5. Centralize ControllerCentralize Management
1 LICENSING MODEL
JUNIPER SOFTWARE ADVANTAGE
Full Use/Elastic Transferable
Software
Lifetime Assurance
Standard ProtocolsCentralizeSeparate
Networking Planes
Use the cloud Common Platform Apply Broadly
Across Domains
6 PRINCIPLES
4 STEP ROADMAP
Extract Services Optimize the Hardware
JUNIPER’S SDN STRATEGY: 6-4-1
6. WHAT WE ARE ANNOUNCING TODAY
Commercial
Availability of Contrail
Production-ready SDN solution for Enterprise and Service Providers
Increases business agility by automating and orchestrating the creation of highly
scalable virtual networks which interconnect virtual services and clouds
Introduction
of Cloud/SDN
Ecosystem
SDN technology partnerships, Cloud Orchestration partnerships, Certification
Joint
IBM/Juniper
Solution
Joint IBM Orchestrator and Contrail solution to enable enterprise and service-
provider clouds
Launch of Open Contrail
OpenContrail: http://opencontrail.org - a standards-based and highly scalable
network virtualization and intelligence open-source controller for SDNs
7. JUNIPER NETWORKS CONTRAIL
SDN Controller
Configuration Analytics
Control
Virtualized Server
VM VM VM
Virtualized Server
VM VM VM
Any switches
[e.g. EX9200]
BGP
Federation
Horizontally
scalable
Highly available
Federated
BGP
Clustering
REST
XMPP
SDN CONTROLLER
Orchestrator
XMPP BGP + Netconf
Gateway
Multi-Vendor Edge Routers
e.g. MX, EX9200
8. ENTERPRISE USE CASE
Virtualized Private and Hybrid Clouds
ENTERPRISE PRIVATE CLOUD
FINANCE
ENGINEERING
Orchestrator
ENGINEERING
VPC
HR
VPC
FINANCE
VPC
Contrail enables enterprises to adopt private or hybrid virtual cloud strategies, with application and workload mobility
PUBLIC CLOUD
(E.G., AWS)
ENGINEERING
VPC
HUMAN
RESOURCES
BENEFITS
Contrail enables enterprises to adopt private or hybrid virtualized clouds to increase business agility
Integration with Cloudscaling enables workload mobility between private and public clouds
Workload Mobility
Contrail
SDN Controller
9. MOBILE
EDGE
BROADBAND
EDGE
BUSINESS
EDGE
SP USE CASE
Dynamic Service Chaining for NFV: Improve Service Velocity and Agility
Dynamic Service Chain Configuration
Orchestrator
BENEFITS
Foundation for new services (like vCPE); or internal network optimization
Reduced capital and operational expense via network simplification
Increased agility and velocity for new service offerings
Contrail
SDN Controller
Pool of x86 Appliances
MX Router w
x86 Service Card
MX Router w
x86 Appliances
Contrail can dynamically
service-chain virtualized
or physical network services
Services are turned
up or down faster
Enables network
hosted services
11. SDN AND CLOUD PARTNERSHIPS
SDN Technology Partnerships Cloud Orchestration Partnerships
12. IBM & JUNIPER
Simplifying Cloud Systems
Integration of world-class network
orchestration and cloud management
systems
Scalable, extensible network virtualization
Infrastructure investment protection
Fully integrated NFV management
Analytics to drive deep insights
L3 VPN, E-VPN
Seamless Interconnect
Enterprise
Network
Enterprise
Network
Managed
Private Cloud
Virtual
Private Cloud
SP-IaaS
OpenStack Neutron Plugin
IBM SMARTCLOUD ORCHESTRATOR
SCO OPENSTACK SERVICES
Self-Service
Portal
Orchestration
Engine
Workload & Pattern
Management
IBMSCOintegrateswithContrailSDNasa
ServiceusingtheOpenStackNeutronplug-in.
