SlideShare a Scribd company logo

Contrail Deep-dive - Cloud Network Services at Scale

Download as PPSX, PDF
MarketingArrowECS_CZ
MarketingArrowECS_CZ

Sergei Gotchev, Juniper Networks Juniper Day, Praha, 13.5.2015 Jestliže SlideShare nezobrazí prezentaci korektně, můžete si ji stáhnout ve formátu .ppsx nebo .pdf (kliknutím na tlačitko v dolní liště snímků).

Technology
1 of 21
CONTRAIL DEEP-DIVE Cloud Network Services at Scale Sergei Gotchev sgotchev@juniper.net Juniper Networks Proprietary and Confidential -- printed copies of this document are for reference only
2 Copyright © 2014 Juniper Networks, Inc. www.juniper.net OPEN STACK AND CONTRAIL ARCHITECTURE
3 Copyright © 2014 Juniper Networks, Inc. www.juniper.net OPENSTACK CLOUD PLATFORM
4 Copyright © 2014 Juniper Networks, Inc. www.juniper.net CONTRAIL ARCHITECTURE Analytics CONTRAIL CONTROLLER ControlConfiguration x86 Host + Hypervisor ORCHESTRATOR x86 Host + Hypervisor Physical IP Network (no changes) vRouter vRouter Gateway Internet / WAN Legacy Infra. (VLAN, etc.) Bi-directional real-time message bus using XMPP Network orchestration Standard protocol (M-BGP) to talk with other Contrail controller instances Compute / Storage orchestration … Others
5 Copyright © 2014 Juniper Networks, Inc. www.juniper.net CONTRAIL AND OPENSTACK INTEGRATION Horizon UI Contrail Web UI Nova (Compute Orchestration) Neutron Plugin Compute NodeStorage Keystone (Identity / Access Mgmt) Cinder (Block Storage) Swift (Object Storage) Nova Agent Contrail Agent Contrail Config Contrail Control vRouter Operator User Logs in, Create tenant (projects), Create IPAM, Create virtual network, Launch VMs VM Get VM Image to spawn API Srvr Scheduler … Select Compute node to spawn VM Info to spawn VM Hypervisor VM Spawned Block Storage Assignment Bi-directional message bus (XMPP interaction) Launch VM Network related interaction Get virtual network info DHCP Plug (Tap interface, Instance ID, ..) Glance (Image Server) Authentication, etc. Bare Metal Docker Container
6 Copyright © 2014 Juniper Networks, Inc. www.juniper.net CONTRAIL STACK Configuration Nodes Control Plane Compute Node (Virtual Router) Service Node (SRX, Firefly, JSP, ...) Gateway Node (MX, EX/QFX, ...) Control Plane Control Plane Analytics Engine Analytics Engine Analytics Engine REST APIs (Configuration, Operational, and Analytics) OpenstackCustomer OSS/BSS Cloudstack
7 Copyright © 2014 Juniper Networks, Inc. www.juniper.net COMPUTE NODE – HYPERVISOR, VROUTER Compute Node Virtual Machine (Tenant B) Virtual Machine (Tenant C) Virtual Machine (Tenant C) vRouter Forwarding Plane Virtual Machine (Tenant A) Routing Instance (Tenant A) Routing Instance (Tenant B) Routing Instance (Tenant C) vRouter Agent Flow Table FIB Flow Table FIB Flow Table FIB Overlay tunnels MPLS over GRE, UDP or VXLAN JUNOSV CONTRAIL CONTROLLER CONTRAIL CONTROLLER XMPP Eth1Kernel Tap Interfaces (vif) pkt0 User Eth0 EthN Config VRFs Policy Table Top of Rack Switch XMPP • vRouter replaces the Linux Bridge or OVS module in Hypervisor Kernel • vRouter performs bridging (E-VPN) and routing (L3VPN) • vRouter performs networking services like Security Policies, NAT, Multicast, Mirroring, and Load Balancing • No need for Service Nodes or L2/L3 Gateways for Routing, Broadcast/Multicast, NAT • Routes are automatically leaked into the VRF based on Policies • Support for Multiple Interfaces on the Virtual Machines • Support for Multiple Interfaces from Compute Node to the Switching Fabric
8 Copyright © 2014 Juniper Networks, Inc. www.juniper.net COMPUTE NODE – FORWARDING/TUNNELING Overlay tunnels MPLS over GRE or VXLAN Compute Node 1 vRouter Forwarding Plane Virtual Machine 1 (VN-IP1) Routing Instance 1 Flow Table FIB Eth1 (Phy-IP1) Tap Interfaces (vif) Compute Node 2 vRouter Forwarding Plane Virtual Machine 2 (VN-IP2) Routing Instance 2 Flow Table FIB Eth1 (Phy-IP2) Tap Interfaces (vif) VIRTUAL PHYSICAL Virtual-IP2 Payload Virtual-IP2 Payload MPLS / VNI Phy-IP2 Virtual-IP2 Payload Virtual-IP2 Payload MPLS / VNI Phy-IP2 1. Guest OS ARPs for destination within subnet or default GW 2. VRouter receives the ARP and responds back with VRRP MAC 3. Guest OS sends traffic to the VRRP MAC, Vrouter encapsulates the packet with appropriate MPLS/VNI tag and GRE header 1. Physical Fabric Routers on Physical IP Address 1. Returning packets get forwarded to appropriate Routing Instance by the MPLS/VNI tag 1. VRouter de-capsulates the packet, and forwards it to the Guest OS
9 Copyright © 2014 Juniper Networks, Inc. www.juniper.net CONTRAIL CLOUD REFERENCE ARCHITECTURE Compute Pool Storage Pool Network Pool … Application/VNF Pool + Reference architecture design guide + Standard COTS hardware for compute and storage + Networking hardware(MX, vMX, QFX, EX) Cloud hardware reference architecture Freedom of Choice  Any cloud and NFV deployment model  Best-of-breed solution components  No expensive vendor lock-in Intelligent Automation  Analytics-powered insights and decision  Policy-based infrastructure Always-on Reliability  High availability  Robust security  Elastic scalability Contrail Cloud Platform  Dynamic compute, storage and network resource orchestration  Automated server management & monitoring  Cloud application life cycle management  Dynamic network and security service chaining  Rich and prescriptive analytics  Ongoing Support for individual products – JTAC  Juniper professional services and system integration partners to assist in cloud system design Support and Professional Services Building Open, Intelligent and Reliable Cloud and NFV OpenStack UI - 12GB RAM, 24GB HDD, dual-core x86/x64 CPU, 2 x Control Node - 12GB RAM, 24GB HDD, dual-core x86/x64 CPU 2 x Compute Node - 64GB RAM, 120GB HDD, quad-core x86/x64 CPU
10 Copyright © 2014 Juniper Networks, Inc. www.juniper.net CONTRAIL PRODUCT EVOLUTION INCREASING LEVEL OF INTEGRATION Contrail Networking Cloud Networking  Network Virtualization  Virtualized Network Services  Multiple Orchestration Support  OpenStack, CloudStack Contrail Cloud Platform Cloud Orchestration  Server Management  Distributed & Scale-Out Storage  Compute Orchestration + Contrail Networking MetaFabric Cloud DC Reference Architecture Integrated Cloud PODs  Reference Architecture–PODs  Integrated Management + Contrail Cloud Platform
11 Copyright © 2014 Juniper Networks, Inc. www.juniper.net KEY USE-CASES
12 Copyright © 2014 Juniper Networks, Inc. www.juniper.net WHO ARE WE TARGETTING ? SERVICE PROVIDER ENTERPRISE EMERGING NewTechnologyAdoption Infrastructure Spend Public Cloud Repatriation Software-as-a-Service Virtual Private Cloud IT-as-a-Service Infrastructure-as-a-Service Network Functions Virtualization Platform-as-a-Service  Move from public to private cloud as company grows; ensure flexibility across hybrid environment  Create an enterprise private cloud to run mission critical workloads  Move non-essential workloads to public clouds (hybrid cloud)  Offer ITaaS for the employees  NFV at the mobile, subscriber, business edge  IaaS and PaaS: are needed for o Offering Public cloud (ala AWS, GCE) o For their own enterprise (SP IT Cloud) USE CASES Hybrid Cloud
