CONTRAIL
SDN AND NFV
Bay Area Network Virtualization
CONTRAIL CLOUD SOLUTIONS GROUP
Sree Sarva, Aniket Daptari
HTTPS://63.119.251.102/OPENLAB
http://10.10.11.16/ = OpenStack
http://10.10.11.16:8080 = Contrail
http://10.10.11.11/ = Op...
AGENDA
CHALLENGES & TRENDS1
2
USE CASES AND PARTNERSHIPS3
CONTRAIL4
DEMO / HANDS-ON5
NETWORK FOR CLOUD ERA
1. CHALLENGES
AND TRENDS
GENERAL CHALLENGES
OVER THE TOP
THREAT
NETWORK TO
CLOUD
TIME TO
SERVICE
PRODUCT
EVOLUTION
OSS
AGILITY
Addresses these chal...
TIME TO SERVICE
DEPLOYMENT
Code to production launch
OPERATIONAL
COMPLEXITY
# of SKUs to manage
OPERATING
EXPENSES
Servers...
2. NETWORK FOR
CLOUD ERA
HW HW
App App Network
Virtualization
& Automation
Compute &
Storage
Virtualization
Traditional (1990’s)
Management
Platfor...
PRIVATE
INFRASTRUCTURE
THE NEW NETWORK – BUILT FOR CLOUD
PROPRIETARY
HARDWARE
SERVICES
CONFIGURED,
MANAGED
TODAY
AUTOMATED...
3. USE CASES &
PARTNERSHIPS
 Silo’ed Resource Allocation
 Manual Configuration
 Static Service Chains
IT CLOUD
 Dynamic Resource Allocation
 Auto...
CLOUD CPE SERVICE
Router Services
DHCP
RoutingCGNAT
Full featured CPE
in Virtualized Services
SP Delivered
Service Provide...
NEXTIP VPN
Customer
Site A
SLBFWUTM CDN WAN
Opt
SELF-SERVICE ENTERPRISE SERVICES
Customer
Site B
TELCO CLOUD
Contrail SDN
...
HYBRID CLOUD - IAAS AND VPC
End-to-End Virtual Network Orchestration and Automation
Standards-based, seamless internetwork...
4. CONTRAIL
CONTRAIL – VIRTUALIZED NETWORK SERVICES &
AUTOMATION
CONTROL PLANE, MANAGEMENT PLANE
NETWORK PROGRAMMABILITY
ENABLING NFV ...
OPENCONTRAIL COMPONENTS
Physical Network
(no changes)
Analytics
OPENCONTRAIL CONTROLLER
ControlConfiguration
Physical Host...
IPAM, Virtual
DNS
SecurityLoad
Balancing
3rd Party Network
Services
Rich Analytics High
Availability
Service Chaining API
...
67%
67%
67%
67%
62%
57%
52%
52%
52%
52%
48%
43%
38%
CDN
Akamai, Junos Content Encore
IMS
Sonus SBC
Virtual routers & secur...
PROGRAMMABILITY
 NB REST APIs allows easy integration with existing OSS/BSS
 Network complexity abstracted out using ric...
ORCHESTRATION PARTNERS
Cloudstack, CCP
OCS Openstack Mirantis Openstack,
Fuel
Redhat Openstack
(RHOS)
UnitedStack
Openstac...
DEMO & HANDS-ON
DEMO / HANDS-ON
• Creation of Virtual Networks
• Attachment of Virtual Machines
• Access Policy between Virtual Networks
•...
TIER-ED NETWORKS DEMO TOPOLOGY
BACK-END
DATABASE TIER
NETWORK
FRONT-END
WEB-TIER
NETWORK
BE1 BE2 BE3 FE1 FE2 FE3
MX Gatewa...
SERVICE CHAIN DEMO TOPOLOGY
ENTERPRISE
NETWORK
PUBLIC
NETWORK
E1 E2 E3 P1 P2 P3
FIREFLY
(INLINE NAT)
MX Gateway
NAT Servic...
OVERLAY NETWORK
Host + HypervisorHost + Hypervisor
VIRTUAL
NETWORK
GREEN
VIRTUAL
NETWORK
BLUE
VIRTUAL
NETWORK
YELLOW
FW DP...
DEVSTACK +
OPENCONTRAIL
 WHAT?
 Run OpenStack and OpenContrail on your laptop or in a VM
 WHY?
 Use to build & test OpenStack and OpenContrail...
 Install packages: git-core, ant, build-essential, pkg-config
 Download DevStack
 (git clone git@github.com:/dsetia/dev...
RESOURCES
 OpenContrail.org - E-Book, Architecture documents, blogs from developers/architects, slides, webinars
 VIDEOS...
THANK YOU!
Upcoming SlideShare
Loading in …5
×

