Transforming Enterprise & Telco Clouds

Winning
Together

Hwee Ming Ng, Red Hat Principal Technologist, hwng@redhat.com

Shaowen Ma, Juniper APAC Product Director, mashao@juniper.net
Agenda
1 Digital Transformation

2 Who is Red Hat and how we can help?

3 How Juniper And Red Hat Solutions Fit

4 Juniper Solutions

5 Why Juniper/Red Hat & Reference Customers

 Howdo
How doyou
youenable
enableDigital
DigitalTransformation?
Transformation?
It requires an evolution in….

Applications Platform Process

New ways of developing, Modernize existing and More agile process
delivering, and integrating build new cloud-based across both IT and
applications infrastructure the business
OPEN SOURCE TECHNOLOGY ENABLES DIGITAL
TRANSFORMATION
Deliver new, agile workloads while modernizing current applications
 TELCO IS NOT SPECIAL
Softwarization &
HW Commoditization Cloudification Modularization

NFV as first step NFC* Microservices

IT & Network
Programmability Open Source
Convergence

Telco is not special SDx Agility (reuse, tools, process)

* Network Functions Containerization / Cloudification

ABOUT RED HAT
FROM COMMUNITY TO ENTERPRISE
WE ARE MORE THAN LINUX !
It all comes together for comprehensive solutions
 Disruption In Enterprise: Move To The Cloud
Service Consumption

Enterprise Apps to SaaS

SaaS Usage
SaaS

Consumer of Services Enterprise

Hosted Apps IaaS / PaaS / Hybrid
Cloud Usage

PUBLIC CLOUD
PaaS
Monolithic to Scale-out
Apps Private DC (IT)
IaaS
Service Creation

Monolithic Apps

Developers

Private
Cloud

Private/Colo to Hybrid
Time
Cloud
Deployers Private/Colo
RED HAT’S VISION: OPEN HYBRID CLOUD
EFFICIENT, STABLE TECHNOLOGY FOUNDATION ACROSS ALL 4 FOOTPRINTS

PHYSICAL VIRTUAL PRIVATE CLOUD PUBLIC CLOUD

RED HAT’S VISION: OPEN HYBRID CLOUD
ALL KINDS OF APPS AND ENVIRONMENTS, INCLUDING CONTAINERS

TRADITIONAL CLIENT-SERVER INTERNET CLOUD

PHYSICAL VIRTUAL PRIVATE CLOUD PUBLIC CLOUD

 RED HAT’S VISION: OPEN HYBRID CLOUD
COMMON MANAGEMENT, INTEGRATION, AND AUTOMATION TO KEEP IT ALL GOING
Containers: Less resources, better operation

VIRTUALIZATION CONTAINERS

Memory
CPU
Storage

PHYSICAL

More density, faster deployment and startup

Containers: Easier Application Deployment

CONTAINER

APPLICATION

RUNTIME

SYSTEM LIBS

HOST OS
NODE A NODE B

If an application works in development

...then, it will work in production
Containers: Easier to Scale

CONTAINER CONTAINER CONTAINER

APPLICATION APPLICATION APPLICATION

RUNTIME RUNTIME RUNTIME

SYSTEM LIBS SYSTEM LIBS SYSTEM LIBS

HOST OS

Multiple runtime replicas for the same container

...adding an orchestration engine helps scalability
Containers: Standards & Security

A format to package application processes

CONTAINER
including all its dependencies (Docker)
A way to run such processes (Run-C)
APP

RUNTIME
● Red Hat full support (2nd contributor)
SYSTEM LIBS
● Standardization through OCI
● Image scanning with Atomic Scan +
OpenScap & Container image signing
HOST OS

● SELinux, cgroups & namespaces standards

● Linux Kernel technology
Community Powered Innovation

The picture can't be displayed.

