Companies like SAP serve customers that operate on a global level. Their customers have many different requirements. They also have to address certifications and legal issues.
“Maybe that’s an internal development installation that should only be accessible to developers to certain parts of the organization, so we need some kind of firewall,” said Jürgen Graf of SAP.
One of the biggest issues, as mentioned by Jürgen Graf of SAP, is trade embargos for countries. These customers need to block access to services and products to those countries.
In addition to these core challenges, many customers use a mix of cloud providers – AWS, Azure, GCP, OpenStack, ect. But each offers features and services that are not available on other platforms.
It’s a very long list of issues and we have barely scratched the surface.
The good news is that many of these problems can easily be solved with Cloud Foundry.
“But in order to run Cloud Foundry, you need something like cloud,” said Graf. Customers want options, so they can choose whatever cloud they want. By the time you end up addressing all those problems you realize that what was once a simple set-up has become extremely confusing and complicated. All you wanted was to give customer access to Cloud Foundry.
To solve all of these problems and keep things simple, SAP built a black box that allows access to Cloud Foundry, no matter where it runs and what other stuff is in the background. They used HAProxy to integrate it and also solve trade embargo problems.
HAProxy, along with Cloud Foundry, helped them achieve what they wanted without any additional complexity:
- route and balance traffic
- offer multiple ssl certificates to customers
- allow apps to know real client IP
- scale well and perform decently
- logging capability
- support multi-cloud and
- work effectively with trade embargoes.
Graf detailed how HAProxy works, especially around the trade embargo work they have done with it. His talk was supplemented with a very comprehensive demo.