Contenu connexe
Similaire à NFV SDN Summit March 2014 D3 03 bruno_rijsman NFV with OpenContrail
Similaire à NFV SDN Summit March 2014 D3 03 bruno_rijsman NFV with OpenContrail (20)
NFV SDN Summit March 2014 D3 03 bruno_rijsman NFV with OpenContrail
- 2. 2 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
OpenContrail Use Cases
Public Cloud
Private Cloud Private Cloud
VPN VPN
WAN
Gateway
Access
Core
Cloud : Network Virtualization
• Private Clouds, Public Cloud, and Virtual Private Cloud
• Network Virtualization
• Tenant and Application Policies
• Network Function Virtualization and Service chaining
• Rich Analytics
Cloud : Interconnect
• Connect Private Cloud to Private Cloud (DCI)
• Connect Private Cloud to Public Cloud (bursting)
• Connect Campus to Private Cloud
Network Function Virtualization
• Virtualize Network Functions
• Service Chaining
• Attach Service Chain to Physical Network
• Application-Aware and Subscriber-Aware Steering
• Rich analytics
- 3. 3 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
OpenContrail Use Cases
Access
Core
Network Function Virtualization
• Virtualize Network Functions
• Service Chaining
• Attach Service Chain to Physical Network
• Application-Aware and Subscriber-Aware Steering
• Rich analytics
Topic of today's presentation:
Network Function Virtualization
Same technology as Cloud use cases
Tightly integrated with Cloud use cases
- 4. 4 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
Service Chain
DPIDPI DPIDPIDPIDPIDPI
NFV + SDN = Dynamic Service Chaining
NFV: Virtual Network Functions
Best in breed, from multiple vendors, including Juniper (e.g. Firefly)
Firewall IDPCache
SDN: Service Chaining
OpenContrail: Dynamically program network to create service chains
NATAnchor
Router
- 5. 5 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
OpenContrail Function:
Virtual Networks for Data Center Tenants / Applications
Virtual Networks
Provide isolation tenants, applications, or tiers within an application.
Physical location of virtual machine independent from logical location.
VM VM VM
Green
Virtual Network
VM VM VM
Red
Virtual Network
VM VM
Blue
Virtual Network
Bare
Metal
Server
- 6. 6 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
OpenContrail Function:
Virtual Network Policies
Virtual Network Policies
At a high level of abstraction, applied at the boundaries of virtual networks.
VM VM VM
Green
Virtual Network
VM VM VM
Red
Virtual Network
Policy
only HTTP
NAT
- 7. 7 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
OpenContrail Function:
Service Chains for Data Center Tenants / Applications
Service Chaining
Policy based application of virtual and physical services with scale-out.
Firewall, Intrusion Prevention, Load balancer, Cache, WAN optimizer, proxy, ...
VM VM VM
Green
Virtual Network
VM VM VM
Red
Virtual Network
Virtual
Service
IDS
Virtual
Service
Cache
Physical
Service
Firewall
Policy
only HTTP
NAT + IDS + Cache + Firewall
- 8. 8 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
OpenContrail Function:
Service Chains for Service Providers
Access
Core
Business
Consumer
Broadband
Mobile
"Anchor" Service Chain
to Edge Router
Edge Router
- 9. 9 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
Separate Service Chain for each Customer
Common for Business Edge
Access
Core
Business
MPLS L3VPN
Service
PE Router
Separate
Service Chain and VNFs
for each customer.
Customer 1
Customer 2
Customer 3
- 10. 10 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
Many Customers Share the Same Service Chain
Common for Broadband Consumer / SOHO Edge (Wireline and Mobile)
Access
Core
Subscriber-aware
Application-aware
Policy-driven
Steering
Scale-out multi-tenant
Service Chains and NFVs
"Gold" Service
"Silver" Service
- 11. 11 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
Contrail Service Chain Implementation
Using Overlay Networks
VM
G1
VM
G2
VM
G3
Green
Virtual Network
VM
R1
VM
R2
VM
R3
Red
Virtual Network
OpenContrail
Controller
VM
G
VM
R
XMPP
CloudStack
OpenStack
- 12. 12 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
Dynamic Steering
PCRF
OpenContrail
Controller
SCG
Policies
Thousands per second
Data Packets
Millions per second
Service Chains
New: once per month
Scale-out: once per day
- 13. 13 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
OpenContrail Service Chain Implementation
In the Gi-LAN with Service Steering
GGSN / PGW
SCG / TDF
PCRF
OpenContrail
Controller
OpenStack
CloudStack
Subscriber Awareness
Layer 3-7 Classification
Steering Capabilities
- 14. 14 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
Service Chain Scale-out and Scale-in
Note: for simplicity, this example shows each service-instance on a separate compute node. In reality a single compute node can host multiple service instances.
Service Chain "Width"
Service Chain "Length"
For scale-out and scale-in
Width varies per step
For functionality
- 15. 15 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
Scale-out and Load Balancing
load balancing in
Physical Router
load balancing as
Virtual Service
load balancing in
vRouter
Mechanisms
ECMP
Flow Tables
Consistent Hashing
Challenges
Scale and performance
Stickiness
Symmetry
- 16. 16 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
The Importance of Abstraction
LOGICAL TOPOLOGY
Simple
• High level of abstraction
Simple to configure
Simple to troubleshoot
OpenContrail provides abstraction
• Configure logical layer
• Mapping to physical layer
• "SDN as a Compiler"
• Analytics at physical layer
• Mapping to logical layer
VM
G1
VM
G3
VM
R1
VM
R2
VM
R3
VN R
BMS
R4
VN G
VM
G2VM
FW
L3VPN
- 17. 17 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
The Importance of Abstraction
BMS
R4
OpenStack
OpenContrail
Controller
NeutronNova
VM
G1
VM
G2
VM
G3
VM
R1
VM
R3
VM
R2
VM
FW
PHYSICAL TOPOLOGY
Complex
• Low level of abstraction
• Many vrouters
• Many routing-instances
• Many tunnels
• Many routes
Complex to configure
Complex to troubleshoot
- 18. 18 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
SDN as a Compiler
North-Bound REST APIs
Service Data Model
(Logical Abstraction)
Transformation Engine
Technology Data Model
(Physical Realization)
Analytics
South-Bound Protocols
OpenContrailController
- 19. 19 Copyright © 2014 Juniper Networks, Inc. Presented at NFV & SDN Summit, 21-March-2014.
OpenContrail
Contrail is available as Open Source
www.opencontrail.org. Commercial support available from Juniper.
Same features and scaling as commercial version
Uses proven stable standards. Production-Ready.
Permissive license
Apache 2.0
Integrated into open source virtualization stacks
OpenStack, CloudStack
