The first use case I am going to talk about is an example of the flexibliity Contrail can bring to enterprises A lot of enterprises have already adopted virtualization in their data centers, and some are looking to move to more of a true private cloud model, where virtualized resources are dynamically pooled, shared across different departments or organizations. Contrail helps enterprises move to private virtualized clouds automating and orchestrating the dynamic provisioning of network resources.Additionally, Contrail can help provide the intercloud orchestration required for customers who are looking to evolve to more of a hybrid cloud model, where they use a mix of private and public cloud resources. Here, Contrail integrates with solutions like CloudScaling to enable workload mobility between the various clouds.
The last service provider use case I will talk about is service chaining. Contrail has the ability to dynamically spin up and chain together virtual network applications—which can be either virtual applications via Network Functions Virtualization, or even services running on physical appliances.These virtual services can be Juniper applications like FireFly, or they can be third party applications. When we make our Contrail announcement on September 16, we will launch a host of technology alliance partners who have commited to perform interop testing with Contrail. The advantages of dynamic service chaining virtual services can be applied in many different ways. Network operators can use these services to replace network functions today hosted on physical appliance, thereby improving the efficiency and operations of their own internal networks. One example of this is the vMCG solution we are delivering in conjuntion with Hitachi. Dynamically service chaining network applications can also be the foundation for new services. For example, some of our customers are looking to offer network-based managed services that run functions like firewall and intrusion prevention in the network, rather than on the customer prem. This allows service providers to bring new services to market more quickly and with less risk than hardware-centric based approaches.
Restless reinvention: Keep in mind it’s not the technology alone, it’s about a company culture ready to innovate with cloud.Analytics everywhere: Ensure your cloud strategy is also the ultimate analytics strategyA dynamic cloud strategy: Strategically mix open cloud technologies to deliver the business outcome
Good Morning! I’m Bask Iyer, CIO of Juniper Networks. Like any typical multi-billion enterprise, we are global and support 10K+ users that are located in 100+ sites across 47 countries. And like any typical enterprise IT team, we’re responsible for multiple apps, datacenters, security, BYOD, & of course the corporate network. TRANSITION: Let me begin with providing you insight into ourJuniper IT strategy and then I’ll share how we came about using Junos Contrail and how Junos Contrail happens to be a perfect match to our strategy.
Our Enterprise IT strategy is straightforward:We’ve embraced a “why not cloud” approach for software, platforms & infrastructure and we’ve migrated as much to the cloud as possibleWe’ve deployed multiple SaaS applications (SFDC, Office 365, Peoplesoft). Soon we’ll have a cloud-based platform solution [SAP]. We are also consolidating data centers, migrating much to the cloud.To simply our app landscape, we’re in the middle of a multi-year business transformation project, crushing down 150 apps into 1. Of course, securityis key to protecting our company’s IP.For our end users, we’ve embraced a Bring Your Own Mobile [BYOM] device policy, and a “Mobile First” approach to new apps.When it comes to the network & security, we use our own technology to deliver core business services across our Juniper-based network and call this Juniper on Juniper.TRANSITION: In addition to doing our IT day job, we also have to manage projects that simply drop out of the sky, like an acquisition, which brings me to Contrail.
Start-ups are fast and nimble, and consume vast amounts cloud-based services for compute & software solutions. When Juniper acquires a start-up company, our IT team needs to quickly figure out how to fold this acquisition into our secure corporate enterprise and not inhibit the start-up’s need for agility & speed.When Contrail came along, they had some fairly unique IT requirements (object storage) that couldn’t be easily met with our existing Juniper IT environment. Juniper IT had to figure out how to capture the value of the acquisition quickly so Contrail could maintain their momentum & scale.Typically we’d plan, purchase, install and verify before delivering a solution, taking months and not agile enough for Contrail teamI couldn’t just say, take a number and stand in line for your IT request. Changing Contrail’s DevOps methodology was out of the question, too expensive.Instead we needed to migrate Contrail’s agile development environment to a private cloud in order to address Juniper security/compliance goals and protect sensitive beta customer information. And complete this migration with minimal impact and also enable them to scale.TRANSITION: Let me show you a peek into what Contrail’s dev environment looked like….and what we had to figure out.
