Enterprise Cloud and Transformation
Juniper Employee , Juniper Employee Juniper Employee
Enterprise Cloud and Transformation
Simplifying Multicloud with Contrail Enterprise Multicloud
Dec 13, 2017

The way we consume the Cloud is changing

The way enterprises, cloud providers and service providers are consuming the cloud is changing rapidly, driven by the blurring of the boundaries between different types of cloud environments. Their journey toward delivering core business services with agility has consisted of introducing automation into the assets they own, the private clouds, building and expanding their data center infrastructure and leveraging virtualization and software-defined-networking to a certain extent. At the same time, the public cloud offering has become more pervasive, mature and usable for widely consumed applications and use cases.


However, these environments – the private cloud and the public cloud – are today managed as distinct, disjointed infrastructures. With the evolution toward high-speed mobile broadband access everywhere, the infrastructure to deliver cloud-based services and applications also moves as close to the end-user as possible in order to give them the best possible quality of experience. As a result, the infrastructure to deliver applications and services is spread across the entire wide-area-network, between distributed locations (down to access PoPs and enterprise premises), traditional data center locations and the public clouds (e.g. AWS, Microsoft Azure or Google Cloud Platform).


The challenge of multicloud

The new cloud is therefore composed of heterogeneous environments, with very different operational models: private data centers with legacy applications on bare metal servers, virtual machines and containers, to public cloud tenants where enterprises and providers consume traditional IT applications and distributed data centers with new application workloads.


First, there isn’t a single tool today that can be used to deliver an application service with a single-click across all of these diverse environments. Instead, each cloud uses its own language and tools, and they are separate compute/networking/storage execution environments.


Second, the set of operational skills and automation tools required to operate each cloud infrastructure are very different and require that most enterprises and providers develop these skills.


Finally, there is immense complexity in operating, troubleshooting and real-time monitoring of a multicloud environment, where data is being sent from different heterogeneous and often non-integrated components, as well as offering carrier-grade service level agreements (SLAs) and service assurance for such a cloud.


The foundational principle for Juniper Networks’ Contrail Enterprise Multicloud  as the multicloud controller for networking services can be summarized in the following diagram:



Each cloud delivers application services leveraging a programmable fabric, providing  connectivity between endpoints (application workloads). With Contrail Enterprise Multicloud, organizations can transform the set of disjointed cloud environment into a single multicloud, where networking services across applications – of any type – can be orchestrated , managed and monitored through a single pane of glass.


Contrail Enterprise Multicloud relies on its ability to map abstract overlay services to each cloud-specific environment, leveraging IP routing across clouds to provide connectivity (multicloud networking-as-a-service) across application components, independently of which cloud execution environment they use. Networking-as-a-service provides the ability to abstract the network connectivity across workloads through the definition of a policy that interconnects virtual networks. Workloads can be application ‘endpoints’ (e.g. a web frontend, an application Database backend) or functions (e.g. a load balancer, a firewall) that are used to provide optimal processing of the application-component to application component traffic.


In private clouds:

  • The physical DC fabric (as well the physical workloads as bare metal servers and PNF) is programmed and controlled via networking/configuration/telemetry protocols. Contrail supports the full lifecycle management of the DC fabrics.
  • For virtualized workloads in the private cloud, Contrail vRouter operates as a L3-capable virtual TOR device, connecting workloads (VM, containers) to virtual networks.
  • Telemetry is collected by Contrail and AppFormix and augmented for both the underlay and the overlay services.


In the public cloud:

  • The underlay is managed by the cloud provider, therefore Contrail Enterprise Multicloud provides the onboarding and import of existing public cloud tenants (e.g. AWS VPCs, Azure Virtual Private Clouds) as part of the managed extended fabric.
  • The overlay services are programmed and controlled through public cloud APIs that expose the capabilities to manage application services. Similarly, native cloud APIs are used to collect analytics information in Contrail Enterprise Multicloud for public cloud workloads.


Across cloud environments:

  • Cloud environments each have a demarcation point that Contrail Enterprise Multicloud manages (configures and controls) such as an SDN gateway for DCI, a VPN gateway to connect the DC to the public cloud or a Virtual Gateway or DirectConnect PoP, in order to automate the fabric across the individual cloud environments.


Contrail Enterprise Multicloud provides a highly customizable automation tool for the complete infrastructure, across all of the infrastructure and service lifecycle phases, from the build up/scale out, to daily change management and operations.


Why Contrail Enterprise Multicloud? 

  • Simplified setup, scale-out, daily operations , service management and troubleshooting across all cloud environments
  • Intent-based rapid provisioning and change management allows network/cloud operations teams to operate through Contrail to create/modify networking services, by specifying the intent (how the workloads should be connected).
  • Improved reliability of both underlay and – more importantly – of overlay networking services.
  • Insight and predictive analytics across all cloud environments; complete real-time view of how the different infrastructures operate, and how overlay services use them.

Apr 26, 2018
Robert DuWors

Totally concur. Blending will be the dominate Cloud/Multicloud architecture going forward using Centalized Clouds (public or private) with Edge Clouds including application specific Cloudlets and Edge Nodes some of which blur the Edge/Cloud distinction such as autonomus vehicle control systems. Three years from now, nobody will spent much time at an architectural and system management level trying to reduce friction between public and private clouds. That distinction is more about licenses and billing algorithms under different business models than about distributed systems architecture, i.e. "service as as subscription" rather than the more fundamental "service as a functionality". Have humbly put down a few thoughts regarding the matter on LinkedIn.