Managed Private Cloud
Managed Private Cloud is the Infrastructure as a Service (IaaS) platform delivered by Equinix Managed Services.
Note: Managed Private Cloud was previously known as Infrastructure Platform Services (IPS).
With Managed Private Cloud, you can purchase hardware resources, build a Virtual Data Centre, and enable a low latency hybrid solution with the major CSPs (such as AWS, Azure, Google Cloud, Oracle Cloud, and Salesforce).
Managed Private Cloud consists of dedicated compute, storage, and networking resources; managed from a single self-service portal and combined with other services in the Equinix portfolio, such as Managed BackUp, Managed Firewall, and Anti-DDoS.
With availability in North Dublin (DB3) and West Dublin (DB2), geographical separation of applications and workloads can be achieved on a single platform.
We offer network and connectivity possibilities to enable you to link your Managed Private Cloud environment with several parties and partners (ecosystems). An example is Equinix Fabric™, which enables you to set up reliable, fast, and secure connections with various cloud service providers and partners such as Microsoft Azure and Amazon Web Services.
Use Cases
Managed Private Cloud Dual Site
When Managed Private Cloud services are consumed at 2 locations, inter-site connectivity is provided by Equinix over multiple, shared 100 Gbps links.
This solution is suitable for disaster recovery or multi-site architecture at the application layer.
Currently only Layer 3 inter-site connectivity is available.
Managed Private Cloud Hybrid/Multicloud via Equinix Fabric
To connect the Managed Private Cloud environment to Equinix Fabric, a combination of services is needed. These include Equinix Fabric ports, Managed Private Cloud External networks, and Infrastructure Ports. Most providers connected to Equinix Fabric require routed (layer 3) based connection. To support Fabric connections to the Managed Private Cloud environment, BGP based routers are required in general. Equinix can provide this type of router via:
- Managed Private Cloud Virtual Router
- Managed Firewall
- Managed Network Device
Equinix Fabric connections are offered in a redundant way. Therefore, 2 Fabric ports (primary and secondary), and 2 virtual connections (one per port) are required. Fabric connections themselves can be of type local or remote, depending on where the service provider is located. See Equinix Fabric to learn more.
The following table shows which Equinix services are needed for these use-cases.
Managed Private Cloud to Equinix Fabric
| External Network Options | Managed Private Cloud (DB3) to Equinix Fabric |
|---|---|
| Type of connectivity | Dedicated connectivity |
| Included Equinix services | 2x Cross-Connect |
| Additional required Equinix services | 2x Equinix Fabric ports ≥ 2x Managed Private Cloud External networks 1x Infrastructure Port – redundant ≥ 2x Equinix Fabric Connections (local or remote) |
| Bandwidth | 1 / 10 Gb |
| Remarks | 2 Equinix Fabric connections per provider are needed. For each connection, one Managed Private Cloud External network is required. |
Multi-site Managed Private Cloud to Equinix Fabric with Managed Firewall/Network
| External Network Options | Managed Private Cloud (DB3) to Equinix Fabric |
|---|---|
| Type of connectivity | Dedicated connectivity |
| Included Equinix services | 4x Cross-Connect |
| Additional required Equinix services | 2x Equinix Fabric ports 2x Equinix Fabric Metro ports ≥ 8x Managed Private Cloud External networks 2x Infrastructure Port – redundant ≥ 2x Equinix Fabric Connection (local or remote) |
| Bandwidth | 1 / 10 Gb |
| Remarks | 2 Equinix Fabric connections per provider are needed. For each connection, one Managed Private Cloud External network is required. |
Partner / Re-seller
Managed Private Cloud resources can be divided into sub-organisational Virtual Data Centres (VDCs). This model often suits re-sellers or tenants who may wish to divide their organisation or sub-organisations.
In the model below, the Provider Virtual Data Centre (PVDC) can be considered the hardware resources backing the solution and each Org VDC as a tenant of the parent organisation.