13 Copyright © 2014 Juniper Networks, Inc. www.juniper.net USE-CASE 1: VIRTUALIZED MOBILITY Solution DescriptionCustomer Needs 1 NFV Platform (Contrail)  Modern L3-overlay based network built for scale, resiliency, automation  Virtualized 3rd party SGSN/MME network function  Reduce operational and capital costs to run services in mobile core  Simplify management of mobile packet core functions  Reduce professional services expenses in customizing network  Ensure interoperability between different EPC functions  Independent scale-out of 2G and 3G data path Contrail SW offers a robust & resilient NFV platform for the mobile packet core functions Radio Access Network SGSN / MME VNF Internet S / P -GW Charging, Policy Control MX 3 Simplified Management = operational efficiency  Contrail, Openstack and Space used to centrally provision network elements 4 Integration with MX  Programmatic traffic steering on MX from the VNF  MX as anchor-point for service chain 2 Reduced TCO * (Contrail)  Standard X86 hardware, and open-source hypervisor /orchestration systems  Better resource utilization through automated service scale-out 1 4 Contrail / Openstack / Space 3 2 * According to a recent ACG research, the estimated cost reduction is 53%
14 Copyright © 2014 Juniper Networks, Inc. www.juniper.net Service Delivery Gateway VPN Internet USE CASE 2 – SERVICE CHAINING FOR MOBILE AND WIRELINE SUBCRIBERS GGSN/PGW Mobile accessLaptop Smartphone (S)Gi Feature Phone PCRFSPR AAA Wireline access Gx BNG OCS Sy Subscriber State Machine BSS Systems OSS Systems Gy ServiceCard DPI HE/URL Caching Gx/ Sd Gyn PFE Forwarding / Flow Table PFE VRF/ Tunnel Flow control API Data Center Servers VMs VASApplicationseg. DPI VASApplicationseg. TCPProxy VSwitch OtherApps Analytics Billing Hypervisor VMs VMs OtherApps AAA Gx Gx SRC AAA Contrail Controller Can manage service chaining without an SDN Controller within the confines of SDG Requires SDN Controller to chain services outside the confines of SDG
15 Copyright © 2014 Juniper Networks, Inc. www.juniper.net Fair Usage at Session Level Fair Usage at Application Level Tethering Control VAS Traffic Steering Tiered QoS at Session Level Tiered QoS at Application Level HTTP Header Manipulation Application Based Charging Home & Location based PCC Reporting and Analytics Feed SCG Use Cases Policing Steering Enrichment Monitoring Subscriber Awareness L7 Application detection L7 metadata detection USE CASE 2 – SERVICE CHAINING FOR MOBILE AND WIRELINE SUBCRIBERS
16 Copyright © 2014 Juniper Networks, Inc. www.juniper.net USE-CASE 3: ENTERPRISE NFV SERVICE Solution DescriptionCustomer Needs  Multi-tenant VPNaaS, FWaaS, WAN Optimization – aaS, vCPE capability  Reduced TCO from low-cost CPE devices, and reduced customer support costs  Improved agility in introducing new (& upgrading existing) services  Self-care portal for service enablement Scale-out and on-demand security and connectivity services to business customers with light-weight device at customer premise 1 Contrail enabling Service Chaining on the vCPE  Security and connectivity services chained at the PE  Svcs co-located with PE (no need for separate SP svc DC)  APIs integration with self-care portal 3 Contrail’s robust L3VPN overlay architecture  Seamless integration with SP’s existing L3VPN offering  Integrates with existing / legacy underlay networks 4 Integration with MX (PE)  Dynamic traffic steering to services, using standards-based approach (BGP Flowspec)  Anchor point for service chains 2 Multi-tenant services for business customers  Separate VNF instance for separate customers  Traffic segregation between customers using virtual networks  Overlapping address space for tenants Basic CE Basic CE PEPE P P VPN IP/MPLS VCPE VCPE Contrail / Openstack / Space Internet 4 1 2 3
17 Copyright © 2014 Juniper Networks, Inc. www.juniper.net USE-CASE 4: HYBRID CLOUD Solution DescriptionCustomer Needs  Transparent workload migration from on-prem to cloud (cloud bursting)  ‘as-a-service’ model for network/security functions (VPNaaS, LBaaS, FWaaS, etc.)  Seamless policy creation and service insertion  Automated management and real-time monitoring  OSS / BSS Integration Using Contrail to offer Hybrid cloud to enable automated migration of workload from on-premise to cloud 1 Abstraction and automation through Contrail APIs  Infra APIs to implement network policies  Analytics APIs for network / app monitoring  Allows for integration with OSS/BSS  Uniform APIs for on-prem and cloud orchestration 3 Interconnect between private and public cloud (Contrail)  Virtual networks spanning enterprise DC and public cloud  Simplified mgmt through potential Integration with 3rd party CMPs (Cloud Mgmt Platforms) 2 Rapid and seamless insertion of unmodified virtualized services to offer -aaS model for VNFs DATA CENTER (P+V) ENTERPRISE IP VPN Contrail / Openstack 1 Internet Public Cloud 2 3 4 Integration (using MX Gateway)  Use of virtualized services and appliance based services  VMs and Bare metal servers within same virtual network 4
18 Copyright © 2014 Juniper Networks, Inc. www.juniper.net USE-CASE 7: PRIVATE CLOUD (SAAS) Solution DescriptionCustomer Needs 1 Dynamic DC network (Contrail)  Modern L3 network for scale, resiliency, automation  Virtualized on-demand services 3 Scale-out & policy configuration (Contrail)  Automated scale-out of SaaS applications based on customer demand  Dynamic and intelligent configuration of network/security policies 4 Hybrid cloud  MX gateway to expose SaaS applications to customers  Extensible across multiple clouds  Cloud infrastructure for SaaS  On-demand service creation with dynamic resource scaling  Rapid deployment of new services  Automated network/security configuration  Support for hybrid clouds 2 Self-provisioned service deployment (Contrail)  Controlled migration of SW from development to production cloud  Seamless integration of new features 1 3 4 PRODUCTION Public Clouds Internet DEVELOP- MENT 2 Contrail SW offering, leveraging “Open Compute” and commodity hardware
19 Copyright © 2014 Juniper Networks, Inc. www.juniper.net USE CASES - VIRTUALIZED SERVICES (NFV) JUNIPER SERVICES OR 3RD PARTY http://www.juniper.net/us/en/partners/technology-alliances/nfv-vnf/
20 Copyright © 2014 Juniper Networks, Inc. www.juniper.net THANK YOU
Contrail Deep-dive - Cloud Network Services at Scale

