Interop2018 contrail ContrailEnterpriseMulticloud

•

4 likes•952 views

Interop Tokyo 2018で公演したContrail Enterprise Multicloudの資料。 Kubernetes/Openshift環境でのネットワーク課題について解説 TungstenFabric/Cotrailでのソリューション

Presentations & Public Speaking

© 2018 Juniper Networks
CONTRAIL ENTERPRISE MULTI CLOUD

© 2018 Juniper Networks
AGENDA
2
•
•
• Contrail Enterprise Multicloud

© 2018 Juniper Networks
K8S/OpenShift
LB
Web
API
DB
node node
node nodeService:
Web:replicas:2
label:apache
API:replicas:3
label:nginx
DB :replicas:2
label:sql

© 2018 Juniper Networks
K8S/OpenShift
node node
node node

© 2018 Juniper Networks
•
•
•
Infrastructure As A Code

© 2018 Juniper Networks
•
o
o
•
o L2
o L3
o
o VM/
•

© 2018 Juniper Networks
Kubernetes / Openshift IP
LB
Web
API
DB
pod network
10.0.64.0/14
Service network
203.0.113.0/16
.1 .2 .3 .4 .5 .6 .7 .8
IP
.1

© 2018 Juniper Networks
LB
Web
API
DB
pod network
10.0.64.0/14
Service network
203.0.113.0/14
.1 .2 .3 .4 .5 .6 .7 .8
.1
A B

© 2018 Juniper Networks
VLAN
VXLAN
•
o VLAN
§
o VXLAN
§ VNI
o L2 Fabric
§
•
o
o
•
o

© 2018 Juniper Networks
Private
cloud
DC
WAN/ Interconnect
HUMAN ERRORS =
•
•
• OS
•
•
COMPLEXITY
•
•
•
INCONSISTENCY
“ Web ”
“ ”
“Web Web 2 ”
REVENUE-LOSS
LONG LEAD TIME
Private
cloud
DC

© 2018 Juniper Networks
CONTRAIL ENTERPRISE MULTICLOUD
17

© 2018 Juniper Networks
CONTRAIL ENTERPRISE MULTICLOUD
Operator
Username
Password
Contrail Command Contrail Command Contrail Command
Multicloud
Architecture
Build Fabric
Provide Hybrid Connectivity
Build PODs
Apply Netw / Sec. Policies
User Conn. & Policies
Monitor / Troubleshoot
Contrail Command…
vRouter
(+security)
OpenShift
Kubernetes
VMware
OpenStack
AWS VPC - 1
GCP VPC - 2

© 2018 Juniper Networks
One Platform for All Clouds
•
• L2
• LABEL FW
•
•
AWS VPC - 1
GCP VPC - 2
Manage workloads in multiple clouds as though they were in one
Contrail Enterprise Multicloud
Multivendor
Orchestration
& Management
vRouter
(+security)
OpenShift
Kubernetes
USE CASE: PRIVATE TO PUBLIC CLOUD

© 2018 Juniper Networks
CONTRAIL ENTERPRISE MULTICLOUD
20
AWS VPC - 1
vRouter
(+security)
OpenShift
Kubernetes
• TLS/Ipsec
o
o
•
• L2
TLS/IPsec
MAC:A MAC:B
DMACSMACPAYLOAD
DMACSMACPAYLOAD
TLS SIP DIP
DMACSMACPAYLOAD
MPLS GRE SIP DIP
DMACSMACPAYLOAD MPLS GRE SIP DIP
DMACSMACPAYLOAD MPLS GRE SIP DIP

© 2018 Juniper Networks
CONTRAIL ENTERPRISE MULTICLOUD
FW
Label:Web Label:API Label:DB
Web App DB
Policy = P1
Label:Web Label:API Label:DB
App:Service1
Dep:Production
App:Service1
Dep:Develop
•
o IP
o FW
• FW
o Node Contrail FW
• FW
o FW
o

