Virtualization Technology News and Information
SD-WAN and Kubernetes: It's Time to Play Together for Better Application Experience

By Alberto Rodriguez-Natal

This post takes the scenic route to drive you to the Cloud Native SD-WAN project (aka CN-WAN), an open source initiative recently announced at KubeCon Europe 2020. We start the journey by looking at why many enterprises are deploying SD-WAN and Kubernetes right now, we then realize how those two solutions can benefit from each other, and we end by describing how the open source CN-WAN project puts together SD-WAN with Kubernetes to optimize the end-to-end application experience.

We hope that this journey through SD-WAN and Kubernetes will spark your interest in CN-WAN, and that you will be joining us in November at the Cloud Native SD-WAN talk coming up at KubeCon North America 2020.

Now, let's start by taking one step back before taking two steps forward.

The Distributed Enterprise

Let's consider, for a second, a traditional enterprise. In the good old days, most of the enterprise applications resided in the headquarters (or in a datacenter nearby) and only a few of those applications needed to be accessed from the branches (i.e. the enterprise remote's locations). As enterprises digitized, more and more applications were deployed on the datacenter, and branches required more and more access to them. As a consequence, branches started using the Wide Area Network (WAN) much more heavily to get to those applications.

The transition of applications to the cloud further accelerated this pattern of distributed enterprise applications being accessed from multiple remote locations. Do you still remember the times when Office was an application running entirely on your desktop? Then 2020 happened and the global pandemic relocated most of us to work from home. Enterprises now face a new reality never seen before: the home of each and every employee is, potentially, a new enterprise branch.

If over time enterprises have seen traffic from branches increasing, the recent events have only exponentially accelerated that trend. Enterprises face now, more than ever, the never-ending question of: how to optimize application experience over the WAN?

Rediscovering the WAN

Enterprises have been always trying to optimize their WAN utilization to improve the end-to-end application experience. WAN present a particular challenge for applications as those networks extend across larger geographical regions, and network resources such as bandwidth and delay are much more limited and expensive than over a typical local or datacenter network. At first WAN was from the enterprise headquarters/branches to the datacenter, later from the datacenter to the cloud, and most recently from anywhere to the cloud. Optimizing the WAN has been a long-standing problem, and enterprises have traditionally relied on dedicated lines from service provides, which offers certain network guarantees (in term of bandwidth or minimal delay, for example).

As networks evolved, so did the WAN solutions. The latest incarnation of WAN optimization has taken the form of what is usually referred as Software-Defined WAN (SD-WAN).

If you have been following networking trends in the past few years, you have certainly not missed the raise of Software-Defined Networking (SDN). In a nutshell, SDN separates the network data-plane from the network control-plane, so that where you decide to do things doesn't need to be where you do them. SD-WAN takes on the concept of SDN and applies it to WAN solutions, centralizing the control of the network.

The promise of SD-WAN is simple, via centralized control, orchestration, and monitoring, the WAN connectivity can be optimized regardless of the underlaying connectivity. This can happen over dedicated (and typically more expensive) service provider lines, as well as via the (usually cheaper) public internet. The possibility to offer enterprise-grade connectivity without the need to have dedicated underlay connectivity has been very appealing to enterprises. Even more so in recent times where employees working from home are in most cases restricted to home internet connectivity options.

In order to offer enterprise-grade connectivity and privacy over non-dedicated lines, most SD-WAN solutions establish encrypted tunnels between the different enterprise locations, monitor the tunnels for performance, dynamically steer the traffic across tunnels (and queues) to achieve optimal traffic performance, and offer advanced telemetry on the tunnels and traffic. In addition, SD-WAN brought some of the other common features present in most SDN solutions, namely programmability and automation. Nowadays there are multiple SD-WAN offerings from multiple vendors, with each of them offering different features and capabilities, but most of them tend to offer automated orchestration and programmatic interfaces.

