NFV Orchestration with Cisco Network Services Orchestrator
Unlock New Business Agility with a Smarter Approach to NFV Orchestration
Network functions virtualization (NFV) can fuel unprecedented agility for network operators. The primary ingredient to unlocking this potential is orchestration. There is broad consensus in the industry about the central importance of NFV orchestration (NFVO), but little agreement about how it should be implemented. The result is that, while operators today have many orchestration choices, these solutions are designed and operate very differently, and many have significant shortcomings.
This paper provides an overview of the current state of the industry, including the most important requirements for a successful NFVO. It introduces the Cisco® NFVO Core Function pack and details its core components and capabilities. It also illustrates the advantages of Cisco’s model-driven approach to orchestration and the ways it helps service providers avoid the common pitfalls of alternative solutions.
Navigating an Evolving NFV Landscape
Service providers worldwide are embracing the potential of NFV. By implementing network functions in software running on commercial off-the-shelf servers, rather than dedicated appliances, they can turn their networks into more flexible programmable infrastructures. Service providers see NFV as a way to unlock new revenues by creating new services more easily and bringing them to market more quickly. They also expect to lower operational expenses (OpEx) by automating the end-to-end lifecycle of service creation, provisioning, and assurance.
To accomplish any of this, however, service providers need NFV orchestration: a way to assemble, recombine, and manage all elements of their virtualized environments in an automated way. Unfortunately, while industry groups, vendors, and open-source organizations have made progress in this area, there remains no single universally accepted model for NFVO.
The industry has coalesced around the European Telecommunications Standards Institute Industry Specification Groups’ vendor-independent NFV Management and Network Orchestration (ETSI ISG NFV MANO) architecture. However, ETSI MANO is still relatively new and provides only a high-level description for how NFVO should work. When it comes to real-world lifecycle operations—the specific processes used to onboard, manage, and orchestrate multivendor virtualized network functions (VNFs)—there are no universally accepted specifications. This leaves room for different vendors and stakeholders to implement NFVO in different ways, and that’s exactly what they’re doing.
The result is that service providers looking to start capitalizing on NFV are left in limbo. They know they want to align to the ETSI architecture, but ETSI specifications are not yet normative or interoperable. Analysts offer little help because they’re mostly in a holding pattern waiting for the industry to settle on the best model. Operators are left looking at RFI/RFP responses from multiple vendors—all of which check the boxes for complying with the ETSI architecture—with no clear way to evaluate which approaches are better. Additionally, there are not enough mature NFVO use cases that would allow operators to make apples-to-apples comparisons.
Compounding the problem, operators hear different messages everywhere they turn:
● OSS/BSS vendors propose system integration–heavy projects to achieve NFV orchestration. Often, however, these are often merely relabeling of legacy workflow-based platforms that check some NFV boxes but do not fulfill the requirements of a full-featured NFV orchestrator.
● Network equipment vendors offer their own NFVO solutions, but they are often limited to narrow use cases built around specific products. They don’t address the wider NFV value proposition and can’t provide a platform for broad, multivendor NFV operations. Unsurprisingly, these solutions are often locked into a single vendor’s technology and roadmap, impeding interoperability and, as a result, negating much of the value of aligning with the ETSI architecture in the first place.
● Open-source tools and solutions are available, but they typically address part of the architecture, not the entire NFVO stack. Additionally, without commercial support for these open-source implementations, they are perceived as risky to deploy in carrier-grade environments.
The result of all of this uncertainty is that currently the future of NFVO is being defined in labs on a case-by-case basis, not by standards or vendors. And, as operators are beginning to discover, many current NFVO approaches have significant shortcomings.
Introducing Cisco NSO in the NFVO Role
Cisco can help service providers break through the hybrid orchestration logjam. Cisco provides an NFVO Core Function Pack, which combines the Cisco Network Services Orchestrator (NSO) with NFV orchestration logic, ETSI NFV data models, and Cisco Elastic Services Controller (ESC) VNF lifecycle manager. It provides a versatile, vendor-independent platform to help operators start realizing the speed, agility, and cost savings of NFV in their networks, whether physical, virtual, or hybrid.
