Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW

PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONNuage Networks

CloudStack Meetup at Nuage Networks

Suresh BoddapatiVice President of Engineeringsuresh@nuagenetworks.net

September, 2015

Nuage Networks Overview

Nuage is based in Silicon Valley with a team around the world

An Alcatel-Lucent venture focused on data center and branch office network evolution for the cloud era Leverage Alcatel-Lucent infrastructure and key technologies

Creation of an Abstraction & Automation layer between networking features and hardware equipment

Policy-driven networking design reflecting business directives, not network protocols

Nuage Networks Momentum

Solid wins with marquee accounts

100+ pilot deployments

25+ commercial wins

Across large enterprises, cloud providers & service providers

PHYSICAL & MANUAL DISTRIBUTED & AUTOMATED

DYNAMICMULTI-TENANT

VIRTUALWORKLOADS API

NO-MOBILITYSINGLE TENANT

BARE METALWORKLOADS MANUAL

The Cloud Shift

STATIC NETWORKS HIGHLY AUTOMATED NETWORKS

AUTOMATIONABSTRACTION

CONTROL VISIBILITY

✓

✓ ✓

✓The SDN FrameworkFor Highly Automated

Networks

CUSTOMCOMPLEX

COSTLY CLOSED

Focus on “Needs”, automate the “Means”

The Networking Shift

Network Policy• IP address 10.x.y.z• VLAN configuration• WAN configuration• Security / FW settings• QoS parameters• …

Workloads

Appropriate network properties propagated to the workload, regardless of physical location on infrastructure

To: Tina Gray

1428 Elm Street

Springwood, OH

Physical: Snail mail delivered to the same physical address, regardless of Tina’s location

Virtualized: Email delivered to Tina’s location, regardless of her mailing address

Network VirtualizationABSTRACTION

Tunnels between endpoints allow for independent topologies

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

How does it work?

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

APPOS

ABSTRACTION

Natural evolution to bring more intelligence & features near the applications

vSwitch (in software) runs on the server consuming available resources (i.e. CPU)

If a specific vSwitch requires more capacity, one can simply upgrade the CPU for that portion alone, not the entire network!

Core

Aggregation

ToR

vSwitch

Features

Servers

$

Why Network Virtualization?ABSTRACTION

Network Virtualization Side Effects

But then do I get many (many) vSwitches to manage, one per server?

SDN approach to centralize the control plane (intelligence)

Nuage Networks virtualization approach automatically program the virtual networking elements

Nuage vSwitch (VRS) executes the policies locally

Servers

SDN Controller

vSwitch

vSwitch

vSwitch

vSwitch

ABSTRACTION

Nuage versus Traditional Networking

When workloads are deployed, physical network infrastructure needs to be provisioned Time consuming, error prone, equipment specific, etc.

Introducing vSwitch removes the need to configure the physical equipment – we then only use it for transport

Network overlays are dynamically created using VxLAN “tunnels” according to the Network policies of each workload

Core

Aggregation

ToR

vSwitch

Servers

Network Overlay

VxLA

N

ABSTRACTION

Modern networking protocols done in vSwitch instead of specialized hardware

Extended the life of the networking assets by 12-18 months

L2

Marketing

Engineering

L2

L2

QA

VirtualizedServicesDirectory

VirtualizedServicesController

VirtualizedServicesController

Multiplexing the Network

Deploying more virtual networks atop the existing network infrastructure increased the utilization by 40%

Decoupling the tie between hardware vendor and software features – priceless!

ABSTRACTION

Current Data Center Network

Compute is virtualized Available in minutes

Network is partially virtualized Configuration takes days/weeks

NetworkConfiguration

Compute Management

Application Request

Help DeskChange Control

IP Address

VLAN Address

FirewallConfiguration

LAN (VLAN)Configuration

WAN (IP)Configuration

Security / QATeam

ProjectCoordinator

Network changecompleted in days/weeks

Service velocity is hindered by manual network process

Auto-instantiation

Compute request completed in

minutes

00:01

AUTOMATION

Nuage Networks Policy Templates

Application Request

Service velocity is not hindered by manual network process

Compute Management

Networking

Security/ Compliance

Policy Templates

Nuage Networks VSP

Auto-instantiation

Compute request completed in minutes

IP address

WAN interconnect

Policy / Security Zones

L2 /L3 Service AD

Service chaining

Policy Instantiation• IP address 10.x.y.z• VLAN configuration• WAN configuration• Security / FW settings• QoS parameters• …

