The Telecom Network Automation architecture is hierarchical, and consists of three tiers or stages.
Telecom automation architecture
The Telecom Network Automation architecture consists of three stages that follow the end-to-end workflow of telecom automation:
Stage 1: Package authoring
The following tasks are commonly done by network function vendors, network infrastructure vendors, service orchestration (SO) vendors, and system integrators:
- Create
kptpackages: Develop configuration packages and create initial blueprints by definingkptpackages, network functions (NFs) and the necessary infrastructure custom resource definitions (CRDs). - Publish packages: Distribute the configuration packages to designated repositories.
- Determine repository type: Choose between making the package available within a closed, proprietary repository (accessible only to the organization) or within a public repository (accessible to a wider community).
Stage 2: Network designing
The following tasks are commonly done by CSPs and SIs:
- Collect and customize original blueprints: Customize the CRD and resources. Align the blueprints with their organization-specific configurations and policies.
Stage 3 : Deploying
The following tasks are commonly done by CSPs and SIs:
- Clone and customize blueprints: Consume and render variants of the configuration and approve the final config.
- Initiate deployments: Telecom Network Automation reconciles these deployments to match the network with the intent the user provides.
Figure 1. Telco cloud-native automation end-to-end journey (based on Nephio)
Roles and permissions
This section lists the Identity and Access Management (IAM) permissions and roles for Telecom Network Automation.
Roles
| Role | Permissions |
|---|---|
| Telco Automation Admin
The Admin is a super user and has all the Telecom Network Automation permissions. Only the admin role has these permissions in predefined roles:
|
|
| Telco Automation Blueprint Designer
Blueprint designers have the primary responsibility to create and manage blueprints. They have all the permissions for blueprint resources except approve, and read permissions for all other Telecom Network Automation resources. |
|
| Telco Automation Deployment Admin
Deployment Admin have the primary responsibility to manage the deployment resources. They have all the corresponding permissions, plus read permissions for other Telecom Network Automation resources. |
|
| Telco Automation Service Orchestrator
The Service Orchestrator role is for service accounts which call the Telecom Network Automation APIs to manage the deployment resources. |
|
| Telco Automation Tier 1 Operations Admin
Tier 1 Operations Admin has read access for Telecom Network Automation resources like blueprints, deployments and orchestration cluster to monitor their states. |
|
| Telco Automation Tier 4 Operations Admin
Tier 4 Operations Admin has all the permissions of a Tier 1 admin plus all other permissions to manage deployment resources. |
|
Permissions
| Permission | Target |
|---|---|
| telcoautomation.blueprints.approve | Approve on the target blueprint resource |
| telcoautomation.blueprints.create | Create on blueprint resource |
| telcoautomation.blueprints.delete | Delete on the target blueprint resource |
| telcoautomation.blueprints.get | Retrieve on the target blueprint resource |
| telcoautomation.blueprints.list | Lists on the blueprint resources |
| telcoautomation.blueprints.propose | Propose on the target blueprint resource |
| telcoautomation.blueprints.update | Update on the target blueprint resource |
| telcoautomation.deployments.apply | Apply the target deployment resource |
| telcoautomation.deployments.computeStatus | Compute status on the target deployment resource |
| telcoautomation.deployments.create | Create on the target deployment resource |
| telcoautomation.deployments.delete | Delete on the target deployment resource |
| telcoautomation.deployments.get | Retrieve on the target deployment resource |
| telcoautomation.deployments.list | Lists on the target deployment resources |
| telcoautomation.deployments.rollback | Rollback on the target deployment resource |
| telcoautomation.deployments.update | Update on the target deployment resource |
| telcoautomation.locations.get | Retrieve on the target telcoautomation location resource |
| telcoautomation.locations.list | Lists on the target telcoautomation locatio resources |
| telcoautomation.operations.cancel | Cancel on the target telcoautomation operation resource |
| telcoautomation.operations.delete | Delete on the target telcoautomation operation resource |
| telcoautomation.operations.get | Retrieve on the target telcoautomation operation resource |
| telcoautomation.operations.list | Lists on the target telcoautomation operation resources |
| telcoautomation.orchestrationClusters.create | Create on the target orchestration cluster resource |
| telcoautomation.orchestrationClusters.delete | Delete on the target orchestration cluster resource |
| telcoautomation.orchestrationClusters.get | Retrieve on the target orchestration cluster resource |
| telcoautomation.orchestrationClusters.list | Lists on the target orchestration cluster resources |
| telcoautomation.publicBlueprints.get | Retrieve on the target public blueprint resource |
| telcoautomation.publicBlueprints.list | Lists on the target public blueprint resources |