By Alberto Rodriguez-Natal
This post takes the scenic route to drive you to the Cloud
Native SD-WAN project (aka CN-WAN), an open source initiative recently
announced at KubeCon Europe 2020. We start the journey by looking at why many
enterprises are deploying SD-WAN and Kubernetes right now, we then realize how those
two solutions can benefit from each other, and we end by describing how the
open source CN-WAN project puts together SD-WAN with Kubernetes to optimize the
end-to-end application experience.
We hope that this journey through SD-WAN and Kubernetes will spark
your interest in CN-WAN, and that you will be joining us in November at the Cloud Native
SD-WAN talk coming up at KubeCon North America 2020.
Now, let's start by taking
one step back before taking two steps forward.
The Distributed Enterprise
Let's consider, for a second, a traditional enterprise. In
the good old days, most of the enterprise applications resided in the
headquarters (or in a datacenter nearby) and only a few of those applications
needed to be accessed from the branches (i.e. the enterprise remote's locations).
As enterprises digitized, more and more applications were deployed on the datacenter,
and branches required more and more access to them. As a consequence, branches
started using the Wide Area Network (WAN) much more heavily to get to those
applications.
The transition of applications to the cloud further accelerated
this pattern of distributed enterprise applications being accessed from
multiple remote locations. Do you
still remember the times when Office was an application running entirely on
your desktop? Then 2020 happened and the global pandemic relocated most
of us to work from home. Enterprises now face a new reality never seen before:
the home of each and every employee is, potentially, a new enterprise branch.
If over time enterprises have seen traffic from branches
increasing, the recent events have only exponentially accelerated that trend.
Enterprises face now, more than ever, the never-ending question of: how to
optimize application experience over the WAN?
Rediscovering the WAN
Enterprises have been always trying to optimize their WAN
utilization to improve the end-to-end application experience. WAN present a
particular challenge for applications as those networks extend across larger
geographical regions, and network resources such as bandwidth and delay are
much more limited and expensive than over a typical local or datacenter network.
At first WAN was from the enterprise headquarters/branches to the datacenter,
later from the datacenter to the cloud, and most recently from anywhere to the
cloud. Optimizing the WAN has been a long-standing problem, and enterprises
have traditionally relied on dedicated lines from service provides, which offers
certain network guarantees (in term of bandwidth or minimal delay, for example).
As networks evolved, so did the WAN solutions. The latest
incarnation of WAN optimization has taken the form of what is usually referred
as Software-Defined WAN (SD-WAN).
If you have been following networking trends in the past few
years, you have certainly not missed the raise of Software-Defined Networking (SDN).
In a nutshell, SDN separates the network data-plane from the network control-plane,
so that where you decide to do things
doesn't need to be where you do them.
SD-WAN takes on the concept of SDN and applies it to WAN solutions, centralizing
the control of the network.
The promise of SD-WAN is simple, via centralized control, orchestration,
and monitoring, the WAN connectivity can be optimized regardless of the
underlaying connectivity. This can happen over dedicated (and typically more
expensive) service provider lines, as well as via the (usually cheaper) public
internet. The possibility to offer enterprise-grade connectivity without the
need to have dedicated underlay connectivity has been very appealing to
enterprises. Even more so in recent times where employees working from home are
in most cases restricted to home internet connectivity options.
In order to offer enterprise-grade connectivity and privacy
over non-dedicated lines, most SD-WAN solutions establish encrypted tunnels
between the different enterprise locations, monitor the tunnels for performance,
dynamically steer the traffic across tunnels (and queues) to achieve optimal
traffic performance, and offer advanced telemetry on the tunnels and traffic.
In addition, SD-WAN brought some of the other common features present in most
SDN solutions, namely programmability and automation. Nowadays there are
multiple SD-WAN offerings from multiple vendors, with each of them offering
different features and capabilities, but most of them tend to offer automated
orchestration and programmatic interfaces.
