IBM Cloud VPC is the IBM Cloud's NextGen offering release with an intention to catch up with other market leaders like AWS and Azure. The IBM Cloud VPC is quite different from Legacy Softlayer environment and follows similar architecture as AWS. This presentation covers the details of the new offering.
1. IBM Cloud Virtual Private Cloud
Deep Dive Session
31/07/19
Nagesh Ramamoorthy
2. • IBM Cloud Overview
• IAM
• Account Management
• VPC Components & Demo
• Virtual Servers for VPC
• Limitations in Discussion
3. IBM Cloud Value Proposition
True Hybrid cloud offering
Perhaps only enterprise class provider who provides both managed single tenant , Dedicated (Called classic
Infrastructure) and mutli-tenant (public cloud) model and offering tight connectivity between them
Open Cloud by Design
One of the most open-source friendly enterprise class cloud platform:
• Kubernetes containers
• Cloud Foundry PaaS environment ( Founding member and platinum sponsor)
• IBM Cloud functions based on OpenWhisk
4. 4
Classic Infrastructure VPC Infrastructure
Classic and VPC Infrastructures – Today Comparison
Compute services Full catalog of services
(e.g. Bare Metal, Virtual Server Instances, VMware, SAP)
Virtual Server Instances only
Virtual server families Public, dedicated, transient, reserved Public only
VSI Profiles All profiles, including the GPU profiles
Balanced, compute, memory profiles with higher RAM and
vCPU option
Supported images
Full set of pre-stock images, plus custom
images
Limited set of pre-stock images
IP addresses IPV6 supported IPV4 only supported
Network functions and
services
Primarily physical and virtual appliances from
multiple vendors with some as-a-service
Cloud native, as-a-service network functions for key
function such as VPNs, Firewalls, and Load Balancing.
Platform integration
IAM and resource group integration for a unified
experience
Hybrid connectivity
IP Sec VPN
Direct Link
VPNaaS
Direct Link w/ support for “bringing your own IPs” (BYOIP)
Security Offerings
Vyatta, Fortigate, Juniper vSRX appliances
Security Groups for virtual server instances
Network Access Control Lists (ACLs) for subnets,
Security Groups for virtual server instances
Location construct Data Centers and PODs Multi-Zone Regions (MZRs) and Availability Zones (Azs)
Service Differentiators
SoftLayer API (SLAPI) with users & permission
managed separate from IBM Cloud platform
New developer-friendly, REST-based API with users &
permissions fully integrated into the IBM Cloud platform
5. 5
Regions and Zones
• 6 Regions (US Dallas ,
Washington DC , UK ,
Germany, Japan and
Australia )
• 18 Availability Zones
6. 6
Resource and Resource
Groups
A resource group is a way for you to organize your account resources in customizable groupings so that you
can quickly assign users access to more than one resource at a time
Any account resource that is managed by using IBM Cloud™ Identity and Access Management (IAM)
access control belongs to a resource group
IBM Cloud Resource Controller manages the Resources and Resource Groups
We can't change the Resource Group membership after creation
Not all services support the use of resource groups and IAM currently- Its under transition
Cloud Foundry services have no connection to resource groups and use Cloud Foundry roles for access
management. These services are called Cloud Foundry services
IBM cloud provides visibility across globe under one view
7. 7
Tags and Resource Identifiers
Resource Identifiers
Tags
A Tag is a key: value pair assigned to a cloud
resource to achieve the below:
• Filter resources
• Search resources
• Identify Team
• Cost allocation
Cloud Resource Names (CRNs) uniquely identify IBM Cloud resources.
A CRN is used to specify a resource in a way that is unambiguous and guaranteed to be globally unique, such as in
IBM Cloud Identity and Access Management (IAM) policies
CRN Format:
crn:version:cname:ctype:service-name:location:scope:service-instance:resource-type:resource
8. 8
Infrastructure as Code (IAC)
The popular open source Terraform provisioning engine
is IBM Cloud‘s infrastructure as code (IAC) tool of choice.
Provision IBM Cloud resources by using the IBM Cloud
Provider for Terraform
9. Monitoring , Logging and Activity
Tracker
• Monitoring through “Sysdig” partner solution
• Logging and Activity tracking through “LogDNA” Partner solution
• Both of these solutions requires setting up dedicated VSI instances
9
10. 1
0
Support Tiers
Basic Support Advanced Support Premium Support
Description Basic business protection that is included
with your IBM Cloud Pay-As-You-Go or
Subscription account
Prioritized case handling and support
experience that is aligned with your
business needs
Client engagement that is aligned with
your business outcomes to accelerate
time-to-value
Availability Access to the IBM Cloud technical support
team through cases
Phone and chat available only for PayGo
and Subscription accounts
24 x 7 access to the IBM Cloud technical
support team through cases, phone, and
chat
24 x 7 access to the IBM Cloud
technical support team through cases,
phone, and chat
Initial response time objectives Not applicable Severity 1: Less than 1 hour
Severity 2: Less than 2 hours
Severity 3: Less than 4 hours
Severity 4: Less than 8 hours
Severity 1: Less than 15 minutes
Severity 2: Less than 1 hour
Severity 3: Less than 2 hours
Severity 4: Less than 4 hours
Additional support Not applicable Not applicable Technical Account Manager assigned
Quarterly business reviews
Access to experts