REST APIs
CONTRAIL
SDN CONTROLLER
Analytics
XMPP, BGP
13. ANNOUNCING…
Get the code at www.opencontrail.org
Open Source fosters innovation and adoption of SDN
Available via Apache 2.0 license
Production-ready; uses proven, stable open networking standards
www.opencontrail.org
14. Are you ready?
Redefining
Networking & Business
AGILITY
FLEXIBILITY
INTELLIGENCE
COST SAVINGS
CENTRALIZE
PROGRAMMABILITY
DEPLOY FASTER
CUSTOMIZE
AUTOMATION
DYNAMIC
INNOVATION
CLOUD ORCHESTRATION
17. JAGUAR NETWORK
FRENCH & SWISS NETWORK OPERATOR
FOUNDED IN 2001 IN MARSEILLE
ADDRESSING CORPORATE &
WHOLESALE BUSINESS
6 500 KMS OF FIBER OPTIC NETWORK
INTERCONNECTING OUR EUROPEAN
DATACENTERS
LOCAL TAIL SERVICES IN FRANCE
AND SWITZERLAND
30 POP ACROSS EUROPE
CLOUD SERVICES IN THE FOUR MAIN
CITIES ACROSS FRANCE
A POWERFULL VERY
HIGH SPEED NETWORK
19. CLOUD SERVICES @ JN
PRIVATE CLOUD HYBRID CLOUD PUBLIC CLOUD
Hosted in one of our main datacenters (Paris / Lyon / Marseille / Bordeaux)
Can be managed by our team or under
customer administration
Only managed by our team
Hardware 100% dedicated to the customer
(Servers, Storage).
No access to shared resources.
―Normal operation‖ platform servers
dedicated to the customer but a pool of
shared additional servers can be used in
case of resource burst needed.
No dedicated hardware.
―LAN‖ network design adapted to the
customer requirement.
Network hardware dedicated (Load
Balancers, Firewall…).
Network services such ad Load Balancing or
Firewalling can be shared or dedicated.
Access to virtual network resources for
improved security or features.
Product mainly aimed at big companies that
want a completely dedicated platform or that
needs to be isolated for legal reasons.
Product aimed at mid size companies that
can’t afford some very expensive dedicated
hardware but still want cutting edge features
and also at companies that need additional
resources for a short period of time.
Entry level product. Fast and easy
deployment with custom made solutions.
23. WHY CONTRAIL?
OVERALL IMPRESSION
OF OUR CLOUD SERVICES:
Our customers are happy with the services
we currently offer but we truly believe that
we can do better than that using more
cutting edge technologies.
24. CURRENT PROBLEMS?
Cost
Some parts of the provisioning /
migration / administration still done
manually. Not a full orchestrated
system.
Lacking some ―Cloud‖ features with a
complete virtualization of the network
(customer separation in L2 VLAN).
For customer Cloud services spread
across multiple datacenters, suboptimal
usage of the network.
A truly open solution where we can
integrate multi vendor services.
25. WHAT CONTRAIL BRINGS?
An open, cloud
orchestration system
based on existing
proven technologies
(Openstack, KVM).
Easy integration
with our provisioning
system as well as
customer extranet
using a powerful REST
APIs.
A scalable and
resilient Cloud network
solution approach that
interoperates with
standards-based IP
VPN technologies
without separate
gateways.
Enables Jaguar
to provide agile
network & security
service delivery to
diverse cloud
customers via
automated virtual
network policies.
56. Why Not Cloud? Business
Transformation
Security BYOM &
Mobile First
Juniper on Juniper
JUNIPER’S IT STRATEGY
57. POST ACQUISITION REQUIREMENTS
Contrail Systems Acquired in November 2012
MAINTAIN
AGILITY & SPEED
ADDRESS
SECURITY
& COMPLIANCE
MIGRATE &
SCALE WITH
MINIMAL IMPACT
58. CONTRAIL’S DEV ENVIRONMENT
Build Server +
Development Server
Contrail Network
VLAN
Source code repository
in public cloud
Lack of automation:
Inability to dynamically
build images with
diverse OS, software
package and compiler
combinations
Security risk:
Putting confidential
code base and
intellectual properties
in public cloud
Networking with VLAN:
challenge in
manageability,
scalability and security
policy attachment
SaaS Apps on Public Cloud; Physical Build/Dev Servers on VLAN
Challenges
59. Juniper Corporate Network
On-Demand Development EnvironmentOn-Demand Build Environment
Public Internet
Source Code Management
PROPOSED ARCHITECTURE
& BENEFITS
Dynamically spin up VMs
to build images with
diverse OS, software
package and compiler
combinations
Secure, elastic distributed
cloud storage for source
code repository and storing
software packages now
maintained within Juniper
Dynamic, automated
policy-based virtual
network provisioning that
offers fine-grained control
over connectivity & security
Benefits
SECURED ACCESS
SECURED ACCESS
Distributed
Storage
60. SEIZE VALUE OF ACQUISITION FASTER
Experiment with
OpenSource
Maintain Speed Address Security
Compliance
Extend to Future
Acquisitions
Apply to Existing
Engineering Environment
Adhere to
IT Strategy
Notas del editor
The first use case I am going to talk about is an example of the flexibliity Contrail can bring to enterprises A lot of enterprises have already adopted virtualization in their data centers, and some are looking to move to more of a true private cloud model, where virtualized resources are dynamically pooled, shared across different departments or organizations. Contrail helps enterprises move to private virtualized clouds automating and orchestrating the dynamic provisioning of network resources.Additionally, Contrail can help provide the intercloud orchestration required for customers who are looking to evolve to more of a hybrid cloud model, where they use a mix of private and public cloud resources. Here, Contrail integrates with solutions like CloudScaling to enable workload mobility between the various clouds.
