaged as a full‑fledged VM or heavyweight cloud image.
- True software‑based load balancers, such as open source NGINX and NGINX Plus. These are built from the ground up as software, and like other software applications are binaries that can be installed in any environment that meets the technical specifications – bare metal, VM, container, or cloud.
Most software appliances began as integrated hardware devices, with proprietary (single‑purpose, closed) hardware, operating system, and user interface. When vendors created software versions of their load balancers, they adapted the operating system and software to run on a hypervisor (or cloud) that provided a standard, virtualized hardware instance.
On the other hand, software‑first load balancers such as NGINX are portable, lightweight applications able to run on a wide range of general‑purpose operating systems.
Why Is a True Software Load Balancer Better?
Does a true software load balancer have advantages over a software appliance? We at NGINX believe so. Let’s explore four dimensions where these two approaches differ:
Flexibility – Software appliance vendors typically impose artificial limits on throughput and functionality, forcing you to pay more for better performance or advanced features. NGINX can be used as a load balancer, web server, content cache, reverse proxy, service mesh for microservices, and API gateway – simultaneously and taking full advantage of the power of the underlying hardware. For instance, if you are using NGINX as a load balancer and suddenly start experiencing a DDoS attack, you can mitigate this attack with NGINX’s API gateway capability by limiting the request rate to a value typical for real users.
This flexibility allows our customers to reduce complexity and save costs. For example, a leading B2C enterprise maintaining a large website used 13 disparate solutions for content delivery network (CDN), network (Layer 4) load balancer, application (Layer 7) load balancer, API gateway, web application firewall (WAF), reverse proxy, web server, application server and microservices sidecar proxy. They plan to collapse these 13 solutions into just 3 using the NGINX Application Platform.
Seamless integration – True software load balancers are designed to meet the needs of many different kinds of applications. They can easily be integrated into your application stack, and deployed everywhere in line. Whether you need to load balance a legacy application or a modern application that uses microservices, true software load balancers interoperate seamlessly with your application code, resulting in high performance and reliability.
In contrast, software appliances can only act as endpoints – “front doors” to your application stack. Given their large size and packaging as VMs, software appliances don’t fit in modern application environments built on the cloud, containers, and microservices. True software load balancers like NGINX and NGINX Plus can function at any and every layer of your infrastructure, from reverse proxy at the network edge to sidecar proxy handling intra‑service mesh traffic in a microservices environment.
Compliance – You can deploy a true software load balancer on Linux OS distributions that have been hardened and approved by your IT team. Compliance with IT policies is a lot harder with a software appliance that’s already configured with its own OS and other system software.
Software appliances are essentially black boxes – when vulnerabilities are discovered (such as the many vulnerabilities discovered in OpenSSL in recent years), you are at the mercy of the appliance vendor to incorporate patches, test them, and issue a fix. We’ve heard reports of many weeks’ turnaround for serious vulnerabilities, and of appliances that use 10‑year‑old versions of OpenSSL for management interfaces.
Lightweight – Software appliances packaged as VMs have a large footprint (typically many GBs) because they include a proprietary OS and other system software components on top of the host OS. This is certainly not ideal if you have a bare metal environment or are shifting toward a containerized environment. Software appliances are not ideal for virtualized environments either – in order to ensure the load balancer is not constrained by CPU or memory, compute resources are typically over‑provisioned for the VMs hosting the software appliance, resulting in substantial costs.
NGINX is less than 2 MB in size. It can run on supported Linux servers (bare metal, cloud, or virtual), or directly in containers on Kubernetes and other platforms. You control the compute resources needed for operating NGINX based on the needs of your environment.
The limitations built into software appliances mean they cover only a small subset of the architectures used in enterprise application delivery environments. A true software load balancer encompasses all of them:
A true software load balancer is well suited for the broadest range of compute infrastructure and breadth of application types. Software appliances are limited to a traditional IT infrastructure environment supporting legacy applications. As you modernize your infrastructure and applications, true software load balancers are key to achieving your DevOps objectives. At the same time, they work well across the full breadth of your legacy compute infrastructure and existing set of applications; thus they’re the only choice that actually simplifies your architecture.
Are your software appliances keeping you from achieving your DevOps objectives? Are you finding that you even have to deploy true software load balancers to supplement your appliances? Or have you invested in true software load balancers? We’d love to hear from you in the comments below. In the meantime, get started with a free 30‑day trial of NGINX Plus and enjoy the advantages of a true software‑based load balancer.