Network and Edge Automation with Cloudify
- October 11, 2018
- Posted by: Nati Shalom
- Category: Edge Computing, Network Automation, NFV
Cloudify is often used to automate and manage network services. We have previously discussed topics such as Network Automation, Edge Networking, Service Chaining, and, most recently, Intent-Based Networking.
Watch our upcoming Edge Computing webinar with Mirantis! Register Now
In this post, we will go through the core concepts of network automation and how to use Cloudify for automating network and edge services.
Introduction to network automation terminology and principles
Network automation refers to automating the provisioning, instantiation, and configuration of physical and virtual network functions such as routers, firewalls, media services etc.
Network functions virtualization (NFV)
NFV describes the process of moving the software component of proprietary hardware boxes to a virtualized environment running on inexpensive commoditized hardware. ETSI defines a standard architecture for managing NFV which breaks management into the following key layers.
- VIM – Virtual Infrastructure Manager, which refers to the cloud infrastructure
- VNF – Virtual Network Function(s)
- VNFM – The Management layer of a specific VNF
- NFVO – Refers to the central Orchestrator that is used to manage multiple VNF’s in an NFV environment
While ETSI architecture and terminology is commonly used to describe the network services architecture, the actual implementation of its standard API and data model is not widely adopted.
Network services are often composed of multiple network functions that are chained together. This concept is often known as service chaining. Traditionally, service chaining has been handled at the lower packet routing level as it was built under the assumption that network functions are static and therefore the only way to handle dynamic routing was at that layer.
The move to virtual networks and cloud infrastructure makes it possible to handle service chaining using more standard software composition techniques by controlling of the order in which services are instantiated and the network to which they are connected.
There are many network elements that reside outside of the core data center or cloud environment, and often live on the customer premises. Those elements are referred to as CPE’s, or Customer Premises Equipment, which are generally access devices such as broadband access, wifi routers, MPLS lines, etc.
As hardware network functions transition to software-defined functions, we are now seeing an opportunity to separate between the hardware and software components which were traditionally tightly coupled. This move led to a new category of hardware devices called UCPE, which stands for Universal CPE. As the name suggests, UCPE provides a common hardware platform that can host a wide range of network services and deliver them at the network edge.
Intent-based networking, as the name suggests, allows users to focus on the desired state of their network services and implements that process using automation.
Watch this intent-based networking demo
Andrew Lerner from Gartner defines an Intent-Based Networking Solution as a system which has following traits:
- Translation and Validation – The system takes a higher-level business policy (what) as input from end users and converts it to the necessary network configuration (how). The system then generates and validates the resulting design and configuration for correctness.
- Automated Implementation – The system can configure the appropriate network changes (how) across existing network infrastructure. This is typically done via network automation and/or network orchestration.
- Awareness of Network State – The system ingests real-time network status for systems under its administrative control, and is protocol- and transport-agnostic.
- Assurance and Dynamic Optimization/Remediation – The system continuously validates (in real time) that the original business intent of the system is being met, and can take corrective actions (such as blocking traffic, modifying network capacity or notifying) when desired intent is not met.
Cloudify’s approach to network and edge automation
As network services become software-defined, they should be managed like any other software. Having said that, network services have some unique characteristics that require specific handling. These include the need to manage physical and virtual network services, agentless control to manage devices that don’t allow for agent installation, managing services across different networks, security configuration, support for large scale services consisting of thousands or even millions of devices, managing network services across regions in a low latency environment, and more.
Cloudify applies the same principles that are commonly used to manage standard software applications, as much as possible, in its approach to network automation, while at the same time supporting the required extensions that are often needed to handle the specific requirements of network services. Hence Cloudify’s support of cloud native architectures, through its integration with Kubernetes and support for Docker, as well as DevOps automation workflows such as blue-green and continuous deployment, while simultaneously supporting network configuration protocols such as Netconf and YANG, Telnet, and REST. Cloudify also integrates with Ansible which is a widely used tool for configuration of network services.
Cloudify’s unique strength is in managing highly heterogeneous environments that often include a combination of physical and virtual appliances as well as cloud native services on bare-metal and multi-cloud environments under the same automation scheme. Cloudify is also unparalleled in handling distributed systems such as edge networking that requires handling of large scale devices across many networks and physical locations.
Cloudify’s open edge management architecture
You can read more about our edge use cases below:
The below links provide specific examples on how to use Cloudify to manage the different network automation use cases.