Download as PDF, PPTX
More Related Content
![[OpenStack 스터디] OpenStack With Contrail](https://cdn.slidesharecdn.com/ss_thumbnails/junipercontrailopenstackstudy-151221115502-thumbnail.jpg?width=640&height=640&fit=bounds)
![[OpenStack Days Korea 2016] An SDN Pioneer's Vision of Networking](https://cdn.slidesharecdn.com/ss_thumbnails/06vmware-160226170659-thumbnail.jpg?width=640&height=640&fit=bounds)
Banv meetup-contrail
- 1. CONTRAIL SDN ANDNFV Bay Area Network Virtualization Sree Sarva, Aniket Daptari CONTRAIL CLOUD SOLUTIONS GROUP
- 2. AGENDA 1 CHALLENGES& TRENDS 2 NETWORK FOR CLOUD ERA 3 USE CASES AND PARTNERSHIPS 4 CONTRAIL 5 DEMO / HANDS-ON
- 3. 1. CHALLENGES ANDTRENDS
- 4. GENERAL CHALLENGES TIMETO PRODUCT OVER THE TOP SERVICE EVOLUTION THREAT CLOUD NETWORK TO OSS AGILITY Addresses these challenges using existing assets without costly investments in network refresh and proprietary OSS systems § Lengthy service provisioning times of days to weeks § IP Activation process cumbersome § Lengthy new product introduction & certification times § Bundles limited by physical infrastructure § OTT cloud providers compete using internet § Network commoditised § Lack integration of Public and Private cloud offerings § Leveraging network to differentiate § Expensive to replace or augment current OSS systems
- 5. …AND OTT PROVIDERSARE INNOVATING FASTER Dynamic network service automation is the key priority for Service Providers OPERATING EXPENSES Servers managed per admin TIME TO SERVICE DEPLOYMENT Code to production launch OPERATIONAL COMPLEXITY # of SKUs to manage AMAZON: 1 per 10,000 servers Each admin can operate ~10,000 servers TELCO: Less than 100 Each admin can manage up to ~100 servers = large headcount GOOGLE: Few seconds STAT MUX Service on Existing Infrastructure TELCO: 10-12 Months Mobile Operators quote many months per service; mostly manually GOOGLE: 10s Configs Google: ~10 shared hardware system bundles TELCO: Thousands configs 1000’s of SKUs to manage makes IT overly complex Opportunity for accelerating TTM, reducing costs and optimizing operations
- 6. 2. NETWORK FOR CLOUD ERA
- 7. CLOUD CHANGES THEARCHITECTURE Enables Large Scale Automation & Network Function Virtualization App App Network HW HW Virtualization & Automation Compute & Storage Virtualization Traditional (1990’s) App App App Management Platform Infrastructure Hypervisor HW HW • Network functions / services available as virtual machines • Apps are re-architected for scalable deployments, HA, IaaS / Paas • App Developers have a self-service model to get resources Cloud (2010+) • Apps run on dedicated hardware • Hardware for each network function App App App Hypervisor HW HW Virtualization (2000’s) • Virtualized apps have flexibility to move between hardware units Benefits Capex savings through Virtualization & higher device utilization Benefits Opex savings through Agility & Automation
- 8. THE NEW NETWORK– BUILT FOR CLOUD TODAY CONFIGURED, MANAGED HARDWARE SERVICES PRIVATE INFRASTRUCTURE PROPRIETARY TOMMORROW AUTOMATED & ORCHESTRATED VIRTUALIZED, ON DEMAND SERVICES HYBRID CLOUD INFRASTRUCTURE OPEN SOURCE, OPEN STANDARDS
- 9. 3. USE CASES& PARTNERSHIPS
- 10. IT CLOUD §Silo’ed Resource Allocation § Manual Configuration § Static Service Chains § Dynamic Resource Allocation § Automatic Configuration § Dynamic Service Chains CURRENT IT DATACENTER Firewalls Load-Balancer VLANS VLANS FINANCE HR MARKETING MODERN IT DATACENTER VIRTUALIZED FINANCE HR MARKETING Virtual-Network based Orchestration (Compute, Storage, Apps) Physical Servers Local Hard Drives
