Telcos use multiple software-based vendor solutions to serve their customers, which traditionally results in higher management and support costs and limited flexibility due to multiple vendor software stacks. This presents challenges for integration, compatibility and operational management to coordinate with different vendors.
VMware Telco Cloud Platform
To increase flexibility, simplify management and reduce costs, VMware Telco Cloud Platform offers a unified, dependable, and marketable solution to deploy network functions from multiple vendors. The integration of VMware NSX Advanced Load Balancer enables the management of incoming network function traffic and provides carrier grade application delivery services. The benefits of this integration will be reviewed here.
Value proposition of NSX ALB integration with the VMware Telco Cloud Platform.
NSX Advanced Load Balancer has been built on the top of a software defined architecture. The control plane is managed by the Controller and data plane capabilities (i.e. server load balancing (SLB), global server load balancing (GSLB), security, and controller ingress) are delivered by the Application Service Fabric. This Fabric is dynamically created and maintained by the Controller in your environment like VMware Telco Cloud Platform.
The benefits of this software defined architecture integrated with your environment such as VMware Telco Cloud Platform are listed below:
|VMware Telco Cloud Automation enables automated instantiation of a CNF. Furthermore, the VMware NSX Advanced Load Balancer provides complete automation and control of incoming traffic to any CNF.|
|VMware NSX Advanced Load Balancer comes with a central location to manage the incoming traffic of a CNF. Furthermore, it supports multi-tenancy along with Role Base Access Control to create a single point of truth for all the teams managing CNFs.|
|Telcos seek a robust solution that offers scalability and resilience. VMware NSX Advanced Load Balancer includes self-healing capabilities, automatically replacing failed data plane services without disrupting traffic.|
|Analytics and observability include real time metrics, events and logs, which provide significant value. It enables telcos to get rich insights for their CNFsrequired to troubleshoot, automate and secure CNFs.|
|Telcos require dynamic scaling of their CNFs and data plane services. VMware NSX Advanced Load Balancer offers automatic scaling, based on analytics and observability.|
Reducing the application service fabric on demand also generates significant cost savings.
Integration with VMware vSphere:
NSX Advanced Load Balancer has native integration with various environments including VMware vSphere. This integration is critical as VMware vSphere is a key component of VMware Telco Cloud Platform. It allows the controller autoscale up or down the resources in thedata plane. This includes:
- Creating dynamically Virtual Machines
- Assigning Virtual Network Interface Card (vNIC)
- Dynamically configuring IP for each vNIC
- Enabling a secure channel between the data plane and the controller
With the above architecture, telcos end up with multiple products handling the data plane. It includes:
- GSLB (located outside of the Kubernetes cluster) to handle the traffic in case of multiple K8s clusters
- traditional L4 load balancers (located outside of the Kubernetes cluster) to load balance the traffic towards the ingress controllers
- Ingress controllers located inside the Kubernetes cluster to load balance the traffic toward the CNF pods and to manage the security layer (SSL/TLS)
We could include other products to handle IPAM, DNS, and Security capabilities. Ultimately, this design brings complexity to operate and automate. It results in 3 levels of Load Balancing which makes the troubleshooting extremely difficult.
On the other hand, NSX Advanced Load Balancer aggregates these products into a single solution significantly simplifying the operational model. It includes the following:
- Rich analytics
- Out of the box automation
- Dynamic scale
- Security and WAF features
- DNS/IPAM capabilities
- L4 (load balancing) and L7 (ingress)
- Global server load balancing (GSLB)
The same solution can also be shared among different environments (VMware Telco Cloud, other Kubernetes flavors, VM based environment such VMware vSphere or OpenStack) and different business units leveraging the built-in multi-tenancy feature.
Southbound integration with VMware Tanzu Kubernetes Grid:
The Application Service Fabric which handles the data plane (GSLB, L4 and Controller Ingress) is located outside of the Kubernetes cluster. Let’s review how the Application Service Fabric is aware of the activities happening inside the Kubernetes cluster.
For CNF use cases, NSX Advanced Load Balancer brings an additional component called Avi Kubernetes Operator (AKO):
- deployed as a Pod running inside your Kubernetes cluster
- AKO acts as a control plane function and is not part of the data path
- Informs the controller about changes (related to specific Kubernetes objects) happening inside the Kubernetes cluster.
- dynamically creates the data plane service for new Kubernetes events such as new ingress or service type load balancer
- dynamically updates the data plane service based on Kubernetes changes such as CNF scaling.
Deployment of AKO in your Kubernetes cluster can be achieved in many ways:
- Integrated with your Tanzu Kubernetes Grid life cycle, as soon as you deploy a new workload cluster, AKO is included
- VMware Telco Cloud Automation instantiates AKO
- Deploy AKO via Helm chart providing flexibility regarding the version of AKO.
Northbound integration with VMware NSX:
The Application Service Fabric needs to integrate with your entire network (WAN) in a reliable, scalable and flexible way. To do so, usually telcos rely on BGP (Border Gateway Protocol). VMware NSX Advanced Load Balancers enables such integration within the Telco Cloud Platform environment and specifically with VMware NSX:
The BGP capabilities between the Application Service Fabric and the NSX tier 0 gives you the flexibility:
- to advertise your CNF toward all VRFs
- to advertise your CNF toward specific VRF(s) only
- to enable Bidirectional Failure Detection (BFD) to achieve low latency failover time
- to scale the amount of data plane by leveraging Equal Cost Multiple Path (ECMP).
In summary, NSX Advanced Load Balancer provides the following capabilities for CNF running inside Telco Cloud Platform:
- Native integration with VMware vSphere which provides:
- Central orchestration
- Analytics / Observability
- A unique solution for managing the incoming traffic of your CNF which offers:
- Dynamic instantiation of DNS FQDN
- Dynamic or static allocation of external IP
- L4 (Load balancing) and L7 (Ingress)
- Rich Security features set including TLS, Application Security, Web Application Firewall
- GSLB capability for multi cluster use case
- Southbound integration with VMware Tanzu Kubernetes Grid
- Northbound integration with VMware NSX.
To learn more about this you can read about the Telco Cloud Platform and NSX Advanced Load Balancer. Coming soon, in part 2 of this blog, we will see how we can deploy such configuration for your CNF.