The Cisco NFV Advantage
NFVO Core Function Pack capabilities are based on Cisco NSO, the market-leading service orchestrator in hybrid service provider environments. Cisco’s approach to NFV orchestration strikes the balance between off-the-shelf solutions that are too limited and broader-based platforms that require extensive system integration engagements. Instead, Cisco prepackages all of the core capabilities needed for NFV orchestration and provides a flexible foundation for practically any NFV use case. Service providers gain a powerful platform to onboard and manage VNFs from a wide range of vendors in their existing networks, without long system integration projects.
With the Cisco NFVO Core Function Pack, operators can:
● Draw on core NSO features to orchestrate services for practically any NFV use case in hybrid networks
● Rapidly create NFV value using preintegrated and value-added Cisco solutions, including Cisco ESC, VNFs, and NFV infrastructure
● Pragmatically align with ETSI specifications to start realizing the full transformative value of NFV
The following sections describe the requirements and challenges of NFVO and the advantages of NSO’s approach to NFV orchestration.
NFVO Requirements and Challenges
What are the primary requirements for an effective NFVO solution? What kinds of pitfalls should operators look to avoid?
● Flexible software platform with open and ETSI-aligned architecture and interfaces: Given the lack of normative NFVO standards, NFVO solutions should be flexible enough to support a wide range of NFV frameworks, software, and tools. Solutions must strike a balance between providing off-the-shelf value by being based on the ETSI architecture, without necessarily being locked into it.
Watch out for:
In the race to provide something that works off the shelf, some vendors are offering closed hard-coded NFVO technologies. For operators, this leads to long, expensive integration projects and vendor lock-in.
● Fully multivendor stack to simplify and accelerate VNF onboarding: No service provider wants to be locked into one vendor’s pricing and feature roadmap, so multivendor interoperability is just as important in the virtual domain as the physical. Service providers should demand NFVO solutions with vendor-independent tooling and runtime technologies. Effective NFVO platforms should be designed to work with a wide range of existing VNFs from multiple vendors and allow new services to be deployed as quickly and easily as possible.
Watch out for:
Vendors requiring that their VNFs must be orchestrated with their own NFV orchestrator and vice versa. Beware of solutions that attempt to shoehorn VNFs into the NFV MANO framework that aren’t well suited to it.
● An integrated set of lifecycle operations on the network service and VNF level: An effective orchestrator should have a full, integrated set of lifecycle operations at both the service and VNF levels. Lifecycles exist at at least two layers:
◦ VNF and network service coarse-grained lifecycles: onboard, instantiate, and so on. This lifecycle manages the VNF and service as a black box.
◦ Runtime fine-grain configurations: configuring and reconfiguring the VNF and network service after it is running after step 1, as mentioned earlier.
If operators want to truly gain control over the way the network and services behave, all of those lifecycle capabilities should be exposed through the orchestrator.
Watch out for:
Solutions that are limited to create/delete scenarios where you cannot modify running VNFs and services. Also watch out for orchestrators unable to address the fine-grained runtime configuration problem. Solutions unable to support update operations are particularly problematic. Also watch out for orchestrators where the lifecycle operations are implemented as backend scripts or workflows. This will lead to endless work of defining scripts/workflows for all the special cases.
A Better Approach: Cisco NFVO Core Function Pack
Cisco starts with the assumption that orchestration should be an enabler of multivendor NFV, not an obstacle. We provide an API-first, “bottom-up” solution designed to simplify NFV for developers and facilitate DevOps ways of working. With the Cisco NFVO platform, operators can take advantage of open technologies and emerging standards more quickly and easily adapt them to local requirements. They can use rich network abstractions that are simple to consume and straightforward to integrate into surrounding systems.
Unlike other NFVO approaches, Cisco provides:
● Flexible software platform: Our NFVO solution is built on a fundamentally open, ETSI-aligned platform. We use well-understood, standardized technologies and open interfaces and conform closely to the ETSI framework for information model, architectural components, and the ways they interact with each other. This approach allows operators to avoid closed hard-coded technologies or environments that inherit older approaches with highly specialized tooling.
