Centralized Deployment Overview
The Cloud CPE Centralized Deployment Model (centralized deployment or vCPE) differs from the other deployments discussed in this guide in that the centralized deployment requires that the service provider install and maintain a Contrail Cloud instance in their network. This Contrail Cloud instance is needed in order to host the VNFs and the CSO installation.
In the centralized deployment, customers access network services remotely from a service provider’s cloud. Sites that access network services in this way are called service edge sites in this documentation. Figure 1 illustrates a simplified centralized deployment.
The following sections provide a high-level look at the Centralized Deployment Architecture and a walkthrough of one possible way to set up CSO for Centralized Deployment. Appendix A presents the details of a Centralized Deployment Reference Architecture.
Centralized Deployment Architecture Overview
CSO’s Centralized Deployment Model uses some of the architectural elements used by the other deployment models, but not all of them. Due to its centralized nature, this model doesn’t support:
CPE devices at remote sites as used in Hybrid WAN and SD-WAN deployments
Overlay networks as used in SD-WAN deployments
VNFs hosted anywhere outside of the Contrail implementation inside the SP cloud
Now that we have mentioned what is not supported, we’ll tell you what architectural elements are supported.
In the Centralized deployment, you need to have:
A Contrail implementation
A provider edge (PE) router that provides access to the SP cloud for the remote sites
A POP, either central or regional in which the PE router resides
A specific Virtual Infrastructure Manager (VIM)
(Optional) An Element Management System (EMS)
Generally, the connection from the remote site to the Service Provider cloud can be over any transport so long as a connection can be made. Any L2 or L3 connectivity works. We recommend some sort of VPN connection in order to secure the connection from bad actors. Juniper supports the use of an MX Series router as the provider edge (PE) device. Use of a Services line card is required if using an MX Series router to terminate IPsec VPN traffic. Table 1 shows the hardware and software that can be used as the PE router in a centralized deployment
Table 1: Hardware and Software Matrix for the PE Router in the Centralized Deployment Model
Junos OS Software Release Version
MX Series 3D Universal Edge Router
Junos OS Release 16.1R3.00
The SP network is usually an MPLS network. CSO is deployed as part of the Contrail implementation either in the SP Data Center or elsewhere in the cloud.