The document discusses the integration of OpenContrail and Cumulus Linux for enabling open network automation in cloud infrastructures. It highlights the benefits of using OpenContrail as an open-source network automation initiative that enhances cloud service deployment while promoting interoperability through open APIs and standard protocols. Key features include centralized management, network insights, and support for multi-vendor environments, facilitating a flexible and scalable networking solution for enterprises and service providers.

1. v
Enabling Open Network Automation
with
Open Contrail & Cumulus® Linux®
Dec 10th 2014

2. Introduction
2
Jennifer Lin
Product Management
OpenContrail (Juniper Networks)
Meena Sankaran
Ecosystem & Solutions
Cumulus Networks
Twitter : @meena_sankaran
December 10, 2014

3. SDN Evolution to Cloud
Hybrid Cloud Infrastructure
Back-End DB
VLAN - D
VLAN - C
Security
Front-End Web
VLAN - B
VLAN - A
LB
L2, VLAN/server-centric
VM VM VM
FIREWALL
VM VM … VM
LB LB
FIREWALL
DC
Management
§ VLAN; VXLAN – flooding; VXLAN – L2/L3
§ Limited control plane
§ Static, North-South Traffic; Dedicated resources
§ Manual Configuration
Internet, IP-VPN,
MPLS-VPN
L3 GW
Front-end
Tier
VM
Back-end
Tier
VM VM
Cloud
Orchestration &
Automation
§ L3 fabric, gateways; BGP control plane
§ Interoperate with Public Clouds / IPVPNs
§ Intelligent Policy Automation; System Abstraction
§ XaaS, Open API’s
VM
December 10, 2014 3

4. Introducing OpenContrail (Opencontrail.org)
4
API driven
§ OpenStack Neutron v2 API, Amazon
EC2 VPC API, etc.
§ Open APIs to apps/ orchestration
systems for config, monitoring, etc
Built as a scalable, resilient, and
carrier-grade network/services
platform for Cloud infrastructure
OPENCONTRAIL IS …
An open-source cloud network
automation initiative (Apache v2)
Built using standards-based protocols
and policy-based services
Provides all components for network
virtualization à Overlay networks to
§ virtual machines
§ Linux containers and
§ network namespaces.
December 10, 2014

5. Why OpenContrail ?
ACCELERATED TTM
LOWER TCO
PROGRAMMABILITY
NETWORK INSIGHTS
OPENNESS &
INTEROPERABILITY
§ Agile deployment of network services for faster time to revenue
§ Multi-vendor approach eliminates need for custom development
§ Higher utilization of existing infrastructure
§ Centralized management reducing operational cost & complexity
§ Use of open standard protocols obviating need for re-training
§ Network complexity abstracted out using rich and programmatic
interfaces and enabling policy-based automation
§ Collects & analyzes huge amounts of network state information
§ Offers APIs for 3rd party analytics & visualization software to
integrate with the system
§ Open-source and integrates with other open-source software
§ Minimizes the need for incremental network/services gateways
§ Interoperable with other multi-vendor infrastructure and services
December 10, 2014 5

6. 6
Why OpenContrail ?
Distributed Routing,
Switching (vRouter)
IPAM,
DNS/DHCP
Load Balancing Automated Policy
Enforcement
L3/L2 GW Services Network Analytics Service Chaining Scale-out, HA
December 10, 2014

7. OpenContrail Open Community
OpenContrail Advisory Board (OCAB)
§ Industry veterans and key project contributors and adopters
OpenContrail Developer Community
§ Juniper, customers, partners
§ Propose features & Contribute Code
(features & bug-fixes)
§ Participate Launchpad Features & Bug-fixes in Code review process
Code Review / Merge Process
End-customers
Filing
bugs
Tracking bugs
& other info
Single Github Source Code Repository
December 10, 2014 7