Modern Enterprise Applications

Now we're going to switch gears, put aside the enterprise network, and focus on enterprise applications. Where once big monolithic applications stood strong, now modern development practices have taken over. More and more enterprises are making their transition to microservices, containers, and container orchestration systems, with Kubernetes being the prominent example of the latter.

Kubernetes offers multiple benefits for orchestrating modern applications, such a solid API infrastructure and resilient load balancing and scaling mechanisms. One of the most interesting features is how Kubernetes has democratized the declarative deployment of applications. Rather than imperatively instruct the system on what it should do, application operators describe the desired state of the system (e.g. this application should have three replicas) and then they let the system itself figure out how to achieve that result (e.g. Kubernetes automatically allocates replicas where resources are available). This opens the door for a whole new set of automated optimizations, including optimization of the network. And when the enterprise applications are far away from their consumers, the need for application optimizations over the WAN becomes fundamental to improve the application experience.

Kubernetes and SD-WAN today: Ships in the Night

Let's now recap and look at the scenario we have described so far. First, a distributed enterprise where the applications reside in multiple places and so do those that consume them. Second, those multiple enterprise locations being connected via a programable SD-WAN infrastructure. Third, modern enterprise applications being built in a declarative manner on Kubernetes.

With all this in place, the opportunity to improve the end-to-end application experience becomes clear. The SD-WAN can now tap into the declarative specification of the desired state of the application, to learn how the WAN should be optimized for each application.

To provide optimal application experience, we should just make the SD-WAN aware of the needs of the Kubernetes applications, and programmatically let the automatic WAN optimization magic happen. Which bring us to our final point.

Enter Cloud Native SD-WAN

The Cloud Native SD-WAN open source project, recently announced at KubeCon Europe 2020, provides the missing link between SD-WAN and Kubernetes. It introduces a set of components that are able to extract the networking needs for Kubernetes applications, and pass it over to the SD-WAN that will render them into a network policy.

In short it works as follows. A CN-WAN Operator running in the Kubernetes cluster monitors the deployed services looking for specific CN-WAN annotations that describe the WAN requirements of the application. When the application is deployed these annotations can be used to influence how an SD-WAN is going to handle the traffic for that specific application. The  CN-WAN Operator registers the annotations and other service-specific information into a service registry system. On the SD-WAN side a CN-WAN Reader extracts the service-specific information and annotations, passing them to a CN-WAN Adaptor (specific per each SD-WAN solution) that converts the annotation information in network policies that are rendered and enforced over the WAN. With this, the automagical WAN optimization we were seeking can finally happen.

We hope this journey through SD-WAN and Kubernetes has sparked your interest in CN-WAN. You can find further information on CN-WAN and its components in the resources listed below, but most importantly make sure to check out the Cloud Native SD-WAN talk coming up at KubeCon North America 2020, on November 18.

Learn more

  • "Cloud-Native SD-WAN: The WAN Your Kubernetes Applications Deserve" [post]
  • "Network, Please Evolve: Chapter 3, Stretching Out" - KubeCon EU 2020 [video]
  • CNWAN demo @ KubeCon EU 2020 [video]
  • "CN-WAN: a Cloud Native (SD-)WAN for Microservice Applications" - Presentation at NSMCon EU 2020 [video]
  • Cloud-Native SD-WAN - GitHub [repo]


***To learn more about containerized infrastructure and cloud native technologies, consider joining us at KubeCon + CloudNativeCon NA Virtual, November 17-20.

About the Author

Alberto Rodriguez-Natal, Research Engineer, Cisco 


Alberto is a Research Engineer at Cisco's Intent-Based Networking CTO team, where he focuses on the intersection of Enterprise Networks and Cloud. Lately he has been leading the "Cloud Native SD-WAN" project, an open-source initiative to improve the integration of SD-WAN and Kubernetes. Before Cisco, Alberto earned a PhD in Software-Defined Networking at BarcelonaTech.

Published Wednesday, November 04, 2020 7:34 AM by David Marshall
Advances in Software Defined Networking and SD-WAN - Software - (Author's Link) - April 14, 2021 4:33 AM
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<November 2020>