Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Contrail Enterprise Multicloud Architecture

Contrail Enterprise Multicloud Introduction

Contrail Enterprise Multicloud (CEM) is an intent-based networking system that automates the lifecycle of the infrastructure and application networking services on multicloud infrastructures that are composed of private clouds (data centers, virtualized computes) and public clouds.

For physical data center IP fabrics CEM supports the whole scope of network operations by:

  • Automating Day 0 configuration of the infrastructure. This involves configuring a set of factory reset devices into a completely functional fabric or the onboarding of an existing fabric. It can also enable multitenant application networking services and perform hitless OS upgrades on devices that run Junos OS.

  • Automating Day 1 service operations such as provisioning VLANs on access ports, inter-subnet routing services, advanced inter-tenant services, across the fabric, and where needed extending those services across physical and virtualized endpoints.

  • Automating Day 2 maintenance and scale out procedures of the fabric (adding devices to the fabric, replacing failed devices, diverting traffic from devices).

  • Collecting flow usage counters, streaming telemetry, alarms, counters from devices.

  • Poviding a view on how the infrastructure and multitenant services are performing, identifying capacity bottlenecks or traffic anomalies with respect to the baseline

  • Providing workflows and methods to proactively identify issues, faults, correlate them and take the relevant corrective actions.

This guide focuses on Contrail Enterprise Multicloud as the central point of management of EVPN/VXLAN data center fabrics as shown in Figure 1.

Figure 1: Contrail Enterprise MulticloudContrail Enterprise Multicloud

The components focused on in this guide are seen in Figure 2, namely Contrail Command as a central point of management and EVPN/VXLAN as the key data center technology.

Figure 2: Contrail Enterprise Multicloud—Data Center Fabric ManagementContrail Enterprise Multicloud—Data Center Fabric Management

Benefits of the Contrail Enterprise Multicloud Solution

The following points explain why Juniper Networks Contrail Enterprise Multicloud solution can meet your needs for a multicloud environment:

  • Intent based automation and lifecycle management of the fabric using Contrail Command removes requirement to manually configure the fabric using the JunosOS CLI.

  • Cloud ready architecture—ready to take you from private data centers all the way to the multi-cloud.

  • An architecture that provides seamless integration of physical and virtual VXLAN tunnel endpoints (VTEP) by using vRouter technology.

  • Built-in management security that provides end–to-end security and a uniform security posture by using Contrail Security and BMS policy management.

  • Takes the dream of a self-healing, self-driven network closer to reality with help from tight integration of Contrail Command, AppFormix and Junos OS components.

  • Support for Red Hat Enterprise Linux (RHEL), VMware integration, and integration with Nutanix.

  • Open-standards based.

Benefits of Using an SDN Controller for an EVPN/VXLAN Fabric

When you combine an IP fabric with an EVPN/VXLAN environment, there is a clear demarcation between underlay operations (related to the infrastructure, devices, and software images) and overlay networking services (VLANs carried over VXLAN tunnels using MP-BGP EVPN protocol). Unlike proprietary fabrics, an EVPN/VXLAN fabric uses a role-definition for every device based on capabilities and location of routing between virtual networks.

EVPN is a powerful technology that can be used in a range of use cases. It brings multitenant, multiservice capabilities to production data centers, corporate branches and campuses, enterprises, and service provider wide-area networks (WANs). EVPN can be deployed in network hardware, servers, and even the public cloud. It supports networking functions from Layer 1 to Layer 4 in a relatively simple, integrated, and scalable manner. Last but not least, EVPN has been widely adopted across the networking industry.

With the context provided above, let’s look at the reasons an enterprise should deploy a controller for an EVPN/VXLAN environment and why Contrail Enterprise Multicloud is the best tool for the job:

  • Provides a fast and error-free infrastructure to build operations with minimal human effort. Contrail Enterprise Multicloud brings simple abstractions of composable service building blocks that it translates into underlying network building blocks including EVPN. Service layer building blocks include constructs such as tenants, subnets, policies, gateways, and service chains with associated service-level controls.

  • Brings day 1 plug-and-play baselining of the physical network fabric and enables an operator to perform day 2 functions at an intent/service level rather than at a technology level. For example, Contrail Enterprise Multicloud helps create the fabric, create tenants, add subnets to tenants, attach endpoints to subnets, build and apply policies to tenants, and so on.

  • Adds smart life cycle management (LCM) capabilities to the fabric. Contrail Enterprise Multicloud offers life cycle management of the fabric.

  • Opens endless positive business outcomes. For example, fabric-wide visibility and control of critical operations means a is a very short lead time for daily operations, such as VLAN Tickets.

  • Simplifies network management using normalized configurations/operations for all tenant services. Contrail Enterprise Multicloud eliminates manual procedures and complexity of performing those operations, while leaving network operators in full control of which operations should be performed in the data center fabric.

  • Adds openness at all layers. This quality is unique to Contrail Enterprise Multicloud and makes it stand out from all other controllers in the industry. From the use of open standards technology in the network (such as EVPN/VXLAN, Ansible and Jinja2 templates, and APIs for everything), Contrail frees operators from the pitfalls of closed proprietary systems.

  • Achieves realtime visibility on the usage of infrastructure by each tenant service to minimize outages. Contrail Enterprise Multicloud provides a single pane of glass to display the health and status of the infrastructure. Being able to use a single tool to analyze which services and tenants are impacted provides operators invaluable insights, which minimizes the impact of outages and reduces them to a minimum.