Raymond Lai, Solutions Architect, Arista Networks
As enterprises move from on-premises and user-provisioned cloud computing to multi-cloud deployment models, the burden is left with enterprise IT to accommodate an architectural approach across clouds. With the Any Cloud Platform, Arista is extending two proven software technologies, EOS and CloudVision, to empower enterprise IT with a consistent multi-cloud architectural and operational approach.
5. Typical Stage-1 Hybrid-cloud Enterprise Setup
5
VPC
peering
Direct Connect
Or IPsec Tunnel
On-premise DC
AZ2
Internet Gateway
• “3rd party” Firewalls
• “3rd party” Load balancers
• Internet gateways
• VPN gateways
AZ1
Region
6. Why NO to Transitive routing for VPC ?
• Security benefit: Prevent address spoofing
• Task: Check validity of source / destination IP address in forwarding
mechanism. Drop if source & destination not part of VPC local interface
6
9. Experience & Visibility Concerns
9
• Limited compliance impacts security
• Inconsistent operational models
• Disparate management and visibility
• No network architecture considerations
‘Shadow IT’ Origins
Network instances
grow ad-hoc and
operate in isolation
Enterprise DC
Public Cloud 1 Public Cloud 2 Public Cloud 3
10. Arista Any Cloud Platform
10
Enterprise
Datacenters
Cloud
Exchanges
Public
Clouds
Private
Clouds
Any
Place-In-the-Cloud
Universal Cloud Network Architecture
Any Cloud, Any Workload, Any Location
Arista EOS CloudVision
11. Arista vEOS Router on AWS:
• Proven Routing
• Secure Tunneling
• High Availability
• Traffic Engineering
• Same APIs and Programmability
• Multi-hypervisor and cloud-native packages
vEOS - Cloud-Grade Routing
11
Hypervisors Public Clouds
Single EOS image across all use-cases
12. • Zero Touch Provisioning:
Quickly spin up routing services
• Automated Change Management:
Streamlined NetOps across clouds
• State Streaming: Real-time telemetry
across any EOS use-case
• Analytics Engine: for historic event
correlation and anomaly detection
• Visualization Apps: common
dashboard for advanced telemetry
CloudVision for the Hybrid Cloud
12
Enterprise
DC2
Amazon
West
Enterprise
DC1
Any Site
Private
Cloud
AWS
Europe
AWS
APAC
Equinix
Cloud
Exchange
Amazon
East
13. Arista Cloud Network Approach
13
• Enterprise IT compliance reduces risk
• Common operations saves OpEx
• Improved service delivery
• Proven network architecture scales over time
‘Shadow IT’ Origins Arista Universal Cloud Network approach
Network instances
grow ad-hoc and
operate in isolation
Uniform networking
across clouds
Enterprise DC
Public Cloud 1 Public Cloud 2 Public Cloud 3 Public Cloud 1 Public Cloud 2 Public Cloud 3
Private Cloud
15. 15
#1 Consistency
Internet
Data Center
AZ1 AZ2 AZ1 AZ2
AZ2
1 N
AZ1 AZ2AZ1
Internet
Transit
Arista EOS
Single EOS Binary
Packaged for
Any Cloud
Industry-Standard
CLI and SNMP
Programmable with
identical APIs
Any Cloud
16. #2 Dynamic Routing with Scale
16
VPCs
Route Tables
Subnets
Network Interfaces
Virtual Machines
What is Cloud
Native Networking?
Optimized for Internet-
facing applications
Static configuration of
route tables in GUI
No Transitive Routing,
require full-mesh
peering
Limited Routes per
VPC
Arista EOS
Standard BGP
Designed for Scale
Standard IPsec/GRE
overlay on cloud-native
networking
Scalable, Consistent
Scale:
600k IP Routes
8 VRFs
16 NICs
200 Tunnels
128 VPN tunnels
100k NAT
connections
Up to 10 Gbps
17. #3 Transitive Routing
17
Transit Internet
R1 R2 R1 R2
R2
1 N
R1 R2R1
Internet
Data Center Spine-Leaf Designs
Arista EOS
Standard BGP
Designed for Scale
Standard IPsec/GRE
overlay on cloud-native
networking
Scalable, Consistent
Spine-Leaf in the Cloud
18. #4 Visibility and Automation
18
Complete State Streaming Architecture
Any
CloudR1 R2
CloudVision Analytics Platform and Automation
19. Any Cloud Visibility with Cloud Tracer
Arista Router at
Equinix Cloud
Exchange
Enterprise DC
vEOS Router in AWS
East
vEOS Router in AWS West
Cloud Tracer
Integrated with
CloudVision
Telemetry vEOS Router in AWS-APAC