What is a CNF?

Problem to Solve

  • Network functions (NF) are physical or virtual devices that process packets supporting a network and/or application service. Performance, features, scale and operational control are paramount. Routers, campus switches and firewalls are example NFs.
  • VM-based virtual network functions (VNF) are available, mature, deployable, manageable and service-enabled.
  • Cloud Native is new; NFs implemented for and running in Cloud Native networks is new.
  • Container networking needs high-performance network functions (NFs) such as NAT, Firewalls, VPN gateways, load balancers, IPS, DPI, L2/L3 forwarding and more.
  • Reasons why they are needed: Fast, flexible, elastic and resilient container orchestration; For spinning up advanced communication services, composed of NF service chains; Rapid development and introduction of new network and services innovations to cloud native environments.
  • What about Kubernetes container network interface (CNI)? Not ideal for this purpose; Only provides simple application pod networking
  • Kernel network stack currently used for VM and container networks can hinder throughput for some applications

A solution for building and operating NFs for cloud native networks must exhibit the following:

  • Foster developer productivity with modern toolsets, standard/customized APIs, documentation, libraries, 12-factor, modularity, open source and cloud native project integration, large and engaged community.
  • Adhere to K8s lifecycle management.
  • Observability through logging, tracing, telemetry, diagnostic/troubleshooting APIs and CLI.
  • Feature rich, programmable and extensible for control plane, data plane and customization
  • High-performance user space data plane

Cloud Native Network Functions (CNF) is the Solution

A cloud native network function (CNF) is a VNF designed and implemented to run inside containers. CNFs inherit all cloud native architectural and operational principles including, 12-factor app, immutability and K8s lifecycle management.

CNF advantages include:

  • Lifecycle management parity with application containers. Existing best practicies applied to application microservice containers related to development, CI/CD, K8s orchestration and scheduling, distributed management, telemetry collection are available to CNFs.

  • Stateless Configuration. CNFs operate in container pods. Pods are durable, but if something breaks or new functions are needed, then Pods can be torn down and a new instance started up. The dynamic nature of cloud native environments precludes centralized or stateful CNF config management. Instead, a stateless approach is incorporated where CNFs “watch” for and then process config updates stored in an external data store.

  • Smaller footprint vis-a-vis physical or virtual devices. This reduces NF resource consumption, with the savings allocated to applications.

  • Rapid development, innovation and immutability. CNF functions should run in user space where new features and innovations can be applied. There is no need to modify the linux kernel; It becomes immutable.

  • Performance. Bypassing the Linux kernel has shown to increase performance. New CNFs are being developed to run in user space.

CNFs are Multi-Purpose

CNF are built and implemented with functions suited for their role in a cloud native network. For illustrative purposes, the figure below depicts several different scenarios.

Load Balancer

Ingress Controller/K8s Services

Cluster Networking

Improved CNI / NSM Pipes

SFC Service Bundles

by wiring up CNFs

  • Scaling load balancing functions for steering traffic towards application pods
  • Enhanced cluster networking can be achieved using a CNF vswitch for policy/service-aware switching (CNI-formed L2 bridge domain as an example), or as an x-connect for network service mesh (NSM) L2/L3 pipes setup between pods
  • Service Function Chains orchestrated to deliver different application services to customers. Examples show a cloud storage service on top, and a machine learning training application on the bottom.

CNF Pods in a Kubernetes Cluster

Composite CNF Architecture

Developers make design choices tailored for specific implementations. Simplifying the options to meet expectations requires flexible and adaptable focused on performance, flexibility, programmability and scale allows one to paint a picture of a composite CNF architecture.

  • User space data plane for best performance
  • Control plane agent contains southbound, low-level API for data plane programming, plugins to add new features and and generate northbound APIs for application and orchestrator control
  • Custom plugin and application integration component integrations
  • Infra plugins for logging, tracing, internal APIs, health checks
  • Plugins/APIs for external application access

//