Thesis: A CI/CD Framework for Zero Downtime Deployment in Wi-Fi Mesh Networks

Published on January 9, 20264 min read read
DevOps
CI/CD
WiFiMesh
prplOS
USP (TR369)
Zero Downtime
LXC
iptables
Containers
Networking
Share:

Master's Thesis by Benedict Tiong Ing Ngie — Advised by Prof. Chien-Chao Tseng

In collaboration with Wistron NeWeb Corporation (WNC)

The Challenge

The networking landscape is shifting. Traditionally, Wi-Fi access points (APs) in a mesh network rely on monolithic firmware updates operating at the OS level. This means every update brings limited deployment flexibility, complex dependency management, and, worst of all, network downtime.

But what if we could manage edge devices just like we manage cloud infrastructure?

In this project, I engineered a CI/CD framework specifically for Wi-Fi Mesh networks, enabling automated, zero-downtime application deployments by treating Wi-Fi components as containerized microservices.

Here is a look under the hood at how I achieved this.

1. The Architecture: Standardized Container Lifecycle Management

To bring cloud-native capabilities to embedded systems (like prplOS), I designed an architecture that integrates GitHub Actions with the TR-369–compliant User Services Platform (USP).

Instead of flashing entire firmware images, applications are encapsulated as microservices. The framework handles the automated build, testing, and deployment of these containers across multiple APs, utilizing Unix Domain Sockets (UDS) to optimize system performance.

(Caption: Overview of the CI/CD pipeline integrating GitHub Actions and USP for edge container management)

2. Experimental Environment: Hardware & Software Setup

To rigorously validate the CI/CD pipeline and zero-downtime capabilities, I built a physical Wi-Fi Mesh testbed bridging cloud infrastructure with edge networking devices.

Hardware Architecture The physical testbed consists of three Access Points (one Root AP and two Extender APs) with the following specifications:

  • SoC: Qualcomm IPQ9570 (2.2GHz, 4 cores)
  • Memory: 2 GB RAM
  • Storage: 4 GB
  • Operating System: prplOS 3.2.0 (Linux-based)

(Caption: Physical hardware architecture featuring one Root AP and two Extender APs)

Software & Cloud Ecosystem The software setup seamlessly connects cloud automation with embedded edge services:

  • Edge Services (On-Premises):
    • USP Agent (v9.0.3)
    • prplLCM (v0.3.0) for container lifecycle management
    • prplMesh (v4.3.1)
    • iptables (v1.8.8) for traffic routing
  • Cloud Services:
    • USP Controller (v1.24.6)
    • GitHub Actions for the CI pipeline
    • Self-hosted container registry for managing Docker images

(Caption: Software setup bridging cloud CI/CD components with edge Wi-Fi Mesh services)

3. The Core Innovation: Seamless Traffic Steering

The biggest challenge with edge deployments is updating a service without dropping a single user packet. To eliminate service downtime, I developed a Seamless Traffic Steering mechanism utilizing iptables.

Instead of tearing down old routing rules and experiencing an "update gap," the system:

  1. Pre-constructs a complete, updated rule chain in the background.
  2. Instantaneously switches the active traffic path to the new chain via an atomic rule update.

This ensures the absolute continuity of rule transitions, effectively eliminating the packet loss typically caused by service restarts.

(Caption: The dual-chain iptables mechanism ensuring continuous packet routing during updates)

4. Unlocking Advanced Deployment Strategies: Blue-Green & Canary

Because the traffic steering mechanism is instantaneous and precise, it opens the door to advanced, cloud-standard deployment strategies directly on Wi-Fi APs:

  • Blue-Green Deployments: Spin up the new version (Green) alongside the old version (Blue). Once health checks pass, traffic is instantly flipped to the Green environment. If an issue occurs, rolling back is just as fast.
  • Canary Deployments: Gradually route a small percentage of user traffic to the new container. This allows for real-world testing and monitoring before committing to a full network-wide rollout.

(Caption: Advanced deployment strategies enabled by Seamless Traffic Steering)

5. See It in Action: Live Demo

To truly understand the impact of zero-downtime updates, seeing is believing. Below is a live demonstration of the CI/CD pipeline in action across our Wi-Fi Mesh network, showcasing a seamless application update without interrupting network traffic.

(Click the image above to watch the full demo on YouTube)

6. Conclusion

This project validates that bringing DevOps and CI/CD practices to edge network environments is not only feasible but highly reliable. By combining containerization, TR-369 USP, and seamless iptables manipulation, I successfully implemented a comprehensive CI/CD pipeline for Wi-Fi Mesh networks. Ultimately, this framework achieved true zero-downtime updates with zero failed requests—paving the way for more resilient, agile, and cloud-like edge infrastructure.

Related

← Previous
HomeLab Infra: Building a Private Cloud from Proxmox to TrueNAS Scale

Leave a comment via GitHub (Giscus). Sign in with GitHub to post.