Managed Private Cloud Types
Equinix offers the Managed Private Cloud platform in the following service variants:
| Variant | Service | Deployment | Management Portal |
|---|---|---|---|
| Managed Private Cloud Single Tenant | Dedicated Compute Resources | Single-tenant virtualization | VMware Cloud Director |
| Managed Private Cloud Core | All Resources Dedicated | Single-tenant virtualization | vCenter |
Managed Private Cloud Basic Concepts
Organization
An Organization (Org) defines users within the Managed Private Cloud VMware Cloud Director Directory. It is a container that groups Managed Private Cloud resources like virtual data centres (computing, storage, networking), users, and libraries located in all Managed Private Cloud locations. The name of the Org is needed to login to the Managed Private Cloud portal.
Local Users
An organization can contain any number of users and groups. Users are created locally by the organization administrator or imported from an external directory service.
Organization Virtual Data Center
Organization Virtual Data Center (Org VDC) is a virtual datacentre where resources are grouped for users who need computing, memory, and storage capacity in an Managed Private Cloud location.
Organization Administrator
The first user that is configured with the initial deployment is the customer administrator account. This account is created by Equinix during the on-boarding process and shared with the customer.
The administrator account is automatically added to the Managed Private Cloud Organization Administrator group. Being a member of this group assigns the account with all the permissions in the Managed Private Cloud tenant platform.
Virtual Machine (VM)
A Virtual Machine (VM) is a software computer that, like a physical computer, runs an operating system and applications. The virtual machine consists of a set of specification and configuration files and is backed by the physical resources of a physical host server. VMs have virtual devices that provide the same functionality as physical hardware but are more portable, secure, and easier to manage.
Managed Private Cloud VMware Cloud Director backed VMs support a range of operations, such as taking a snapshot of the current state, adding memory and CPU, attaching disks, and moving from one host to another.
vApp
A vApp is usually used as a collection of Virtual Machines (VMs) that together form an application. It provides ease of management for collective VM groups. You can think of the vApp as the container for the virtual machines, and you can perform the operations on the container.
vApp Networks
A vApp network is contained within a vApp and allows virtual machines in the vApp to communicate with each other. You can connect a vApp network to an organization virtual data center network to allow the vApp to communicate with other vApps in the organization and outside of the organization where applicable.
Snapshots
VM snapshots can be created in the self-service-portal.
Each VM can have a maximum of one snapshot active. When a second snapshot of a VM is created, the first snapshot will be overwritten.
We recommend removing snapshots within a day, since they have a negative effect on the performance of VMs and purchased storage capacity.
Storage Policies
Managed Private Cloud storage capacity can be purchased in various profiles and policies with their own characteristics. The profile can be selected when creating a VM disk. This profile can be adjusted later if, for example, more performance is desired.
Libraries
In the desired storage profile, you can create one or more libraries in which the most common ISO files can be included. The library can also be used for vApp templates and for uploading your own OVF files.
The files that you place in the libraries are not included in any backup service and contribute to the overall storage consumption within the service.
Managed Private Cloud Platform Functionality
The Managed Private Cloud web portal is delivered via VMware Cloud Director and through it, automation tooling and the API, you can manage many generic functionalities. Most of these functionalities are available in the web portal in a modern HTML5-based GUI.
Features offered by the Managed Private Cloud web portal include:
- Management of virtual Managed Private Cloud data centres
- Creation, import and managing VMs and vApps
- Scaling VMs up and down
- VM Snapshot
- Console access
- Performance statistics
- Creating and filling a Library with your ISO/OVA files
- Direct access to the Managed Private Cloud web portal and VM console via a web browser without complex VPN solutions
- Modern HTML5-based web portal
- Extensive options for scripting and automation
- Separate or group VMs for availability or performance
Integrated Backup
Managed Private Cloud Integrated Backup can be accessed directly within the web portal. Backups are taken at the VM level only. Schedules can be configured for virtual workloads as well as on-demand restores.
The integrated backup service can be accessed from the main menu within the web portal.
