Cloud Native Intent Automation

Introduction

Infrastructure providers, such as mobile providers, heavily rely on Kubernetes to orchestrate containerized applications.
More modern and flexible cloud approaches have increased and outpaced the development of flexible infrastructure.
Nowadays, additional clusters are often being deployed manually, which is error-prone and leads to non-standardized infrastructure.
As running workloads on single clusters is manageable, having hundreds of clusters, each running different applications, depicts new challenges.
Deploying and running remote clusters is not only a question of service orchestration, it brings up the need for high-performing, flexible, and private networking.
Bringing this challenge further was key to our thesis. We evaluated Nephio as intent-based automation framework for service orchestration utilizing the concept of Single-Source-of-Truth using GitOps.
Networks between the source and destination must be as flexible as the clusters to automatically ensure private and secure network routing along newly deployed clusters and workloads.
Running a new cluster for a new customer intends to manually deploy Kubernetes, container network interface (CNI), workloads, and network connectivity.
This thesis aims to prove possible automation of these challenges with state-of-the-art technologies like SRv6 packet-routing, Cilium networking for Kubernetes, and Nephio service orchestration platform.

Methods

Multiple IPv4 and IPv6 networks simulating a network infrastructure were set up. The routers were connecting multiple Kubernetes environments.
In the first stage, the Kubernetes environments were deployed using a customized Ansible playbook based on Kubespray. The following deployment installed Cilium as CNI on the deployed Kubernetes control-plane node.
Eventually, the third deployment integrated the Kubernetes environment into the central Nephio management cluster.
Nephio allowed us to deploy not only applications but network configurations as well.
A substantial effort was put into network device configuration deployment to ensure networking between Kubernetes containers.
An additional optional use case was achieved by scaling Kubernetes clusters to the public cloud, which were connected to our on-premise environment.

Results

The Kubernetes deployment was executed successfully, enabling low-effort cluster deployments. Cilium networking was deployed, allowing new networking technologies, like source-determined routing called SRv6.
Nephio, which is still in a pre-launch condition, implements straightforward and effective workload deployments for multi-cluster environments.
As cloud-native infrastructure covers a wide range of topics, we were able to demonstrate the capabilities of further deployments like network devices or public cloud enrollment.
Some parts of cloud environments are more challenging than others to deploy, and with new technologies coming up, cloud environment automation will remain a fascinating topic.
Our thesis, conducted as a proof-of-concept, demonstrates that many manually configured infrastructures may be automatically deployed.

Discussion

Nephio is a new product with a lot of potential and numerous features on the roadmap. In the future, enterprises with large fleets of decentralized Kubernetes clusters should keep an eye on Nephio.
Single-Source-of-Truth and GitOps are featured by Nephio and will be adapted in networking in a broader spectrum with promising potential.
SRv6 is still an emerging and exciting technology, offering flexible routing between containers in extensive networks.