Network changecompleted automatically

00:01

00:01

AUTOMATION

Time reductions Refocusing IT

Significant opportunities for IT re-allocations

Total hours Application deployment

MACs Troubleshooting0

5,000

10,000

15,000

20,000

25,000

19,160

13,930

Hours Saved

Baseline Nuage

Hou

rs

27% savings in hours required

Application deployments Hours saved of 23%, or 1,500 hours Results in faster launch of applications

Applications MACs Hours saved of 27% of 2,700 hours Results in faster updates of applications

Applications troubleshooting Hours saved of 35% of 1,0700 hours Results in faster fixes of errors

Thousands of hours saved!

AUTOMATION

Bare Metal Servers

Gateway

Server

Server

VM VM

ESXi Server

L2

Virtual Network A

Virtual Network B

L2

L2

Virtual Network C

Nuage Networks Supports All WorkloadsCONTROL

Linux Server

Containers VM

VMContainers

Any NetworkPublic

Datacenter

Branch

Branch

Branch

Branch locationDCI

Hypervisor

Hypervisor

Hypervisor

Customer Data Center

VirtualizedServicesController

VirtualizedServicesController

Case Study – Hybrid Cloud Model

Large financial customer uses Nuage in its own DataCenter

Customer developed an architecture that will allow them to securely move workloads to public cloud provider

Nuage provides a common Networking profile regardless of the physical location and networking equipment used

For governance purposes, Nuage offer a single/centralized tracking infrastructure

Hypervisor

Hypervisor

Hypervisor

Amazon AWS

VirtualizedServicesController

Hypervisor

Hypervisor

Hypervisor

Google GCS

CONTROL

Template

Conforms to:• Connectivity• Security• QoS• Statistics

Users (Network)

Users(Compute)

Hypervisor

DC1 Zone 1

1,000 Hosts

Hypervisor

DC1 Zone 2

1,000 Hosts

Config

Update

Update

Update ConfigUpdate

Update security policies once, hierarchically & centrally.

Deployed across all appropriate endpoints instantaneously

Push-button network audit visibility

Adhere to changes across the infrastructure implicitly

Compliance with global security policies

Ensure configuration consistency

Derived Benefits: Tighter governance and SecurityCONTROL

The Underlay as a Network of Networks

IP Network

Hypervisor

Hypervisor

Hypervisor

DC 1 Rack 1Hypervisor

Hypervisor

Hypervisor

DC 1 Rack 2

ToR

Hypervisor

Hypervisor

Hypervisor

DC 2 Rack 1

DCCore

X

VISIBILITY

Branch Offices Headquarters

“Hardware Centric”

Server Centric

Open Network Approach

Buy my hardware… (Propagate closed systems)

Largely ignore it…(Use marketing machine)

Use standard protocols and open interfaces to

Solve the problem

Alternatives for Assessing Service Health…VISIBILITY

VSAP is about underlay & overlay correlation

Branch Offices Headquarters

IP Network

Hypervisor

Hypervisor

Hypervisor

DC 1 Rack 1Hypervisor

Hypervisor

Hypervisor

DC 1 Rack 2

ToR

Hypervisor

Hypervisor

Hypervisor

DC 2 Rack 1

DCCore

X

VISIBILITY

MONITORphysical topology

CORRELATE physical & virtual topology

Virtualized Services Controller (VSC)

Graphical view of alarms and faults in the network Alarm correlation for root cause analysis Remedial action for expediting problem resolution

Upstream router port failure

VSAP Fault CorrelationVISIBILITY

EXISTING DATACENTER

NETWORK

. . . .

Any Compute Virtualization Environment

Any Datacenter Network Infrastructure

Any Server or Hypervisor

The MUST BES

ANY APPLICATION, ANY CLOUD, EVERY TIME

ESXi KVM Hyper-V

XEN

BareMetal

BGP

MPLS Internet Mobile

Fast, simple core Multi-service edge

Multi-domain support Massive network scale

Policy-driven, on-demand connectivity

Massive user scale

Applying Principles of Proven Architectures

Cloud Service Management Plane

Data Center Control Plane

Data CenterData Plane

VirtualRouting & Switching

VirtualizedServicesDirectory

VirtualizedServicesController

HYPERVISOR

HYPERVISOR

HYPERVISOR

HYPERVISOR

HYPERVISOR

HYPERVISOR

Virtualized Services Directory (VSD)• Network Policy Engine – abstracts complexity• Service templates and analytics