Banv meetup 04162014

663 views

Published on

Published in: Technology
  • Be the first to comment

Banv meetup 04162014

  1. 1. CONTRAIL SDN AND NFV Bay Area Network Virtualization CONTRAIL CLOUD SOLUTIONS GROUP Sree Sarva, Aniket Daptari
  2. 2. HTTPS://63.119.251.102/OPENLAB http://10.10.11.16/ = OpenStack http://10.10.11.16:8080 = Contrail http://10.10.11.11/ = OpenStack http://10.10.11.11:8080 = Contrail
  3. 3. AGENDA CHALLENGES & TRENDS1 2 USE CASES AND PARTNERSHIPS3 CONTRAIL4 DEMO / HANDS-ON5 NETWORK FOR CLOUD ERA
  4. 4. 1. CHALLENGES AND TRENDS
  5. 5. GENERAL CHALLENGES OVER THE TOP THREAT NETWORK TO CLOUD TIME TO SERVICE PRODUCT EVOLUTION OSS AGILITY Addresses these challenges using existing assets without costly investments in network refresh and proprietary OSS systems  Lengthy service provisioning times of days to weeks  IP Activation process cumbersome  Lengthy new product introduction & certification times  Bundles limited by physical infrastructure  OTT cloud providers compete using internet  Network commoditised  Lack integration of Public and Private cloud offerings  Leveraging network to differentiate  Expensive to replace or augment current OSS systems
  6. 6. TIME TO SERVICE DEPLOYMENT Code to production launch OPERATIONAL COMPLEXITY # of SKUs to manage OPERATING EXPENSES Servers managed per admin …AND OTT PROVIDERS ARE INNOVATING FASTER Dynamic network service automation is the key priority for Service Providers AMAZON: 1 per 10,000 servers TELCO: Less than 100 GOOGLE: Few seconds TELCO: 10-12 Months GOOGLE: 10s Configs TELCO: Thousands configs Opportunity for accelerating TTM, reducing costs and optimizing operations
  7. 7. 2. NETWORK FOR CLOUD ERA
  8. 8. HW HW App App Network Virtualization & Automation Compute & Storage Virtualization Traditional (1990’s) Management Platform Infrastructure Hypervisor App App App HW HW • Network functions / services available as virtual machines • Apps are re-architected for scalable deployments, HA, IaaS / Paas • App Developers have a self-service model to get resources Cloud (2010+) • Apps run on dedicated hardware • Hardware for each network function App App App Hypervisor HW HW Virtualization (2000’s) • Virtualized apps have flexibility to move between hardware units CLOUD CHANGES THE ARCHITECTURE Enables Large Scale Automation & Network Function Virtualization Capex savings through Virtualization & higher device utilization Benefits Opex savings through Agility & Automation Benefits
  9. 9. PRIVATE INFRASTRUCTURE THE NEW NETWORK – BUILT FOR CLOUD PROPRIETARY HARDWARE SERVICES CONFIGURED, MANAGED TODAY AUTOMATED & ORCHESTRATED VIRTUALIZED, ON DEMAND SERVICES HYBRID CLOUD INFRASTRUCTURE OPEN SOURCE, OPEN STANDARDS TOMMORROW
  10. 10. 3. USE CASES & PARTNERSHIPS
  11. 11.  Silo’ed Resource Allocation  Manual Configuration  Static Service Chains IT CLOUD  Dynamic Resource Allocation  Automatic Configuration  Dynamic Service Chains CURRENT IT DATACENTER VLANS VLANS FINANCE HR MARKETING Firewalls Load-Balancer MODERN IT DATACENTER VIRTUALIZED HR MARKETINGFINANCE Virtual-Network based Orchestration (Compute, Storage, Apps) Physical Servers Local Hard Drives
