CN2 goes cloud-native with Kubernetes
Juniper Networks announced Monday CN2, a rebooted version of its Contrail Networking platform, now cloud-native, according to the company. Contrail Networking enables the automation of Network Functions Virtualization (NFV) with service chaining. Juniper has positioned CN2 as a software-defined networking (SDN) platform, which automates the creation and management of virtual networks.
“It could certainly mark an important second edition of Contrail, but it’s shorthand for Juniper Cloud-Native Contrail Networking. CN2 was just simpler to say than CNCN or CN2,” said James Kelly, Juniper’s Senior Director of Product Management.
“Contrail was squarely pointed at solving the difficult problem of at-scale SDN for Infrastructure-as-a-Service (IaaS) and network functions virtualization (NFV),” Kelly said.
Kelly explained that when Contrail was introduced, OpenStack was the orchestrator of choice. But with CN2, Juniper is doubling down on Kubernetes.
“Kubernetes is more pervasive than OpenStack and has been for a while. At Juniper, we knew there were tremendous modernizations we could build into CN2 to better serve Kubernetes and OpenShift use cases for our customers, while still providing great OpenStack support so users balancing both worlds, or evolving into Kubernetes, could maintain a common experience,” he said.
CN2 now works as a Kubernetes Container Network Interface (CNI), Kelly explained. Its position as foundational cluster infrastructure enables it to employ the Kubernetes extension framework. This frees up CN2 customers to use any Kubernetes tool of their choosing, including (with a plug-in) Lens, the popular Kubernetes graphical user interface (GUI), said Kelly.
“This means CN2’s API now integrates using the native Kubernetes RBAC and adjacent IAM systems. And even better, CN2 is now configured as code, effortlessly enabling GitOps, infrastructure as code and CICD. We’re even introducing Contrail Pipelines based on ArgoCD and ArgoWorkflows for turnkey CICD for Contrail’s SDN, which includes Juniper’s new test suites,” he added.
Contrail’s roots as an open source project come to an end with CN2, however.
“CN2 was built privately as closed source. Instead of open sourcing as with previous versions 21.4 and prior, version 22.1 will mark CN2’s introduction — and those that want access can get free trial licenses from Juniper,” said Kelly.
Juniper emphasized CN2’s suitability for increasingly complicated multi-cluster Kubernetes deployments, known colloquially as “KubeSprawl.”
“CN2 now provides the ability to clean up and consolidate the SDN across this multi-cluster mess. It can run in only one primary cluster and serve as the CNI for that cluster and many others. Likewise, it can combine multi-cluster analytics. While CN2 is known for strong federation, in this multi-cluster model, federation between clusters isn’t required for seamless virtual network and security policy management,” he said.
In February Juniper acquired WiteSand, a zero-trust networking startup with a cloud-based Network Access Control (NAC) alternative to systems like Cisco’s Identity Services Engine and Aruba’s Clearpass. Juniper said it will integrate WiteSand’s technology into Mist, its AI-driven network management platform.