The key challenges facing MSPs and CMPs in “multi-cloud” are: Network

The rapid development of new cloud-based applications and IT services has led to increasing diversity in the market, and multi-cloud has long been a reality. In addition, the huge demand for connectivity and bandwidth often pushes existing network infrastructure and operations to their limits. On the one hand, this poses a major challenge to service providers, who need to keep up with the accelerated pace. On the other hand, it also provides opportunities to gain a competitive advantage.

However, service providers need to use the industry's innovative business enhancement solutions to respond more flexibly to market demands while improving efficiency and security. Software-based approaches play an important role now, allowing enterprises to respond quickly and efficiently to new demands based on intelligent networks, better visibility brought by analytical tools and highly automated processes, and provide connectivity, security and manageability for complex and widely distributed infrastructures.

It is in this context that Juniper Networks offers the Tungsten Fabric open source product and the Contrail commercial solution, management and control software with SDN capabilities to simplify service delivery.

The Origin of Contrail

Juniper Networks took a big step forward in software-defined networking (SDN) when it acquired Contrail Systems back in 2012. Contrail disrupted the market in the early days of the SDN boom by introducing the concept of network-as-a-service, abstracted through a single management pane of glass for both virtual and physical environments.

In late 2013, a year after acquiring Contrail Systems, Juniper Networks made its Contrail Networking software available as an official commercial product, along with full commercial support services.

At the same time, Juniper has open-sourced Contrail technology under the Apache 2.0 license called OpenContrail. Contributing Contrail technology back to the open source community gives developers the opportunity to contribute to the project and gives service providers and enterprises the flexibility to adapt Contrail to their specific requirements.

Tungsten Fabric - OpenContrail moves to the Linux Foundation

In March 2018, Juniper Networks took another step forward and moved OpenContrail (the open source project) to the Linux Foundation, making it more "open". This move is a fundamental change for the project, as it means that the Linux Foundation is now the owner. In this context, the open source project has a new name: Tungsten Fabric, which also helps to better distinguish the open source project from Juniper's commercial product line.

In September 2019, Yuntoutiao had in-depth communication with Ye Yong, general manager of Juniper Networks China Enterprise Business Unit, and Li Jinxun, architect of Juniper Networks China Innovation and Architecture Department, to discuss Tungsten Fabric.

In the face of changes in the IT industry and the needs of the multi-cloud market, what is the value of Tungsten Fabric? Ye Yong, general manager of Juniper Networks Enterprise Division in China, said:

"In the multi-cloud era, we have seen the transformation of many partners from traditional integrators to the next-generation integrators (MSPs). The most complex and difficult thing to do is to solve the network problems of the cloud management platform (CMP). In this case, Juniper Networks has accumulated a lot of experience in this area. They chose the Tungsten Fabric open source solution, and even recognized our commercial products from the open source solution and purchased them. For the needs of the multi-cloud market, we believe it is a very important component and has won praise from users."

In response to this, Yun Toutiao raised five questions. The following is a detailed reply for your reference~

What problems does Tungsten Fabric solve for CMPs and MSPs?

CMP is the core business product of MSP and also brings the most core competitiveness to MSP. However, CMP usually has a complex architecture and complex content. The infrastructure management module of CMP includes computing, storage and network. Relatively speaking, the most complex of these parts is the network part. Because the computing and storage technologies and protocols are relatively unified, the leading manufacturers are relatively concentrated, and the storage and computing resources are relatively independent of the business in the long-term development of the enterprise. Network technology has a long history, many protocols, and complex branches. In actual business, it is tightly coupled with the business, and the technology has a huge impact on the operation of the business. Therefore, in CMP, the solution for the network part is also the most complex. The emergence of Tungsten Fabric can reduce the R&D technology investment of MSP for the network part, so that CMP can focus on the upper part of the business and pay attention to the service management capabilities of the business. With the openness of Tungsten Fabric, CMP can easily manage and integrate network equipment from multiple manufacturers.

In short, the problems that Tungsten Fabric solves for CMPs and MSPs technically and commercially are as follows.

technology:

Leverage TF's powerful network service capabilities to improve CMP's network service performance and experience

By using TF to support any Underlay, CMP can adapt to any network environment. There is no need to force customers to change the network design when performing business cloudification or cloud management, which accelerates the implementation of CMP.

Utilize the openness of TF to bring openness to CMP network management, so that CMP can support multi-vendor network resource management

Utilizing TF to provide a variety of network security functions, not only can the service isolation of multiple tenants on the CMP platform be achieved, but also the security isolation between traditional networks and virtualized networks can be achieved by utilizing NFV functions.

Business:

Reduce the development cost of CMP and use the technology and resources provided by the community to achieve rapid development of the CMP network management part

Accelerate the R&D speed of CMP, reduce MSP’s R&D investment in the network layer, and allow MSP to invest more in the business management layer

Leverage the openness and open source attributes of TF to enhance the attractiveness of CMP to customers in terms of business

Tungsten Fabric is an important step in the decoupling of Juniper Networks platform and equipment. Compared with the openness and open source of Tungsten Fabric, the CMP platforms currently provided or participated by other network vendors in the market cannot be decoupled because the network function part is deeply bound to the vendor's own network products, resulting in the entire CMP being converted from an open system to a closed system. This closed ecological chain at the network layer binds customers, eliminates customers' free choice opportunities, and realizes the interests of manufacturers. This type of CMP usually does not provide or only provides a small number of interfaces to third-party developers, making it difficult for other MSPs to integrate it into their own CMPs, and it is difficult to form an open ecosystem and support for third-party products.