© 2018 Juniper Networks
CONTRAIL ENTERPRISE MULTICLOUD
apiVersion: v1
kind: Pod
metadata:
name: cirros-vn1-1
annotations: {
"opencontrail.org/network" : '{"domain":"default-domain", "project": "juniper-test", "name":"pod-service-1"}'
}
labels:
application: service-app1
label: web
spec:
replicas: 2
containers:
- name: cirros-vn1-1
image: docker.io/cirros
imagePullPolicy: IfNotPresent

© 2018 Juniper Networks
CONTRAIL ENTERPRISE MULTICLOUD
Service:1
Namespace : A
Service : A Service : B
Service:2
Service : B
Namespace : B
Service : A Service : B
Service:3
VRF
VRF
VRF
C
A
B

© 2018 Juniper Networks
CONTRAIL ENTERPRISE MULTICLOUD
Discovery / Onboarding of
devices • UI DC
• ZTP/ZTR
•
• Juniper MX, QFX
• Third party devices and PNF/VNF*
•
•
• Ethernet, IP overlays
• Playbook
•
• LLDP
• EVPN/VXLAN (
• interfaces, igp, analytics, protocols, policies,
loopbacks, overlay protocol (EVPN BGP)
netconf
netconf

© 2018 Juniper Networks
CONTRAIL ENTERPRISE MULTICLOUD
Ansible integration
• Contrail Ansible
•
• Ansible

© 2018 Juniper Networks
CONTRAIL ENTERPRISE MULTICLOUD
Demo
AWS VPC - 1
192.168.10.0/24

© 2018 Juniper Networks
CONTRAIL ENTERPRISE MULTICLOUD
IP FW
Any Cloud Any Workload Any Deployment
Contrail Enterprise Multicloud

© 2018 Juniper Networks
TungstenFabric
https://tungstenfabric.io/
Linux Foundation
https://www.linuxfoundation.org/projects/networking/
TungstanFabric + Openshift Origin
http://komadori-blog.blogspot.com/2018/06/openshift-enterprise.html
TungstenFabric
https://connpass.com/event/90787/

OpenShift Commons Webinar presented on March 2 2017 OpenShift networking works great out of the box, right? So why would you consider anything else? This briefing examines an alternative approach that has benefits for many scenarios – from tightly securing a few high value AWS instances to scaling a large private cloud deployment. Come learn about how how Calico differs from traditional solutions like OpenShift SDN, and see how Calico has now been integrated with Kubernetes and OpenShift to provide a smooth deployment experience, and lessons learned across hundreds of enterprise users.

Openstack Summit: Networking and policies across Containers and VMs

Sanjeev Rampal

Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...

Karthik Prabhakar

The Kuryr project offers an interesting approach to network cloud native workloads, by enabling container orchestration engines to consume network services from OpenStack Neutron.With pod-in-VM support, Kuryr-Kubernetes enables a whole slew of new hybrid workloads, like bare metal or in-VM pods accessing services that run on VMs, multiple COEs (e.g. Docker Swarm to Kubernetes), and more. Unified networking simplifies deployment, configuration and provides single pane of glass into management and troubleshooting. Let’s dive into Kuryr Kubernetes and learn how different open source technologies can complement each other in order to enable number of complicated deployment scenarios.

Docker meetupdublin.23.3.2017

Patrick Lynchehaun

An approach for migrating enterprise apps into open stack

Arthur Berezin

Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...

Cloud Native Day Tel Aviv

OpenStack practitioners who have deployed cloud at scale would frown when they hear the mention of Open Virtual Switch (OVS), which has been a bottleneck for cloud network performance and scalability. As emerging technologies such as NFV keep pushing for higher data forwarding performance across the network infrastructure, it becomes critical to improve OVS performance without compromising flexibility, network programmability, and cost. We will present a novel way to offload the entire OVS dataplane onto the embedded switch (eSwitch) implemented in the server NIC. This approach maximizes the effective bandwidth that the applications can use to communicate with each other or fetch data from storage, and enhances the efficiency of the cloud. Accelerated Switching And Packet Processing (ASAP2) Direct works seamlessly within the framework of SDN, and allow controllers to configure and update flows onto OVS the same way as before so that network programmability remains intact.

