Article by Mansour Karam, CEO and Founder, Apstra
The introduction of overlays in the early days of SDN enabled organisations to bridge the gap between the dynamic nature of their business policies and the static nature of their network. At the same time, overlays introduced significant challenges, which limited their adoption in the enterprise.
Responding to customer requests in this area, Apstra is announcing AOS 2.0. Leveraging the recent advances in network operating system APIs and switch silicon support for VXLAN, AOS 2.0 delivers the first intent-based integrated underlay and overlay solution for the data centre network.
Around a decade ago when SDN discussions first began, switches had no APIs, and to deliver dynamic policy there was no choice but to bypass networking engineering teams and extend an overlay on top of the physical network. This approach created a number of problems that limited the adoption of the technology:
1. Underlays and overlays are opaque to each other. Because the underlay and overlay are totally decoupled, it is that much harder for IT teams to debug networking problems. Was it caused by the overlay? The underlay? Through which links or interfaces do the packets pertaining to this particular overlay tunnel flow?
2. Organisational processes break with decoupled underlays and overlays. Overlays made it unclear who was really responsible for network services. The network engineering team? The compute team? The cloud team? Compute teams are often driven to buy and operate an overlay without the participation of network teams. That could mean that two network operators in the same data centre don’t really work together. Or even acknowledge each other. Worse, the networking team is often finger-pointed, often without evidence. The network is the most critical asset in the data centre; one operational team should be empowered and responsible - not two.
3. Overlays don’t easily work with bare metal devices. While most workloads are virtualised, there is a lot of bare metal out there; storage, database, and many devices and appliances. The common solution is to build a gateway which generally encaps/decaps flows between the overlay and a bare metal segment. I am bullish on the use of an overlay, but quite honestly, a gateway for bare metal is a hack which only became necessary because of the unnatural fracture between underlay and overlay.
Introducing AOS 2.0:
In addition, AOS 2.0 leverages the same AOS core to provide the same unique AOS advantages:
Adding AOS 2.0’s new enterprise-class features (including RBAC, HTTPS, and Headless Operations), organisations can confidently start the process of migrating from legacy L2 data centre infrastructures to modern Leaf-Spine infrastructures with fully automated and integrated L3 underlay and L2 overlay — all under the control of networking teams.
And we’re just getting started. Customer-driven feature velocity is a key part of our vision, enabled by the extensible AOS architecture. This brings our customers expanded device support, and advanced intent-based analytics — which are coming as part of turn-key applications in future releases. Stay tuned for more to come from Apstra in the coming months. Indeed, a new era has begun, and we’re not looking back!