* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Juniper Networks Corporate PowerPoint Template
Survey
Document related concepts
Backpressure routing wikipedia , lookup
Deep packet inspection wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Computer network wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Network tap wikipedia , lookup
Distributed operating system wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Airborne Networking wikipedia , lookup
Multiprotocol Label Switching wikipedia , lookup
IEEE 802.1aq wikipedia , lookup
Peer-to-peer wikipedia , lookup
Transcript
OpenContrail at OPNFV Summit 2015 • Sessions • Now - OpenContrail Tutorial • Architecture • How it works for network policy and SFC • Thur 11:40 - Using OpenContrail to Solve Real-World Use Cases • • • • High scale VPC u/vCPE Subscriber/application-aware SFC Interconnections with brownfield environments • Encapsulations – MPLSoGRE, VXLAN • Control plane – BGP, EVPN, OVSDB • Management plane – Netconf, OVSDB • Thur 1:25 – Demo – Using OpenContrail for Virtual Networks and SFC OpenContrail in OPNFV • OpenContrail is upstream to OPNFV • Working with installers for B release • • • • Fuel JOID Apex Compass4nfv • OpenContrail Quickstart should finally appear in next couple of weeks • 6 server POD will be available for CI/test in NJ OpenLab Contrail Virtual Networking QUICK TUTORIAL OPENCONTRAIL QUICK TUTORIAL Network/Cloud Technology interchange Cloud Benefits Software-defined networking Network scale Security Resilience Networking Network Technology Overlay networking (MPLS/VXLAN) Control plane (BGP) Network load balancing (ECMP) Technology interchange benefits cloud and networks Network Benefits Service agility Self-service On-demand Elastic scaling Cloud Technology Common x86 platform Shared service infrastructure Cloud Service automation Contrail Virtual Networking QUICK TUTORIAL HOW CONTRAIL WORKS CONTRAIL - BASED ON MPLS VPN TECHNOLOGY L3 VPNs for Inter-Site Connectivity Contrail Virtual Networks in Datacenters Traffic segmentation in the WAN MPLS over MPLS label encapsulation tunnels BGP route signaling Traffic segmentation in the LAN MPLS over GRE or VXLAN label encapsulation tunnels XMPP (with BGP payload) route signaling OpenStack Cloud Manager Contrail Controller Route Reflector XMPP (BGP) BGP VM Customer Site Hypervisor with vRouter Protocols, Architecture CE Router PE Router Server Tenant VRF Customer VRF Encapsulation Tunnel Encapsulation Tunnel Provider Network Datacenter OpenStack Network Management System (NMS) Config Node DMI Route Reflector IBGP Route Reflector Control Node IBGP Analytics Node IBGP Control Node SDN System XMPP PE CE P P PE MPLS over MPLS CE VM vRouter MPLS L3VPN / E-VPN Underlay Switch Contrail Underlay Switch BGP vRouter VM MPLS over GRE or VXLAN Gateway CONTRAIL ABSTRACTION ARCHITECTURE Orchestration, Automation Analytics OSS Open source and partner ecosystem of orchestrators API and SDK for integration with OSS / BSS State and status Policies and requests Control Plane - Physical, Virtual Open, standards-based, federated controller Scalable and resilient Virtual Network Overlay Overlay encapsulation implemented in hypervisor Multi-tenancy for private and virtual public clouds Gateway functions - connect to virtual to physical network Service chaining (physical and virtual) Physical Network Interoperability with traditional network devices Any-to-any non-blocking low-latency fabric: Q-Fabric or Clos Configuration model Automation Control Plane Control Plane Control Plane Distributed collection Global view Consolidation Aggregation CONTRAIL COMPONENTS Accepts and converts orchestrator requests for VM creation, translates requests, and assigns network OPENCONTRAIL CONTROLLER Configuration Control Real-time analytics engine collects, stores and analyzes network elements Collector Interacts with network elements for VM network provisioning and ensures uptime VM VM VM vRouter Physical Host with Hypervisor vRouter: Virtualized routing element handles localized control plane and forwarding plane work on the compute node VM VM Physical Network (no changes) Gateway WAN, Internet VM VM VM vRouter Physical Host with Hypervisor Gateway: MX Series (or other router) or EX9200 serve as gateway eliminating need for SW gateway & improving scale & performance SCALE OUT, HIGHLY AVAILABLE ARCHITECTURE REST HTTP REST Logically Centralized Web UI Nodes (Physically Distributed) Horizontally Scalable Analytics Nodes Configuration Nodes Highly Available (Active-Active) IF-MAP BGP Control Nodes BGP Database Nodes Federated BGP, Netconf XMPP vRouters Gateways https://github.com/Juniper/contrail-controller/wiki/Roles-Daemons-Ports COMPUTE NODE – HYPERVISOR/CONTAINER WITH VROUTER CONTRAIL CONTROLLER JUNOSV CONTRAIL CONTROLLER • vRouter is replaces the Linux Bridge or OVS module in Hypervisor Kernel Compute Node vRouter Agent Virtual Machine (Tenant A) Virtual Machine (Tenant