I could have gone a couple of different ways with the title, including “You alright! I learned it from watching you!” and “I’m not the one with a problem, you are”, but instead I went for the late great Robert Palmer.
But the point of this post isn’t cultural references, but rather the addictive nature of a particular feature of high-end load balancers/application delivery. I’m talking about control languages, such as iRules for F5 or aRules for A10 networks.
They allow scripted inspection and manipulation of both the headers and payload of inbound and outbound HTTP, which is an extremely useful feature. Usually based on a scripting language such as Python or Perl, they allow for some pretty sophisticated actions.
However, not that many vendors have a control language. A10 networks, F5, and Zeus are the ones I can think of off the top of my head. And their feature sets vary pretty widely.
F5 has a great community for iRule development, and they’ve got some example iRules on devcentral such as a credit card number scrubber, cookie encryption (decrypt it on the server with a shared key), and cookie persistence logger.
Vendors benefit from the exclusivity of this feature, in that there isn’t a lot of competition. But the biggest benefit to vendors is that using the control language is so freaking addictive. It’s sort of like the heated car seats of the slb industry. Sure, you did just fine without it. But once you’ve used it, it’s hard to go back.
Depending on the feature set, it may be possible to switch from one vendor’s control language to another’s, but it’s non-trivial. Going to a non-control language vendor would very likely be a deal breaker.
Can you get a client to give up their control language? Sure, but the hand you pry it out of will probably need to be cold and dead.
Thanks to custom code/application logic running on the load balancer now we have load balancers exhibit the same kinds of performance bottlenecks and stability issues as servers. I guess this is what application networking is all about!
Personally I draw the line here: if you remove the load balancer or “ADC”, the application should still be fully functional. Slow perhaps, but functional. Any logic I add on the front end should be related to acceleration, optimization, security, reliability, scalability, geographic failover.