Once customers choose such CMPs or components, they will be closed into the circle controlled by the manufacturer, and it will be difficult for them to leave the control of the manufacturer in the future. From this perspective, it can be regarded as the failure of the customer's autonomous and controllable strategy. For customers, the essence of autonomy and control is to have access to source code, independent intellectual property rights, and independent services and development. Once such a closed system is selected, customers will lose control of their own cloud architecture and be completely controlled by others. Tungsten Fabric achieves the decoupling of platforms and devices through open source, bringing freedom to developers and customers, so that customers can truly achieve autonomous control of cloud architecture. This is the real charm of Tungsten Fabric.

Juniper Networks has been advocating the decoupling of software and hardware of network equipment. Recently, Juniper Networks has gradually begun to support the open network operating system SONiC in its own switch product line. Customers can purchase hardware platforms from Juniper Networks to run the SONiC system. At the same time, Juniper Networks provides a commercial cRPD routing protocol stack based on container technology for the SONiC system and server environment, realizing the cross-platform deployment of the Junos routing protocol stack. Through these means, Juniper Networks provides full-stack decoupling, from the decoupling of software and hardware of network equipment to the full decoupling of the entire network layer through TF.

Tungsten Fabric is only part of Juniper Networks' comprehensive and open multi-cloud architecture solution. Juniper Networks' goal is to provide an open, powerful and comprehensive software-defined network solution in a multi-cloud environment, eliminate customers' concerns in the process of turning to multi-cloud services, simplify user choices, and realize the vision of "refining simplicity".

What is the difference between Tungsten Fabric and OpenDayLight, a similar open source solution?

In essence, they are all open source systems. OpenDayLight is an open modular platform architecture, not a specific product. Generally, it is based on the OpenDayLight platform to open up the required functions. OpenDayLight focuses on broader aspects such as network and services. Tungsten Fabric extends from the network to the business level. Tungsten Fabric is more focused on providing a unified network and security architecture solution for complex multi-stack and multi-cloud networks.

Compared with OpenDayLight, Tungsten Fabric has the following obvious differences:

It has wide support and supports the use of different orchestration platforms (Kubernetes, Mesos/SMACK, OpenShift, OpenStackand VMware, etc.) to orchestrate different types of workloads (virtual machines, containers, bare metal), providing consistent network functions and security policies.

Unified, with plugin support for CNI, Neutron or vSphere

It has rich network and security functions, changing the original SDN that focuses on software and orchestration while ignoring network functions and features. It supports EVPN, VXLAN, ECMP, stateful firewall, seven-layer load balancing, BGPaaS, service chain, application layer policy, terminal grouping based on labels, traffic visualization, next-generation firewall offloading, IPSec, etc.

Provide high-performance network capabilities. Tungsten Fabric has a specially optimized vRouter with a packet forwarding mechanism similar to that of a hardware router, providing high forwarding performance to meet the needs of modern ultra-large-scale cloud networks.

Scalability, using distributed architecture to support the deployment of ultra-large-scale nodes, and supporting cloud networks to extend as many VN networks as possible.

What is the difference between Tungsten Fabric (open source version) and CONTRAIL (commercial version)?

Tungsten Fabric and Contrail share code and have the same functions in terms of network and security. Tungsten Fabric lacks the AppFormix suite in CEM. AppFormix provides performance monitoring functions for servers, middleware, Openstack and other software. In addition, Juniper provides professional software services for Contrail, while Tungsten Fabric can only obtain services and support through the community.

Select Tungsten Fabric specific case

Since its launch, TF/Contrail has received widespread attention and use around the world. In terms of customer coverage, the customer base includes the following categories:

Telecom operators: AT&T, Verizon, NTTCom, etc.

Cloud service providers: XON-Wingu, TCP Cloud, etc.

Large enterprises: eBay, Symantec, Orange Business Service, Riot Games, a large financial client in China, etc.

The main application scenarios of these enterprises can be divided into the following categories:

Typical customer: workday

Providing large-scale cybersecurity support for SaaS

Requirements: Clear tenant isolation; high-performance OpenStack Neutron alternative; provide overlay services for any underlay architecture; no vendor lock-in; support overlay in multiple deployment modes

The value of TF/Contrail: secure multi-tenant isolation; ultra-large-scale network support; standard and mature protocols; support for heterogeneous computing environments

Typical customer: Riot Games

Providing a multi-tenant cloud environment for containerized SaaS

Requirements: Support fast-growing cloud business; support multi-tenant self-service development and testing cloud; provide secure, multi-tenant support for containerized networks; integrate with customer-customized orchestration systems; support multi-cloud environments (localization and AWS); support service chaining

The value of TF/Contrail: Support containerized networks, support multi-cloud, can be used as a unified virtualized network and security layer; integration with customized orchestration systems

Typical customers: TCP Cloud

Provide high-performance support for private clouds in IaaS environments

Requirements: Provide support for any underlay network; no vendor lock-in; agile and flexible; support overlay and underlay connections; clearly isolate tenants

The value of TF/Contrail: Standard and mature protocols; support for connections to traditional and virtualized environments; large-scale improvement of the performance of existing gateways; secure multi-tenant support

Typical customer: Symantec

Agile IaaS cloud support

Requirements: Agile DevOps environment; Reduce manual intervention/avoid errors; Provide overlay under any underlay; Clear tenant isolation

The value of TF/Contrail: Providing on-demand horizontally scalable network services; Providing automated network deployment; Massively improving the ROI of existing gateways; Secure multi-tenant isolation