At a high level, Contrail used SaaS applications (i.e. Bitbucket as code repository) and public cloud resources. Internally Contrail team maintained multiple physical servers to perform code development & build functionalities.These servers connected through a VLAN and were configured to run a certain operating system and a set of software packages. Servers in the VLAN accessed the Internet for fetching and posting source code. This worked fine for them until Contrail grew bigger, got acquired by Juniper and started to have a lot more customer engagements and needed to support a lot more requirements from customers and innovations from within. They needed the capability to quickly and efficiently build software images with a wide range of OS, software package and compiler combinations, and this process had to be automated. The challenges of using existing infrastructure to implement this are obvious. When each of the physical servers was brought up, it was statically configured to run a certain OS and package combination, and changing that was manual and could take a long time. The intellectual property security and customer privacy risk increased daily as Contrail welcomed more beta customers, so keeping confidential code base in public cloud was no longer an option. Even if Juniper IT was willing to throw in some really expensive server virtualization technologies to run these diverse builds in virtual machines, the network implemented with VLAN technology still posed challenges in manageability, scalabilty and security policy attachment. The scalability and capex inefficiencies directly resulted from the inability to handle policies, security, and routing at scale, without changes to physical switching infrastructure. Similarly, tenant/application state was embedded in the physical networking infrastructure, resulting with challenges with manageability. TRANSITION: So what did Juniper IT do?Additional notes:Source code repository, build environment, and development environment were dynamic with different security requirements. Contrail supported several different build environments such as Ubuntu, Centos, etc.Build servers did not need to be accessed by corporate network or the Internet, it needs to be able to pull source code from the repository and spin up different virtual machines for different build environmentsDevelopment servers need to be accessed from corporate network and the InternetSource code repository needs to be accessed by build and dev servers
After evaluating different options, we came to the conclusion that Contrail technology is the best solution for the Contrail problem. Through partnership with Cloudscaling, Contrail offers a turnkey elastic private cloud solution that includes tested and proven server, storage and networking hardware, Openstack cloud orchestration platform, Cloudscaling elastic software storage and Contrail network virtualization and orchestration technologies as the main building blocks. The solution was very easy to deploy, and its benefits are clear. Now Contrail team can dynamically spin up virtual machines to build a wide variety of images with different OS, software package and compiler combinations. After the build is done, the resources associated with the specific build is released and reused. Spinning up the virtual machines can be done through a portal or scripts without IT involvement most of the time. Furthermore, the elastic distributed cloud storage can be used for source code repository and storing OS images and software packages inside Juniper without exposing Juniper intellectual property and customer private information to the public cloud. Any virtual machine would be able access this distributed storage. With Contrail automatically provisioning virtual overlay networks and dynamically using L3VPN or EVPN, the challenges associated with VLAN-based solution no longer exist. Juniper’s Contrail solves the automation, cost, scalability, and manageability problems by providing advanced networking features through a proactive overlay virtual network. All the networking features like switching, routing, security, and load balancing is moved from the physical hardware infrastructure to software running in hypervisor kernel software that is managed from a central orchestration system. This allows the system to scale while keeping the costs of the physical switching infrastructure under control, as the switching hardware has no state of the virtual machines or tenant/application and is only involved in routing traffic from one server to another. The Contrail Network Virtualization system solves the agility problem as it provides all the automation for provisioning of the virtualized network, networking services and integrates with the orchestration systems like Openstack, Cloudstack using REST APIs. TRANSITION: So how does this proposed architecture help Juniper IT?
This solution allows us to seize the value of the Contrail acquisition faster.Why Open Source? For a CIO, this means we can experiment on the cheap. It’s not a proprietary piece of software, so that means I don’t have to shell out tons of money for licensing fees. It’s standards-based so I can benefit from the collaboration of the open environment. I can enable speed, lower my costs, and protect the IP securely. What’s next? From an IT perspective, we will channel the agility of Junos Contrail framework and apply it to future acquisitions to maintain nimbleness and speed. We’ll also extend this approach to the rest of the company, especially within engineering organization. And lastly, I am adhering to our IT strategy….”why not cloud” and “security”