Juniper's CN2 supports Kubernetes networking on AWS

Juniper will soon add support for the Amazon Elastic Kubernetes Service to Cloud-Native Contrail Networking, Juniper's platform for creating and managing virtual networks.

Next week, CN2 will simplify the process of building networks between multiple Kubernetes clusters running on Amazon EKS. Kubernetes is an open-source platform for deploying, scaling and managing containerized applications.

"Instead of having to manage these clusters independently, they can manage them as a single cluster and make sure there's secure performance connectivity between them," said Bob Laliberte, an analyst at Enterprise Strategy Group, a division of TechTarget.

CN2's new capabilities provide the appropriate network segmentation and security level to go from the private data centers into the public clouds, Laliberte said.

"This is just a step in the right direction for organizations that are trying to connect their multi-cluster Kubernetes environments across the hybrid cloud," he said.

Container Network Interfaces, which connect Kubernetes pods, were not designed to go across the internet in a hybrid cloud environment. They lack capabilities such as segmentation and automation, Laliberte said.

CN2 tackles these problems by using overlay networking to implement multi-dimensional segmentation to EKS, according to James Kelly, Juniper's senior director of product management.

Kubernetes has a native isolation concept: namespace. However, all the namespaces run on the same network. CN2 lets users create overlay networking, which allows them to create virtual networks, activating the necessary isolation.

"I can have the same subnet IP address space for different applications. And they don't have to worry about colliding because they're all isolated from each other," Kelly said.

CN2 adds to the modern microservices architecture. It provides isolation in different areas, including in clusters; in namespaces; and within Kubernetes clusters in custom ways, such as per team or application deployment, Kelly said. Rather than using micro-segmentation for microservices, CN2 offers multi-dimensional segmentation across varying services.

"Being able to elegantly create layers of isolation at different levels of granularity is not something that the competing products offer, at least in this space," Kelly said.

As more companies develop cloud-native applications, vendors must update the modern microservices application architecture, Laliberte said. CN2's facilitation of Kubernetes connectivity on EKS falls in line with the trend of the distributed cloud, in which applications are in private data centers, multiple public clouds and edge locations.

"Cloud native doesn't mean public cloud only," he said. "Organizations are looking for ways to more effectively manage these Kubernetes clusters that compose these applications that are spread out across multiple different data centers."

Mary Reines joined TechTarget in October 2022 as a news writer covering networking. Prior to TechTarget, Reines worked for five years as arts editor at the Marblehead Reporter, her hometown newspaper. She received her bachelor's in journalism from the University of Massachusetts Amherst, where she served as an assistant news editor for the student newspaper, The Daily Collegian.