Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Features

This section highlights the key features introduced with Juniper Cloud-Native Contrail Networking (CN2) Release 22.4. A brief description of each new feature follows.

CN2 on Amazon EKS

  • CN2 on Amazon EKS—Starting in Cloud-Native Contrail Networking Release 22.4, you can run CN2 CNI on an Amazon EKS cluster. Amazon EKS is an industry-leading managed Kubernetes service. To support ease of installation, release 22.4 makes available Terraform manifests that you can use to create a greenfield Amazon EKS cluster together with a CN2 CNI.

    See the Installation and Life Cycle Management Guide for Amazon EKS.

Cluster Security

Configure Management and Control Plane Authentication with TLS Encryption—Starting in Cloud-Native Contrail Networking Release 22.4, you can configure TLS encryption on the Contrail control plane and vRouter. The TLS protocol is used for certificate exchange, mutual authentication, and negotiating ciphers to secure the stream from potential tampering and eavesdropping. You can use TLS-based XMPP to secure all XMPP communication that occurs in the networking environment.

See Configure Management and Control Plane Authentication with TLS Encryption.

Advanced Virtual Networking

  • Deploy a Custom Default Pod Network— Starting in Cloud-Native Contrail Networking release 22.4, you can create pods with individual Custom Pod Networks on a per-namespace or per-pod basis. Instead of a shared Classless Interdomain Routing (CIDR), you can designate a Custom Default Pod Network for each new pod within a Network Attachment Definition (NAD) or Virtual Network.

    See Deploy a Custom Default Pod Network.

  • EVPN Networking Support— Starting in Cloud-Native Contrail Networking release 22.4, you can establish connectivity between a CN2 virtual network and an EVPN-VXLAN-signalled service using Ethernet VPN-Virtual Extensible LAN (EVPN-VXLAN) for virtual networks. Release 22.4 supports EVPN-VXLAN forwarding using Type2 network prefixes with virtual networks utilizing forwarding mode L2 and L2_L3.

    See EVPN Networking Support.

  • vRouter Interface Health Check—In Cloud-Native Contrail Networking Release 22.4 and 22.3, two attributes (targetIpList and targetIpAll) related to VMI health check are configurable but not supported. Documentation modified to reflect this.

    See vRouter Interface Health Check.

Services

Configure ClusterIP Service by Assigning Endpoints—Cloud-Native Contrail Networking Release 22.4 and Release 22.2 support the ClusterIP service to work with manually assigned endpoints without adding a selector in the service.

See Configure ClusterIP Service by Assigning Endpoints.

DPDK

DPDK on OpenShift Cluster Node—Starting in Cloud-Native Contrail Networking Release 22.4, you can run CN2 with a DPDK data plane on an OpenShift cluster node. DPDK can provide a higher performance data path in certain circumstances versus a kernel mode data path.

See Installing with User-Managed Networking.

CN2 Apstra Integration

CN2 Apstra Integration for SR-IOV-Based Workloads—Starting in Release 22.4, you can extend virtual networks in Cloud-Native Contrail Networking to an Apstra-managed fabric for SR-IOV-enabled networks. The SR-IOV technology enables the physical NIC to be split into several virtual functions. These virtual NICs or virtual functions can transmit and receive packets directly as opposed to going through the vRouter. When you create workloads on SR-IOV servers and attach virtual functions to the pods, the workloads use the fabric underlay directly.

See CN2 Apstra Integration for SR-IOV Based Workloads.

Tech Previews for 22.4

Introducing Tech Preview Features—Starting in Cloud-Native Contrail Networking Release 22.2, Tech Previews were introduced. Tech Previews give you the ability to test functionality and provide feedback during the development process of innovations that are not final production features.

Juniper CN2 Technology Previews (Tech Previews).