Cisco has launched a Cloud-Native SD-WAN (CN-WAN) project to show how Kubernetes clusters can be automatically mapped to a software-defined wide area network (SD-WAN).
CN-WAN defines a set of components to integrate an SD-WAN such as Cisco Viptela SD-WAN with Kubernetes. It consists of a Kubernetes Operator, a Reader and an Adaptor, and the company is making CN-WAN available as an open source reference implementation. The CN-WAN Operator monitors network services that IT teams can annotate to surface metadata on a specific WAN. The CN-WAN Operator automatically registers the service along with the metadata in a service registry.
The CN-WAN Reader connects to the service registry to understand how Kubernetes clusters are exposing services along with identifying what metadata was extracted by the CN-WAN operator. The CN-WAN Reader sends a message to CN-WAN Adaptor to update SD-WAN policies anytime a service or metadata is updated. The CN-WAN Adaptor then maps the service-associated metadata into the SD-WAN policies defined by the IT organization.
Cisco is working toward extending the intent-based networking policies it has been applying in local data centers to SD-WANs and public clouds. Most recently, the company integrated its Cisco Viptela SD-WAN with Cisco Umbrella, a service through which Cisco makes available a secure web gateway (SWG), DNS-layer security, firewall and cloud access security broker (CASB).
Prashant Kumar, a senior technical lead, says the goal is to enable IT organizations to converge network operations and DevOps processes via a set of policies that can be automatically applied consistently across a global network. Those policies will be informed not only by the telemetry data Cisco collects from the network, but also the application and infrastructure insights generated by AppDynamics, an arm of Cisco that provides an application performance management (APM) platform, notes Kumar. The ultimate goal is to unify performance management alongside security and compliance by declaratively expressing a specific set of intents that are automatically implemented.
It’s not clear how many Kubernetes clusters might be directly connected to an SD-WAN. However, as edge computing applications are increasingly deployed on Kubernetes clusters it’s clear networking services will need to be extended well beyond local data centers and public clouds. Cisco is betting the investments it has made in networking platforms for both enterprise IT organizations and telecommunications carriers will provide an advantage as more Kubernetes clusters are connected to SD-WANs.
Cisco already has a multiyear Kubernetes alliance with Google that had led to the development of the Cisco Container Platform based on the same distribution of Kubernetes that Google employs within Cisco’s hyperconverged platform. Earlier this year the two companies unveiled a joint offering dubbed Cisco SD-WAN Cloud Hub with Google Cloud. Cisco has also created a service mesh for Kubernetes environments based on an instance of the open source Istio project and has extended the reach of its management platform to include support for Kubernetes clusters.
Networking in Kubernetes environments is clearly still in its infancy. Most organizations have not reached the point where they need to unify the management of network services for fleets of Kubernetes clusters. However, the need to unify those services is fast approaching.