OpenStack in Action 4! Emilien Macchi & Sylvain Afchain - What's new in neutr...

eNovance

How we built Packet's bare metal cloud platform

Packet

Neutron high availability open stack architecture openstack israel event 2015

Arthur Berezin

Let's Talk about Packet

Packet

Project calico - introduction

Hazzim Anaya

Calico provides secure network connectivity for containers and virtual machine workloads. Calico creates and manages a flat layer 3 network, assigning each workload a fully routable IP address. Workloads can communicate without IP encapsulation or network address translation for bare metal performance, easier troubleshooting, and better interoperability. In environments that require an overlay, Calico uses IP-in-IP tunneling or can work with other overlay networking such as flannel. Calico also provides dynamic enforcement of network security rules. Using Calico’s simple policy language, you can achieve fine-grained control over communications between containers, virtual machine workloads, and bare metal host endpoints. Proven in production at scale, Calico features integrations with Kubernetes, OpenShift, Docker, Mesos, DC/OS, and OpenStack.

SDN and NFV

Richard Kuo

Calico to secure host interfaces

D.Rajesh Kumar

OpenContrail deployment experience

Jakub Pavlik

Accelerating SDN Applications with Open Source Network Overlays

Cumulus Networks

How Cloud Native VNFs Deployed on OpenStack Will Change the Telecom Industry ...

Cloud Native Day Tel Aviv

Many of the existing network functions, such as routers, firewalls, load balancers and such, have undergone the initial transition from a physical appliance to a virtual appliance. That transition required mostly performance optimization to accommodate the additional I/O overhead of the hypervisor and some configuration changes to accommodate the fact that a VM can be more dynamic in nature. This shift to NFV, which is basically a cloud-based data center, has revolutionized the way network functions can be delivered. The transition to a cloud native world is considered far more disruptive as it touches changes in both the architecture, to accommodate hyper-scale and multi-tenancy, as well as the business model, which needs to be more consumption based, rather than fixed. This talk will dive into the main requirements that differentiate a cloud native network function from the traditional network function, and, after making the leap from non-virtualized to virtualized network functions, what is then required to achieve cloud native capabilities, along with the challenges and benefits of this transition.

OpenStack & OpenContrail in Production

Edgar Magana

Securing Your Apps & APIs in the Cloud

Olivia LaMar

Hybrid and multi-cloud architectures are becoming the expected standard for architecture teams to buildout and for operations teams to maintain and deploy. Ever faster DevOps workflows are now an expectation for any digital enterprise, not a goal. And the code DevOps teams are pushing out is typically now packaged in containers, creating an increasingly distributed application landscape. So how can organizations still practice effective application security policy without impacting or crippling their modernization initiatives? NGINX can help with that. These slides will cover: NGINX Plus as an integrated, cloud-native Load Balancer and API Gateway in NGINX Plus NGINX App Protect as the new cloud-native WAF extension for NGINX Plus Demo of both working in tandem to set: Edge routing policy Edge Security Policy And Extending down to Granular, Per-App Security Policy

Running Kubernetes with Amazon EKS - AWS Online Tech Talks

Amazon Web Services

What's hot

Kubernetes OpenContrail Meetup

Lachlan Evenson

NYC Docker Meetup: Contiv networking on Docker

Sanjeev Rampal

Container Networking: the Gotchas (Mesos London Meetup 11 May 2016)

Andrew Randall

VPNaaS in NeutronKazunori Takeuchi

Simple, Scalable and Secure Networking for Data Centers with Project Calico

Emma Gordon

Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...

Cloud Native Day Tel Aviv

Docker meetupdublin.23.3.2017

Patrick Lynchehaun

An approach for migrating enterprise apps into open stack

Arthur Berezin

Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...

Cloud Native Day Tel Aviv

OpenStack in Action 4! Emilien Macchi & Sylvain Afchain - What's new in neutr...

eNovance

How we built Packet's bare metal cloud platform

Packet

Neutron high availability open stack architecture openstack israel event 2015

Arthur Berezin

Let's Talk about Packet

Packet

Project calico - introduction

Hazzim Anaya

SDN and NFV

Richard Kuo

Calico to secure host interfaces

D.Rajesh Kumar

OpenContrail deployment experience

Jakub Pavlik

Accelerating SDN Applications with Open Source Network Overlays

Cumulus Networks

How Cloud Native VNFs Deployed on OpenStack Will Change the Telecom Industry ...

