Networking for Nerds

Networking for Nerds: Network-as-Code

Deploying networks with software speed

Oscar Cobles
Networking for Nerds: Network-as-Code

During the past decade, the terms cloud, software-defined and DevOps have been taking more and more space in our daily conversations and guiding the decisions that most organizations are making.

In a cloud-first world there are different layers of digital infrastructure that make up the overall solution of our systems. Some of these layers have evolved significantly to adapt to the new changes demanded by the market, especially those where the compute and storage reside. Other aspects of digital infrastructure, such as connectivity, have at times been less transcendental in their design and their impact more evident, as their use becomes more intensive and globalization more present in business.

Connectivity typically is not taken into account in most company’s cloud and infrastructure designs, and the consequences of this are becoming more and more evident since its use is increasingly ubiquitous and businesses are becoming more distributed around the world. In this article, we are going to discuss those connectivity challenges and demonstrate how Equinix can help you with them by using Network-as-Code.

New network management challenges

Let’s start by defining the main connectivity challenges that everyone experiencing digital transformation is dealing with:

  • Globalization – New business demands require that users and applications are all interconnected no matter where in the world they are.
  • Decentralization – There is no “IT department” anymore. With easy-to-use cloud services, new technologies and the implementation of new production methodologies, we have employees from all departments with different connectivity needs, making the network management even more complex.
  • Virtualization – Although technologies such as software-defined networking (SDN) and network functions virtualization (NFV) are gathering pace and solving many network problems, this does not mean that their management is not complex.
  • Scalability – Data will continue to grow exponentially, fuelled by data-intensive and interactive media such as video and social networking, plus artificial intelligence, big data analytics, the Internet of Things (IoT) and more.

How Equinix is responding to upcoming network challenges

There are several services and tools that Equinix make available to customers to solve real network problems, some of them are mentioned here:

Software-defined interconnectionEquinix Fabric™ is a platform that provides direct, secure and flexible connectivity to a service provider, another Equinix customer or between your own infrastructure deployed in different locations.

VNF marketplaceNetwork Edge from Equinix provides virtual network services that run on a modular infrastructure platform, optimized for instant deployment and interconnection of network services. You can select, deploy, and connect virtual network services at the edge in minutes, with no additional hardware requirements.

Empowering DevOps automation with Network-as-Code – These services cover a large part of these challenges, however, when we talk about decentralization, agility, and scalability we need to go one step further. Mainly, our services must be API-first, so that it can be easily integrated with third-party applications and internal processes. And eventually, provide mechanisms to consume these APIs, so the network can be managed in the same way and with the same tools, consistently across all the layers we mentioned at the beginning, and there is where the Equinix Terraform provider comes into play.

Equinix Terraform provider

Although at this point it is highly unlikely that you have not heard of Terraform, it is worth making a brief introduction. Terraform is an Infrastructure-as-Code (IaC) tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.

Terraform has become the leading IaC tool in the market, with about 200 official providers and more than 700 supported by the community. And in the same way as the main service providers, Equinix has developed its own Terraform provider, making it easier to create and manage any resource of the Equinix Fabric and Equinix Network Edge platform through human-readable code templates.

Terraform uses the same language and resource definition to represent infrastructure objects regardless of the provider, for example:

(Terraform syntaxis and resources definition)

This is not intended to be a Terraform tutorial, but to give you an idea of how it works: by running the script below, you will create redundant Azure ExpressRoute connections with Equinix Fabric and then connect an Equinix Network Edge virtual router and two Microsoft’s Enterprise Edge (MSEEs) routers in a matter of minutes:

Example of how to define an Equinix Fabric connection to Azure using the Terraform Equinix Provider.

Fully automating establishing a secure, direct connection between multiple clouds

When you want to establish a connection between two points, for example two routers, you usually add certain configuration parameters in the source router and other configurations in the destination router so that both are aware of each other. One of the advantages of using multi-vendor automation tools such as Terraform is that, apart from creating and managing the resources on the Equinix platform side, you will be able to complete the configuration and integration with the resources needed on the side of the service provider you want to connect with. This makes the automation of your entire hybrid or multi-cloud infrastructure from end-to-end possible.

In order to better understand how it works, we have published an example code that you can find here “Equinix terraform provider – multicloud sample”, with which you can easily deploy the architecture defined in the diagram below:

High-level diagram of cloud-to-cloud routing using Equinix Fabric and Equinix Network Edge

Here we have taken an application that spans multiple clouds as an example. In this scenario an online travel agency hosts their public facing website in AWS but leverages Google Cloud for their customer database. To secure access to the data and to optimize application performance, they need to be able to route traffic quickly and privately between their database in Google Cloud and their website in AWS.

Since these cloud providers don’t communicate with each other directly, the travel company would simply deploy a virtual router using Network Edge services connecting to both cloud providers from which all multi-cloud traffic flows. Equinix Fabric connections are used for private, high speed, low latency connectivity between those clouds.

Despite having easy-to-use web portals and APIs, there are several steps required to deploy this architecture, which can be a tedious manual process or even worse cause human errors when you must do it a hundred times. Below are all the steps of the process that Terraform will automate from start to finish:

  1. Setup infrastructure in AWS, which contains the frontend application: define virtual networks, spin up an EC2 instance, install and initialize application, security groups, configure a virtual interface and the BGP session.
  2. Spin up an Equinix Network Edge device (virtual router), retrieve a license, create SSH users, define an Access Control List template.
  3. Create an Equinix Fabric connection from the Equinix virtual router to the cloud virtual interface, configure BGP.
  4. Setup Infrastructure in GCP where the database is: define virtual networks, spin up a virtual machine, define firewall rules, configure a virtual router and the BGP session.
  5. Create an Equinix Fabric connection from the Equinix virtual router to the cloud virtual router, configure BGP.

High-level diagram of cloud automation with Terraform Equinix provider, Terraform AWS provider and Terraform GCP provider

If you had the opportunity to test this example, you would see that you can have a multicloud infrastructure setup in less than 30 minutes.

Beyond multi-cloud connectivity

We have used an example of a use case of an application that spans multiple cloud. However, there are some other scenarios that can be automated equally, such as establishing a connection from an Equinix data center to a service provider (network providers, internet providers, cloud providers, etc.), or to accelerate your digital business interconnecting to other companies that are also Equinix Fabric participants.

Learn more of the different use cases that can be covered using Equinix Fabric and Network Edge.

Explore our Equinix Developer Platform to know more about the Equinix APIs and developer tools.

Subscribe to the Equinix Blog