SDEWAN central controller provides central control of SDEWAN overlay networks by automatically configuring the SDEWAN CNFs located in edge location clusters and hub clusters:
- To create secure overlays where each overlay connects application and hub clusters together.
- To allow application connectivity with external entities and entities of other clusters.
System Architecture
SDEWAN central controller includes the following components as showed in below diagram:
- Web UI: a HTML5 based web UI to provide configuration of Application Cluster Registration, Hub Registration, Overlay, Application/Service Registration and Status tracking.
- API Server: Exports Restful API for Application Cluster management, Hub management, Overlay management, Status monitoring management, logging.
- Scheduler Manager: a daemon service which accepts request from API server (through RPC) then generates relevant K8s CRs of SD-EWAN CNFs of various hubs and edges to establish the tunnels.
- SDEWAN Management DB: a database to store information such as edge clusters, hubs, overlays, ip addresses, application/services etc.
System Design
Working Flow
Assumption:
IP
- Central Cloud has public IP as CIP
- Traffic Hub has public IP as HIP1 HIP2, ...
- Edge Location may have public IP in one edge node as EIP1, ... or don't have public IP (behind a gateway as EGIP1, ...)\
IPSec Tunnel mode for control plane (e.g. central cloud to k8s API server)
- Central Cloud to Traffic Hub: Host to Host
- Central Cloud to Edge Location:
- Edge location has public IP: Host to Host
- Edge location does not have public IP: Initiator (edge) to Responder (Central cloud)
IPSec Tunnel mode for data plane (for data traffic)
- Edge to Edge: Host to host
- Edge to Hub: Host (edge) to Site (Hub, using edge's subnet as rightsubnet)
- Hub to Hub: Host to Host
Open:
- Assume control plane and data plane share the same interfaces in Hub? Edge Location?
Environment Setup (Pre-condition)
Flow: Register Hub
Flow: Register Edge Location
Flow: Register Application Service
Flow: Register Overlay