Skip to content
Snippets Groups Projects

Add documentation contents

Merged Karel van Klink requested to merge add-doc-contents into development
20 files
+ 328
21
Compare changes
  • Side-by-side
  • Inline
Files
20
+ 79
1
# Architecture
We follow the principles of infrastructure as code, and we decompose configuration in data and templates.
We follow the principles of infrastructure as code, and decompose configuration in data and templates. Git stores and
versions all configuration, and it's also responsible for managing mechanisms such as:
* Automatic checks to validate data and data references.
* Merge requests for change approval.
The stack of tools is kept limited:
* Workflow Orchestrator ({term}`WFO`) orchestrates all changes.
* Ansible is the tool that deploys configuration.
* If needed, custom Python scripts can support extra functionality.
This approach works well for the deployment of 'base configuration'. For service fulfillment, three more components are
introduced:
* A resource database.
* A service database.
* A workflow engine.
All three of these components are deployed as part of {term}`WFO`. More information about {term}`WFO` can be found on
their website <a href="https://workfloworchestrator.org/" target="_blank">here</a>.
(configuration-decomposition)=
## Configuration (de)composition
The configuration of a network element can be decomposed in different functional parts:
* Base configuration.
* Service configuration:
* {term}`IFS`
* {term}`CFS`
The base configuration includes all configuration necessary to provision a new node, and to include it in the network.
It covers aspects such as:
* Standard routing configuration for node reachability.
* User access configuration and AAA (Authentication, Authorisation, Accounting).
* Standard configuration related to security and hardening of the device.
* Monitoring and event management.
The configuration is similar across all network elements, apart from some device-specific values such as hardware type
or loopback address.
On top of this 'base layer' services can be deployed. Some examples of offered services are given in the table below.
| Infrastructure facing services | Customer facing services |
|--------------------------------|-----------------------------------|
| Backbone trunks | Access point for R&E traffic |
| Transit provider | Access point for internet traffic |
| Internet exchange | |
## Principles
### For reference
* All network operations are automated, requiring no operator steps beyond the instantiation of intent.
* Changes applied to individual network element are fully declarative, vendor-neutral, and derived from the network
infrastructure from the high-level, network-wide intent.
* Any network changes are automatically halted and rolled back if the network displays unintended behaviour.
* The infrastructure doesn't allow operations that violate network policies.
[Source.](https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/45687.pdf)
### Other principles
* Automatic check evaluate all changes
* After passing pipelines, all changes are merged into the `main` branch. These pipelines run once a change is
peer-reviewed and approved.
- - -
## Orchestration and service database
All services offered can be summarised in the following four categories. Some examples are given in the table below.
| | Multipoint | Point 2 point |
|---------|-------------|------------------|
| Layer 2 | VPLS / EVPN | Layer 2 circuits |
| Layer 3 | L3VPN | Core links |
Loading