- 11. CLOUD CPE SERVICE Firewall IPvC4a-vc6h ing LoaPdo Bli&cay laV Cnidcoeinnotg ro l WAN Optimization UnifiRedo uTthinrge at Traffic Detection/ ManagDeHmCePn RoCutGinNg AT t DDOS DPI Router Services DHCP Full featured CPE Customer Value CPE Delivered in Virtualized Services SP Delivered Service Provider IP Edge IP VPN Service Routing FW & UTM DHCP Modem / ONT Point Pulse Voice Switch Voice Wireless Management Controller Access Point IPS/ IDS SECURITY Pulse Tethered CPE Modem / ONT Switch Access § Decrease cost of physical CPE § Increase agility of introducing new services § Decrease cost of servicing customers Services limited by capability of physical CPE hardware Expensive to roll out new services Costly customer support
- 12. SELF-SERVICE ENTERPRISE SERVICES NEXTIP VPN Customer Site A UTM FW CDN WAN SLB Opt Customer Site B TELCO CLOUD Contrail SDN 2. Openstack standard interfaces provision virtual services 1. Standard API’s allow for simple portal control 3. Use of standard routing protocols to connect ANY SP customer to ANY service without interfacing with IP-RDM or similar
- 13. HYBRID CLOUD -IAAS AND VPC End-to-End Virtual Network Orchestration and Automation Standards-based, seamless internetworking within/across DC’s and Enterprise private network
- 14.
- 15. CONTRAIL – VIRTUALIZEDNETWORK SERVICES & AUTOMATION AUTOMATION, ANALYTICS CONVERGED NETWORK ORCHESTRATION NETWORK PROGRAMMABILITY CONTROL PLANE, MANAGEMENT PLANE VIRTUALIZED NETWORK SERVICES ENABLING NFV (NETWORK FUNCTION VIRTUALIZATION) NETWORK VIRTUALIZATION (PRIVATE, HYBRID) INTEROPERABILITY WITH PHYSICAL NETWORK
- 16. OPENCONTRAIL COMPONENTS TODAY2014 OPENCONTRAIL CONTROLLER Physical Network (no changes) Analytics Configuration Control VM VM VM VM vRouter Physical Host with Hypervisor VM VM VM VM vRouter Physical Host with Hypervisor Gateway WAN, Internet Accepts and converts orchestrator requests for VM creation, translates requests, and assigns network Real-time analytics engine collects, stores and analyzes Interacts with network elements for network elements VM network provisioning and ensures uptime vRouter: Virtualized routing element handles localized control plane and forwarding plane work on the compute node Gateway: MX Series (or other router) or EX9200 serve as gateway eliminating need for SW gateway & improving scale & performance
- 17. KEY FEATURES IPAM,Virtual DNS Load Security Balancing 3rd Party Network Services Service Chaining API Rich Analytics High Availability Services Routing and Switching Gateway Services
- 18. 67% 67% 67% 67% 62% 57% 52% 52% 52% 52% 48% 43% 38% CDN Akamai, Junos Content Encore IMS Sonus SBC Virtual routers & security gateways Firefly Mobile core, EPC Firewalling Firefly DPI Sandvine Traffic Analysis Tools Guavus IPS / IDS security Firefly, DDos Secure Network Monitoring tools Web Security WebApp Secure WAN acceleration and optimization Silver-Peak, Riverbed Steelhead Application acceleration Riverbed ADC AAA Servers UAC / Steelbelt Radius 57% 52% VIRTUALIZED NFV SERVICES Juniper Services or 3rd Party/Best-of-Breed Source: Infonetics Research, 2013
- 19. SUMMARY: CONTRAIL ISA LEADING SDN SOLUTION PROGRAMMABILITY § Agile deployment of network services for faster time to revenue § 3rd party services can run unmodified on the platform, eliminating the need for custom development § NB REST APIs allows easy integration with existing OSS/BSS § Network complexity abstracted out using rich and programmatic interface, allowing for policy-based automation ACCELERATED TTM LOWER TCO § Higher utilization of existing infrastructure & cost effective X86 HW § Centralizes management reducing operational cost & complexity § Uses standard protocols obviating need for specialized knowledge NETWORK INSIGHTS § Collects & analyzes huge amounts of network state information § Offers APIs for 3rd party analytics & visualization software to integrate with the system OPENNESS & INTEROPERABILITY § Contrail is open-sourced and integrates with Openstack, Cloudstack, KVM, Xen, and other open-sourced products / components § Interoperable with other multi-vendor infrastructure and services
- 20. ORCHESTRATION PARTNERS Cloudstack,CCP OCS Openstack Mirantis Openstack, Fuel Redhat Openstack (RHOS) UnitedStack Openstack SmartCloud Orchestrator 2014
- 21.
