When Juniper Networks acquired Apstra, the original intent-based networking platform, both companies were excited about what we could do together. Today, when we talk with our customers, they get pretty excited, too. For organizations facing rising operating costs and complexity, the opportunity to automate end-to-end data center network operations is extremely attractive. Often though, the conversation comes down to one question: “Will Apstra work with my existing ‘brownfield’ data center? Or is it only for new ‘greenfield’ deployments?”
The short answer: customers can absolutely use Apstra to automate their existing data center fabric, and they’ll gain major benefits when they do. But let’s first unwrap what we mean by brownfield. Brownfield for us means an existing network, which generally falls into one of two categories:
- A modern leaf/spine network built using modern hardware that’s on the Apstra hardware compatibility list. This list covers an extensive set of devices from Juniper, Cisco, Arista and Dell. Assuming the leaf/spine design matches an Apstra reference design, then the migration is seamless. It’s simply a matter of discovering the network using an offline tool, importing that blueprint into Apstra and then pointing those devices to Apstra.
- A legacy data center network – that is, old switches, architectures or topologies. In this case, the network will have to evolve first before we can implement a truly robust automation solution.
But as we’ve previously suggested, let’s step back from the “brownfield/greenfield” discussion, because it doesn’t help us get to the answers customers actually want. These terms can provide a useful shorthand for comparing new deployments to existing ones, but in the context of automation, they don’t really apply.
Typically, when someone asks if an automation platform supports brownfield, they mean, “Can I automate my existing environment without having to make any configuration changes?” In that sense, the answer is no. It would be great if we could just add a magical piece of software on top of existing architectures and “boom” – it’s automated without having to change anything else at all. Unfortunately, that’s not how automation works. Going from a legacy fabric to one that understands and executes business intent represents a significant transformation. Whether deploying Apstra or any other automation solution, things must be done differently. There will always be some level of migration involved.
A better question might be, “What do I have to do to automate my data center operations and how hard is it going to be?” The good news is that the process to implement intent-based automation is a journey that is well understood and well-traveled by Juniper. Juniper brings professional services capabilities, as well as automated tools to help ease the migration with less cost and risk. Apstra doesn’t just automate data center operations; it automates portions of the data center migration and modernization journey where and when it’s needed.
“We wanted to upgrade our data centers with a state-of-the-art IP fabric/SDN design. With a modern data center architecture from Juniper, we can implement automation to provision environments for customers faster.” – Thomas Wende, head of data center network engineering at T-Systems
The specifics of any given migration can run the gamut, though the goal remains the same: to relocate critical applications and data quickly and reliably, with little or no disruption to users. That can seem a daunting task, especially for network architects trying to plan, design and execute a migration strategy on top of their everyday responsibilities. However, it doesn’t mean that an arduous months-long project is inevitable or that a huge, expensive professional services engagement is needed.
Since Apstra’s earliest days, the team has devoted significant attention to reducing the time, risk and cost involved in migration. Today, Apstra’s field-proven process enables customers to continue supporting the business with their legacy data center infrastructure, even as they set the stage for operational transformation. Once that stage is set, they can transition to a state-of-the-art automated platform over time, with minimal risk and disruption.
Here’s how it works:
- Step 1: Build and prepare the new network. First, we pre-stage the new network in Apstra and we stand up a new EVPN-VXLAN fabric. Customers then establish connectivity to external services and the legacy network and create the necessary security zones and virtual networks. Then, we extend the virtual networks from a leaf device to the interfaces connecting the new and legacy networks.
- Step 2: Move devices. Next, customers migrate all devices in a given Layer-2 domain to the new fabric, one network/domain at a time. Juniper extracts the important parts of existing configurations and reformats the information and feeds it into Apstra blueprints. The proprietary details of configuration are not important. It’s the outcome that counts, and this is where our intent-based approach stands out. Customers will continue to use the original gateway in the legacy fabric until all devices have migrated, and most, if not all, current IP addressing will remain the same during this process.
- Step 3: Migrate Layer-4-7 services: Now, all firewalls and other middleware devices are moved to the new fabric.
- Step 4: Move the Layer-3 gateway. Finally, after completing the device migration from the Layer-2 domain, the default gateway is moved to the new fabric. Customers then deactivate the legacy network’s default gateway during a maintenance window.
Even straightforward migrations entail some degree of complexity. But Apstra provides a variety of capabilities to simplify, accelerate and reduce the costs of transitioning. Most notably and unlike other solutions, Apstra offers multivendor support, so customers can continue using their existing network devices and toolsets when they migrate. Additionally, Apstra provides:
- Pre-tested, vendor-agnostic reference designs
- Capabilities to validate the design and configuration of the new fabric prior to migration—accelerating the process and reducing risk of Day-0 faults
- Features to quickly recover the previous data center fabric state in seconds, if needed during pre-staging
- Traffic optimization when moving the Layer-3 gateway, where Apstra automatically locates the default gateway to the local leaf switches and removes inefficient cross-fabric routing
- Customized intent-based automation analytics for a unique environment and migration
Drawing on these capabilities, organizations implementing Apstra have saved hundreds of personnel-hours and dramatically reduced the time needed for maintenance windows. This empowers highly skilled engineers to tackle more complex technical problems and strategic business issues. In many cases, customers have been able to complete migration projects that were expected to take months or longer – in a matter of weeks. As one customer recently said, “Apstra is offering way more than other solutions and vendors. . . just because of the level of automation. . . it’s effortless.”
Start the Transformation
It would be great to be able to just flip a switch to automate legacy networks, but true transformation rarely works that way. Fortunately, it’s entirely possible to migrate to a state-of-the-art, intent-driven data center fabric without an arduous, expensive process. Even more important, there are significant advantages in doing so:
- Faster, simpler operations: Some vendors take a narrow view of automation, simply accelerating legacy procedural tasks. Apstra does things differently, abstracting away low-level complexity and using templates and blueprints to improve operational consistency and reliability. It’s knowing that an existing data center can easily, continually evolve and maintain its fabric—not just during deployment, but across the lifecycle—that fuels true business agility.
- Multivendor support: It’s understandable why customers get nervous about migration—many vendors require new customers to replace their whole infrastructure to do it. Apstra has always been a multivendor platform. Whether the existing network uses Juniper, other vendors or a combination of both, with Apstra, the same devices can continue running as we transform their operations.
- Modern, scalable fabric: The list of advantages of intent-based automation runs long. But even beyond those benefits, customers can improve the scalability, resiliency and future extensibility of their data center just from adopting a state-of-the-art EVPN-VXLAN topology.
Ultimately, the question isn’t, “Can an existing data center be automated?” (It can be.)
Rather, it’s, “Why wait to automate?”