Recommended

Tungsten Fabric Overview
Tungsten Fabric OverviewTungsten Fabric Overview
Tungsten Fabric Overview
Michelle Holley
 
MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)
JuHwan Lee
 
Cloud Network Virtualization with Juniper Contrail
Cloud Network Virtualization with Juniper ContrailCloud Network Virtualization with Juniper Contrail
Cloud Network Virtualization with Juniper Contrail
buildacloud
 
NFV and OpenStack
NFV and OpenStackNFV and OpenStack
NFV and OpenStack
Marie-Paule Odini
 
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
Vietnam Open Infrastructure User Group
 
Demystifying EVPN in the data center: Part 1 in 2 episode series
Demystifying EVPN in the data center: Part 1 in 2 episode seriesDemystifying EVPN in the data center: Part 1 in 2 episode series
Demystifying EVPN in the data center: Part 1 in 2 episode series
Cumulus Networks
 
Deep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingDeep dive into Kubernetes Networking
Deep dive into Kubernetes Networking
Sreenivas Makam
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking Explained
Thomas Graf
 

Recommended

Tungsten Fabric Overview
Tungsten Fabric OverviewTungsten Fabric Overview
Tungsten Fabric Overview
Michelle Holley
 
MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)
JuHwan Lee
 
Cloud Network Virtualization with Juniper Contrail
Cloud Network Virtualization with Juniper ContrailCloud Network Virtualization with Juniper Contrail
Cloud Network Virtualization with Juniper Contrail
buildacloud
 
NFV and OpenStack
NFV and OpenStackNFV and OpenStack
NFV and OpenStack
Marie-Paule Odini
 
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
Vietnam Open Infrastructure User Group
 
Demystifying EVPN in the data center: Part 1 in 2 episode series
Demystifying EVPN in the data center: Part 1 in 2 episode seriesDemystifying EVPN in the data center: Part 1 in 2 episode series
Demystifying EVPN in the data center: Part 1 in 2 episode series
Cumulus Networks
 
Deep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingDeep dive into Kubernetes Networking
Deep dive into Kubernetes Networking
Sreenivas Makam
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking Explained
Thomas Graf
 
Osnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptxOsnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptx
M.Qasim Arham
 
NFV & Openstack
NFV & OpenstackNFV & Openstack
NFV & Openstack
Marie-Paule Odini
 
Vxlan control plane and routing
Vxlan control plane and routingVxlan control plane and routing
Vxlan control plane and routing
Wilfredzeng
 
Deploying CloudStack and Ceph with flexible VXLAN and BGP networking
Deploying CloudStack and Ceph with flexible VXLAN and BGP networking Deploying CloudStack and Ceph with flexible VXLAN and BGP networking
Deploying CloudStack and Ceph with flexible VXLAN and BGP networking
ShapeBlue
 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPN
Cisco Canada
 
PLNOG 13: Emil Gągała: EVPN – rozwiązanie nie tylko dla Data Center
PLNOG 13: Emil Gągała: EVPN – rozwiązanie nie tylko dla Data CenterPLNOG 13: Emil Gągała: EVPN – rozwiązanie nie tylko dla Data Center
PLNOG 13: Emil Gągała: EVPN – rozwiązanie nie tylko dla Data Center
PROIDEA
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes Networking
CJ Cullen
 
Open vSwitch 패킷 처리 구조
Open vSwitch 패킷 처리 구조Open vSwitch 패킷 처리 구조
Open vSwitch 패킷 처리 구조
Seung-Hoon Baek
 
Open shift 4 infra deep dive
Open shift 4 infra deep diveOpen shift 4 infra deep dive
Open shift 4 infra deep dive
Winton Winton
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building Blocks
APNIC
 
Docker Networking Deep Dive
Docker Networking Deep DiveDocker Networking Deep Dive
Docker Networking Deep Dive
Docker, Inc.
 
Openstack Summit Vancouver 2018 - Multicloud Networking
Openstack Summit Vancouver 2018 - Multicloud NetworkingOpenstack Summit Vancouver 2018 - Multicloud Networking
Openstack Summit Vancouver 2018 - Multicloud Networking
Shannon McFarland
 
Interconnecting Neutron and Network Operators' BGP VPNs
Interconnecting Neutron and Network Operators' BGP VPNsInterconnecting Neutron and Network Operators' BGP VPNs
Interconnecting Neutron and Network Operators' BGP VPNs
Thomas Morin
 
Vxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalVxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 final
KwonSun Bae
 
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughLinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking Walkthrough
Thomas Graf
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack Architecture
Mirantis
 
오픈스택 멀티노드 설치 후기
오픈스택 멀티노드 설치 후기오픈스택 멀티노드 설치 후기
오픈스택 멀티노드 설치 후기
영우 김
 
EVPN Introduction
EVPN IntroductionEVPN Introduction
EVPN Introduction
Bangladesh Network Operators Group
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
James Denton
 
[OpenStack 하반기 스터디] Docker를 이용한 OpenStack 가상화
[OpenStack 하반기 스터디] Docker를 이용한 OpenStack 가상화[OpenStack 하반기 스터디] Docker를 이용한 OpenStack 가상화
[OpenStack 하반기 스터디] Docker를 이용한 OpenStack 가상화
OpenStack Korea Community
 