For more information, see Managed Private Cloud Integrated Backup.
Note: Guest / Application Aware Processing is not currently supported in the Managed Private Cloud integrated backup model. If required, a dedicated Veeam appliance can be installed within the customer environment.
Single Sign-On
Managed Private Cloud can be integrated with a range of third-party identity providers, such as Azure AD through Security Assertion Markup Language (SAML).
This allows users and groups to be imported to Managed Private Cloud who are already established in the SAML identity provider.
Automation
Management of the Managed Private Cloud environment takes place through the web portal or the API.
For the latter, modules, and automation tools such as PowerShell, Python, Ansible, or Terraform are available for scripting.
Service Variant Differences
The following table highlights the key differences between the Managed Private Cloud variants in the areas of management, licensing, purchase units, and disaster recovery (DR).
| Managed Private Cloud Single Tenant | Managed Private Cloud Core |
|---|---|
| Available in Dublin North (DB3) and West (DB2) | Available in Dublin North (DB3) and West (DB2) |
| Management via VMware Cloud Director | Management via vCenter |
| Compute platform is dedicated for own use | Entire platform is dedicated for own use |
| Shared Management environment | Dedicated Management environment |
| Minimum purchase 3 x 512GB Compute Hosts | Minimum purchase 6 Compute Hosts + Dedicated SAN |
| Basic Network Functions out of the box via NSX | Optional Network Functions via NSX |
| Highly available IP transit | Dedicated Transit available |
| Overages possible – billed monthly | No overages possible |
| Standard solution with possibilities for customization | Dedicated, highly customisable solution |
| Suitable for DR on application level | Suitable for DR at platform and application level |
| Microsoft Windows and SQL licensing available or BYOL options | Microsoft Windows and SQL licensing available or BYOL options |
Use Cases of Managed Private Cloud Variants
Managed Private Cloud Single Tenant is a suitable environment for most workloads and applications. Examples of use cases where you may need more in-depth access or control over the platform are:
- Compliance requirements – entire environment dedicated.
- Third-party vCenter integration
- Direct vCenter access
- Active use of compute resources at the (DR) location
- In-depth control over DR fallback implementation and execution
- License restrictions
- Custom solutions
If one or more of the examples listed above applies to you, the Managed Private Cloud Core platform may be a better option.
Migration to Managed Private Cloud
Equinix Managed Services can assist with the migration of your existing virtualised environment to theManaged Private Cloud solution.
A dedicated private circuit or encrypted replication across the public internet is used for the onboarding process. Once the initial replication is completed, delta jobs can keep the environments in sync until the agreed cutover time.
Depending on the environment size, a connection of 1 Gbps is preferable. Lower bandwidths can be used if the environment is small and can be agreed at the consultancy stage.
The customer is required to install multiple Veeam proxy virtual devices into their environment and configure the required policies, NAT and IP addressing.
Maintenance and Support
Availability
The availability levels of the service are shown in the table below.
| Availability Level | Availability (%) |
|---|---|
| Managed Private Cloud Standard Level | 99.95%* |
Incidents
Incident Parameters
| Service Window | Availability |
|---|---|
| Incident Repair Service Window | 24x7 |
Incident Prioritization
| Priority | Impact |
|---|---|
| Critical | The Service is completely unavailable |
| High | The Service is available with reduced functionality |
| Normal | The Service is available but a risk to service is evident |
| Low | Work or Change Request |
Incident Reaction Times
| Priority | Performance of Work | Reaction Time |
|---|---|---|
| Critical | 24x7 | 0.5 Hours |
| High | 24x7 | 1 Hour |
| Normal | 8x5 | 8 Hours |
| Low | 8x5 | 16 Hours |
Maintenance
Scheduled maintenance activities are announced by Equinix change management at least two weeks in advance of work commencement.
For emergency maintenance, Equinix reserves the right to deviate from any agreements. In the above situation, an emergency maintenance request can be scheduled immediately, after which you will be informed when the maintenance will take place.