VPC design example with telecom OSS workload
This section provides an example of an OSS workload running in the AWS Cloud and communicating with a telecom's network via DX link. At a high level, the application is gathering performance data from a variety of network elements and this data is being correlated and presented through an OSS application running in Amazon VPC. In this example, the application is provided as a SaaS offering, and is managed by the SaaS provider in a dedicated VPC. The VPC is connected with both the telecom network and the operations network.
Workloads can run as virtual machines (VMs) or containers. In this example, the OSS application is implemented as container workloads on Red Hat OpenShift, using a Multi-AZ deployment for high availability purposes. Amazon EBS, Amazon Elastic File System (Amazon EFS) and Amazon Relational Database Service (Amazon RDS) are used in the overall design.
The advantage of this cloud-based implementation for telecom providers is:
-
Elastic scaling of the entire application using Elastic Load Balancing and automatic scaling.
-
Secure data handling as incoming data into the VPC is encrypted, data leaving the VPC is encrypted, and data held within the VPC is encrypted at both the storage and database level.
-
Secure access through ACLs, security groups, and multi-factor authentication (MFA).
-
High availability implementation spanning three Availability Zones, with private and public subnet in each AZ. Internet gateway provides internet access to each subnet.
-
AWS CloudFormation is used to deploy the entire infrastructure without the need for manual installation and stand-up.
The following diagram provides a logical representation of the key building blocks in the VPC and their connectivity to the telecom network through a DX connection: