The mNCC in the NEMO Ecosystem: Architecture, Functionalities and Perspectives for Advanced Network Management

Introduction

The meta-Network Cluster Controller (mNCC) is a key component within the meta Operating System (meta-OS) of the NEMO project, responsible for managing network connectivity and exposure of performance metrics in multi-cluster and multi-domain environments. Its main function is to act as an interface between the NEMO orchestration layer and the underlying physical infrastructure, providing abstraction of network services and enabling real-time access to network features for the rest of the system components.

Architecture and Components

The mNCC is composed of several modules that integrate advanced management, monitoring and adaptive technology capabilities:

Intent-Based System (IBS): Translates high-level intents into specific network configurations, allowing users to define connectivity requirements without worrying about the underlying technology. The IBS classifies, translates and executes intents, supporting the continuous integration of new technology adapters through a modular microkernel architecture.
Network Metrics Exposure (NeMeX): Acts as the northbound interface (NBI) to the mNCC, integrating topology and performance metrics from multiple sources and exposing them through RabbitMQ for consumption by the Meta-Orchestrator and other NEMO components. NeMeX enables advanced real-time network health monitoring and analysis.
Technology Connectivity Adaptors: These include adapters for technologies such as 5G, TeraFlow SDN Controller and L2SM (Link Layer Secure Microservices), facilitating secure and flexible connection between microservices in different Kubernetes clusters. The L2SM adapter, for example, enables the creation and management of virtual networks between clusters using a gRPC API and custom Kubernetes resources.
Network Performance Monitoring: Implements Python-based probes to measure latency, throughput, packet loss and other key metrics, integrating this data into the system to support autonomous decision making.

Workflow and Key Functionalities

The mNCC operates on a continuous cycle of network management and exposure:

Intent Management: The Meta-Orchestrator sends connectivity intents to the mNCC via RabbitMQ. The IBS classifies these intents and translates them into configurations specific to the available technology adapters (e.g. creation of an L2 VPN with TeraFlow SDN or an inter-cluster virtual network with L2SM).
Monitoring and Metrics Exposure: NeMeX collects network metrics from the nodes and links of each cluster, integrating information from Kubernetes and network probes. These metrics are periodically exposed to RabbitMQ, allowing other NEMO components (such as Meta-Orchestrator or CF-DRL) to make decisions based on the current state of the network.
Multi-Technology Integration: The mNCC supports the integration of multiple network technologies (5G, SDN, Kubernetes overlay, etc.), enabling unified resource management in heterogeneous and distributed environments.
Automation and Scalability: mNCC deployment and management are supported by CI/CD frameworks and automation tools, facilitating scalability and efficient operation in production environments.

Use Case: Inter-Cluster Network Management

A typical use case is the creation of a virtual network between two Kubernetes clusters managed by NEMO:

Receiving Intent: Meta-Orchestrator sends an inter-cluster network creation intent.
Classification and Translation: The IBS classifies the intent and translates it into a specific configuration for the L2SM adapter.
Execution: The L2SM adapter uses a gRPC API to create custom network resources on each cluster, establishing a secure, centrally managed connection.
Monitoring: NeMeX collects network metrics from both clusters and exposes them to RabbitMQ, enabling observability and dynamic tuning of connectivity.

Benefits and Future Perspectives

Abstraction and Simplification: The mNCC abstracts away the complexity of network management, allowing users to define high-level connectivity requirements without worrying about the underlying technology.
Interoperability and Flexibility: The mNCC’s modular architecture facilitates the integration of new network technologies and the management of multi-domain environments.
Advanced Monitoring: Real-time exposure of network metrics enables dynamic optimisation and early detection of problems.
Automation and Security: The mNCC supports automated deployments and advanced security mechanisms, such as the establishment of encrypted connections or secure workload migration.

As a continuation, the CyberNEMO project is defining Zero-Thrust Network Access (ZTNA), a network management component that evolves from mNCC by providing secure segmentation of content in microservices and the management and monitoring of network access. This component includes other advantages such as log attestation or the use of metrics calculated with AI… But that is another story.

Conclusion

The mNCC is a fundamental component in the NEMO meta-OS, providing advanced, flexible and automated network management in multi-cluster and multi-technology environments. Its modular architecture, based on intents and technology adapters, positions it as a robust and scalable solution for network orchestration in the edge-cloud continuum era.

Tweet0 LinkedIn0