Learn More

Better security for Kubernetes

Contrail provides the ability to introduce varying degrees of network isolation (normally absent in vanilla Kubernetes clusters). The virtual network-based isolation could be per-namespace or even granular allowing specific pods to be launched in specific virtual networks. Additionally, there is the option to advertise overlapping/customer unique IPs within the isolated namespaces

Load balancing

Contrail provides the Kubernetes "Service" by implementing fully distributed native L4 load balancing. It also supports the unique feature for L4 loadbalancer objects to advertise connectivity to external gateways. This allows arbitrary TCP/UDP service ports to be exposed from the cluster (as opposed to running only HTTP based services)

High availability

Contrail components are highly available and offer active/active redundancy. High availability is extended to workloads in the data center, leveraging active/active server multihoming

Service Chaining for Containers

An industry-first to support Kubernetes pods with multiple interfaces. This enables network functions (such as firewalls) to be run as Kubernetes pods. Contrail further supports the ability to specify policy based service chaining to direct selected traffic between Kubernetes pods/services via specific network functions. As an example use-case, this allows the implementation of API policy enforcement between microservices

Tag based security

Contrail implements Kubernetes' Network Policy using Contrail's tag-based security. Contrail also provides integrated analytics that helps visualize application-centric flows and the security posture in a Kubernetes environment. Further, Contrail is able to generate recommended policies based on observation of flows of traffic

Open and customizable

Contrail Enterprise Multicloud uses open, standard, and mature protocols and data models. Device operations are based on Ansible playbooks that users can clone or customize, as needed. Users do not need to wait for release upgrades to benefit from customization; the ability to assign roles to devices and network functions makes Contrail a perfect fit for any deployment scenario or architecture

Learn more about Contrail Enterprise Multicloud

Visit product page

Customer case studies

eBay Classifieds Group Blends Cloud & SDN to Accelerate New Services

eBay Classifieds Group

CloudSeeds builds a new class of automated IaaS services with Juniper


See how it works

Buy now and get started