Cloudstack conference open_contrail v4
Cloudstack conference open_contrail v4Cloudstack conference open_contrail v4
Cloudstack conference open_contrail v4
ozkan01
 
Using OpenContrail with Kubernetes
Using OpenContrail with KubernetesUsing OpenContrail with Kubernetes
Using OpenContrail with Kubernetes
Matt Baldwin
 

More Related Content

What's hot

Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPN
Cisco Canada
 
[OpenStack 하반기 스터디] Docker를 이용한 OpenStack 가상화
[OpenStack 하반기 스터디] Docker를 이용한 OpenStack 가상화[OpenStack 하반기 스터디] Docker를 이용한 OpenStack 가상화
[OpenStack 하반기 스터디] Docker를 이용한 OpenStack 가상화
OpenStack Korea Community
 

What's hot (20)

Osnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptxOsnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptx
 
NFV & Openstack
NFV & OpenstackNFV & Openstack
NFV & Openstack
 
Vxlan control plane and routing
Vxlan control plane and routingVxlan control plane and routing
Vxlan control plane and routing
 
Deploying CloudStack and Ceph with flexible VXLAN and BGP networking
Deploying CloudStack and Ceph with flexible VXLAN and BGP networking Deploying CloudStack and Ceph with flexible VXLAN and BGP networking
Deploying CloudStack and Ceph with flexible VXLAN and BGP networking
 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPN
 
PLNOG 13: Emil Gągała: EVPN – rozwiązanie nie tylko dla Data Center
PLNOG 13: Emil Gągała: EVPN – rozwiązanie nie tylko dla Data CenterPLNOG 13: Emil Gągała: EVPN – rozwiązanie nie tylko dla Data Center
PLNOG 13: Emil Gągała: EVPN – rozwiązanie nie tylko dla Data Center
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes Networking
 
Open vSwitch 패킷 처리 구조
Open vSwitch 패킷 처리 구조Open vSwitch 패킷 처리 구조
Open vSwitch 패킷 처리 구조
 
Open shift 4 infra deep dive
Open shift 4 infra deep diveOpen shift 4 infra deep dive
Open shift 4 infra deep dive
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building Blocks
 
Docker Networking Deep Dive
Docker Networking Deep DiveDocker Networking Deep Dive
Docker Networking Deep Dive
 
Openstack Summit Vancouver 2018 - Multicloud Networking
Openstack Summit Vancouver 2018 - Multicloud NetworkingOpenstack Summit Vancouver 2018 - Multicloud Networking
Openstack Summit Vancouver 2018 - Multicloud Networking
 
Interconnecting Neutron and Network Operators' BGP VPNs
Interconnecting Neutron and Network Operators' BGP VPNsInterconnecting Neutron and Network Operators' BGP VPNs
Interconnecting Neutron and Network Operators' BGP VPNs
 
Vxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalVxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 final
 
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughLinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking Walkthrough
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack Architecture
 
오픈스택 멀티노드 설치 후기
오픈스택 멀티노드 설치 후기오픈스택 멀티노드 설치 후기
오픈스택 멀티노드 설치 후기
 
EVPN Introduction
EVPN IntroductionEVPN Introduction
EVPN Introduction
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
 
[OpenStack 하반기 스터디] Docker를 이용한 OpenStack 가상화
[OpenStack 하반기 스터디] Docker를 이용한 OpenStack 가상화[OpenStack 하반기 스터디] Docker를 이용한 OpenStack 가상화
[OpenStack 하반기 스터디] Docker를 이용한 OpenStack 가상화
 

Viewers also liked

Cloudstack conference open_contrail v4
Cloudstack conference open_contrail v4Cloudstack conference open_contrail v4
Cloudstack conference open_contrail v4
ozkan01
 
Treasure Data Cloud Data Platform
Treasure Data Cloud Data PlatformTreasure Data Cloud Data Platform
Treasure Data Cloud Data Platform
inside-BigData.com
 
大規模環境のOpenStack アップグレードの考え方と実施のコツ
大規模環境のOpenStack アップグレードの考え方と実施のコツ大規模環境のOpenStack アップグレードの考え方と実施のコツ
大規模環境のOpenStack アップグレードの考え方と実施のコツ
Tomoya Hashimoto
 
NFV : Virtual Network Function Architecture
NFV : Virtual Network Function ArchitectureNFV : Virtual Network Function Architecture
NFV : Virtual Network Function Architecture
sidneel
 

Viewers also liked (20)

Cloudstack conference open_contrail v4
Cloudstack conference open_contrail v4Cloudstack conference open_contrail v4
Cloudstack conference open_contrail v4
 
Using OpenContrail with Kubernetes
Using OpenContrail with KubernetesUsing OpenContrail with Kubernetes
Using OpenContrail with Kubernetes
 
Build your own PaaS using Kubernetes and Deis — GDG DevFest NL
Build your own PaaS using Kubernetes and Deis — GDG DevFest NLBuild your own PaaS using Kubernetes and Deis — GDG DevFest NL
Build your own PaaS using Kubernetes and Deis — GDG DevFest NL
 
Building Automated REST APIs with Python
Building Automated REST APIs with PythonBuilding Automated REST APIs with Python
Building Automated REST APIs with Python
 
KubeCon EU 2016: Multi-Tenant Kubernetes
KubeCon EU 2016: Multi-Tenant KubernetesKubeCon EU 2016: Multi-Tenant Kubernetes
KubeCon EU 2016: Multi-Tenant Kubernetes
 
Treasure Data Cloud Data Platform
Treasure Data Cloud Data PlatformTreasure Data Cloud Data Platform
Treasure Data Cloud Data Platform
 
Monitor OpenStack Environments from the bottom up and front to back
Monitor OpenStack Environments from the bottom up and front to backMonitor OpenStack Environments from the bottom up and front to back
Monitor OpenStack Environments from the bottom up and front to back
 
Using Agilio SmartNICs for OpenStack Networking Acceleration
Using Agilio SmartNICs for OpenStack Networking AccelerationUsing Agilio SmartNICs for OpenStack Networking Acceleration
Using Agilio SmartNICs for OpenStack Networking Acceleration
 
NFV Tutorial
NFV TutorialNFV Tutorial
NFV Tutorial
 
Network visibility and control using industry standard sFlow telemetry
Network visibility and control using industry standard sFlow telemetryNetwork visibility and control using industry standard sFlow telemetry
Network visibility and control using industry standard sFlow telemetry
 
Nfv orchestration open stack summit may2015 aricent
Nfv orchestration open stack summit may2015 aricentNfv orchestration open stack summit may2015 aricent
Nfv orchestration open stack summit may2015 aricent
 
AWS Data Collection & Storage
AWS Data Collection & StorageAWS Data Collection & Storage
AWS Data Collection & Storage
 