8. Use Cases : Open Contrail
8
SERVICE
PROVIDER
ENTERPRISE
EMERGING
Rate of Cloud Services Adoption
Incumbent Infrastructure
USE CASES
Platform, Software-as-a-Service
Public Cloud Repatriation
IT-as-a-Service
Virtual Private Cloud
Hybrid Cloud Migration
Network Functions Virtualization
Infrastructure-as-a-Service
Network Platform-as-a-Service
December 10, 2014

9. How do Hardware L2 Gateways work ?
VMs on any
Hypervisor
Bare Metal
Servers
TOR (L2 GW)
VM1
VM2
L3 GW
…
VLAN
Red
PHYSICAL
VM1
VM2
Intra-VN traffic from VM to
BMS goes through the L2
Gateway
WAN /
Internet
LOGICAL
L3 GW
Overlay
VXLAN
Tunnels
§ VLAN based architecture
interconnecting with an
overlay Cloud architecture
via an L2 gateway
VLAN
Blue
Red
VM4
VM4
VM5
Blue
VM3
From VM in overlay to non-overlay
VMs or BMS, traffic needs to go
through the L3 GW
Virtual
Network
Virtual
Network
VM5
VM3
L2 GW
December 10, 2014 9

10. Cumulus Linux VXLAN Support – Integration with Open Contrail
L3 Gateway Contrail Controller
Control & Config = OVSDB Control & Config = OVSDB
VLAN Green …
Bare Metal Servers Physical + Virtual Workloads
VLAN Red
VXLAN Tunnels
§ Contrail Controller talks OVSDB to TOR
§ Allows bare metal as well as virtualized
workloads in same virtual network
December 10, 2014 10

11. Customer Architectures
11
LB
WAN OPT
FIREWALL
Physical Svc Appliances
Virtualized
Svc VMs
Legacy Servers & Storage
AWS
Azure
(VLAN-based) Public Clouds
UNDERLAY OVERLAY
SERVICE
GCE
Legacy
Interconnect
Hybrid
Cloud
Data Center 2
Multi-DC
Distributed
Cloud
Phy + Virt
Interconnect
Phy. + Virtual
Svc Insertion
MGMT
VMs,
Containers
Data Center 1
Gateway
router
Gateway
router
Bare-metal Servers & Storage
December 10, 2014

12. Customer Architectures
Customer Needs OpenContrail enables a private cloud infrastructure for Big
Data application development and deployment for an
Enterprise § Secure, multi-tenant private cloud environment / SaaS customer
§ On-demand creation and dynamic scale-out of custom services
§ Rapid, seamless deployment of new services to internal users
§ Hadoop support: massive storage, on-demand data ingest, real-time
December 10, 2014
stream processing, DB-as-a-Service (NoSQL / SQL)
§ ‘As-a-service’ model for network functions (LB-aaS, DNS-aaS)
Contrail Cloud
(OpenStack)
L3 GW
FW Dynamically scaled
Openstack Racks Infra Racks Big Data Racks
application edge
Scale-out Big Data Apps
LB
2
1
3
Solution Highlights
1 Contrail overlay on a pure L3 underlay running a CLOS
architecture & running virtualized and bare metal servers
2 L3 gateway router to Interconnect public internet & L3VPN
capability; and physical service appliances (LB, FW)
3 Centralized security policy definition, distributed enforcement
§ API-based policy definition
§ Security policy at virtual network level and VM level
December 10, 2014 12

13. Networking is Open in the New Data Center Blueprint
13
Applications, OS and Hardware
LOCKED OPEN
Now:
Networking
Transforms
First:
Compute
Transformed
Disaggregation Enables Platform Choice and Affordable Capacity
December 10, 2014 13

14. Bare Metal Switch Provisioning
§ Network OS installation framework
§ Supported hardware from HCL (preloaded with ONIE)
§ Network OS installation image
Similar to installing a server OS using PXE
app app app
Server OS
BIOS and PXE
bare metal server
app app app
Network OS
Boot Loader and ONIE
bare metal switch
ONIE looks for and installs network OS image
boot into
Network OS
boot into
Boot Loader and ONIE
Boot Loader and ONIE
December 10, 2014 14

