实验室到生活：提供弹性和安全的云原生网络

Lab-to-Live Delivering ResilientandSecure Cloud-NativeNetworks Author:Francis Haysom–Principal Analyst In partnership with Published by Appledore Research LLC • 44 Summer Street Dover, NH. 03820 Tel: +1 603 969 2125 • Email: info@appledorerg.com• www.appledoreresearch.com © Appledore Research LLC2024. All rights reserved. No part of this publication may be reproduced,stored in a retrieval system, or transmitted in any form or by any means–electronic, mechanical,photocopying, recording, or otherwise–without the publisher's prior written permission. Figures and projections contained in this report are based on publicly available information onlyand are produced by the Research Division of Appledore Research LLC independently of any client-specific work within Appledore Research LLC. The opinions expressed are those of the statedauthors only. Appledore Research LLC recognizes that many terms appearing in this report are proprietary; allsuch trademarks are acknowledged, and every effort has been made to indicate them by the normalUSA publishing standards. However, the presence of a term, in whatever form, does not affect itslegal status as a trademark. Appledore Research LLC maintains that all reasonable care and skill have been used in compilingthis publication. However, Appledore Research LLC shall not be under any liability for loss ordamage (including consequential loss) whatsoever or howsoever arising because of the use of thispublication by the customer, his servants, agents, or any third party. Publish date:4 November 2024 CoverPhotobyDenys NevozhaionUnsplash Executive Summary As modern cloud-native networks evolve, traditional testing approaches are no longer sufficient.Agile, lab-based testing now plays a critical role in enabling agile cloud-native operations. The‘Lab-to-Live’concept integrates hardware development, lab testing, network deployment, and operationsinto a unified DevOps lifecycle, fostering stronger collaboration between development andoperations teams. This approach is particularly vital in container-based networks, where seamlesscoordination between testing and assurance is crucial. The role of the lab is shifting—it’s no longer an isolated, offline process. Instead, continuous testingis becoming the norm, with lab verification flowing into live operational monitoring. This ensuresoperational readiness and provides a blueprint for successful, resilient network operations. This paper outlines the key drivers behind theLab-to-Live transformation and highlights bestpractices for ensuring the resilience and security of cloud-native networks. TheNeed forChange Modern networksare increasingly built with software on top of underlying network infrastructure,much of which is increasingly disaggregated IT serversand/or the cloud. Initiallythis wasbased onvirtualization but isnow increasingly based on containerization and cloud-native principles. Themoderncloud-nativenetwork(its network functions and its associated operational automation)is asoftware application.Thiscloud-nativenetwork can enableincreasing levels andspeedof networkinnovation, no longer tied to hardware standards definition and build.However, thiscloud-nativenetwork requires fundamentally different approaches totheend-to-endnetwork/service lifecycleincluding testing and operational assurance. The cloud inherently means anetwork of software. Software is fundamentally different. Hardwarelifecycles are inherently long with the critical activity of standardization of interfaces betweenhardware. Hardware that cannot be changed, built into the network over a long period. Hardwarethat can be configuredand testedagainst a specification but not coded and easily changed. Anetwork based onsoftwarecan potentially be changed rapidly and frequently to meet new needs.A softwarenetwork can leverageother software architectures and abstractions (such ascontainerization and micro-services). However, this flexibility comeswithchallenges: •Theimpossibility of perfect softwaremeans that the networkdelivery process needs to be agileand rapidto managechange.•Theincreased complexityof layers of software means that thenetwork delivery process needsto becapable oftesting this complexityand enablingthe assurance of this complexity.•Moving fromdelivering ahigh availabilitynetwork through hardware resilience to one based onsoftware application resilience. •Moving from a simple hardware supply chain to acomplexnetwork supply chainthat isincreasingly multi-vendor,disaggregated, and dynamic.•An environment in whichexisting organisational structures changeand blur.DevOpsenvironments where development, testing and operations are a continuum.•Networksecurityisno longer builton proprietaryhardwareobscurityand boundary firewalls,but ratherbuilt into the network throughout thesoftware deliverylifecycle,DevSecOps. Cloud-native networks arefundamentally differentfrom traditional networking and pseudo-hardware virtualized networks.Cloud-native applic