Leave a comment via GitHub (Giscus). Sign in with GitHub to post.
Master’s Thesis by Benedict Tiong Ing Ngie — Advised by Prof. Chien-Chao Tseng
In collaboration with Wistron NeWeb Corporation (WNC)
The networking landscape is shifting. Traditionally, Wi-Fi access points (APs) in a mesh network rely on monolithic firmware updates operating at the OS level. This means every update brings limited deployment flexibility, complex dependency management, and, worst of all, network downtime.
But what if we could manage edge devices just like we manage cloud infrastructure?
In this project, I engineered a CI/CD framework specifically for Wi-Fi Mesh networks, enabling automated, zero-downtime application deployments by treating Wi-Fi components as containerized microservices.
Here is a look under the hood at how I achieved this.
To bring cloud-native capabilities to embedded systems (like prplOS), I designed an architecture that integrates GitHub Actions with the TR-369–compliant User Services Platform (USP).
Instead of flashing entire firmware images, applications are encapsulated as microservices. The framework handles the automated build, testing, and deployment of these containers across multiple APs, utilizing Unix Domain Sockets (UDS) to optimize system performance.
(Caption: Overview of the CI/CD pipeline integrating GitHub Actions and USP for edge container management)
To rigorously validate the CI/CD pipeline and zero-downtime capabilities, I built a physical Wi-Fi Mesh testbed bridging cloud infrastructure with edge networking devices.
Hardware Architecture The physical testbed consists of three Access Points (one Root AP and two Extender APs) with the following specifications:
(Caption: Physical hardware architecture featuring one Root AP and two Extender APs)
Software & Cloud Ecosystem The software setup seamlessly connects cloud automation with embedded edge services:
(Caption: Software setup bridging cloud CI/CD components with edge Wi-Fi Mesh services)
The biggest challenge with edge deployments is updating a service without dropping a single user packet. To eliminate service downtime, I developed a Seamless Traffic Steering mechanism utilizing iptables.
Instead of tearing down old routing rules and experiencing an “update gap,” the system:
This ensures the absolute continuity of rule transitions, effectively eliminating the packet loss typically caused by service restarts.
(Caption: The dual-chain iptables mechanism ensuring continuous packet routing during updates)
Because the traffic steering mechanism is instantaneous and precise, it opens the door to advanced, cloud-standard deployment strategies directly on Wi-Fi APs:
(Caption: Advanced deployment strategies enabled by Seamless Traffic Steering)
To truly understand the impact of zero-downtime updates, seeing is believing. Below is a live demonstration of the CI/CD pipeline in action across our Wi-Fi Mesh network, showcasing a seamless application update without interrupting network traffic.
(Click the image above to watch the full demo on YouTube)This project validates that bringing DevOps and CI/CD practices to edge network environments is not only feasible but highly reliable. By combining containerization, TR-369 USP, and seamless iptables manipulation, I successfully implemented a comprehensive CI/CD pipeline for Wi-Fi Mesh networks. Ultimately, this framework achieved true zero-downtime updates with zero failed requests—paving the way for more resilient, agile, and cloud-like edge infrastructure.