15. Benefits of Cumulus Networks for the Enterprise
Widespread Customer Adoption: Over 1,000,000 Switch Ports in Production
Business Agility Operational Efficiency
Decoupled hardware and software
empowers IT to deliver business agility
Pricing transparency optimizes sales
cycle and accelerates adoption
Technology Ecosystem
Rich ecosystem of mature hardware
partners
Community innovation with diverse
portfolio of software partners
A True DevOps model aligned with the
rest of IT
No vendor lock-in and longer
depreciation of assets
December 10, 2014 15

16. Broad Set of Hardware Platforms
10G Trident II Platforms
19 Platforms
• 5 Hardware Vendors
• 6 Switch Silicon
• 2 CPU architectures
CL 1.5 CL 2.2
# Platforms
Broad portfolio of next
gen leaf/spine switches
• VXLAN-capable
• x86 architectures
Timeline
CL 2.0
Hardware Agnostic OS
x86 CPU architectures
• 16 Platforms
• 5 Hardware Vendors
• 6 Switch Silicon
• 2 CPU architectures
40G Fixed Platforms
Trident II switches
• 13 Platforms
• 5 Hardware Vendors
• 6 Switch Silicon
1G Fixed Platforms
10G Fixed Platforms
• 6 Platforms
• 4 Hardware Vendors
• 4 Switch Silicon
CL 2.5
December 10, 2014 16

17. Loosely Coupled Architecture vs. Proprietary Stack
§ Standard Linux Interface (No need for a defined REST API – Solution Ecosystem can grow rapidly)
§ Choice for customers at every tier of the stack – Switching Hardware ,Network Virtualization Overlays,
Orchestration Tools, Automation Tools, Monitoring etc….
§ Accelerated Innovation – No Single Vendor dependency, so faster feature deployment
§ Proven Expertise with standard protocols , Open Source communities and Linux adoption
December 10, 2014 17

18. Cumulus Linux Integration
18
December 10, 2014 18

19. Why Open Contrail & Cumulus Networks ?
Embrace Open, interoperable environments and ecosystems
‘No vendor-lock in’ and multi-vendor approach
Complementary offering - loosely coupled components
Enable automation and agility through programmatic API’s
Open source momentum (Cloud Providers, Enterprise)
December 10, 2014 19

20. Myths about Overlay Networks
20
Compromises in performance/scaling/interoperability
Tied to physical hardware, difficult for DevOps to troubleshoot
Only applicable to virtualized/hypervisor environments
December 10, 2014

21. Contrail - Physical-Virtual Correlation via Open API’s
21
Service VM
Virtual Network
BE
Virtual Network
FE
B1 B2 G1 G2
L1 L2 L3 L4 L5 L6
…
B1 G1 G2 B2
Data from multiple sources correlated to offer Topology
discovery, monitoring, and troubleshooting
PHYSICAL LOGICAL
December 10, 2014

22. Next Steps
Upcoming …
§ Solution Overview /Technical White Papers
§ Demo Videos /Blogs
§ Customer Case Studies
§ Field Resources (Solution Portal)
Check out existing solutions :
http://cumulusnetworks.com/solutions/network-virtualization-overlays/
Try out Cumulus Linux for no investment and risk free on Cumulus Workbench:
http://cumulusnetworks.com/cumulus-workbench/
December 10, 2014 22

23. § Thank You!
© 2014 Cumulus Networks. Cumulus Networks, the Cumulus Networks Logo, and Cumulus Linux are trademarks or registered trademarks of Cumulus Networks, Inc. or its affiliates
in the U.S. and other countries. Other names may be trademarks of their respective owners. The registered trademark Linux® is used pursuant to a sublicense from LMI, the
exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis.
December 10, 2014 23