Virtualized Services Controller (VSC)• SDN Controller, programs the network• Rich routing feature set

Virtual Routing & Switching (VRS)• Distributed switch / router – L2-4 rules• Integration of bare metal assets

Nuage NetworksVirtualized Services Platform (VSP)

IP Fabric

Gateway for bare metal servers

Nuage Networks Virtualized Services Platform

MP-BGP

Value

Time

An SDN Journey … Delivering value over the network

Nuage Networks Virtualized Service Platform (VSP)

Hypervisor

Hypervisor

Hypervisor

• 40% increase in asset utilization• 50% OPEX reduction• 10x improvement in service

time• Build “modern networks” on

top of existing infrastructure• Extend life of Net HW and

increase utilization• Break dependency between

features and HW supplier

Data center

Any NetworkPublic

Datacenter

Branch

Branch

Branch

• Reuse existing network infrastructure

• COTS hardware CPE• Advanced features in SW versus

bound to HW• Central/common policy engine

reflecting business values vs net capabilities

• Automated bootup processBranch locationsWAN

• Increase resiliency• Enable hybrid/public cloud• “Follow the sun” apps

support where you move workloads where/when needed

• Allow workloads to move from one data center to another

• Keep the same net profile/security regardless of the location

VM VM VM

Virtual Net

Existing Network

In Conclusion

To deliver business agility, network virtualization & automation are becoming the foundation for private clouds

To support this trend, Nuage Networks delivers a new class of modern SDN solution

Abstraction & Automation with full Control & Visibility

Policy-driven automatic provisioning

Boundary-less automation across Data Centers & VPN

For all virtualized and bare-metal workloads CHAN

GE A

HEAD

Nuage VSP CloudStack Integration

• APAC • CTCC

• Public Cloud - Deployed last year• Growing the deployment this year – in servers and #VMs• Private cloud deployments in pipeline

• POCs/Trials in progress in APAC.

• EMEA: Interest growing – POCs planned• North America: A large Enterprise customer in trial

05/02/2023

28

Nuage VSP CloudStack customers

CloudStack VSP Plugin Overview Nuage VSP has a plugin for Apache CloudStack 4.3, 4.5 Works with Nuage VSP v2.1 and v3.2 It enhances the base CloudStack networking

With Nuage VSP’s advanced virtual networking capabilities With a sophisticated policy, controller architecture that gives much better scale and

performance than the base CloudStack networking

CloudStack to VSD Mapping• ACS has inbuilt networking constructs that are used to define the networks in an ACS cloud. • The Nuage VSP plugin support for ACS maps the ACS networking constructs to the corresponding Nuage VSP constructs

CloudStack Resource Description Corresponding Nuage Construct

Domain Collection of user groups Enterprise

Account Collection of tenant users User Group

Account User A tenant user User

Static NAT   Floating IP

Firewall Rules Access control for traffic leaving a guest VM

Ingress Security Policy

Ingress Rules Access control for traffic coming into a guest VM

Egress Security Policy

Network ACL Access control for traffic coming into a guest VM in a VPC

Ingress Security PolicyEgress Security Policy

Isolated Network with NAT   L3 Networking

VPC  Virtual Private Network L3 Networking

Advanced Networking Isolated Network Virtual Private Cloud

Supported Services Virtual Network User Data service (password reset, meta data – uses CS VR) Static NAT Firewall DHCP Network ACL External DNS Source NAT Public load balancer Guest VMs DNS support Multi-Hypervisor support – ESXi, XenServer, KVM Extensions to support enhanced networking capabilities

Improved scalability Enhanced concurrent operations Improved Plugin robustness - ACS/VSP objects Audit/Sync support

05/02/2023

31

CloudStack NuageVSP Plugin

On The RoadmapParity with VR functionality Port Forwarding Site-to-Site VPN Remote Access VPN

Nuage is a contributor to Apache CloudStack We are now officially contributing to Apache CloudStack The CloudStack VSP Plugin has been checked in upstream to ACS 4.5 branch We are Platinum sponsors at 3 out of 5 CloudStack Collaboration conferences in 2015 We have a booth presence and speaking sessions Nuage is the only viable SDN solution for CloudStack Next upstream check in will be in ACS 4.6, any time now

9/14/1534

www.nuagenetworks.com @nuagenetworks