Embed Size (px)
DESCRIPTION
Hartmut Schroeder, Consultant Systems Engineer, Juniper Networks Virtualization Forum 2014, Prague, 22.10.2014 Jestliže SlideShare nezobrazí prezentaci korektně, můžete si ji stáhnout ve formátu .ppsx nebo .pdf (kliknutím na tlačitko v dolní liště snímků).
Citation preview
JUNIPER CONTRAIL VNSA BASIC INTRODUCTION
Hartmut Schroeder
Consultant Systems Engineer
Oct 2014
2 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
CONFIDENTIALITY & LEGAL NOTICES:
This material contains information that is confidential and proprietary to
Juniper Networks, Inc. Recipient may not distribute, copy, or repeat
information in the document.
This statement of product direction sets forth Juniper Networks’ current
intention and is subject to change at any time without notice. No
purchases are contingent upon Juniper Networks delivering any feature
or functionality depicted in this presentation.
3 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
WHY CONTRAIL?
4 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
CONTRAIL USE CASES
Public Cloud
Private Cloud Private Cloud
VPN VPN
WAN
Gateway
Access
Core
Cloud : Network Virtualization• Private Clouds, Public Cloud, and Virtual Private Cloud
• Network Virtualization
• Application Policies
• Network Function Virtualization and Service chaining
• Rich Analytics
Cloud : Interconnect• Connect Private Cloud to Private Cloud (DCI)
• Connect Private Cloud to Public Cloud (bursting)
• Connect Campus to Private Cloud
Network Function Virtualization• Virtualize Network Functions
• Service Chaining
• Attach Service Chain to Physical Network
• Application-Aware and Subscriber-Aware Steering
5 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
VIRTUALIZATION
Internet /
WAN
Web
Servers
Database
Servers +
Storage
Application
Servers
VLAN
Static Silos of Dedicated
Physical Resources
Dynamic Pool of
Virtual Resources
Internet /
WAN
Virtual Compute
Physical
Network
Virtual Storage
Virtual Networks
Clo
ud
Sta
ck
Dyn
am
ic O
rch
estr
ati
on
6 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
CONTRAIL KEY ABSTRACTIONS"LEGO BLOCKS"
VN
VN
VN
Virtual MachinesCloud Tenants and Virtual Network Functions
Virtual NetworksConnect Virtual Machines
Gateway DevicesConnect the Virtual to the Physical
VM VM
7 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
NETWORK VIRTUALIZATION
Red
Virtual Network
Green
Virtual Network
Blue
Virtual Network
VM VM
VM VM
VM VM
VM VM
VM VM
Switches
Virtualized Servers
Dynamic Network Virtualization at ScaleWithout the complexity, scaling limitations, and stability issues of VLANs
Bare Metal Servers
8 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
VIRTUAL NETWORK POLICIES
Virtual Network PoliciesAt a high level of abstraction, applied at the boundaries of virtual networks.
VM VM VM
Green
Virtual Network
VM VM VM
Red
Virtual Network
Policy
only HTTP
NAT
9 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
SERVICE CHAINING
Service ChainingPolicy based application of virtual and physical services with scale-out.Firewall, Intrusion Prevention, Load balancer, Cache, WAN optimizer, proxy, ...