A platform for containers with Red Hat Openshift
 OPENSHIFT NETWORK PLUGINS

OPENSHIFT
KUBERNETES CNI

OpenShift-
Tigera Juniper Cisco VMware Open
SDN Flannel Nuage Big Switch
Calico Contrail Contiv NSX-T Daylight
Plugin Plugin* Plugin Plugin
Plugin Plugin Plugin Plugin Plugin
DEFAULT

Certified Plugin Validated Plugin In-Progress

* Flannel is minimally verified and is supported only and exactly as deployed in the OpenShift on OpenStack reference architecture

19
Juniper Today: An Innovator With Global Reach
TALENT INNOVATION
• 9,500+ employees • 20 years of innovation to
and extensive partner meet the evolving needs of
ecosystem our customers
• 16 around-the-clock • Our global corporate
technical support centers network includes over
globally 1,400 Juniper Networks
products
• 46 offices serving over
100 countries • Contrail recognized by
OpenStack community as
most commercially
deployed SDN controller in
the world
FINANCIALS
• $4.8B in revenue in 2015;
• Generated ~$893M of
operating cash flow in 2015
• $3.2B in cash and
investments as of
December 2015
CUSTOMERS
• The top 10 largest global
telecom companies; 13 of
top 14 largest U.S. cable
companies
• The top 10 social media
properties; 4 of top 5
largest global search
engines
• 17 of top 20 largest world
banks; 9 of top 12 largest
global financial exchanges
21
22
Juniper and Red Hat Joint Use Cases
MGMT
SERVICE OVERLAY

Multi-DC NFV:
Legacy P+V
Distributed PNF + VNF Hybrid Cloud SDWAN IOT
Interconnect Interconnect
Cloud Svc Insertion

GW DC GW GW GW
UNDERLAY

LB

AWS GCE
WAN OPT

FIREWALL CPE
Virtualized …
VMs & Containers Bare-metal Servers & Storage Physical Svc Appliances Svc VMs
Legacy Servers & Storage
Public Clouds Customer Branch
(VMware vCenter based) Distributed DC or POP 1 Distributed DC or POP 2
Joint Solution – How We Work Together

OpenStack Container
Operations Deployments

vMX vSRX • Red Hat OpenStack • Red Hat OpenShift +

+ Contrail Networking Contrail Networking

• Replace default • Augment OpenShift

Juniper Neutron networking deployments with
Contrail with Contrail SDN advanced networking
features
• Enable high
performance, • Allow customers to
scalability and enable more use
Juniper availability cases than standard
Contrail deployment of
• Focus on advanced OpenShift or
features with ease of Kubernetes
use
Joint Solution Components – VNFs, Contrail and OpenStack
Deploy, Configure
and Manage Node
RHOSP
Director
Undercloud
Cloud infrastructure with → overcloud
Contrail-augmented CONTRAIL CONTROLLER
networking
Configuration Control Analytics

Undercloud
→ overcloud

VNFs vMX vSRX VM VM VM C VM VM C C vMX vSRX

vRouter vRouter
Physical Host Physical Host
with Hypervisor Physical Network with Hypervisor
(no changes)
Gateway
Gateway
Traditional
WAN, Internet Junos
devices
Contrail Networking Advantages over Neutron “Default Networking”

SCALE PERFORMANCE HA RESILIENCE NETWORK FEATURES

• Built for scaling in large
production environments
• Able to handle large
number virtual networks
• Superior transactional
scale
• Improved server • Designed to perform at • Multi-tenant VN micro-
performance over OVS scale segmentation
• Can handle large number • Supports ISSU for easier • Service chaining
of transaction requests management • Advanced analytics
• Supports inter-version • Underlay visibility
compatibility
• LBaaS and other services
• Easy to troubleshoot

Contrail Networking is industry leading in all 4 areas

REDHAT OSP & CONTRAIL LCM WITH OSPd

 Intermediate approach with OSP 8 (Liberty) & Contrail 3.0.X LTS

Fab  Contrail vRouter and RHOSP/RHEL Components are installed/provisioned

OSP Director
using OSPd

Lifecycle Mgmt (installation, upgrades, etc.)  Contrail Controller Components are installed / provisioned /upgraded
OSP 8 independently using Contrail tools (Fab)
 Customer (Orange) deploys using this approach in Oct 2016 in their
RHOSP + Contrail Contrail production environments (10 initial DC’s)
RHEL vRouter Controller

 Single pane of glass LCM of all components – with OSP 10 (Newton) &
OSP Director Contrail 4.0 LTS
 This is made possible using a feature in OpenStack TripleO called
‘Composable Roles’
OSP 10 + Lifecycle Mgmt (installation, upgrades, etc.)
 Note: This includes install, provisioning & Upgrades etc. of Contrail
Puppet Puppet components etc.