Cloud Native Day Tel Aviv

OpenStack & OpenContrail in Production

Edgar Magana

What's hot (20)

Kubernetes OpenContrail Meetup

NYC Docker Meetup: Contiv networking on Docker

Container Networking: the Gotchas (Mesos London Meetup 11 May 2016)

VPNaaS in Neutron

Simple, Scalable and Secure Networking for Data Centers with Project Calico

Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...

Docker meetupdublin.23.3.2017

An approach for migrating enterprise apps into open stack

Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...

OpenStack in Action 4! Emilien Macchi & Sylvain Afchain - What's new in neutr...

How we built Packet's bare metal cloud platform

Neutron high availability open stack architecture openstack israel event 2015

Let's Talk about Packet

Project calico - introduction

SDN and NFV

Calico to secure host interfaces

OpenContrail deployment experience

Accelerating SDN Applications with Open Source Network Overlays

How Cloud Native VNFs Deployed on OpenStack Will Change the Telecom Industry ...

OpenStack & OpenContrail in Production

Similar to Interop2018 contrail ContrailEnterpriseMulticloud

Securing Your Apps & APIs in the Cloud

Olivia LaMar

Running Kubernetes with Amazon EKS - AWS Online Tech Talks

Amazon Web Services

F5 Meetup presentation automation 2017

Guy Brown

Mastering Kubernetes on AWS (CON301-R1) - AWS re:Invent 2018

Amazon Web Services

Kubernetes offers a powerful abstraction layer for managing containerized infrastructure. Amazon Elastic Container Service for Kubernetes (Amazon EKS) makes it easy to run Kubernetes on AWS without having to manage master nodes or the etcd operator. In this session, we cover what you need to know to get your application up and running with Kubernetes on AWS. We show how Amazon EKS makes deploying Kubernetes on AWS simple and scalable, including networking, security, monitoring, and logging.

The Current And Future State Of Service Mesh

Ram Vennam

Using Databases and Containers From Development to Deployment

Aerospike, Inc.

Open coud networking at full speed - Avi Alkobi

OpenInfra Days Poland 2019

SD Times - Docker v2Alvin Richards

DCEU 18: Docker Container Networking

Docker, Inc.

Francisco Javier Ramírez Urea - IT Architect, Hoplasoftware Guillaume Morini - SE, Docker The integration of Kubernetes orchestration into the Docker Enterprise Platform presents deployments with interesting new abstractions for application connectivity. Devs and Ops are often challenged with rationalizing how pod networking (with CNI plugins like Calico or Flannel), Services (via kube-proxy) and Ingress work in concert to enable application connectivity within and outside a cluster. Similarly, given the dynamic and transient nature of containerized microservice workloads, how to leverage scalable and declarative approaches like network policies to express segmentation and security primitives. This session provides an illustrative walkthrough of these core concepts by going through common deployment architectures providing design, operations, and scale considerations based on experience from numerous production deployments. We will discuss Kubernetes publishing methods and deep dive into Ingress Controllers. This session will also showcase how to complement application and operations workflows with policy-driven business, compliance and security controls typically required in enterprise production deployments including going further into limiting traffic to services, session persistence, rewriting, and activating container health checks.

How to Enterprise Node

Julián David Duque

App to Cloud: Patrick Kerpan's DataCenter Dynamics Converged Keynote

Cohesive Networks

PrivateLink for Partners: Connectivity, Scale, Security (GPSTEC306) - AWS re:...

Amazon Web Services

In this session, we review how technology and consulting partners can utilize AWS PrivateLink, a networking service that allows for a service behind a load balancer to be privately placed into other VPCs as well as on-premises. You can use PrivateLink to help scale a SaaS service, simplify microservices, simplify the network connectivity of managed service providers, and create a more secure environment for partner products inside customer VPCs. In this session, we focus on the design and service architecture requirements as well as the business considerations for implementing PrivateLink for your product or service. We also hear from APN Partner, Snowflake, and its customer, ARC, about how they deployed PrivateLink.

