An Open Source, Dynamic, and Integration-Based vCPE/SD-WAN Orchestration Service Built with Cloudify

Posted By: Shay Naeh on March 1, 2017


Cloudify's vCPE/SD-WAN orchestration service

Analysts are definitely in agreement that vCPE and SD-WAN are both incredibly lucrative and growing at an incredible pace. CSPs are looking to significantly lower costs with virtualization and automation of their networks. There are also many new players building their own CPE devices and management tools to help make this happen.

However, it’s not the new devices that CSPs are worried about, it’s their current install base of Cisco ISRs and other proprietary solutions that are keeping them in vendor lock-in. The biggest concern for CSPs is how to dynamically orchestrate all the network components and replace any VNF with another brand, or open source alternative, on the fly.


Read the full vCPE/SD-WAN White Paper. Go

Integration-Based, Open Source Orchestration

Taking an integration-based approach, Cloudify is able to consume existing components and integrate new ones with its very flexible and modular architecture. This is due to Cloudify’s strong TOSCA modeling capabilities, and blueprint update features which enable updating and changing running deployments in real time.

The key here is orchestration. More specifically - a dynamic, open source, generic orchestration engine. This approach integrates existing CPE devices, establishes secure overlay network connections, and chains virtual network functions (VNFs), such as vRouters and vFirewalls, creating an end-to-end flexible, dynamic service.

This service will securely connect a remote branch to its corporate headquarters, the internet, and cloud-based provisioned applications, or another branch. The service has to be dynamic and customers should be able to manipulate its capabilities in real time based on ad-hoc business requirements.

How it Works

Assuming the provider already has zero touch provisioning capabilities to register a new device at a remote location, Cloudify will automatically orchestrate the provisioning, configuration, deployment, and post-deployment workflows to get the branch connection up and running per the client’s requirements.

Overlay connections are also required to connect the branch office. Cloudify supports both Netconf/YANG and CLI/SSH methods for configuring overlay connections in order to connect a branch to the host data center or clouds, and utilizes different plugins for each device type.

Additional functionality is introduced through the provisioning of VNFs in the data center and making them part of the service chain. The below image shows a schematic diagram of a virtual firewall (vFW) being deployed into the service chain.

Additional VNFs, open and proprietary, can be added as well and chained together, or removed, dynamically in real time.

Complex Topologies Made Easy With TOSCA

Topologies which involve many branches, data centers, HQ and cloud applications can become complex to describe and model. TOSCA is a standard for modeling and describing the topology of many various components like infrastructure and applications for configuration and deployment.

The provisioning and management of an integration-based approach to vCPE/SD-WAN requires orchestration, and TOSCA is an ideal candidate to define the service topology data model as well as the VNF lifecycle events. With Cloudify, users can also manage physical network functions (PNFs) along with their VNFs.

Summary

In short, with generic, open source cloud orchestration, it is possible to break free of vendor lock-in via a vCPE/SD-WAN engine that is dynamically configured to simplify the setup, deployment, and post-deployment of any new remote branch device automatically upon registration with the headquarters. Cloudify, together with TOSCA, is able to ensure even the most complex topologies are orchestrated as well as service chaining VNFs and updating any service in the environment on the fly.

blog comments powered by Disqus