Cisco presented an open source project that it believes could go a long way in reducing the manual labor involved in optimizing the performance of Kubernetes applications on SD-WANs.
Cisco said it has launched the Cloud-Native SD-WAN (CN-WAN) project to show how Kubernetes applications can be automatically mapped to SD-WAN with the result that applications perform better over the WAN.
“In many cases, companies deploy SD-WAN to connect a Kubernetes cluster with users or workloads that consume cloud native applications. In a typical business, NetOps teams leverage their network expertise to program SD-WAN policies to optimize overall connectivity to applications hosted by Kubernetes, with the goal of reducing latency, packet loss, and more. wrote John Apostolopoulos, vice president and technical director of Cisco Intent Based Networking Group in a group blog.
“The company usually also has DevOps teams that maintain and optimize the Kubernetes infrastructure. However, despite the efforts of the NetOps and DevOps teams, Kubernetes and SD-WAN today mostly operate as ships at night, often without knowing each other. The integration between SD-WAN and Kubernetes usually involves a long manual coordination between the two teams.
The current SD-WAN offering often includes APIs that allow customers to programmatically influence how their traffic is handled over the WAN. This allows interesting and valuable opportunities for the automation and optimization of applications, said Apostolopoulos. “We believe there is an opportunity to combine the declarative nature of Kubernetes with the programmable nature of modern SD-WAN solutions,” he said.
Enter CN-WAN, which defines a set of components that can be used to integrate an SD-WAN package, such as Cisco Viptela SD-WAN, with Kubernetes to enable DevOps teams to express the WAN needs of the microservices they deploy in a Kubernetes cluster, while simultaneously letting NetOps automatically render the microservices needed to optimize application performance over the WAN, Apostolopoulos said.
Apostolopoulos wrote that CN-WAN is made up of a Kubernetes operator, drive, and adapter. It works like this: The CN-WAN operator runs in the Kubernetes cluster, actively monitoring the deployed services. DevOps teams can use standard Kubernetes annotations on services to define WAN-specific metadata, such as the application traffic profile. The CN-WAN operator then automatically registers the service along with the metadata in a service registry. In a demonstration at KubeCon EU this week, Cisco used Google Service Directory as its service registry.
Earlier this year, Cisco and Google deepened their relationship with a turnkey package that allows customers to mesh SD-WAN connectivity with apps running in a private data center, Google Cloud, or other cloud-based application or SaaS. This jointly developed platform, called Cisco SD-WAN Cloud Hub with Google Cloud, combines Cisco’s SD-WAN policy, telemetry and security configuration capabilities with Google’s software-defined backbone to ensure that application service level agreement, security and compliance policies are extended to the entire network.
Meanwhile, on the SD-WAN side, the CN-WAN reader connects to the service registry to see how Kubernetes exposes the services and associated WAN metadata pulled by the CN-WAN operator, Cisco said. When new or updated services or metadata is detected, the CN-WAN reader sends a message to the CN-WAN adapter so that the SD-WAN policies can be updated.
Finally, the CN-WAN adapter maps the metadata associated with the service into the detailed SD-WAN policies programmed by NetOps in the SD-WAN controller. The SD-WAN controller automatically renders SD-WAN policies, specified by NetOps for each type of metadata, in specific SD-WAN data plan optimizations for the service, Cisco said.
“SD-WAN can support multiple types of access to both sender and receiver (eg wired Internet, MPLS, 4G or 5G wireless), as well as multiple service options and priorities per network. access, and of course several paths between source and destination, ”said Apostolopoulos.
The CN-WAN project code is available as open-source in GitHub.
Copyright © 2020 IDG Communications, Inc.