Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Executive Intro Slide
CONTRAIL SDN AND NFV Bay Area Network Virtualization
CONTRAIL CLOUD SOLUTIONS GROUP
Sree Sarva, Aniket Daptari
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
AGENDA
CHALLENGES & TRENDS 1
2
USE CASES AND PARTNERSHIPS 3
CONTRAIL 4
DEMO / HANDS-ON 5
NETWORK FOR CLOUD ERA
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Big Concept Slide
1. CHALLENGES AND TRENDS
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Title and Bullets
GENERAL CHALLENGES
OVER THE TOP THREAT
NETWORK TO CLOUD
TIME TO SERVICE
PRODUCT EVOLUTION
OSS AGILITY
Addresses these challenges using existing assets without costly investments in network refresh and proprietary OSS systems
§ Lengthy service provisioning times of days to weeks
§ IP Activation process cumbersome
§ Lengthy new product introduction & certification times
§ Bundles limited by physical infrastructure
§ OTT cloud providers compete using internet
§ Network commoditised
§ Lack integration of Public and Private cloud offerings
§ Leveraging network to differentiate
§ Expensive to replace or augment current OSS systems
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Title and Bullets
TIME TO SERVICE DEPLOYMENT Code to production launch
OPERATIONAL COMPLEXITY # of SKUs to manage
OPERATING EXPENSES Servers managed per admin
…AND OTT PROVIDERS ARE INNOVATING FASTER Dynamic network service automation is the key priority for Service Providers
AMAZON: 1 per 10,000 servers Each admin can operate ~10,000 servers
TELCO: Less than 100 Each admin can manage up to ~100 servers = large headcount
GOOGLE: Few seconds STAT MUX Service on Existing Infrastructure
TELCO: 10-12 Months Mobile Operators quote many months per service; mostly manually
GOOGLE: 10s Configs Google: ~10 shared hardware system bundles
TELCO: Thousands configs 1000’s of SKUs to manage makes IT overly complex
Opportunity for accelerating TTM, reducing costs and optimizing operations
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Big Concept Slide
2. NETWORK FOR CLOUD ERA
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Title and Bullets
HW HW
App App Network Virtualization & Automation
Compute & Storage
Virtualization
Traditional (1990’s)
Management
Platform
Infrastructure
Hypervisor
App App App
HW HW
• Network functions / services available as virtual machines
• Apps are re-architected for scalable deployments, HA, IaaS / Paas
• App Developers have a self-service model to get resources
Cloud (2010+)
• Apps run on dedicated hardware
• Hardware for each network function
App App App
Hypervisor
HW HW
Virtualization (2000’s)
• Virtualized apps have flexibility to move between hardware units
CLOUD CHANGES THE ARCHITECTURE Enables Large Scale Automation & Network Function Virtualization
Capex savings through Virtualization & higher device utilization
Benefits Opex savings through Agility & Automation
Benefits
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
PRIVATE INFRASTRUCTURE
THE NEW NETWORK – BUILT FOR CLOUD
PROPRIETARY
HARDWARE SERVICES
CONFIGURED, MANAGED
TODAY AUTOMATED &
ORCHESTRATED
VIRTUALIZED, ON DEMAND SERVICES
HYBRID CLOUD INFRASTRUCTURE
OPEN SOURCE, OPEN STANDARDS
TOMMORROW
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Big Concept Slide
3. USE CASES & PARTNERSHIPS
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
§ Silo’ed Resource Allocation § Manual Configuration § Static Service Chains
IT CLOUD
§ Dynamic Resource Allocation § Automatic Configuration § Dynamic Service Chains
CURRENT IT DATACENTER
VLANS VLANS
FINANCE HR MARKETING
Firewalls Load-Balancer
MODERN IT DATACENTER
VIRTUALIZED
HR MARKETING FINANCE
Virtual-Network based Orchestration (Compute, Storage, Apps)
Physical Servers
Local Hard Drives
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
CLOUD CPE SERVICE
Router Services