B) Virtual Machine (Tenant B) Config Tap Interfaces (vif) VRFs Policy Table vRouter Forwarding Plane Routing Instance (Network X) Routing Instance (Network Y) Routing Instance (Network Z) FIB FIB FIB Flow Table Flow Table Flow Table pkt0 Eth0 XMPP User Kernel Eth1 EthN Overlay tunnels MPLS over GRE or VXLAN Top of Rack Switch XMPP • vRouter performs bridging (E-VPN) and routing (L3VPN) • vRouter performs networking services like Security Policies, NAT, Multicast, Mirroring, and Load Balancing • No need for Service Nodes or L2/L3 Gateways for Routing, Broadcast/Multicast, NAT • Routes are automatically leaked into the VRF based on Policies • Support for Multiple Interfaces on the Virtual Machines • Support for Multiple Interfaces from Compute Node to the Switching Fabric SERVICE VIRTUALIZATION AND CHAINING NFV: Virtual Network Functions Best in breed, from multiple vendors, including Juniper (e.g. vSRX) SDN: Service Chaining OpenContrail: Dynamically program network to create service chains Chain of virtual services – independent scaling Decide which traffic goes into chain Anchor Router (Classifier) DPI DPI Firewall Load balance between service layers DPI Cache DPI DPI IDP DPI DPI DPI NAT Stateful services require consistent forward/reverse paths https://datatracker.ietf.org/doc/draft-fm-bess-service-chaining/ CONTRAIL – CONTROL NODE Configuration Node Configuration Node • Control Plane Nodes federate using BGP • Each vRouter uses XMPP to connect with multiple Control Plane nodes for redundancy • All Control Plane Nodes are active active • Each Control Plane Node connects to multiple configuration nodes for redundancy • BGP is used to connect with Physical Gateway Routers or Services Nodes IF-MAP Control Node Peers Control Node Control Node IF-MAP Client "BGP module" Proxies (ARP, DHCP, ..) XMPP IBGP IF-MAP Client "BGP module" Proxies (ARP, DHCP, ..) Control Node IF-MAP Client XMPP "BGP module" Proxies (ARP, DHCP, ..) XMPP XMPP BGP Compute Node Compute Node Service Node Gateway Routers CONFIGURATION NODE Orchestrator (OpenStack) REST Configuration Node Configuration Node REST API Server DHT DB Message Bus REST API Server DHT DB Schema Transformer IF-MAP server Message Bus Configuration Node Schema Transformer IF-MAP server REST API Server Distributed Synchronization IF-MAP Control Node Control Node DHT DB Message Bus Schema Transformer IF-MAP server 1. API Server provides Northbound REST Interface – Orchestration System provisions using this API service 2. DHT/NoSQL Database is used for Persistence and High Availability of Configuration 3. Schema Transformer “compiles” the high level data model to low level model for vRouter, Service Nodes, and Gateway Routers 4. IF-MAP is used to represent the data-model – Control Nodes subscribe to the subset of configuration INTERACTION WITH OPENSTACK OpenStack 1 Create an Instance (Image, Network, …) Nova API Nova Scheduler Horizon 3 VM Network Properties Scripts Neutron Driver Neutron Plugin 5 Create VM Interface Configuration Node 6 Publish VM i/f on IF-MAP Control Node 7 VM Interface config over XMPP 2 Schedule an Instance on the Compute Node Nova Compute Virtual Router Compute Driver Contrail Agent Virtual-IF Driver Compute Node 4 Add Port vRouter (kernel) COMPUTE NODE – DNS RESOLUTION Compute Node Virtual Machine (IP-VM1) Tap Interfaces (vif) vRouter Forwarder OpenStack OpenContrail DNS – IP for VM2 Compute Node Virtual Machine (IP-VM2) Tap Interfaces (vif) vRouter Forwarder Routing Instance FIB Flow Table Routing Instance FIB Flow Table Eth1 (IP-H1) Overlay tunnels MPLS over GRE or VXLAN Eth1 (IP-H2) VIRTUAL PHYSICAL COMPUTE NODE – PROXY ARP ARP [Who is IP-VM2] Compute Node Virtual Machine (IP-VM1) Tap Interfaces (vif) vRouter Forwarder Compute Node Virtual Machine (IP-VM2) Tap Interfaces (vif) vRouter Forwarder Routing Instance FIB Flow Table Routing Instance FIB Flow Table Eth1 (IP-H1) Overlay tunnels MPLS over GRE or VXLAN Eth1 (IP-H2) VIRTUAL PHYSICAL COMPUTE NODE – FORWARDING/TUNNELING Payload IP-VM2 Payload Virtual-IP2 Compute Node Virtual Machine (IP-VM1) Tap Interfaces (vif) vRouter Forwarder Routing Instance FIB Flow Table Compute Node Virtual Machine (IP-VM2) Tap Interfaces (vif) vRouter Forwarder Routing Instance FIB Flow Table Payload IP-H2 MPLS / VNI IP-VM2 MPLS / VNI IP-H2 IP-VM2 Eth1 (IP-H1) Overlay tunnels MPLS over GRE or VXLAN Eth1 (IP-H2) Payload VIRTUAL PHYSICAL OPENCONTRAIL LINKS OpenContrail – www.opencontrail.org Juniper downloads - http://www.juniper.net/support/downloads/?p=contrail#sw Documentation - https://techwiki.juniper.net/Documentation/Contrail Technical notes - https://github.com/Juniper/contrail-controller/wiki Source code - https://github.com/Juniper Videos on OpenContrail.org - http://www.opencontrail.org/videos/ Contrail channel on YouTube https://www.youtube.com/channel/UCqBRKucNwzft7gIyBdQq6UQ User and Developer mailing lists: http://www.opencontrail.org/newsletter-andmailing-lists/ Thank You