- 22. DEMO / HANDS-ON • Creation of Virtual Networks • Attachment of Virtual Machines • Access Policy between Virtual Networks • Floating IP / Distributed NAT using vRouter • Service Insertion - NAT Gateway • Debug & Analytics Information
- 23. TIER-ED NETWORKS DEMOTOPOLOGY BACK-END DATABASE TIER NETWORK FRONT-END WEB-TIER NETWORK BE1 BE2 BE3 FE1 FE2 FE3 MX Gateway Policy to connect front-end and back-end Centralized Control, Policy provisioning Internet Demo Machine connecting to Openstack Horizon and Contrail GUI Floating IP
- 24. SERVICE CHAIN DEMOTOPOLOGY ENTERPRISE NETWORK Centralized Control, Policy provisioning Demo Machine connecting PUBLIC NETWORK FIREFLY (INLINE NAT) E1 E2 E3 P1 P2 P3 MX Gateway Internet NAT Service to connect Enterprise network VMs to the outside world to Openstack Horizon and Contrail GUI
- 25. OVERLAY NETWORK VIRTUAL NETWORK GREEN FW DPI VIRTUAL NETWORK BLUE VIRTUAL NETWORK YELLOW B1 B2 B3 Y1 Y2 Y3 Intra-network traffic Inter-network traffic traversing a service IP fabric VM and virtualized Network function pool G3 VM and virtualized Network function pool Y1 Y3 B3 B2 (switch underlay) G1 G2 G3 B1 G1 G2 Y2 Host + Hypervisor Host + Hypervisor … … LOGICAL PHYSICAL
- 26.
- 27. DEVSTACK + OPENCONTRAIL § WHAT? § Run OpenStack and OpenContrail on your laptop or in a VM § WHY? § Use to build & test OpenStack and OpenContrail code § Just play with OpenStack/OpenContrail features § HOW? § Ubuntu server/VM with 4GB RAM, access to github
- 28. DEVSTACK + OPENCONTRAIL(in-a-box) § Install packages: git-core, ant, build-essential, pkg-config § Download DevStack § (git clone git@github.com:/dsetia/devstack.git) § Edit localrc (set PHYSICAL_INTERFACE) § Run stack.sh § Installs Glance, Nova, Horizon, Keystone, Cinder § And OpenContrail (as a Neutron plugin)
- 29. RESOURCES § OpenContrail.org- E-Book, Architecture documents, blogs from developers/architects, slides, webinars § VIDEOS: § DDoS Protection (Contrail + DDoS Secure) § http://www.youtube.com/watch?v=TnvCea4fil4 § NFV through Contrail (this is the Internet / Firewall NFV aka. vCPE) § http://www.youtube.com/watch?v=_64no8P2vUw § Contrail - Elastic cloud - IT as a Service § http://www.youtube.com/watch?v=9g3EWV8X64s § SSLVPN on Contrail § http://www.youtube.com/watch?v=vfZfdH4kkV4
- 30.