RHOSP + Contrail Contrail  With Contrail moving towards a Containerized Controller model, this
RHEL vRouter Controller approach is expected to be much more simplified going forward
 Customer (Orange) plans to deploy several other Greenfield environments
using OSP10 & Contrail 4.0 LTS in Q2 2017
Container Networking
Secure multi-tenancy for
KUBERNETES CLUSTER
containers, with existing application
developer workflow External IP

Seamless migration & interop with Service IP, Port

existing Contrail (non-container)
environments with container Service – S1
environments
Repl. Application 1
Extend all networking / vRouter Ctrl (Load balancing across multiple
features (QoS, Floating IP, DDI, PODs)
SNAT, etc.) to containers
…
sig nw policy
POD 2 (Pod2-IP)
…
Multiple deployment options (i.e.
C1 C2 … egress
BMS, Private / Public Clouds, etc.) POD 1 (Pod1-IP) ingress
Multiple Orchestration/PaaS C1 C2
…
Containers
…
systems (K8s, Mesos, OpenShift) C1 C2
…
Containers
…

Allow Operator to modify infra Containers uses PODIP: Container Port

security (& isolation) levels,
transparent to app developer IP Address per POD
CONTRAIL With OPENSHIFT ARCHITECTURE

Kube-network-manager listens to K8s API Server and

conveys the API request to Contrail Controller

API Server Replication Ctrl kube-network-mgr

kubectl Scheduler … Contrail Controller

(user commands)

K8s and Contrail Controller Nodes

POD 1 POD 2 POD 3 POD 4

… … … …
C1 C2 C3 C4

CNI Plugin
…
Kubelet Kubelet
CNI Plugin
Compute Node vRouter Compute Node vRouter
(replaces kube-proxy) (replaces kube-proxy)
How to Monetize Telco Assets?

 Leverage last mile presence in 1,000s of locations to New revenue stream: Delivery
provide better QoE capabilities for new, immersive
 Leverage commercial relationship with millions of content
IOT / M2M
subscribers & businesses New Apps

$ $$
Mobile & Fixed Line Consumers

Telco VNF Apps

Network Services
$

Expense Savings:
Cloudify cell Sites, CO, POPs to run low Improved operational
latency/high performance VNFs and efficiency
OTT Providers
IOT/M2M workloads Existing Apps

$$$
OTT’s existing relationships with consumers …
TELCOs VERSUS CLOUD PROVIDERS
Dynamic network service automation is the key priority for Service Providers
Amazon: Few seconds
Time to Service Every 11 seconds; Avg 10K or max 30K servers at a
time using continuous integration & deployment
Deployment
Telco: 6-7 Months
Code to production launch China Mobile Quote: 6-7 months per service; mostly manually

Google: 1 per 15,000 srvrs

Operating Each admin can operate ~15,000 servers
Expenses
Telco: < 100
Servers managed per admin Operator DC: Each admin can manage upto ~100 servers  large headcount

Google: 10 Configs
Operational Google: ~10 shared hardware system bundles
Complexity
Telcos: 1,000’s
# of SKUs to manage NSN: 1000’s of SKUs to manage  makes it overly complex

Opportunity for accelerating TTM, reducing costs and optimizing operations for Telcos.
Telco Cloud: High Level Overview
Defining The Telco Cloud: Geographical Placement & Network Integration Example

Typical Building Blocks: Key Observations:

• WAN and METRO • BGP is a common control plane building
o BGP block for both WAN/METRO, DC underlay
o MPLS (Service Layer) and overlay.
o MPLS (Transport) • MPLS/VXLAN is a common data plane
• DC Underlay building block for service abstraction (aka.
o BGP / OSPF the overlay, L3 VPN’s, L2, etc.)
o IP (Transport) • MPLS or IP transport networks widely
• DC Overlay deployed today.
o BGP (L3VPN/EVPN)
o MPLS/VXLAN (Overlay)
o IP (Transport)