  12. 12. CLOUD CPE SERVICE Router Services DHCP RoutingCGNAT Full featured CPE in Virtualized Services SP Delivered Service Provider IP Edge IP VPN Service Modem / ONT Switch Voice DHCPRouting FW & UTM ManagementWireless Controller Access Point IPS/ IDS SECURITY Pulse Tethered CPE Modem / ONT Switch Access Point VoicePulse  Decrease cost of physical CPE  Increase agility of introducing new services  Decrease cost of servicing customers  Services limited by capability of physical CPE hardware  Expensive to roll out new services  Costly customer support Routing Unified Threat WAN Optimization Firewall DHCPManagement IPv4-v6 Caching & Video Load BalancingPolicy Control DDOS Traffic Detection/ DPI Customer Value CPE Delivered
  13. 13. NEXTIP VPN Customer Site A SLBFWUTM CDN WAN Opt SELF-SERVICE ENTERPRISE SERVICES Customer Site B TELCO CLOUD Contrail SDN 2. Openstack standard interfaces provision virtual services 1. Standard API’s allow for simple portal control 3. Use of standard routing protocols to connect ANY SP customer to ANY service without interfacing with IP-RDM or similar
  14. 14. HYBRID CLOUD - IAAS AND VPC End-to-End Virtual Network Orchestration and Automation Standards-based, seamless internetworking within/across DC’s and Enterprise private network
  15. 15. 4. CONTRAIL
  16. 16. CONTRAIL – VIRTUALIZED NETWORK SERVICES & AUTOMATION CONTROL PLANE, MANAGEMENT PLANE NETWORK PROGRAMMABILITY ENABLING NFV (NETWORK FUNCTION VIRTUALIZATION) VIRTUALIZED NETWORK SERVICES INTEROPERABILITY WITH PHYSICAL NETWORK NETWORK VIRTUALIZATION (PRIVATE, HYBRID) CONVERGED NETWORK ORCHESTRATION AUTOMATION, ANALYTICS
  17. 17. OPENCONTRAIL COMPONENTS Physical Network (no changes) Analytics OPENCONTRAIL CONTROLLER ControlConfiguration Physical Host with Hypervisor vRouter VM VM VM VM Physical Host with Hypervisor vRouter VM VM VM VM WAN, Internet Gateway Accepts and converts orchestrator requests for VM creation, translates requests, and assigns network Real-time analytics engine collects, stores and analyzes network elementsInteracts with network elements for VM network provisioning and ensures uptime vRouter: Virtualized routing element handles localized control plane and forwarding plane work on the compute node Gateway: MX Series (or other router) or EX9200 serve as gateway eliminating need for SW gateway & improving scale & performance TODAY 2014
  18. 18. IPAM, Virtual DNS SecurityLoad Balancing 3rd Party Network Services Rich Analytics High Availability Service Chaining API Services Routing and Switching Gateway Services KEY FEATURES
  19. 19. 67% 67% 67% 67% 62% 57% 52% 52% 52% 52% 48% 43% 38% CDN Akamai, Junos Content Encore IMS Sonus SBC Virtual routers & security gateways Firefly Mobile core, EPC Firewalling Firefly DPI Sandvine Traffic Analysis Tools Guavus IPS / IDS security Firefly, DDos Secure Network Monitoring tools Web Security WebApp Secure WAN acceleration and optimization Silver-Peak, Riverbed Steelhead Application acceleration Riverbed ADC AAA Servers UAC / Steelbelt Radius 57% 52% VIRTUALIZED NFV SERVICES Juniper Services or 3rd Party/Best-of-Breed Source: Infonetics Research, 2013