VM VM VM
Green
Virtual Network
VM VM VM
Red
Virtual Network
Virtual
Service
DPI
Virtual
Service
Cache
Physical
Service
Firewall
Policy
only HTTP
NAT + DPI + Cache + Firewall
10 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
OpenStack
Contrail
Controller
VM
G1VM
R1
VM
G2VM
R2
Contrail Controller
REST APIs
XMPP
Virtualized
Server
Contrail vRouter
Hypervisor
Routing Instance Overlay TunnelMPLS/GRE, MPLS/UDP, VXLAN
Underlay Switch
Physical RealizationLogical Abstraction
Green
Virtual Network
VM VM VM VM
Red
Virtual Network
VM VM VM VM
NETWORK VIRTUALIZATION
11 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
POLICY AND SERVICE CHAININGPhysical RealizationLogical Abstraction
VM
G1
VM
G2
VM
G3
Green
Virtual Network
VM
R1
VM
R2
VM
R3
Red
Virtual Network
Contrail
Controller
VM
GVM
R
XMPP
OpenStack
12 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
Contrail
Controller
VM
R1VM
R2
Physical
L3VPN
BGP + NetconfL3VPN
Overlay TunnelMPLS/GRE
Red
Virtual Network
VM VM VM VM
Route
ReflectorLSP (RSVP, LDP)
BGP
Gateway Router (PE Router)
GATEWAY TO L3VPNPhysical RealizationLogical Abstraction
OpenStack
13 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
L3VPN FOR CLOUD INTERCONNECT
Data Center 1
VM
G1
VM
G2
VM
G3
Green
Virtual Network
VM
R1
VM
R2
VM
R3
Red
Virtual Network
L3VPN
L3VPN
Data Center 2
VM
G4
VM
G5
VM
G6
Green
Virtual Network
VM
R4
VM
R5
VM
R6
Red
Virtual Network
14 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
Contrail
Controller
VM
R1VM
R2
OVSDB + BGPL3VPN or E-VPN
Overlay TunnelVXLAN
Red
Virtual Network
VM VM
Gateway Switch
Bare Metal Server(Non-Virtualized Server)
GATEWAY TO BARE METAL SERVER
Physical RealizationLogical Abstraction
OpenStack
15 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
SDN AS A COMPILER
Co
ntrail SD
N C
on
troller
South Bound Protocols
South BoundProtocol 1
South BoundProtocol 2
South BoundProtocol N
High Level (Service) Data Model
Configuration State Operational State
Transformation Engine
Low Level (Technology) Data Model
Configuration State Operational State
North Bound Interface (REST)
South BoundProtocol 3
Analytics
Analytics
16 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
Configuration
Nodes
Control
Nodes
Analytics
Nodes
IF-MAP
REST REST
XMPP
BGP
BGP, Netconf
HIGHLY AVAILABLE SCALE-OUT
vRouters Gateways
BGP
Logically Centralized(Physically Distributed)
Horizontally Scalable
Highly Available(Active-Active)
Federated
17 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
APIS FIRST
Configuration
Nodes
Analytics
Nodes
REST APIs
Contrail Controller
Service Data ModelHigh Level of Abstraction
Generates
Contrail GUI OSS / BSS Service Orchestrator
18 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
RICH INTEGRATED ANALYTICS
19 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
END-TO-END ORCHESTRATION
Puppet, Cobbler, ...Physical Server Management System
Junos Space: Network DirectorPhysical Network Management System (NMS)
OpenStack, CloudStack, ...Virtual Machine Management System
Junos Space: Security Director...
Third Party Service ManagerService Management Systems
Contrail ControllerVirtual Networks, Service Chaining
Radius / PCRFPolicy Servers
APIs
APIs
APIs
APIs
APIs
APIs
End-t
o-E
nd O
rchestr
ationOperator OSS
JuniperMiddleware
Juniper Partner
and / or
and / or
20 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
STANDARD PROTOCOLS, OPEN SOURCE, MULTI-VENDOR SOLUTION
VM
G
VM
R
CloudStack
OpenStack
OpenContrail
Controller
L3VPN
Multi-Vendor
Gateway
Routers
Multi-Vendor
Underlay
Switches
Multi-Vendor
Gateway
ToR Switches
Standard Control
Plane Protocols
to Physical
GatewaysBGP L3VPN / EVPN
Standard Tunnel
EncapsulationsVXLAN / MPLSoGRE /
MPLSoUDP / MPLSoLSP
Multi-Vendor
Virtualized
Services
Multi-Vendor
HypervisorKVM / XEN / ESXi
Standard
Control
Plane Protocol
to vRoutersXMPP
Multi-Vendor
Physical
Services
Open Source
Software
Multi-Vendor
Servers
21 Copyright © 2014 Juniper Networks, Inc. www.juniper.net
OPEN CONTRAIL
Contrail is available as Open Source www.opencontrail.org. Commercial support available from Juniper.
Same features and scaling as commercial versionUses proven stable standards. Production-Ready.
Permissive license Apache 2.0
Integrated into open source virtualization stacksOpenStack, CloudStack