Patrick Kerpan's CSA EMEA Congress presentation "Overlay Networks: Connecting...

Cohesive Networks

At the 2015 Cloud Security Alliance Congress in Berlin, CEO Patrick Kerpan presented in Track 1. His talk was titled "Overlay Networks: Connecting Resources Across Regions with Docker" About the presentation: While container mania is sweeping the industry, what customers really want is infrastructure they control. With network virtualization, the network becomes part of the application stack. Learn how Docker-based network functions can allow customers greater levels of control and security in public and hybrid clouds.

PLNOG 17 - Grzegorz Kornacki - F5 and OpenStack

PROIDEA

F5 is a top Security and Application Delivery Controller vendor. OpenStack is a free and open-source software platform for cloud computing, mostly deployed as an infrastructure-as-a-service (IaaS). This seemingly unrelated disciplines have a lot of in common. This session will explain what F5 can do for OpenStack, and what OpenStack can do for F5. We will touch upon: F5 platform virtualization, deployment automation, LBaaS and OpenStack security.

F5 Cloud Story

MarketingArrowECS_CZ

Builders' Day- Mastering Kubernetes on AWS

Amazon Web Services LATAM

Simplify Networking for Containers

LinuxCon ContainerCon CloudOpen China

Presentation given at the 2017 LinuxCon China With the booming of Container technology, it brings obvious advantages for cloud: simple and faster deployment, portability and lightweight cost. But the networking challenges are significant. Users need to restructure their network and support container deployment with current cloud framework, like container and VMs. In this presentation, we will introduce new container networking solution, which provides one management framework to work with different network componenets through Open/friendly modelling mechnism. iCAN can simplify network deployment and management with most orchestration systems and a variety of data plane components, and design extendsible architect to define and validate Service Level Agreement(SLA) for cloud native applications, which is important factor for enterprise to deliver successful and stable service via containers.

From One to Many: Diving Deeper into Evolving VPC Design (ARC310-R2) - AWS re...

Amazon Web Services

Most organizations today run their production workloads inside Amazon Virtual Private Cloud (Amazon VPC). This software-defined network structure provides the boundaries that are needed for the security that an organization and its customers require. For most organizations, the natural evolution in their architecture, security, and environment involves migrating from a single VPC to multiple VPCs in the same AWS Region and across many other AWS Regions. The question of how to enforce security policies while simplifying the flow of traffic between multiple VPCs, the data center, and remote offices while adhering to AWS best practices becomes an intricate one to answer. In this chalk talk, we provide solutions to scenarios like these and more. Topics include Amazon security groups, NACLs, static and dynamic VPNs, AWS Direct Connect, IPS and IDS, transit VPC architectures, designing for security, and more.

Networking: Recent Developments and the Road Ahead - AWS Public Sector Summit...

Amazon Web Services

<Technical Track> Mark Ryland, Director, Public Sector Solutions Architect, Amazon Web Services Networking is changing quickly in the cloud era, allowing for improved latency, packet loss and overall quality while strengthening operational control. From commodity hardware to virtual and software-defined networks to IPv6 and HTTP/2, things are changing fast, with no sign of slowing. In this talk we will discuss some of these developments and preview what’s next in the world of AWS and cloud-scale networking.

09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan

Indonesia Network Operators Group

Faced with the dual threats of rising operating costs and declining revenues, network service providers are increasingly turning to network functions virtualization (NFV) to help them keep up with constantly changing market conditions. In a virtualized Telco environment, service providers can deploy and deliver new network functions, services and capacity on demand—reducing normal rollout time from months and weeks to just hours. Leveraging the principles of cloud computing, network service providers can deliver a level of responsiveness never before available, easily scaling capacity up or down to meet the evolving needs of their subscribers. The result is a highly agile system that allows new revenue-generating services to be quickly developed, exhaustively tested and selectively rolled out to targeted groups in a fraction of the time and at a much lower cost than previously thought possible. In this session, the speaker will present how the solution from Juniper networks look like and how it can be deployed by service provider to improve their agility in delivering services to their customers.