The last service provider use case I will talk about is service chaining. Contrail has the ability to dynamically spin up and chain together virtual network applications—which can be either virtual applications via Network Functions Virtualization, or even services running on physical appliances.These virtual services can be Juniper applications like FireFly, or they can be third party applications. When we make our Contrail announcement on September 16, we will launch a host of technology alliance partners who have commited to perform interop testing with Contrail. The advantages of dynamic service chaining virtual services can be applied in many different ways. Network operators can use these services to replace network functions today hosted on physical appliance, thereby improving the efficiency and operations of their own internal networks. One example of this is the vMCG solution we are delivering in conjuntion with Hitachi. Dynamically service chaining network applications can also be the foundation for new services. For example, some of our customers are looking to offer network-based managed services that run functions like firewall and intrusion prevention in the network, rather than on the customer prem. This allows service providers to bring new services to market more quickly and with less risk than hardware-centric based approaches.
Restless reinvention: Keep in mind it’s not the technology alone, it’s about a company culture ready to innovate with cloud.Analytics everywhere: Ensure your cloud strategy is also the ultimate analytics strategyA dynamic cloud strategy: Strategically mix open cloud technologies to deliver the business outcome
Good Morning! I’m Bask Iyer, CIO of Juniper Networks. Like any typical multi-billion enterprise, we are global and support 10K+ users that are located in 100+ sites across 47 countries. And like any typical enterprise IT team, we’re responsible for multiple apps, datacenters, security, BYOD, & of course the corporate network. TRANSITION: Let me begin with providing you insight into ourJuniper IT strategy and then I’ll share how we came about using Junos Contrail and how Junos Contrail happens to be a perfect match to our strategy.
Our Enterprise IT strategy is straightforward:We’ve embraced a “why not cloud” approach for software, platforms & infrastructure and we’ve migrated as much to the cloud as possibleWe’ve deployed multiple SaaS applications (SFDC, Office 365, Peoplesoft). Soon we’ll have a cloud-based platform solution [SAP]. We are also consolidating data centers, migrating much to the cloud.To simply our app landscape, we’re in the middle of a multi-year business transformation project, crushing down 150 apps into 1. Of course, securityis key to protecting our company’s IP.For our end users, we’ve embraced a Bring Your Own Mobile [BYOM] device policy, and a “Mobile First” approach to new apps.When it comes to the network & security, we use our own technology to deliver core business services across our Juniper-based network and call this Juniper on Juniper.TRANSITION: In addition to doing our IT day job, we also have to manage projects that simply drop out of the sky, like an acquisition, which brings me to Contrail.
Start-ups are fast and nimble, and consume vast amounts cloud-based services for compute & software solutions. When Juniper acquires a start-up company, our IT team needs to quickly figure out how to fold this acquisition into our secure corporate enterprise and not inhibit the start-up’s need for agility & speed.When Contrail came along, they had some fairly unique IT requirements (object storage) that couldn’t be easily met with our existing Juniper IT environment. Juniper IT had to figure out how to capture the value of the acquisition quickly so Contrail could maintain their momentum & scale.Typically we’d plan, purchase, install and verify before delivering a solution, taking months and not agile enough for Contrail teamI couldn’t just say, take a number and stand in line for your IT request. Changing Contrail’s DevOps methodology was out of the question, too expensive.Instead we needed to migrate Contrail’s agile development environment to a private cloud in order to address Juniper security/compliance goals and protect sensitive beta customer information. And complete this migration with minimal impact and also enable them to scale.TRANSITION: Let me show you a peek into what Contrail’s dev environment looked like….and what we had to figure out.
