Application template generation and deep packet inspection approach for creation of micro-segmentation policy for network applications

What is claimed is: 1. A method of creating micro-segmentation policy for applications executing in a network, the method comprising: monitoring network packet traffic to identify network traffic types and patterns; based on the network traffic types and patterns, identifying a set of components as an affinity group associated with each application; generating an application template comprising a set of application components for each application based on information provided by a vendor of the application; reconciling the components of each application template and the associated affinity group based on a set of conflicts identified based on the monitoring of the network packet traffic; and creating micro-segmentation policy for the network based on a mapping of the components of each affinity group into the components of the template generated for the associated application. 2. The method of claim 1 further comprising: based on the network traffic type and patterns, identifying a set of communication paths among different components of each affinity groups; and revising the set of components of each affinity group based the identified set of communication paths. 3. The method of claim 1 , wherein the micro-segmentation policy for the network comprises a set of rules for a distributed firewall. 4. The method of claim 3 further comprising applying the firewall rules to the components of each application and the network packet traffic. 5. The method of claim 1 , wherein monitoring the network packet traffic comprises monitoring network traffic of a plurality of data compute nodes (DCNs) operating at a plurality of host machines. 6. The method of claim 5 , wherein monitoring the network packet traffic comprises identifying the network traffic from system logs of the plurality of DCNs. 7. The method of claim 1 , wherein identifying the set of components as an affinity group associated with each application comprises identifying the traffic types associated with each application based on a protocol and a port identified in the monitored network traffic. 8. A method for creating micro-segmentation policy for applications executing in a network, the method comprising: monitoring network packet traffic to identify network traffic types and patterns; based on the network traffic types and patterns, identifying a set of components as an affinity group associated with each application; generating an application template comprising a set of application components for each application based on information provided by a vendor of the application, wherein the template of a particular application comprises a set of mandatory components; determining whether the associated affinity group of the particular application comprises the set of mandatory components; when the components of the affinity group do not include a mandatory component, providing an alert regarding the missing mandatory component; and creating micro-segmentation policy for the network based on a mapping of the components of each affinity group into the components of the template generated for the associated application. 9. A method of creating micro-segmentation policy for applications executing in a network, the method comprising: monitoring network packet traffic to identify network traffic types and patterns; based on the network traffic types and patterns, identifying a set of components as an affinity group associated with each application by performing deep packet inspection (DPI) to identify traffic types associated with each component; generating an application template comprising a set of application components for each application based on information provided by a vendor of the application; and creating micro-segmentation policy for the network based on mapping of the components of each affinity group into the components of the template generated for the associated application. 10. A non-transitory computer readable medium storing a program for creating micro-segmentation policy for applications executing in a network, the program executable by a processing unit, the program comprising sets of instructions for: monitoring network packet traffic to identify network traffic types and patterns; identifying, based on the network traffic types and patterns, a set of components as an affinity group associated with each application; generating an application template comprising a set of application components for each application based on information provided by a vendor of the application; reconciling the components of each application template and the associated affinity group based on a set of conflicts identified based on the monitoring of the network packet traffic; and creating micro-segmentation policy for the network based on a mapping of the components of each affinity group into the components of the template generated for the associated application. 11. The non-transitory computer readable medium of claim 10 , the program further comprising sets of instructions for: identifying, based on the network traffic type and patterns, a set of communication paths among different components of each affinity groups; and revising the set of components of each affinity group based the identified set of communication paths. 12. The non-transitory computer readable medium of claim 10 , wherein the micro-segmentation policy for the network comprises a set of rules for a distributed firewall. 13. The non-transitory computer readable medium of claim 12 , the program further comprising a set of instructions for applying the firewall rules to the components of each application and the network packet traffic. 14. The non-transitory computer readable medium of claim 10 , wherein the set of instructions for monitoring the network packet traffic comprises a set of instructions for monitoring network traffic of a plurality of data compute nodes (DCNs) operating at a plurality of host machines. 15. The non-transitory computer readable medium of claim 14 , wherein the set of instructions for monitoring the network packet traffic comprises a set of instructions for identifying the network traffic from system logs of the plurality of DCNs. 16. The non-transitory computer readable medium of claim 10 , wherein the set of instructions for identifying the set of components as an affinity group associated with each application comprises a set of instructions for identifying the traffic types associated with each application based on a protocol and a port identified in the monitored network traffic. 17. A non-transitory computer readable medium storing a program for creating micro-segmentation policy for applications executing in a network, the program executable by a processing unit, the program comprising sets of instructions for: monitoring network packet traffic to identify network traffic types and patterns; identifying, based on the network traffic types and patterns, a set of components as an affinity group associated with each application; generating an application template comprising a set of application components for each application based on information provided by a vendor of the application, wherein the template of a particular application comprises a set of mandatory components; determining whether the associated affinity group of the particular application comprises the set of mandatory components; providing, when the components of the affinity group do not include a mandatory component, an alert regarding the missing mandatory component; and creating micro-segmentation policy for the network bas