Upload
vandiep
View
217
Download
1
Embed Size (px)
Citation preview
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Automatisation d’un Cloud Hybride avec Nuage [email protected] Consulting Engineer
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Make Networking as instantaneous and readily consumable as compute
Open: Preserve choice, new Services
Boundary-less: Networks, not islands
Policy-Driven: Automation, Security & Visibility
Our Mission
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
TTM
OpEx
CaPex
SD-WAN
DC-SDN
Leverage Economies of Scale with x86 & Virtualization Technologies
Enable Automation & Templating
Accelerate Your Business with Datacenter SDN & Branch Office Software Defined WAN (SDWAN)
Business drivers
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Virtualized Services Directory (VSD)• Network Policy Engine – abstracts complexity• Service templates and analytics
Virtualized Services Controller (VSC)• SDN Controller, programs the network• Rich routing feature set
Nuage NetworksVirtualized Services Platform (VSP)
VNS (Virtualized
Network Services)
Network Services Gateway (NSG)• Physical or Virtual SD-WAN Edge for Branches• L2-L4 Switch/Routing with Advanced Functions
SD-WAN Feature Set
Virtual Routing & Switching (VRS)• Distributed switch / router – L2-4 rules• Supports leading hypervisors and base metal assets• Virtual (VRS) and Physical (VSG) form-factors
DC-SDN (Datacenter SDN) Feature Set
VCS (Virtualized
Cloud Services)
Nuage Networks : SDN solutions
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Nuage Virtualized Cloud Services
Internet
WAN network
Branch Office (SD-WAN)
Public Cloud
DC Gateway
VRS-KHardware Gateway
VRS-E VRS-X VRS-G
Core Core Core Core
Spine Spine Spine Spine
Leaf
Leaf
Leaf
Leaf
VSD
VSC HA
Overlay Virtual Networks
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Nuage Networks : SDN Features
QoS & NAT/PAT & DHCP
NETWORKING
VM & CONTAINER SUPPORT
L2 VPN & L3 VPN
CENTRALIZED TEMPLATING
DYNAMIC PROGRAMMABILITY
AUTOMATION
POLICY-DRIVEN NETWORKING
SECURITY
LOGS & AUDITS
ANALYTICS
GRANULAR STATEFUL FIREWALL
CONTROL
SDN SERVICE CHAINING
SDN TRAFFIC STEERING
CENTRALIZED POLICY
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Policy-Driven Virtualized Networking across any environment
Physical servers Virtual Machines
Virtual Services Platform (VSP)
Containers Public CloudHW VTEP
OVSDB SW
Same policies used across any endpoint
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Using Nuage Networks NSG solution (Full mesh to other sites)Secure Hybrid Cloud Interconnect
Cloud VPCPrivate Cloud
Nuage GW
VPC
Cloud VPC
Private Cloud
Nuage GW
VPC
Enables Secure mesh of
connectivity between sites Full intra and inter-Region
VPC peering Dynamic exchange of
routing info between sites Visibility and control of
traffic flows between sitesBranch
Connectivity to everywhere
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
VSD for overall end-to-end service management and provisioning
In the DC VRS – Manages forwarding and security between
hypervisors and gateway (VXLAN based) VSC – Programs connectivity between VMs NSG-BR – Border Router demarcating private DC and
public (Secure) connection: it translates VXLAN -> IPSeC and links public to private domains
VRS – Performs local L2-L4 functions for tenant networks, and sets up VXLAN tunnel
In Public Cloud NSG-AMI – Acts as default gateway within the VPC and
initiates the IPSeC tunnel to the DC or to other VPCs VSC – Programs connectivity between NSGs
How does it work ?Nuage Architecture Components involved
VSD
VSC VSC
VRS VRS NSG-BR NSG NSG-AMI
VXLAN IPSEC
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Role of Border Router Is part of encrypted
mesh between NSGs Cross-connects
private and public networks
Provides application control and visibility that are used between the DC and public cloud
The Role of Border Router
VRS-1
VRS-2
Router
NSG-BR
Private Cloud
NSG-1(VPC-1)
NSG-2(VPC-2)
NSG-3(Branch)
Public
Desired Connectivity
WANDC
VXLAN o IPSEC
VXLAN
VLAN + BGP
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
VPC-Interworking NSG attracts all outgoing traffic NSG polices and encrypts traffic before
sending to public (other NSG)
Internals of the NSG-AMI
Nuage-Interworking VSC programs NSG with
Prefixes from other sites Encryption group-keys Traffic/Application Policies
NSG reports back statistics and application information
RPublic
Default route-table:0/0 Next-hop NSG-LAN-IF
VSC
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Application Insight exampleSecure Hybrid Cloud Interconnect
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
VSD Domain Topology exampleSecure Hybrid Cloud Interconnect
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Using VSD as unified policy layer for private and public cloudHybrid Cloud Management
VSP
VSD
Datacenter
VSD Cloud Manager
Templates
Provisioning
MonitoringCommon Cloud API
Native Cloud API
* Planned for future
Enables Single pane of glass
for networking design Single pane of glass
for security definition Full auditing
capabilities between actual and intent
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
VSD acts as Front-end to VPC Design Discovery phase Sync Phase
Manages VPC design Subnet design ACL design
VPC and Subnet DesignHybrid Cloud Management
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
ACL-DesignHybrid Cloud Management
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
60+ wins & deployments
150+ trials/pilots successfully completed
Across hyper-scale enterprises, cloud providers & service providers
Major wins across all regions, to name a few: BBVA, SFR (Numergy), Santander, Betfair, Bloomberg, UPMC, CTCC, MyRepublic, Telus
Market success
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Industry Solution Partner of the Year - 2015Honoring a Red Hat partner who has significantly impacted the industry with Red Hat solutions.
Red Hat Honors 2015 North American Partner Award Winners Award recipients recognized for delivering innovative open source solutions
A strong partner Ecosystem
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Conclusion• Integrated & certified joined solutions
with Red Hat
• Enabling Private/Public/Hybrid clouds :– Augmented Security within the Datacenter– Seamless Mobility of workloads– Increase Network performances
• Reduce OPEX, Faster deployment & optimized CAPEX
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Thanks !See you at the Nuage booth next week in Barcelona !
© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Thanks !