DHCP Routing CGNAT
Full featured CPE
in Virtualized Services SP Delivered
Service Provider IP Edge
IP VPN Service
Modem / ONT
Switch
Voice
DHCP Routing FW & UTM
Management Wireless Controller
Access Point
IPS/ IDS SECURITY
Pulse
Tethered CPE
Modem / ONT Switch Access Point
Voice Pulse
§ Decrease cost of physical CPE § Increase agility of introducing new services § Decrease cost of servicing customers
§ Services limited by capability of physical CPE hardware § Expensive to roll out new services § Costly customer support
Routing Unified Threat WAN Optimization
Firewall DHCP Management
IPv4-v6 Caching & Video Load Balancing Policy Control DDOS
Traffic Detection/ DPI
Customer Value CPE Delivered
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Title and Bullets
NEXTIP VPN
Customer Site A
SLB FW UTM CDN WAN Opt
SELF-SERVICE ENTERPRISE SERVICES
Customer Site B
TELCO CLOUD
Contrail SDN
2. Openstack standard interfaces provision virtual services
1. Standard API’s allow for simple portal control
3. Use of standard routing
protocols to connect ANY SP customer to ANY service without
interfacing with IP-RDM or similar
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Title and Bullets
HYBRID CLOUD - IAAS AND VPC End-to-End Virtual Network Orchestration and Automation
Standards-based, seamless internetworking within/across DC’s and Enterprise private network
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Big Concept Slide
4. CONTRAIL
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
CONTRAIL – VIRTUALIZED NETWORK SERVICES & AUTOMATION
CONTROL PLANE, MANAGEMENT PLANE NETWORK PROGRAMMABILITY
ENABLING NFV (NETWORK FUNCTION VIRTUALIZATION)
VIRTUALIZED NETWORK SERVICES
INTEROPERABILITY WITH PHYSICAL NETWORK
NETWORK VIRTUALIZATION (PRIVATE, HYBRID)
CONVERGED NETWORK ORCHESTRATION AUTOMATION, ANALYTICS
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
OPENCONTRAIL COMPONENTS
Physical Network (no changes)
Analytics
OPENCONTRAIL CONTROLLER
Control Configuration
Physical Host with Hypervisor
vRouter
VM VM VM VM
Physical Host with Hypervisor
vRouter
VM VM VM VM
WAN, Internet
Gateway
Accepts and converts orchestrator requests for VM creation, translates requests, and assigns network
Real-time analytics engine collects, stores and analyzes network elements Interacts with network elements for
VM network provisioning and ensures uptime
vRouter: Virtualized routing element handles localized control plane and forwarding plane work on the compute node
Gateway: MX Series (or other router) or EX9200 serve as gateway eliminating need for SW gateway & improving scale & performance
TODAY 2014
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Title and Bullets
IPAM, Virtual DNS
Security Load Balancing
3rd Party Network Services
Rich Analytics High Availability
Service Chaining API Services
Routing and Switching
Gateway Services
KEY FEATURES
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Title and Bullets
67%
67%
67%
67%
62%
57%
52%
52%
52%
52%
48%
43%
38%
CDN Akamai, Junos Content Encore
IMS Sonus SBC
Virtual routers & security gateways Firefly
Mobile core, EPC
Firewalling Firefly
DPI Sandvine
Traffic Analysis Tools Guavus
IPS / IDS security Firefly, DDos Secure
Network Monitoring tools
Web Security WebApp Secure
WAN acceleration and optimization Silver-Peak, Riverbed Steelhead
Application acceleration Riverbed ADC AAA Servers
UAC / Steelbelt Radius
57%
52%
VIRTUALIZED NFV SERVICES Juniper Services or 3rd Party/Best-of-Breed
Source: Infonetics Research, 2013
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
PROGRAMMABILITY § NB REST APIs allows easy integration with existing OSS/BSS § Network complexity abstracted out using rich and programmatic
interface, allowing for policy-based automation
SUMMARY: CONTRAIL IS A LEADING SDN SOLUTION
§ Agile deployment of network services for faster time to revenue § 3rd party services can run unmodified on the platform, eliminating the