Modern Enterprise Applications
Now we're going to switch gears, put aside the enterprise network,
and focus on enterprise applications. Where once big monolithic applications
stood strong, now modern development practices have taken over. More and more
enterprises are making their transition to microservices, containers, and container
orchestration systems, with Kubernetes being the prominent example of the
latter.
Kubernetes offers multiple benefits for orchestrating modern
applications, such a solid API infrastructure and resilient load balancing and
scaling mechanisms. One of the most interesting features is how Kubernetes has
democratized the declarative deployment of applications. Rather than imperatively
instruct the system on what it should do,
application operators describe the desired
state of the system (e.g. this application should have three replicas) and then
they let the system itself figure out how
to achieve that result (e.g. Kubernetes automatically allocates replicas
where resources are available). This opens the door for a whole new set of automated
optimizations, including optimization of the network. And when the enterprise applications
are far away from their consumers, the need for application optimizations over
the WAN becomes fundamental to improve the application experience.
Kubernetes and SD-WAN today: Ships in the Night
Let's now recap and look at the scenario we have described
so far. First, a distributed enterprise where the applications reside in
multiple places and so do those that consume them. Second, those multiple
enterprise locations being connected via a programable SD-WAN infrastructure. Third,
modern enterprise applications being built in a declarative manner on
Kubernetes.
With all this in place, the opportunity to improve the
end-to-end application experience becomes clear. The SD-WAN can now tap into
the declarative specification of the desired state of the application, to learn
how the WAN should be optimized for each application.
To provide optimal application experience, we should just
make the SD-WAN aware of the needs of the Kubernetes applications, and programmatically
let the automatic WAN optimization magic happen. Which bring us to our final
point.
Enter Cloud Native SD-WAN
The Cloud Native SD-WAN open source project, recently
announced at KubeCon Europe 2020, provides the missing link between SD-WAN and
Kubernetes. It introduces a set of components that are able to extract the
networking needs for Kubernetes applications, and pass it over to the SD-WAN
that will render them into a network policy.
In short it works as follows. A CN-WAN Operator running in
the Kubernetes cluster monitors the deployed services looking for specific CN-WAN
annotations that describe the WAN requirements of the application. When the
application is deployed these annotations can be used to influence how an
SD-WAN is going to handle the traffic for that specific application. The CN-WAN Operator registers the annotations and
other service-specific information into a service registry system. On the SD-WAN
side a CN-WAN Reader extracts the service-specific information and annotations,
passing them to a CN-WAN Adaptor (specific per each SD-WAN solution) that converts
the annotation information in network policies that are rendered and enforced
over the WAN. With this, the automagical WAN optimization we were seeking can
finally happen.
We hope this journey through SD-WAN and Kubernetes has sparked
your interest in CN-WAN. You can find further information on CN-WAN and its
components in the resources listed below, but most importantly make sure to
check out the Cloud Native SD-WAN talk coming up at KubeCon North America 2020, on November 18.
Learn more
- "Cloud-Native SD-WAN: The
WAN Your Kubernetes Applications Deserve" [post]
- "Network, Please Evolve:
Chapter 3, Stretching Out" - KubeCon EU 2020 [video]
- CNWAN demo @ KubeCon EU 2020 [video]
- "CN-WAN: a Cloud Native
(SD-)WAN for Microservice Applications" - Presentation at NSMCon EU
2020 [video]
- Cloud-Native SD-WAN
- GitHub [repo]
##
***To learn more about containerized infrastructure and
cloud native technologies, consider joining us at KubeCon + CloudNativeCon NA Virtual, November 17-20.
About the Author
Alberto Rodriguez-Natal, Research Engineer, Cisco
Alberto is a Research Engineer at Cisco's Intent-Based
Networking CTO team, where he focuses on the intersection of Enterprise
Networks and Cloud. Lately he has been leading the "Cloud Native
SD-WAN" project, an open-source initiative to improve the integration of
SD-WAN and Kubernetes. Before Cisco, Alberto earned a PhD in Software-Defined
Networking at BarcelonaTech.