Juniper’s got religion, and that religion is multicloud.
As the company sees more enterprises putting workloads in clouds–be they private data centers or public platforms from AWS, Azure, Google, and others–it also sees an opportunity for its Contrail software.
Juniper’s message is that Contrail, specifically its Contrail Enterprise Multicloud (CEM), is a single point of sanity (or maybe salvation) for operators and administrators who need to unify network operations, management, and policy when connecting workloads that could be anywhere.
That is, Juniper position CEM as a unified command center where you can enable network connectivity, set and deploy policies, and manage both the overlay and the underlay, regardless of where a workload lives.
That’s a tall order. Here’s how Juniper proposes to do it:
In the data center, it starts with an IP Clos network design and Contrail Controller software. The data center fabric is built using BGP EVPN and VXLAN protocols.
Contrail also includes vRouter software to run on workload hosts (bare metal, virtual, or container-based). The vRouter software ties the host into the overlay fabric and also serves as the policy enforcement point for workloads on the host.
CEM uses NETCONF for device configuration, with Ansible playbooks providing templates to help automate configuration and operations. Juniper provides off-the-shelf playbooks for its MX routers and QFX switches. It has future plans to make templates available for its SRX and EX gear, as well as Arista 7000 and Cisco Nexus 5000 and 9000 switch lines.
Juniper says CEM can also interconnect multiple private data centers via IP-VPN or EVPN to enable connectivity between applications and services running in physically separate locations.
Within CEM is a user interface that Juniper calls Contrail Command. This is where administrators and operators set policies, push out configurations, and monitor and troubleshoot the overlay and the underlay.
CEM also includes Juniper’s AppFormix analytics software. AppFormix receives telemetry data from Junos devices and vRouters to help organizations monitor and troubleshoot both the underlay and the overlay.
Contrail Enterprise Multicloud isn’t just for private data centers. The same vRouter software that can be deployed on internal hosts can also be deployed in public clouds, whether at the gateway of a VPC or on a host or hosts within a VPC.
As in the private data center, the vRouter acts as the policy enforcement point in the cloud and ties the cloud overlay (typically IPSec) into CEM’s overall framework.
The upshot is that Contrail Enterprise Multicloud presents a unified orchestration point for a network that can stretch from a private datacenter into a variety of public clouds, and provide a uniform interface for policy, monitoring, and management.
Juniper isn’t the only big vendor touting software to run multicloud environments. VMware is building out its NSX network virtualization software to encompass not just the data center but also branch networking (via its VeloCloud acquisition) and public cloud workloads.
In particular, VMware positions its NSX Cloud offering as a single platform to set and deploy networking policies and security controls for workloads across multiple public clouds. It also includes templates to simplify provisioning.
Cisco’s ACI also has its eye on the cloud. In August 2017 the company announced its intention to bring ACI into public cloud environments including AWS, Azure, and Google.
As with Juniper and VMware, Cisco touts similar benefits: a unified operations and policy environment that stretches from the data center up to the public cloud.
According to an article in The Register, multicloud ACI will be coming in 2018.