Application assessment and visibility for micro-segmentation of a network deployment

What is claimed is: 1. A method of creating micro-segmentation policy for applications executing in a network, the method comprising: monitoring network packet traffic to identify network traffic types and patterns; based on the network traffic types and patterns, identifying a set of associated components as an affinity group in the network; using an application template that comprises a set of application components for a particular application to reconcile the components of the application template and the associated affinity group; and creating micro-segmentation policy for the network based on a mapping of the components of the affinity group into the components of the application template of the particular application. 2. The method of claim 1 further comprising: based on the network traffic type and patterns, identifying a set of communication paths among different components of the affinity group; and revising the set of components of the affinity group based the identified set of communication paths. 3. The method of claim 1 , wherein using the application template comprises analyzing a set of conflicts identified through the monitoring of the network packet traffic. 4. The method of claim 1 , wherein the micro-segmentation policy for the network comprises a set of rules for a distributed firewall. 5. The method of claim 4 further comprising applying the firewall rules to the components of the particular application and the network packet traffic. 6. The method of claim 1 , wherein the template of the particular application comprises a set of mandatory components, the method further comprising: determining whether the associated affinity group of the particular application comprises the set of mandatory components; and when the component of the affinity group do not include a mandatory component, providing an alert regarding the missing mandatory component. 7. The method of claim 1 , wherein monitoring the network packet traffic comprises monitoring network traffic of a plurality of data compute nodes (DCNs) operating at a plurality of host machines. 8. The method of claim 7 , wherein monitoring the network packet traffic comprises identifying the network traffic from system logs of the plurality of DCNs. 9. The method of claim 1 , wherein identifying the set of components as an affinity group associated with the particular application comprises performing deep packet inspection (DPI) to identify traffic types associated with each component. 10. The method of claim 1 , wherein identifying the set of components as an affinity group comprises identifying the traffic types associated with the monitored packet traffic based on a protocol and a port identified in the monitored packet traffic. 11. A non-transitory computer readable medium storing a program for creating micro-segmentation policy for applications executing in a network, the program executable by a processing unit, the program comprising sets of instructions for: monitoring network packet traffic to identify network traffic types and patterns; based on the network traffic types and patterns, identifying a set of associated components as an affinity group in the network; using an application template that comprises a set of application components for a particular application to reconcile the components of the application template and the associated affinity group; and creating micro-segmentation policy for the network based on a mapping of the components of the affinity group into the components of the application template of the particular application. 12. The non-transitory computer readable medium of claim 11 , the program further comprising sets of instructions for: identifying, based on the network traffic type and patterns, a set of communication paths among different components of the affinity group; and revising the set of components of the affinity group based the identified set of communication paths. 13. The non-transitory computer readable medium of claim 11 , wherein the set of instructions for using the application template comprises a set of instructions for analyzing a set of conflicts identified through the monitoring of the network packet traffic. 14. The non-transitory computer readable medium of claim 11 , wherein the micro-segmentation policy for the network comprises a set of rules for a distributed firewall. 15. The non-transitory computer readable medium of claim 14 , the program further comprising a set of instructions for applying the firewall rules to the components of the particular application and the network packet traffic. 16. The non-transitory computer readable medium of claim 11 , wherein the template of the particular application comprises a set of mandatory components, the program further comprising sets of instructions for: determining whether the associated affinity group of the particular application comprises the set of mandatory components; and providing, when the component of the affinity group do not include a mandatory component, an alert regarding the missing mandatory component. 17. The non-transitory computer readable medium of claim 11 , wherein the set of instructions for monitoring the network packet traffic comprises a set of instructions for monitoring network traffic of a plurality of data compute nodes (DCNs) operating at a plurality of host machines. 18. The non-transitory computer readable medium of claim 17 , wherein the set of instructions for monitoring the network packet traffic comprises a set of instructions for identifying the network traffic from system logs of the plurality of DCNs. 19. The non-transitory computer readable medium of claim 11 , wherein the set of instructions for identifying the set of components as an affinity group comprises a set of instructions for performing deep packet inspection (DPI) to identify traffic types associated with each component. 20. The non-transitory computer readable medium of claim 11 , wherein the set of instructions for identifying the set of components as an affinity group comprises a set of instructions for identifying the traffic types associated with the monitored packet traffic based on a protocol and a port identified in the monitored packet traffic.