  20. 20. PROGRAMMABILITY  NB REST APIs allows easy integration with existing OSS/BSS  Network complexity abstracted out using rich and programmatic interface, allowing for policy-based automation SUMMARY: CONTRAIL IS A LEADING SDN SOLUTION  Agile deployment of network services for faster time to revenue  3rd party services can run unmodified on the platform, eliminating the need for custom development ACCELERATED TTM LOWER TCO  Higher utilization of existing infrastructure & cost effective X86 HW  Centralizes management reducing operational cost & complexity  Uses standard protocols obviating need for specialized knowledge NETWORK INSIGHTS  Collects & analyzes huge amounts of network state information  Offers APIs for 3rd party analytics & visualization software to integrate with the system OPENNESS & INTEROPERABILITY  Contrail is open-sourced and integrates with Openstack, Cloudstack, KVM, Xen, and other open-sourced products / components  Interoperable with other multi-vendor infrastructure and services
  21. 21. ORCHESTRATION PARTNERS Cloudstack, CCP OCS Openstack Mirantis Openstack, Fuel Redhat Openstack (RHOS) UnitedStack Openstack SmartCloud Orchestrator 2014
  22. 22. DEMO & HANDS-ON
  23. 23. DEMO / HANDS-ON • Creation of Virtual Networks • Attachment of Virtual Machines • Access Policy between Virtual Networks • Floating IP / Distributed NAT using vRouter • Service Insertion - NAT Gateway • Debug & Analytics Information
  24. 24. TIER-ED NETWORKS DEMO TOPOLOGY BACK-END DATABASE TIER NETWORK FRONT-END WEB-TIER NETWORK BE1 BE2 BE3 FE1 FE2 FE3 MX Gateway Policy to connect front-end and back-end Centralized Control, Policy provisioning Internet Demo Machine connecting to Openstack Horizon and Contrail GUI Floating IP
  25. 25. SERVICE CHAIN DEMO TOPOLOGY ENTERPRISE NETWORK PUBLIC NETWORK E1 E2 E3 P1 P2 P3 FIREFLY (INLINE NAT) MX Gateway NAT Service to connect Enterprise network VMs to the outside world Internet Centralized Control, Policy provisioning Demo Machine connecting to Openstack Horizon and Contrail GUI
  26. 26. OVERLAY NETWORK Host + HypervisorHost + Hypervisor VIRTUAL NETWORK GREEN VIRTUAL NETWORK BLUE VIRTUAL NETWORK YELLOW FW DPI IP fabric (switch underlay) G1 G2 G3 B1 B3 B2 G1 G2 G3 Y1 Y2 Y3B1 B2 B3 Y2 Y3 Y1 VM and virtualized Network function pool VM and virtualized Network function pool Intra-network traffic Inter-network traffic traversing a service … … LOGICAL PHYSICAL
  27. 27. DEVSTACK + OPENCONTRAIL
  28. 28.  WHAT?  Run OpenStack and OpenContrail on your laptop or in a VM  WHY?  Use to build & test OpenStack and OpenContrail code  Just play with OpenStack/OpenContrail features  HOW?  Ubuntu server/VM with 4GB RAM, access to github DEVSTACK + OPENCONTRAIL
  29. 29.  Install packages: git-core, ant, build-essential, pkg-config  Download DevStack  (git clone git@github.com:/dsetia/devstack.git)  Edit localrc (set PHYSICAL_INTERFACE)  Run stack.sh  Installs Glance, Nova, Horizon, Keystone, Cinder  And OpenContrail (as a Neutron plugin) DEVSTACK + OPENCONTRAIL (in-a-box)
  30. 30. RESOURCES  OpenContrail.org - E-Book, Architecture documents, blogs from developers/architects, slides, webinars  VIDEOS:  DDoS Protection (Contrail + DDoS Secure)  http://www.youtube.com/watch?v=TnvCea4fil4  NFV through Contrail (this is the Internet / Firewall NFV aka. vCPE)  http://www.youtube.com/watch?v=_64no8P2vUw  Contrail - Elastic cloud - IT as a Service  http://www.youtube.com/watch?v=9g3EWV8X64s  SSLVPN on Contrail  http://www.youtube.com/watch?v=vfZfdH4kkV4
  31. 31. THANK YOU!

×