Conclusion:
 BGP (L3VPN/EVPN) for control plane
 MPLS/VXLAN for service abstraction
 IP for DC transport provides

Seamless integration between well known

and deployed WAN/METRO’s with evolving
DC overlay technologies

A Distributed Cloud (Telco Cloud)

Telco Cloud: High Level Overview

SDN-G OSS/BSS Alarms

OrchestratorSYSLOG
vRouter Heat
Analytics and
XMPP Orchestrators Monitoring Contrail
Sandesh Config REST APIs Analytics REST APIs Controllers
REST APIs
Control BGP
(L3VPN)
Controller

Analytics Controller Analytics

MX-SDN-GW
IP Fabric

vMME vPGW vPCRF

vSGW vFW vMMSC

Rack-01 Rack-02 Rack-03
CONTRAIL Telco CLOUD 2.0

 DesignFor Telco/Cable MSO

 Build & Optionally Operate (Managed Services)
 JTAC Support

 Reference Use-case Details (vEPC, vIMS, vIPTV,

vCPE, IoT etc.)

 AppFormix for Operations

 OpenStack & Linux (Redhat)
 Contrail Networking
 High Performance Software Defined Storage

 Major OEMs – Dell, HP, Lenovo, Cisco

 Smart NIC

 Gateway Router (MX), TORs (QFX), Switch (EX)

Core
/ Backbone
…
CO / POPs

CO / POPs
Customer Success Story : OOCL, HK
Next Gen ERP on Cloud with Juniper Contrail
About OOCL
Orient Overseas Container Line (OOCL) is a Hong Kong based shipping and logistics service company and one of the world's
largest integrated international container transportation, logistics and terminal companies with more than 320 offices in 70
countries around the world.
Business Requirement:
• OOCL provides a next generation ERP systems for its tenants and was
• Fully Automated Deployment on IT resources based on Openstack and KVM
• Evaluated: Cisco VTS, Nuage and Juniper Contrail.
Solution:
• Redhat/Dimension Data with the support of Juniper provided a Professional Advisory TO OOCL on Juniper
Contrail SDN solution and OpenStack related technologies using the Juniper Contrail Demo Lab in HK, which
convinced OOCL for the selection of Contrail.

Win Factors - Why Contrail and Juniper/Redhat/Dimension Data?

- Contrail’s seamless integration with OpenStack/Redhat. DHCP/DNS allocation etc.
- The flexibility and agility of the Contrail solution for the customer to understand peak loads on the network.
- No ‘rip and replace’ scenario and better integration with existing infrastructure
- Joint value proposition of Juniper and Redhat/DD and the level of local support and access to TAC from Juniper.
Juniper & Red Hat Cloud Leadership

OPENSTACK SURVEY (SDN)

Source: http://stackalytics.com/?release=newton&project_type=openstack&metric=commits Source: http://www.openstack.org/assets/survey/April-2016-User-Survey-Report.pdf

Partnership Value Proposition
FOR CUSTOMERS
• Leadership & expertise to deliver with fully integrated,
tested and supported modern cloud
• Red Hat – Software Defined Compute & Storage
• Juniper – Software Defined Networking
• Deep technical integration and constant communication
between engineering teams de-risks engagement
• Fully documented and certified solutions that have been
well integrated at many customers from Telcos to
Enterprises
• Publically available Solution Guide
• Seamless Life Cycle Management to reduce complexity
• TripleO based OSPd used to deploy both Red Hat and
Contrail components
FOR JUNIPER
• Red Hat is the most strategic OpenStack/Container
partner for Juniper
• Now easier to sell together because we are marketed
together, certified together, and an integrated solution
FOR RED HAT
• SDN for customers that need advanced networking
features and performance
• Only partner solution that is truly open sourced and is
aligned with the The Red Hat Way
• Now easier to sell together because we are marketed
together, certified together, and an integrated solution
THANK YOU
plus.google.com/+RedHat facebook.com/redhatinc
facebook.com/junipernetworks

linkedin.com/company/red-hat twitter.com/RedHatNews
linkedin.com/company/juniper-networks twitter.com/junipernetworks

youtube.com/user/RedHatVideos
youtube.com.sg/user/JuniperNetworks