The Open Network Automation Platform (ONAP) is a Linux Foundation project that provides a way to design network services, manage their lifecycle and perform service assurance using real-time policy driven closed-loop automation (i.e. no human beings are involved, policies directly drive lifecycle management operations).
ONAP can be used to automate just about any SDN or NFV service, but to make things a bit convenient, the ONAP community has created ready-to-use blueprints/demos: virtual firewall (vFW), residential virtual customer premise equipment (vCPE) and voice over LTE (VoLTE). The vFW is the simplest of the three and can be tried out by those new to ONAP in just a couple of days. However, to try out vFW you will require two sets of infrastructure. First you need OpenStack or Kubernetes to run ONAP and then OpenStack to manage the underlying NFV infrastructure (NFVI) layer for the vFW network service. Unfortunately the combined stack is too heavy to run on a laptop. So you have two options to try out vFW. If you have a lab at your beck-and-call, read no further, go to the above wiki link and try out the vFW blueprint in your lab. However, if you are like most mortals and don’t have ready access to idling servers, we have a solution for you.
Here is what we recommend:
Before we show you how to use VEXXHOST, a quick background on the vFW blueprint. Below is the blueprint (also called demo) architecture:
The vFW network service consists of 3 VNFs that are packaged as two:
Assuming ONAP infrastructure is taken care of, here are the steps to connect ONAP to VEXXHOST:
Now follow the steps from the vFW wiki that involve:
Upon completion of these steps, you should be able to go to the VEXXHOST Horizon GUI and see the VNFs coming up. Give them ~15 minutes to boot and another ~15 minutes for them to be fully configured. See below screenshots:
Did you try this out? How did it go? We look forward to your feedback. In a realistic scenario, vFW_PG and vFW_SINC are unlikely to be in the same cloud. So, in the next blog we will show you how to use two different VEXXHOST tenants to simulate two regions and then how you can spread the vFW service across those two tenants/regions.
In the meantime if you are looking for ONAP training, professional services or development distros (basically an easy way to try out ONAP < 1 hour), please contact us.
See Also: ONAP Wiki, vFWCL Wiki, Orchestrating Network Services Across Multiple OpenStack Regions Using ONAP blog