● Multivendor, best-in-class approach: To unlock the full value of NFV, operators should be able to choose best-in-class vendors and solutions for different roles in their environments. That encompasses not just management of virtualized functions but the networking domain itself. Cisco’s NFVO is a fully vendor-independent solution, built from the bottom up for a multivendor stack. Operators gain the business flexibility to choose the best solution for any element of the NFV stack and the ability to deploy multivendor network components more quickly, with much less time and effort.
● Integrated lifecycle operations on network service and VNF levels: Cisco NFVO provides an integrated set of lifecycle operations at both the network service and VNF levels and for the different lifecycles. After the VNFs and services are instantiated using the NFVO functionality, NSO will address the runtime configuration problem, including “modify.”
NFV is still evolving, and there will likely be some variation in how vendors’ VNFs are packaged and shipped for the foreseeable future. However, Cisco’s NFVO provides a flexible, vendor-neutral platform to make the process of implementing multivendor NFV components as simple as possible. Operators can start benefiting from NFV right now, even while standards are still being developed. They can take advantage of NFV in their existing environments without locking themselves into one vendor’s products and approach and without ongoing, expensive system integration engagements.
Inside Cisco NFVO Core Function Pack
To understand the advantages of Cisco’s approach, let’s start by reviewing how NFVO fits within the ETSI MANO framework (Figure 1).
Figure 1. ETSI NFV MANO High-Level Architecture
The right side of the model details the basic components of NFV orchestration, including:
● VNF descriptor (VNFD) catalog: VNFDs describe the requirements of a particular VNF on its execution environment. (For example, a given VNF might need a fixed set of virtual CPUs and a certain amount of memory and disk space.)
● Network service descriptor (NSD) catalog: NSDs describe the relationship between a set of VNFDs such that they become a network service. Typically, this entails a service chain of connected VNFDs with parameters for how they function together. For example, the NSD could specify the options for scaling up the service if utilization passes a certain threshold.
Descriptors are templates to instantiate VNFs and services. After being instantiated, these are represented as “records”: NSR and VNFR. (In the latest ETSI specifications they are renamed network service information [NSInfo] and VNF information [VNFinfo] elements.)
Figure 2 illustrates how the components of Cisco’s NFVO Core Function Pack map to the ETSI model.
Figure 2. High-Level Mapping of Cisco NFVO to ETSI Architecture
Elements of the NFVO offering include:
● Cisco NSO: At the heart of the solution is the core Cisco NSO engine, which provides the foundation for NFV orchestration. Used by leading operators around the world to automate provisioning and activation in their hybrid networks, Cisco NSO provides a single networkwide interface to all network devices and services. It provides a common data store and uses a common modeling language (YANG) to model both high-level services and granular device configurations. Operators can use standardized models to easily create and change services using practically any vendor’s virtualized (or physical) devices, without lengthy custom coding or service disruptions.
● NSO NFVO Core Function Pack: This additional orchestration logic, bundled with the NSO core engine, adds the NFVO catalog functions to the solution, including descriptors, resource records, and resource tracking for the virtual infrastructure. It combines the primary orchestration features in the NFV MANO stack with Cisco NSO capabilities to control the actual applications and lifecycle of services running as VNFs. The NFVO component communicates with the VIM and tracks NFVI resources through the standardized Or-Vi interface, which provides a real-time view of assets and resources and where they are running.
● Cisco Elastic Services Controller: The Cisco Elastic Services Controller (ESC) provides comprehensive VNFM lifecycle operations as part of a fully automated NFV platform. The orchestrator communicates with Cisco ESC through the standardized Or-Vnfm interface, allowing it to manage the lifecycle of VNFs and network services in a way that’s abstracted from the actual virtual infrastructure.
The Cisco NFVO Advantage
Let’s take a closer look at Cisco’s NFVO implementation and the ways it addresses the common challenges and pitfalls described previously.