Similar to Interop2018 contrail ContrailEnterpriseMulticloud (20)

Securing Your Apps & APIs in the Cloud

Running Kubernetes with Amazon EKS - AWS Online Tech Talks

F5 Meetup presentation automation 2017

Mastering Kubernetes on AWS (CON301-R1) - AWS re:Invent 2018

The Current And Future State Of Service Mesh

Using Databases and Containers From Development to Deployment

Open coud networking at full speed - Avi Alkobi

SD Times - Docker v2

DCEU 18: Docker Container Networking

How to Enterprise Node

App to Cloud: Patrick Kerpan's DataCenter Dynamics Converged Keynote

PrivateLink for Partners: Connectivity, Scale, Security (GPSTEC306) - AWS re:...

Patrick Kerpan's CSA EMEA Congress presentation "Overlay Networks: Connecting...

PLNOG 17 - Grzegorz Kornacki - F5 and OpenStack

F5 Cloud Story

Builders' Day- Mastering Kubernetes on AWS

Simplify Networking for Containers

From One to Many: Diving Deeper into Evolving VPC Design (ARC310-R2) - AWS re...

Networking: Recent Developments and the Road Ahead - AWS Public Sector Summit...

09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan

Recently uploaded

0x01 - Newton's Third Law: Static vs. Dynamic Abusers

OWASP Beja

f you offer a service on the web, odds are that someone will abuse it. Be it an API, a SaaS, a PaaS, or even a static website, someone somewhere will try to figure out a way to use it to their own needs. In this talk we'll compare measures that are effective against static attackers and how to battle a dynamic attacker who adapts to your counter-measures. About the Speaker =============== Diogo Sousa, Engineering Manager @ Canonical An opinionated individual with an interest in cryptography and its intersection with secure software development.

Bitcoin Lightning wallet and tic-tac-toe game XOXO

Matjaž Lipuš

Getting started with Amazon Bedrock Studio and Control Tower

Vladimir Samoylov

Doctoral Symposium at the 17th IEEE International Conference on Software Test...

Sebastiano Panichella

Eureka, I found it! - Special Libraries Association 2021 Presentation

Access Innovations, Inc.

Have you ever wondered how search works while visiting an e-commerce site, internal website, or searching through other types of online resources? Look no further than this informative session on the ways that taxonomies help end-users navigate the internet! Hear from taxonomists and other information professionals who have first-hand experience creating and working with taxonomies that aid in navigation, search, and discovery across a range of disciplines.

Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...

Orkestra

somanykidsbutsofewfathers-140705000023-phpapp02.pptx

Howard Spence

María Carolina Martínez - eCommerce Day Colombia 2024

eCommerce Institute

Announcement of 18th IEEE International Conference on Software Testing, Verif...

Sebastiano Panichella

Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf

khadija278284

International Workshop on Artificial Intelligence in Software Testing

Sebastiano Panichella

Obesity causes and management and associated medical conditions

Faculty of Medicine And Health Sciences

Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf

Access Innovations, Inc.

Media as a Mind Controlling Strategy In Old and Modern Era

faizulhassanfaiz1670

This presentation, created by Syed Faiz ul Hassan, explores the profound influence of media on public perception and behavior. It delves into the evolution of media from oral traditions to modern digital and social media platforms. Key topics include the role of media in information propagation, socialization, crisis awareness, globalization, and education. The presentation also examines media influence through agenda setting, propaganda, and manipulative techniques used by advertisers and marketers. Furthermore, it highlights the impact of surveillance enabled by media technologies on personal behavior and preferences. Through this comprehensive overview, the presentation aims to shed light on how media shapes collective consciousness and public opinion.

Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...

OECD Directorate for Financial and Enterprise Affairs

Acorn Recovery: Restore IT infra within minutes

IP ServerOne

Recently uploaded (16)

0x01 - Newton's Third Law: Static vs. Dynamic Abusers

Bitcoin Lightning wallet and tic-tac-toe game XOXO

Getting started with Amazon Bedrock Studio and Control Tower

Doctoral Symposium at the 17th IEEE International Conference on Software Test...