大規模環境のOpenStack アップグレードの考え方と実施のコツ
大規模環境のOpenStack アップグレードの考え方と実施のコツ大規模環境のOpenStack アップグレードの考え方と実施のコツ
大規模環境のOpenStack アップグレードの考え方と実施のコツ
 
5 g network & technology
5 g network & technology5 g network & technology
5 g network & technology
 
Digdagによる大規模データ処理の自動化とエラー処理
Digdagによる大規模データ処理の自動化とエラー処理Digdagによる大規模データ処理の自動化とエラー処理
Digdagによる大規模データ処理の自動化とエラー処理
 
NFV evolution towards 5G
NFV evolution towards 5GNFV evolution towards 5G
NFV evolution towards 5G
 
Design Principles for 5G
Design Principles for 5GDesign Principles for 5G
Design Principles for 5G
 
NFV : Virtual Network Function Architecture
NFV : Virtual Network Function ArchitectureNFV : Virtual Network Function Architecture
NFV : Virtual Network Function Architecture
 
【AWS初心者向けWebinar】AWSから始める動画配信
【AWS初心者向けWebinar】AWSから始める動画配信【AWS初心者向けWebinar】AWSから始める動画配信
【AWS初心者向けWebinar】AWSから始める動画配信
 
170827 jtf garafana
170827 jtf garafana170827 jtf garafana
170827 jtf garafana
 

Similar to Contrail Deep-dive - Cloud Network Services at Scale

09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan
09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan
09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan
Indonesia Network Operators Group
 
Banv meetup-contrail
Banv meetup-contrailBanv meetup-contrail
Banv meetup-contrail
nvirters
 
Banv meetup 04162014
Banv meetup 04162014Banv meetup 04162014
Banv meetup 04162014
ozkan01
 

Similar to Contrail Deep-dive - Cloud Network Services at Scale (20)

Service Chaining - Cloud Network Services at Scale
Service Chaining - Cloud Network Services at ScaleService Chaining - Cloud Network Services at Scale
Service Chaining - Cloud Network Services at Scale
 
Contrail Enabler for agile cloud services
Contrail Enabler for agile cloud servicesContrail Enabler for agile cloud services
Contrail Enabler for agile cloud services
 
Kubernetes OpenContrail Meetup
Kubernetes OpenContrail MeetupKubernetes OpenContrail Meetup
Kubernetes OpenContrail Meetup
 
09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan
09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan
09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan
 
Juniper Contrail VNS A BASIC introduction
Juniper Contrail VNS A BASIC introductionJuniper Contrail VNS A BASIC introduction
Juniper Contrail VNS A BASIC introduction
 
Banv meetup-contrail
Banv meetup-contrailBanv meetup-contrail
Banv meetup-contrail
 
[OpenStack 스터디] OpenStack With Contrail
[OpenStack 스터디] OpenStack With Contrail[OpenStack 스터디] OpenStack With Contrail
[OpenStack 스터디] OpenStack With Contrail
 
6WINDGate™ - Enabling Cloud RAN Virtualization
6WINDGate™ - Enabling Cloud RAN Virtualization6WINDGate™ - Enabling Cloud RAN Virtualization
6WINDGate™ - Enabling Cloud RAN Virtualization
 
OpenStack MeetUp - OpenContrail Presentation
OpenStack MeetUp - OpenContrail PresentationOpenStack MeetUp - OpenContrail Presentation
OpenStack MeetUp - OpenContrail Presentation
 
Openstack v4 0
Openstack v4 0Openstack v4 0
Openstack v4 0
 
Banv meetup 04162014
Banv meetup 04162014Banv meetup 04162014
Banv meetup 04162014
 
Netsft2017 day in_life_of_nfv
Netsft2017 day in_life_of_nfvNetsft2017 day in_life_of_nfv
Netsft2017 day in_life_of_nfv
 
The Data Center Network Evolution
The Data Center Network EvolutionThe Data Center Network Evolution
The Data Center Network Evolution
 
 Network Innovations Driving Business Transformation
 Network Innovations Driving Business Transformation Network Innovations Driving Business Transformation
 Network Innovations Driving Business Transformation
 
Enabling SDN for Service Providers by Khay Kid Chow
Enabling SDN for Service Providers by Khay Kid ChowEnabling SDN for Service Providers by Khay Kid Chow
Enabling SDN for Service Providers by Khay Kid Chow
 
Решения NFV в контексте операторов связи
Решения NFV в контексте операторов связиРешения NFV в контексте операторов связи
Решения NFV в контексте операторов связи
 
Spirent TestCenter Virtual
Spirent TestCenter VirtualSpirent TestCenter Virtual
Spirent TestCenter Virtual
 
OVNC 2015-THE NEW IP - Open Networking Architecture with SDN & NFV
OVNC 2015-THE NEW IP - Open Networking Architecture with SDN & NFVOVNC 2015-THE NEW IP - Open Networking Architecture with SDN & NFV
OVNC 2015-THE NEW IP - Open Networking Architecture with SDN & NFV
 
Iben from Spirent talks at the SDN World Congress about the importance of and...
Iben from Spirent talks at the SDN World Congress about the importance of and...Iben from Spirent talks at the SDN World Congress about the importance of and...
Iben from Spirent talks at the SDN World Congress about the importance of and...
 
Virtual firewall framework
Virtual firewall frameworkVirtual firewall framework
Virtual firewall framework
 

More from MarketingArrowECS_CZ

More from MarketingArrowECS_CZ (20)

INFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdfINFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdf
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!
 
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
 
Chráníte správně svoje data?
Chráníte správně svoje data?Chráníte správně svoje data?
Chráníte správně svoje data?
 
Oracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management PlatformaOracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management Platforma
 
Nové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database ApplianceNové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database Appliance
 
Infinidat InfiniGuard
Infinidat InfiniGuardInfinidat InfiniGuard
Infinidat InfiniGuard
 
Infinidat InfiniBox
Infinidat InfiniBoxInfinidat InfiniBox
Infinidat InfiniBox
 
Novinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databázeNovinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databáze
 
Základy licencování Oracle software
Základy licencování Oracle softwareZáklady licencování Oracle software
Základy licencování Oracle software
 
Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?
 
Využijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplnoVyužijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplno
 
Oracle Data Protection - 2. část
Oracle Data Protection - 2. částOracle Data Protection - 2. část
Oracle Data Protection - 2. část
 
Oracle Data Protection - 1. část
Oracle Data Protection - 1. částOracle Data Protection - 1. část
Oracle Data Protection - 1. část
 
Benefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): StorageBenefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): Storage
 
Benefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): ComputeBenefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): Compute
 
InfiniBox z pohledu zákazníka
InfiniBox z pohledu zákazníkaInfiniBox z pohledu zákazníka
InfiniBox z pohledu zákazníka
 
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. částExadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
 
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. částExadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
 
Úvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastrukturyÚvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastruktury
 

Recently uploaded

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 

Recently uploaded (20)

Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 

Contrail Deep-dive - Cloud Network Services at Scale

  • 1. CONTRAIL DEEP-DIVE Cloud Network Services at Scale Sergei Gotchev sgotchev@juniper.net Juniper Networks Proprietary and Confidential -- printed copies of this document are for reference only
  • 2. 2 Copyright © 2014 Juniper Networks, Inc. www.juniper.net OPEN STACK AND CONTRAIL ARCHITECTURE
  • 3. 3 Copyright © 2014 Juniper Networks, Inc. www.juniper.net OPENSTACK CLOUD PLATFORM
  • 4. 4 Copyright © 2014 Juniper Networks, Inc. www.juniper.net CONTRAIL ARCHITECTURE Analytics CONTRAIL CONTROLLER ControlConfiguration x86 Host + Hypervisor ORCHESTRATOR x86 Host + Hypervisor Physical IP Network (no changes) vRouter vRouter Gateway Internet / WAN Legacy Infra. (VLAN, etc.) Bi-directional real-time message bus using XMPP Network orchestration Standard protocol (M-BGP) to talk with other Contrail controller instances Compute / Storage orchestration … Others
  • 5. 5 Copyright © 2014 Juniper Networks, Inc. www.juniper.net CONTRAIL AND OPENSTACK INTEGRATION Horizon UI Contrail Web UI Nova (Compute Orchestration) Neutron Plugin Compute NodeStorage Keystone (Identity / Access Mgmt) Cinder (Block Storage) Swift (Object Storage) Nova Agent Contrail Agent Contrail Config Contrail Control vRouter Operator User Logs in, Create tenant (projects), Create IPAM, Create virtual network, Launch VMs VM Get VM Image to spawn API Srvr Scheduler … Select Compute node to spawn VM Info to spawn VM Hypervisor VM Spawned Block Storage Assignment Bi-directional message bus (XMPP interaction) Launch VM Network related interaction Get virtual network info DHCP Plug (Tap interface, Instance ID, ..) Glance (Image Server) Authentication, etc. Bare Metal Docker Container
  • 6. 6 Copyright © 2014 Juniper Networks, Inc. www.juniper.net CONTRAIL STACK Configuration Nodes Control Plane Compute Node (Virtual Router) Service Node (SRX, Firefly, JSP, ...) Gateway Node (MX, EX/QFX, ...) Control Plane Control Plane Analytics Engine Analytics Engine Analytics Engine REST APIs (Configuration, Operational, and Analytics) OpenstackCustomer OSS/BSS Cloudstack
  • 7. 7 Copyright © 2014 Juniper Networks, Inc. www.juniper.net COMPUTE NODE – HYPERVISOR, VROUTER Compute Node Virtual Machine (Tenant B) Virtual Machine (Tenant C) Virtual Machine (Tenant C) vRouter Forwarding Plane Virtual Machine (Tenant A) Routing Instance (Tenant A) Routing Instance (Tenant B) Routing Instance (Tenant C) vRouter Agent Flow Table FIB Flow Table FIB Flow Table FIB Overlay tunnels MPLS over GRE, UDP or VXLAN JUNOSV CONTRAIL CONTROLLER CONTRAIL CONTROLLER XMPP Eth1Kernel Tap Interfaces (vif) pkt0 User Eth0 EthN Config VRFs Policy Table Top of Rack Switch XMPP • vRouter replaces the Linux Bridge or OVS module in Hypervisor Kernel • vRouter performs bridging (E-VPN) and routing (L3VPN) • vRouter performs networking services like Security Policies, NAT, Multicast, Mirroring, and Load Balancing • No need for Service Nodes or L2/L3 Gateways for Routing, Broadcast/Multicast, NAT • Routes are automatically leaked into the VRF based on Policies • Support for Multiple Interfaces on the Virtual Machines • Support for Multiple Interfaces from Compute Node to the Switching Fabric
  • 8. 8 Copyright © 2014 Juniper Networks, Inc. www.juniper.net COMPUTE NODE – FORWARDING/TUNNELING Overlay tunnels MPLS over GRE or VXLAN Compute Node 1 vRouter Forwarding Plane Virtual Machine 1 (VN-IP1) Routing Instance 1 Flow Table FIB Eth1 (Phy-IP1) Tap Interfaces (vif) Compute Node 2 vRouter Forwarding Plane Virtual Machine 2 (VN-IP2) Routing Instance 2 Flow Table FIB Eth1 (Phy-IP2) Tap Interfaces (vif) VIRTUAL PHYSICAL Virtual-IP2 Payload Virtual-IP2 Payload MPLS / VNI Phy-IP2 Virtual-IP2 Payload Virtual-IP2 Payload MPLS / VNI Phy-IP2 1. Guest OS ARPs for destination within subnet or default GW 2. VRouter receives the ARP and responds back with VRRP MAC 3. Guest OS sends traffic to the VRRP MAC, Vrouter encapsulates the packet with appropriate MPLS/VNI tag and GRE header 1. Physical Fabric Routers on Physical IP Address 1. Returning packets get forwarded to appropriate Routing Instance by the MPLS/VNI tag 1. VRouter de-capsulates the packet, and forwards it to the Guest OS
  • 9. 9 Copyright © 2014 Juniper Networks, Inc. www.juniper.net CONTRAIL CLOUD REFERENCE ARCHITECTURE Compute Pool Storage Pool Network Pool … Application/VNF Pool + Reference architecture design guide + Standard COTS hardware for compute and storage + Networking hardware(MX, vMX, QFX, EX) Cloud hardware reference architecture Freedom of Choice  Any cloud and NFV deployment model  Best-of-breed solution components  No expensive vendor lock-in Intelligent Automation  Analytics-powered insights and decision  Policy-based infrastructure Always-on Reliability  High availability  Robust security  Elastic scalability Contrail Cloud Platform  Dynamic compute, storage and network resource orchestration  Automated server management & monitoring  Cloud application life cycle management  Dynamic network and security service chaining  Rich and prescriptive analytics  Ongoing Support for individual products – JTAC  Juniper professional services and system integration partners to assist in cloud system design Support and Professional Services Building Open, Intelligent and Reliable Cloud and NFV OpenStack UI - 12GB RAM, 24GB HDD, dual-core x86/x64 CPU, 2 x Control Node - 12GB RAM, 24GB HDD, dual-core x86/x64 CPU 2 x Compute Node - 64GB RAM, 120GB HDD, quad-core x86/x64 CPU
  • 10. 10 Copyright © 2014 Juniper Networks, Inc. www.juniper.net CONTRAIL PRODUCT EVOLUTION INCREASING LEVEL OF INTEGRATION Contrail Networking Cloud Networking  Network Virtualization  Virtualized Network Services  Multiple Orchestration Support  OpenStack, CloudStack Contrail Cloud Platform Cloud Orchestration  Server Management  Distributed & Scale-Out Storage  Compute Orchestration + Contrail Networking MetaFabric Cloud DC Reference Architecture Integrated Cloud PODs  Reference Architecture–PODs  Integrated Management + Contrail Cloud Platform
