Organizations understand the benefits of web-scale and cloud-native architectures including flexibility, agility, speed, automation, elastic scale, and cost effectiveness. While they can achieve these benefits for application deployments, legacy networking and application services solutions prevent them from realizing end-to-end benefits for the infrastructure stack.
Emergence of private, public, and hybrid cloud deployments and heterogeneous environments (bare metal servers, virtual machines, containers) requires a next-generation architecture for software-defined environments.
Version Support
The NSX Advanced Load Balancer supports Contrail integration. For more information on supported versions, see OpenStack Support Matrix topic in the VMware NSX Advanced Load Balancer Installation Guide.
Features and Benefits
Architectural alignment enables seamless integration of Juniper and NSX Advanced Load Balancer solutions, delivering intelligent automation
Complete automation from L2-L7 enables enterprises to automate their infrastructure. They can respond quickly and cost-effectively to surging demand, without downtime, enabling applications to be deployed and scaled rapidly
Granular visibility into application performance and end-user experience and access to both historical and real-time application analytics enables admins to troubleshoot network incidents within minutes
A high-performance networking solution that enables a full-featured, software-defined data center
ECMP support for routing traffic to back-end servers
Integration
The NSX Advanced Load Balancer Controller is the single point of integration with Contrail using REST APIs. During initial configuration of the Controller, the admin needs to provide OpenStack credentials and the Contrail API-Server endpoint URL. From there on, the Controller completely automates the entire deployment. As application or network administrators configure application load balancers, the Controller automatically creates SEs, adding the virtual network interfaces (vNICs) in the right overlay network to the Service Engines and invokes Contrail APIs to place the virtual IPs (VIPs) on those vNICs without any manual intervention. As application traffic increases, the Controller scales out by creating or additional SEs and placing them in the right network through the integration with OpenStack and Contrail.
Interaction
All interaction between NSX Advanced Load Balancer and Contrail is performed through API calls initiated from the NSX Advanced Load Balancer Controller to the Contrail API-Server. During the OpenStack cloud setup of NSX Advanced Load Balancer, Contrail can be selected, along with the Contrail API-Server’s IP or endpoint URL. The Controller uses its OpenStack credentials to authenticate API messages sent to Contrail, which are secure and encrypted through SSL.
API calls are sent from NSX Advanced Load Balancer to Contrail whenever a network or IP change needs to be made. Examples of actions that might necessitate include creation of a new virtual service or VS deletion, spinning up a new Service Engine, or a failover of a Service Engine. In each case the NSX Advanced Load Balancer Controller makes appropriate configuration changes to the load balancing infrastructure and sends messages to Contrail to take the corresponding actions to configure the networking. In network programming failures, the NSX Advanced Load Balancer logs an event for the object (such as the virtual service) and marks it down or offline (since it cannot be placed in the network).
Calls are sent from NSX Advanced Load Balancer to Neutron or Contrail, or both, depending on the task. The NSX Advanced Load Balancer supports using either config-drive or metadata service for reading virtual machine properties. By default, NSX Advanced Load Balancer tries config-drive first, but uses whichever method is supported by the OpenStack environment.
Floating IP and VIP Management
The NSX Advanced Load Balancer can manage load balancing capacity for a virtual service by dynamically scaling-out or scaling-in the virtual service on additional SEs. By default, the primary SE for the virtual service co-ordinates distribution of traffic flows amongst the secondary SEs, including itself. On OpenStack with Contrail, NSX Advanced Load Balancer can take advantage of Contrail’s ECMP support and manage the orchestration of ECMP routes as part of virtual service placement.
The ECMP can take place at the following locations:
The upstream edge router (for example, Juniper MX or such)
The Contrail vRouter on the host hypervisor
Virtual Service Creation
Create a virtual service named vs2 using the NSX Advanced Load Balancer CLI as follows (or alternatively using NSX Advanced Load Balancer UI):
configure pool vs2_pool servers ip 20.0.0.3 port 80 New object being created save cloud_ref jvnc2 tenant_ref demo save configure virtualservice vs2 pool_ref vs2_pool cloud_ref jvnc2 tenant_ref demo vip vip_id 0 New object being created auto_allocate_ip subnet a834986a-385e-4616-9d9c-6b91cfaa51e0 save services services port 80 New object being created save save +----------------------------------+-----------------------------------------------------+ | Field | Value | +----------------------------------+-----------------------------------------------------+ | uuid | virtualservice-2f8770d0-20cc-477f-9419-b206b9624389 | | name | vs2 | | scaleout_ecmp | True | | vip[1] | | | vip_id | 0 | | ip_address | 19.1.1.7 | | enabled | True | | network_ref | 02b846e6-cd68-4c84-b7ab-3709946ed28b | | port_uuid | c0e4cb54-8706-4bed-97bb-271a603f858f | | subnet_uuid | a834986a-385e-4616-9d9c-6b91cfaa51e0 | | subnet | 19.1.1.0/24 | | auto_allocate_ip | True | | auto_allocate_floating_ip | False | ... +----------------------------------+-----------------------------------------------------+
The below summary output shows vs2 running on one SE named Avi-se-czpey.
show virtualservice vs2 summary +-----------------------+-----------------------------------------+ | Field | Value | +-----------------------+-----------------------------------------+ | oper_status | | | state | OPER_UP | | percent_ses_up | 100 | | vip_summary[1] | | | vip_id | 0 | | oper_status | | | state | OPER_UP | | service_engine[1] | | | ref | Avi-se-czpey | | primary | True | ... +-----------------------+-----------------------------------------+
As mutual technology alliances integrating solutions, Juniper Networks & NSX Advanced Load Balancer Networks deliver on the promise of SDN: agility, automation, cost effectiveness and scale, from the network layers (L2-3) all the way up to the application layers (L4-7), for enterprises and service providers alike. Networks and services can be provisioned and scaled quickly and automatically, to match application and infrastructure automation that is possible with OpenStack and other orchestration frameworks.