Flexible Software Platform
In the constantly evolving, multivendor landscape of NFV, service providers need orchestration based on a highly flexible software platform. Cisco’s NFVO solution provides three core capabilities to deliver it (Figure 3):
Figure 3. Cisco NFVO Software Platform
● YANG-based descriptor schema: Our approach to NFVO is built entirely on the YANG model-driven core of Cisco NSO. We use YANG to describe the schema for descriptors, simplifying the onboarding of multivendor VNFs. Users can create network service descriptors and onboard VNFs from multiple vendors using JSON, XML, or TOSCA/YAML. And the solution includes tooling to quickly and easily develop VNFDs for VNFs that are shipped without one. All of which combines to create an orchestration platform that accelerates VNF onboarding, rather than presenting a bottleneck. This also provides the flexibility of augmenting the descriptors with network service and VNF-specific attributes.
● Full lifecycle operations for VNFRs and NSRs: Recognizing that an effective orchestrator must address the lifecycle of both VNFs and network services, Cisco’s NFVO gives programmers multiple API options to control full lifecycle operations. These include Java and Python, as well as both REST and NETCONF APIs. All four interfaces provide a complete set of lifecycle operations (create/read/update/delete) in all of the various forms that each API exposes. For human end users, the platform includes both a web-based UI to access high-level NFVO features and a set of CLI interfaces for those who prefer CLI tools.
● VNFM interaction through Or-Vnfm: All interaction between the orchestrator and VNFM (Cisco ESC) happens through the open, standardized Or-Vnfm interface. Cisco’s NFVO uses NETCONF to address individual VNFs from diverse vendors, integrated into the same YANG models that Cisco NSO uses for descriptors. So, for example, if the system detects an issue in the VNFM and needs to scale, replace, or move a VNF, it uses NETCONF notifications to do that. These Or-Vnfm communications support asynchronous signaling and provide a full-lifecycle environment, allowing for the creation, updating, and deletion of multivendor VNFs through a fully open interface.
The NFVO Core Function Pack is designed from the ground up to enable multivendor interoperability (Figure 4). It makes it easy for operators to choose best-in-class components for all aspects of their NFV environment and avoid vendor lock-in.
Figure 4. Cisco NFVO Multivendor Stack
NFVO Core Function Pack multivendor capabilities and design characteristics include:
● NSD editor: As a front end to the catalog, the solution includes a web-based NSD editor (Figure 5) that makes it easy to assemble onboarded VNFs into ETSI-compliant network services. Effectively, operators can create a catalog of chained VNFs from multiple vendors to later deploy them and manage their lifecycle functions as cohesive service chains. The solution handles all of these capabilities for all VNFs, regardless of vendor.
Figure 5. NSD Editor
● Vendor-independent VNF descriptors: Cisco’s NFVO platform strictly adheres to ETSI descriptors for VNFs, virtual links, and service access points. As a result, it can work with any ETSI-compliant VNF. Operators can quickly onboard and manage any VNF that expresses its requirements with VNFDs and have the freedom to express their own network service descriptors as they choose. In addition, because the platform uses open standards and technologies (including YANG, JSON, XML, and TOSCA/YAML), it allows for strict adherence to vendor-independent VNF descriptors. The orchestrator’s fundamental descriptors use ETSI-based information models to express the need for a particular existing VNF. However, because it’s based on extensible technologies such as YANG, the platform is highly adaptable.
So, if operators want to use VNFs that require proprietary extensions, extending the existing ETSI models is a straightforward process. Even if a VNF is not ETSI-compliant or uses alternate encoding, operators can easily translate those descriptors into ETSI-based JSON/XML descriptors.
● Open VNFM architecture: Cisco ESC is built with the same degree of openness as the NFVO architecture, allowing operators full flexibility to customize VNF provisioning and monitoring. Recognizing that many current VNFs require fundamental support in their virtual behavior lifecycle (how they’re deployed, booted, and brought online), it provides a full set of extension points in the VNFM lifecycle. Operators can support practically any vendor’s VNF with the complete set of operations needed to be created, updated, or scaled in or out. Additionally, Cisco ESC provides a framework for VNF service monitoring without agents. As a result, there are no special requirements on any vendor’s VNF or VNFD for the NFVO platform to monitor its basic health and service status. The orchestration platform handles everything.