Eureka, I found it! - Special Libraries Association 2021 Presentation

Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...

somanykidsbutsofewfathers-140705000023-phpapp02.pptx

María Carolina Martínez - eCommerce Day Colombia 2024

Announcement of 18th IEEE International Conference on Software Testing, Verif...

Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf

International Workshop on Artificial Intelligence in Software Testing

Obesity causes and management and associated medical conditions

Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf

Media as a Mind Controlling Strategy In Old and Modern Era

Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...

Acorn Recovery: Restore IT infra within minutes

Interop2018 contrail ContrailEnterpriseMulticloud

18. © 2018 Juniper Networks CONTRAIL ENTERPRISE MULTICLOUD Operator Username Password Contrail Command Contrail Command Contrail Command Multicloud Architecture Build Fabric Provide Hybrid Connectivity Build PODs Apply Netw / Sec. Policies User Conn. & Policies Monitor / Troubleshoot Contrail Command… vRouter (+security) OpenShift Kubernetes VMware OpenStack AWS VPC - 1 GCP VPC - 2

19. © 2018 Juniper Networks One Platform for All Clouds • • L2 • LABEL FW • • AWS VPC - 1 GCP VPC - 2 Manage workloads in multiple clouds as though they were in one Contrail Enterprise Multicloud Multivendor Orchestration & Management vRouter (+security) OpenShift Kubernetes USE CASE: PRIVATE TO PUBLIC CLOUD

20. © 2018 Juniper Networks CONTRAIL ENTERPRISE MULTICLOUD 20 AWS VPC - 1 vRouter (+security) OpenShift Kubernetes • TLS/Ipsec o o • • L2 TLS/IPsec MAC:A MAC:B DMACSMACPAYLOAD DMACSMACPAYLOAD TLS SIP DIP DMACSMACPAYLOAD MPLS GRE SIP DIP DMACSMACPAYLOAD MPLS GRE SIP DIP DMACSMACPAYLOAD MPLS GRE SIP DIP

21. © 2018 Juniper Networks CONTRAIL ENTERPRISE MULTICLOUD FW Label:Web Label:API Label:DB Web App DB Policy = P1 Label:Web Label:API Label:DB App:Service1 Dep:Production App:Service1 Dep:Develop • o IP o FW • FW o Node Contrail FW • FW o FW o

22. © 2018 Juniper Networks CONTRAIL ENTERPRISE MULTICLOUD apiVersion: v1 kind: Pod metadata: name: cirros-vn1-1 annotations: { "opencontrail.org/network" : '{"domain":"default-domain", "project": "juniper-test", "name":"pod-service-1"}' } labels: application: service-app1 label: web spec: replicas: 2 containers: - name: cirros-vn1-1 image: docker.io/cirros imagePullPolicy: IfNotPresent

23. © 2018 Juniper Networks CONTRAIL ENTERPRISE MULTICLOUD apiVersion: v1 kind: Pod metadata: name: cirros-vn1-1 annotations: { "opencontrail.org/network" : '{"domain":"default-domain", "project": ”new-service", "name":”web-network"}' } labels: application: service-app1 label: web

25. © 2018 Juniper Networks CONTRAIL ENTERPRISE MULTICLOUD Discovery / Onboarding of devices • UI DC • ZTP/ZTR • • Juniper MX, QFX • Third party devices and PNF/VNF* • • • Ethernet, IP overlays • Playbook • • LLDP • EVPN/VXLAN ( • interfaces, igp, analytics, protocols, policies, loopbacks, overlay protocol (EVPN BGP) netconf netconf

29. © 2018 Juniper Networks TungstenFabric https://tungstenfabric.io/ Linux Foundation https://www.linuxfoundation.org/projects/networking/ TungstanFabric + Openshift Origin http://komadori-blog.blogspot.com/2018/06/openshift-enterprise.html TungstenFabric https://connpass.com/event/90787/

Interop2018 contrail ContrailEnterpriseMulticloud

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Interop2018 contrail ContrailEnterpriseMulticloud

Similar to Interop2018 contrail ContrailEnterpriseMulticloud (20)

More from Daisuke Nakajima

More from Daisuke Nakajima (14)

Recently uploaded

Recently uploaded (16)

Interop2018 contrail ContrailEnterpriseMulticloud