At a high level, Contrail used SaaS applications (i.e. Bitbucket as code repository) and public cloud resources. Internally Contrail team maintained multiple physical servers to perform code development & build functionalities.These servers connected through a VLAN and were configured to run a certain operating system and a set of software packages. Servers in the VLAN accessed the Internet for fetching and posting source code. This worked fine for them until Contrail grew bigger, got acquired by Juniper and started to have a lot more customer engagements and needed to support a lot more requirements from customers and innovations from within. They needed the capability to quickly and efficiently build software images with a wide range of OS, software package and compiler combinations, and this process had to be automated. The challenges of using existing infrastructure to implement this are obvious. When each of the physical servers was brought up, it was statically configured to run a certain OS and package combination, and changing that was manual and could take a long time. The intellectual property security and customer privacy risk increased daily as Contrail welcomed more beta customers, so keeping confidential code base in public cloud was no longer an option. Even if Juniper IT was willing to throw in some really expensive server virtualization technologies to run these diverse builds in virtual machines, the network implemented with VLAN technology still posed challenges in manageability, scalabilty and security policy attachment. The scalability and capex inefficiencies directly resulted from the inability to handle policies, security, and routing at scale, without changes to physical switching infrastructure. Similarly, tenant/application state was embedded in the physical networking infrastructure, resulting with challenges with manageability. TRANSITION: So what did Juniper IT do?Additional notes:Source code repository, build environment, and development environment were dynamic with different security requirements. Contrail supported several different build environments such as Ubuntu, Centos, etc.Build servers did not need to be accessed by corporate network or the Internet, it needs to be able to pull source code from the repository and spin up different virtual machines for different build environmentsDevelopment servers need to be accessed from corporate network and the InternetSource code repository needs to be accessed by build and dev servers
After evaluating different options, we came to the conclusion that Contrail technology is the best solution for the Contrail problem. Through partnership with Cloudscaling, Contrail offers a turnkey elastic private cloud solution that includes tested and proven server, storage and networking hardware, Openstack cloud orchestration platform, Cloudscaling elastic software storage and Contrail network virtualization and orchestration technologies as the main building blocks. The solution was very easy to deploy, and its benefits are clear. Now Contrail team can dynamically spin up virtual machines to build a wide variety of images with different OS, software package and compiler combinations. After the build is done, the resources associated with the specific build is released and reused. Spinning up the virtual machines can be done through a portal or scripts without IT involvement most of the time. Furthermore, the elastic distributed cloud storage can be used for source code repository and storing OS images and software packages inside Juniper without exposing Juniper intellectual property and customer private information to the public cloud. Any virtual machine would be able access this distributed storage. With Contrail automatically provisioning virtual overlay networks and dynamically using L3VPN or EVPN, the challenges associated with VLAN-based solution no longer exist. Juniper’s Contrail solves the automation, cost, scalability, and manageability problems by providing advanced networking features through a proactive overlay virtual network. All the networking features like switching, routing, security, and load balancing is moved from the physical hardware infrastructure to software running in hypervisor kernel software that is managed from a central orchestration system. This allows the system to scale while keeping the costs of the physical switching infrastructure under control, as the switching hardware has no state of the virtual machines or tenant/application and is only involved in routing traffic from one server to another. The Contrail Network Virtualization system solves the agility problem as it provides all the automation for provisioning of the virtualized network, networking services and integrates with the orchestration systems like Openstack, Cloudstack using REST APIs. TRANSITION: So how does this proposed architecture help Juniper IT?
This solution allows us to seize the value of the Contrail acquisition faster.Why Open Source? For a CIO, this means we can experiment on the cheap. It’s not a proprietary piece of software, so that means I don’t have to shell out tons of money for licensing fees. It’s standards-based so I can benefit from the collaboration of the open environment. I can enable speed, lower my costs, and protect the IP securely. What’s next? From an IT perspective, we will channel the agility of Junos Contrail framework and apply it to future acquisitions to maintain nimbleness and speed. We’ll also extend this approach to the rest of the company, especially within engineering organization. And lastly, I am adhering to our IT strategy….”why not cloud” and “security”