  • 11. 11 Copyright © 2014 Juniper Networks, Inc. www.juniper.net KEY USE-CASES
  • 12. 12 Copyright © 2014 Juniper Networks, Inc. www.juniper.net WHO ARE WE TARGETTING ? SERVICE PROVIDER ENTERPRISE EMERGING NewTechnologyAdoption Infrastructure Spend Public Cloud Repatriation Software-as-a-Service Virtual Private Cloud IT-as-a-Service Infrastructure-as-a-Service Network Functions Virtualization Platform-as-a-Service  Move from public to private cloud as company grows; ensure flexibility across hybrid environment  Create an enterprise private cloud to run mission critical workloads  Move non-essential workloads to public clouds (hybrid cloud)  Offer ITaaS for the employees  NFV at the mobile, subscriber, business edge  IaaS and PaaS: are needed for o Offering Public cloud (ala AWS, GCE) o For their own enterprise (SP IT Cloud) USE CASES Hybrid Cloud
  • 13. 13 Copyright © 2014 Juniper Networks, Inc. www.juniper.net USE-CASE 1: VIRTUALIZED MOBILITY Solution DescriptionCustomer Needs 1 NFV Platform (Contrail)  Modern L3-overlay based network built for scale, resiliency, automation  Virtualized 3rd party SGSN/MME network function  Reduce operational and capital costs to run services in mobile core  Simplify management of mobile packet core functions  Reduce professional services expenses in customizing network  Ensure interoperability between different EPC functions  Independent scale-out of 2G and 3G data path Contrail SW offers a robust & resilient NFV platform for the mobile packet core functions Radio Access Network SGSN / MME VNF Internet S / P -GW Charging, Policy Control MX 3 Simplified Management = operational efficiency  Contrail, Openstack and Space used to centrally provision network elements 4 Integration with MX  Programmatic traffic steering on MX from the VNF  MX as anchor-point for service chain 2 Reduced TCO * (Contrail)  Standard X86 hardware, and open-source hypervisor /orchestration systems  Better resource utilization through automated service scale-out 1 4 Contrail / Openstack / Space 3 2 * According to a recent ACG research, the estimated cost reduction is 53%
  • 14. 14 Copyright © 2014 Juniper Networks, Inc. www.juniper.net Service Delivery Gateway VPN Internet USE CASE 2 – SERVICE CHAINING FOR MOBILE AND WIRELINE SUBCRIBERS GGSN/PGW Mobile accessLaptop Smartphone (S)Gi Feature Phone PCRFSPR AAA Wireline access Gx BNG OCS Sy Subscriber State Machine BSS Systems OSS Systems Gy ServiceCard DPI HE/URL Caching Gx/ Sd Gyn PFE Forwarding / Flow Table PFE VRF/ Tunnel Flow control API Data Center Servers VMs VASApplicationseg. DPI VASApplicationseg. TCPProxy VSwitch OtherApps Analytics Billing Hypervisor VMs VMs OtherApps AAA Gx Gx SRC AAA Contrail Controller Can manage service chaining without an SDN Controller within the confines of SDG Requires SDN Controller to chain services outside the confines of SDG
  • 15. 15 Copyright © 2014 Juniper Networks, Inc. www.juniper.net Fair Usage at Session Level Fair Usage at Application Level Tethering Control VAS Traffic Steering Tiered QoS at Session Level Tiered QoS at Application Level HTTP Header Manipulation Application Based Charging Home & Location based PCC Reporting and Analytics Feed SCG Use Cases Policing Steering Enrichment Monitoring Subscriber Awareness L7 Application detection L7 metadata detection USE CASE 2 – SERVICE CHAINING FOR MOBILE AND WIRELINE SUBCRIBERS
  • 16. 16 Copyright © 2014 Juniper Networks, Inc. www.juniper.net USE-CASE 3: ENTERPRISE NFV SERVICE Solution DescriptionCustomer Needs  Multi-tenant VPNaaS, FWaaS, WAN Optimization – aaS, vCPE capability  Reduced TCO from low-cost CPE devices, and reduced customer support costs  Improved agility in introducing new (& upgrading existing) services  Self-care portal for service enablement Scale-out and on-demand security and connectivity services to business customers with light-weight device at customer premise 1 Contrail enabling Service Chaining on the vCPE  Security and connectivity services chained at the PE  Svcs co-located with PE (no need for separate SP svc DC)  APIs integration with self-care portal 3 Contrail’s robust L3VPN overlay architecture  Seamless integration with SP’s existing L3VPN offering  Integrates with existing / legacy underlay networks 4 Integration with MX (PE)  Dynamic traffic steering to services, using standards-based approach (BGP Flowspec)  Anchor point for service chains 2 Multi-tenant services for business customers  Separate VNF instance for separate customers  Traffic segregation between customers using virtual networks  Overlapping address space for tenants Basic CE Basic CE PEPE P P VPN IP/MPLS VCPE VCPE Contrail / Openstack / Space Internet 4 1 2 3
  • 17. 17 Copyright © 2014 Juniper Networks, Inc. www.juniper.net USE-CASE 4: HYBRID CLOUD Solution DescriptionCustomer Needs  Transparent workload migration from on-prem to cloud (cloud bursting)  ‘as-a-service’ model for network/security functions (VPNaaS, LBaaS, FWaaS, etc.)  Seamless policy creation and service insertion  Automated management and real-time monitoring  OSS / BSS Integration Using Contrail to offer Hybrid cloud to enable automated migration of workload from on-premise to cloud 1 Abstraction and automation through Contrail APIs  Infra APIs to implement network policies  Analytics APIs for network / app monitoring  Allows for integration with OSS/BSS  Uniform APIs for on-prem and cloud orchestration 3 Interconnect between private and public cloud (Contrail)  Virtual networks spanning enterprise DC and public cloud  Simplified mgmt through potential Integration with 3rd party CMPs (Cloud Mgmt Platforms) 2 Rapid and seamless insertion of unmodified virtualized services to offer -aaS model for VNFs DATA CENTER (P+V) ENTERPRISE IP VPN Contrail / Openstack 1 Internet Public Cloud 2 3 4 Integration (using MX Gateway)  Use of virtualized services and appliance based services  VMs and Bare metal servers within same virtual network 4
  • 18. 18 Copyright © 2014 Juniper Networks, Inc. www.juniper.net USE-CASE 7: PRIVATE CLOUD (SAAS) Solution DescriptionCustomer Needs 1 Dynamic DC network (Contrail)  Modern L3 network for scale, resiliency, automation  Virtualized on-demand services 3 Scale-out & policy configuration (Contrail)  Automated scale-out of SaaS applications based on customer demand  Dynamic and intelligent configuration of network/security policies 4 Hybrid cloud  MX gateway to expose SaaS applications to customers  Extensible across multiple clouds  Cloud infrastructure for SaaS  On-demand service creation with dynamic resource scaling  Rapid deployment of new services  Automated network/security configuration  Support for hybrid clouds 2 Self-provisioned service deployment (Contrail)  Controlled migration of SW from development to production cloud  Seamless integration of new features 1 3 4 PRODUCTION Public Clouds Internet DEVELOP- MENT 2 Contrail SW offering, leveraging “Open Compute” and commodity hardware
  • 19. 19 Copyright © 2014 Juniper Networks, Inc. www.juniper.net USE CASES - VIRTUALIZED SERVICES (NFV) JUNIPER SERVICES OR 3RD PARTY http://www.juniper.net/us/en/partners/technology-alliances/nfv-vnf/
  • 20. 20 Copyright © 2014 Juniper Networks, Inc. www.juniper.net THANK YOU