Integrated Lifecycle Operations
The NFVO Core Function Pack also provides a complete, integrated set of lifecycle operations for all elements of the NFVO stack (Figure 6).
Figure 6. NFVO Integrated Lifecycle Operations
These integrated lifecycle characteristics include:
● Comprehensive set of APIs: Cisco’s NFVO platform supports a broad range of standardized northbound interfaces, simplifying lifecycle operations for developers as well as human-to-machine interfaces. Once again, these lifecycle operations are provided for all primary elements of the NFV stack: VNFs, virtual links, NSDs, and more. Operators can control and automate the full lifecycle of individual VNFs, links, and multi-VNF services.
● Stateful convergence: One of the most important capabilities that Cisco NSO brings is the concept of stateful convergence. That is the ability to make changes to a service at a high level and have the system automatically translate that high-level intent into real changes in the network at runtime, without having to manually specify each granular step along the way. Stateful convergence automatically renders the needed steps for any modify case or delete case without the need for coding. This capability is essential for orchestrating complex, dynamic NFV environments. Using traditional script/template/workflow-based tools, operators bringing up a new service or making a change would need to specify each step in the process. Cisco’s NFVO offering allows operators to update or edit a running network instance.
NSO’s capabilities of supporting “modify” at both the coarse-grained layer (for example, add VNF into service chain) and the fine-grained layer (for example, change the QoS and security settings of the running service chain) are unique to the market.
● Fully abstracted Or-Vnfm: The NFVO Core Function Pack uses a fully abstracted implementation of Or-Vnfm. No aspect of Cisco ESC’s particular VNFM implementation is exposed to service descriptors, and no vendor-specific aspects or data structures need be considered by developers writing services. Rather, the platform uses a completely YANG-based API, based on ETSI structures. It provides full support for all of the necessary asynchronous state changes and error messages, putting full lifecycle operations capabilities at developers’ fingertips.
Working with the NFVO Core Function Pack
Cisco’s NFVO platform includes a suite of intuitive web-based UI tools. It provides different views of the orchestration environment for different stakeholders, both those developing new VNFs and network services and operational staff tasked with onboarding and managing them. These tools include:
● NSD editor: This point-and-click/drag-and-drop UI makes it easy to assemble onboarded VNFDs from the catalog into deployment-ready network services. No additional onboarding steps are needed. After an NSD has been assembled through this tool, the orchestrator is ready to instantiate that network service.
● Descriptor views: This interface provides a simplified overview of the catalog to easily view and manage lifecycle operations for NSDs and onboarded VNFDs.
● Resource and record views: This tool provides a comprehensive snapshot of everything happening in the virtual domain in real time. It shows all currently deployed NSRs, VNFRs, and VLRs, allowing operators to understand at a glance which virtual services are running, those services’ constituent VNFs and the links between VNFs in a particular NSD.
● ESC onboarding view: This tool handles the onboarding step between the orchestrator and VNFMs, providing an overview of VNFM configurations and onboarded deployment assets. Operators can see all VM images and flavors available and understand which VNFMs are ready to deploy which kinds of services.
Start Capitalizing on NFV Agility
Faster time to market, lower costs, improved business flexibility: all of these benefits and more are possible with NFV. However, to take advantage of them, service providers need open, flexible multivendor orchestration. Uniform NFVO standards are still being developed. However, service providers can start capitalizing on NFV right now—in their existing physical, virtual, and hybrid networks—with the NFVO Core Function Pack.
Drawing on the industry’s leading model-driven service orchestration platform, Cisco NSO, service providers gain a comprehensive platform to build and manage virtualized services using assets from practically any vendor. They can stitch together services for a wide range of NFV use cases without getting bogged down in vendor-specific VNF steps and manual coding. They can assure openness, extensibility, and adherence to ETSI specifications in every element of the orchestration system. And they can begin to unlock the full speed and agility of NFV without long, expensive integration projects.
To find out more about what Cisco NFVO Core Function Packs and Cisco Network Services Orchestrator can do for your business, visit http://www.cisco.com/go/nso.