need for custom development ACCELERATED TTM
LOWER TCO § Higher utilization of existing infrastructure & cost effective X86 HW § Centralizes management reducing operational cost & complexity § Uses standard protocols obviating need for specialized knowledge
NETWORK INSIGHTS § Collects & analyzes huge amounts of network state information § Offers APIs for 3rd party analytics & visualization software to integrate
with the system
OPENNESS & INTEROPERABILITY
§ Contrail is open-sourced and integrates with Openstack, Cloudstack, KVM, Xen, and other open-sourced products / components
§ Interoperable with other multi-vendor infrastructure and services
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Title and Bullets
ORCHESTRATION PARTNERS
Cloudstack, CCP
OCS Openstack Mirantis Openstack, Fuel
Redhat Openstack (RHOS)
UnitedStack Openstack
SmartCloud Orchestrator
2014
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Big Concept Slide
DEMO & HANDS-ON
Slide Type Juniper Networks Large Venue Template / 16x9 / V6
DEMO / HANDS-ON
• Creation of Virtual Networks • Attachment of Virtual Machines • Access Policy between Virtual Networks • Floating IP / Distributed NAT using vRouter • Service Insertion - NAT Gateway • Debug & Analytics Information
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
TIER-ED NETWORKS DEMO TOPOLOGY
BACK-END DATABASE TIER
NETWORK
FRONT-END WEB-TIER NETWORK
BE1 BE2 BE3 FE1 FE2 FE3 MX Gateway
Policy to connect front-end and back-end
Centralized Control, Policy provisioning
Internet
Demo Machine connecting to Openstack Horizon and Contrail GUI
Floating IP
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
SERVICE CHAIN DEMO TOPOLOGY
ENTERPRISE NETWORK
PUBLIC NETWORK
E1 E2 E3 P1 P2 P3
FIREFLY (INLINE NAT)
MX Gateway
NAT Service to connect Enterprise network VMs to the outside world
Internet
Centralized Control, Policy provisioning Demo Machine connecting to Openstack Horizon and Contrail GUI
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
OVERLAY NETWORK
Host + Hypervisor Host + Hypervisor
VIRTUAL NETWORK
GREEN
VIRTUAL NETWORK
BLUE
VIRTUAL NETWORK YELLOW
FW DPI
IP fabric (switch underlay)
G1 G2 G3
B1
B3 B2
G1
G2
G3
Y1 Y2 Y3 B1 B2 B3
Y2
Y3 Y1
VM and virtualized Network function pool
VM and virtualized Network function pool
Intra-network traffic Inter-network traffic traversing a service
… …
LOGICAL
PHYSICAL
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Big Concept Slide
DEVSTACK + OPENCONTRAIL
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Title and Bullets
§ WHAT? § Run OpenStack and OpenContrail on your laptop or in a VM
§ WHY? § Use to build & test OpenStack and OpenContrail code § Just play with OpenStack/OpenContrail features
§ HOW? § Ubuntu server/VM with 4GB RAM, access to github
DEVSTACK + OPENCONTRAIL
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Title and Bullets
§ Install packages: git-core, ant, build-essential, pkg-config
§ Download DevStack § (git clone [email protected]:/dsetia/devstack.git)
§ Edit localrc (set PHYSICAL_INTERFACE) § Run stack.sh § Installs Glance, Nova, Horizon, Keystone, Cinder § And OpenContrail (as a Neutron plugin)
DEVSTACK + OPENCONTRAIL (in-a-box)
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
RESOURCES
§ OpenContrail.org - E-Book, Architecture documents, blogs from developers/architects, slides, webinars
§ VIDEOS:
§ DDoS Protection (Contrail + DDoS Secure)
§ http://www.youtube.com/watch?v=TnvCea4fil4
§ NFV through Contrail (this is the Internet / Firewall NFV aka. vCPE)
§ http://www.youtube.com/watch?v=_64no8P2vUw
§ Contrail - Elastic cloud - IT as a Service
§ http://www.youtube.com/watch?v=9g3EWV8X64s § SSLVPN on Contrail
§ http://www.youtube.com/watch?v=vfZfdH4kkV4
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Big Concept Slide
THANK YOU!