Editor's Notes

  1. Scaling Secure Virtual Networks Within and Across Data Centers and Clouds With OpenContrail, virtual network workloads are able to leverage automation and policy-based IP network services within and across data centers and heterogeneous cloud environments.  OpenContrail’s standards based interoperability means that virtual networks can be extended from the data center overlay to existing multi-tenant WAN environments.  This is critical to support emerging application environments required to efficiently scale simplified, interoperable and elastic cloud networks.
  2. This is the Contrail software stack that we are going to discuss in detail in this section. As we mentioned earlier, Contrail consists of two parts: a logically centralized but physically distributed controller, and a set of vRouters that serve as software forwarding elements implemented in the hypervisors of general purpose virtualized servers. Contrail Controller provides northbound REST APIs used by applications. These APIs are used for integration with the cloud orchestration system, for example for integration with OpenStack via a neutron (formerly known as quantum) plug-in. The REST APIs can also be used by other applications and/or by the operator’s OSS/BSS. Finally, the REST APIs are used to implement the web-based GUI included in the Contrail System. The Contrail System provides three interfaces: a set of north-bound REST APIs that are used to talk to the Orchestration System and the Applications, southbound interfaces that are used to talk to virtual network elements (vRouters) or physical network elements (gateway routers and switches), and an east-west interface used to peer with other controllers. OpenStack and CloudStack are the supported orchestrators, standard BGP is the east-west interface, XMPP is the southbound interface for vRouters, BGP and Netconf and the southbound interfaces for gateway routers and switches. Internally, the controller consists of three main components: Configuration nodes, which are responsible for translating the high-level data model into a lower level form suitable for interacting with network elements; Control nodes, which are responsible for propagating this low level state to and from network elements and peer systems in an eventually consistent way; Analytics nodes, which are responsible for capturing real-time data from network elements, abstracting it and presenting it in a form suitable for applications to consume.
  3. Let’s take a closer look into the compute node. The compute node is a general-purpose x86 server that hosts VMs. Those VMs can be tenant VMs running customer applications, such as web servers, database servers, or enterprise applications, or those VMs can be host virtualized services used to create service chains. The standard configuration assumes Linux is the host OS and KVM or Xen is the hypervisor. The vRouter forwarding plane sits in the Linux Kernel, replacing the Linux Bridge or OVS module; and the vRouter Agent is the local control plane sitting in the Linux user space. Other host OSs and hypervisors such as VMware ESXi or Windows Hyper-V may also be supported in future. The vRouter functions at Layer 3 instead of Layer 2, so it has enhanced service capabilities to carry out Security Policies, NAT, Multicast, Mirroring and Load Balancing right at the server hypervisor. Each VM is mapped into one or more VRFs on the vRouter. The vRouter Agent populates the VRFs using information learnt over XMPP. The traffic that leaves the server is MPLS over GRE traffic, so only IP transport is needed to instrument these VNs. The performance numbers are very close to Linux bridge performance.
  4. Let me walk you through how communications are happening between two VMs (VM1 and VM2) with IP addresses VN-IP1 and VN-IP2 on different physical servers but belonging to the same virtual network. We will worry about how the forwarding tables on both routers are set up but let’s assume that they are there already. 1. An application in VM1 sends an IP packet with destination IP address of VM 2a VN-IP2. 2. VM1 has a default route pointing to a 169.254.x.x link-local address in routing instance 1. 3. VM 1a sends an ARP request for that link local address. The ARP proxy in routing instance 1 responds to it. 4. VM 1a sends the IP packet to routing instance 1. 5. IP FIB on routing instance 1 contains a /32 route to each of the other VMs in the same virtual network including VM2. This route was installed by using the control node using XMPP. The next-hop of the route does the following: Imposes an MPLS label, which was allocated by vRouter 2 for routing instance 2. Imposes a GRE header with the destination IP address of Compute Node 2. 6. vRouter 1 does a lookup of the new destination IP address of the encapsulated packet (IP address of Compute Node 2) in global IP FIB 1. 7. vRouter on compute node 1 sends the encapsulated packet to Compute Node 2. How exactly this happens depends on whether the underlay network is a Layer 2 switched network or a Layer 3 routed network. For now we will skip this part and assume the encapsulated packet makes it to Compute Node 2. 8. Compute Node 2 receives the encapsulated packet and does an IP lookup in its global IP FIB. Since the outer destination IP address is local, it decapsulates the packet, i.e., it removes the GRE header which exposes the MPLS header. 9. Compute Node 2 does a lookup of the MPLS label in the global MPLS FIB 2 and finds an entry which points to routing instance 2. It decapsulates the packet, i.e., it removes the MPLS header and injects the exposed IP packet into routing instance 2a. 10. Compute Node 2 does a lookup of the exposed inner destination IP address in IP FIB 2. It finds a route that points to the virtual interface connected to VM2. 11. Compute Node 2 sends the packet to VM2.
  5. Bare-Metal Server (BMS) and Virtual Machine (VM) Interconnect Layer-2 Gateway using VXLAN + EVPN Layer-3 Gateway using MX, VXLAN + EVPN Integration with ESXi using Openstack Multi- DC Distributed Cloud (DC Interconnect) Interconnect with Legacy VLAN architecture running ESXi
  6. These are the Use Cases/Applications for NFV by Juniper services and third party best-of-the-breeds