Managed Private Cloud Single Tenant
An Managed Private Cloud Single Tenant environment is set up for use by a single customer (single tenant).
The single-tenant infrastructure consists of dedicated compute units with shared storage and network resources. Managed Private Cloud Single Tenant is delivered in a cluster that comprises at least three hosts where compute resources can be efficiently used. These resources can be configured and managed via a portal.
Managed Private Cloud Single Tenant Compute
The host in an Managed Private Cloud Single Tenant environment is based on a standard server configuration.
For Managed Private Cloud environments with more demanding memory requirements, there are CPU and Memory dense options. This can be used on request.
The table below lists the currently available hypervisor server types with the amount of usable capacity that a single hypervisor server adds to a cluster.
| Host Type | Use Case | GB RAM | CPU Cores | CPU Core Speed |
|---|---|---|---|---|
| Managed Private Cloud Host Type | Generic Compute | ≥ 512 | ≥24 | ≥ 2.2 GHz |
| Managed Private Cloud Host Type+ | Dense CPU | ≥ 512 | ≥32 | ≥ 2.2 GHz |
Managed Private Cloud Single Tenant is delivered in a cluster. A cluster consists of three or more hosts/hypervisors of the same type and is configured in an N+1 manner. Setups of larger than 10 hosts will be configured in an N+2 manner. In all cases, the failover capacity is included in the total amount of compute host purchased by the customer.
Managed Private Cloud Single Tenant Storage
Storage is a fixed part of the Managed Private Cloud platform and it's available in a variety of storage policies representing different performance levels (tiers). Each disk assigned to a VM is linked to the desired policy at creation and in this way gets the desired performance level.
An overview of the storage policies is depicted in the table below.
| Type | Tier | Use | Max. Gbps | Max. Performance* |
|---|---|---|---|---|
| SSD | 0 | Enterprise DB (Logs), AI, Machine Learning | 10 | 15000 IOPS |
| Backup | 1 | Hot tier backup, file | 2 | 1000 IOPS |
| Object | 2 | Cold tier backup, archival, images | 0.5 | 500 IOPS |
* Maximum value of IOPS at 65% read / 35% write with 8 KB block size per host.
Features of Managed Private Cloud Single Tenant Storage
The following features apply to the use of storage policies within the environment:
- Minimum recommended virtual disk size is 40 GB
- Maximum recommended virtual disk size is 8 TB
- Performance values are limits per allocated virtual disk to a VM
- Storage capacity is allocated in multiples of 1 TB to a specific storage policy within the VDC
- Storage capacity is allocated per policy in a VDC and is not transferable to additional VDCs
Managed Private Cloud Single Tenant Storage Consumption
To calculate the shared storage use, the consumption per policy and allocated capacity of all linked virtual disks is added together with:
- VM swap files
- Snapshots
- File in a Library (vApp templates and ISOs)
Example:
- 1 x VM (50 GB)
- 1 x Snapshot applied
- 1 x 5 GB ISO file in library
Total storage use = 50GB + 50GB + 5GB = 105GB
Managed Private Cloud Single Tenant Network
The Managed Private Cloud platform offers various VMware NSX based virtual network functionalities that you can configure through self-service.
The table below provides an overview of these individual features.
| Feature | Description |
|---|---|
| Standard (Out of the Box) | Virtual L2 Networks Standard Firewall Routing (Static) IPSec VPN NAT Load Balancing Stretched VDC Network |
Bring Your Own Device (BYOD)
If your organization prefers to use their own firewall or network devices, these can be added to the Managed Private Cloud platform.
The virtual appliances must be supported to run on the most recent VMware major build.
Up to 8 networks (internal and external) can be connected to a single virtual device.
Firewall
The Managed Private Cloud platform comes with a Basic firewall service and the option to add an Advanced variant.
-
Basic - The Basic Firewall helps you meet key perimeter security requirements, such as building DMZs based on IP/VLAN constructs, Network Address Translation (NAT), and VPNs.
-
Advanced - The Advanced (Distributed) firewall allows you to segment your organization virtual data centre entities, such as virtual machines, based on virtual machine names and attributes. This Advanced firewall supports a micro-segmentation security model where East-West traffic can be inspected.
The Managed Private Cloud Advanced Firewall can be added as an add-on order.
Managed Private Cloud Integrated Backup
Managed Private Cloud comes with an integrated backup capability based on Veeam Backup and Replication which is accessible through the Web portal.
Customers can create backup jobs and schedules for their virtual workloads as well as restore them on-demand.
A combination of backup and object storage is purchased along with a Veeam license per protected object/VM.
Currently the user must be an Organization Administrator to manage backup configurations.
Within the backup menu customers can view their current backup storage consumption and protected workload quantities.
Jobs and schedules can be easily configured and executed within the technology as well as email notifications on job success/failure.
Service Limitations
Currently, Guest/Application Aware processing of backups is not supported in the Managed Private Cloud integrated backup model. If this is a requirement for SQL or Oracle log truncation, a dedicated Veeam appliance can be installed within the customer environment.
Metering
Equinix Managed Services are billed in the following ways:
- Baseline – The contracted quantity of the service (e.g., Compute Host Quantity)
- Overage – The amount of resources consumed above the baseline value (example: the contracted storage baseline is 10 TB, however 12 TB are used and the overage consumed is 2 TB)
Reporting
Within the service, the customer can use the VMware Cloud Director portal reporting options to get an insight into its own Virtual Data Center (VDC) vCPU, GB vRAM, and storage consumption.
Restrictions of the Service
- Move virtual disks – It is not possible to move virtual disks between VMs via the Managed Private Cloud web portal and API. For this, create a ticket via the Equinix Managed Services Customer Portal.
- Share virtual disks between VMs – Sharing a virtual disk between multiple VMs is not supported within Managed Private Cloud. For this reason, Microsoft Windows Server Failover Clustering (WSFC) with shared disks is not supported.
- Physical NIC access from the VM – The application of Single Root I/O Virtualization (SR-IOV) is not supported.
Relations and Dependencies
In addition to Managed Private Cloud Single Tenant, purchase of Backup & Restore service may be required. Equinix provides an integrated backup service for Managed Private Cloud consisting of the tools and storage required for recovery of VM-related data.
Managed Private Cloud Migration
Equinix Managed Services offer a migration service for existing, on-premise VMware based workloads to Managed Private Cloud. A chosen connectivity is agreed in advance, usually based on an internet or direct‑connect connection.
Multiple Veeam proxies are deployed to the customer environment and the replication of the virtual machines is based on VMware snapshots. After all initial migrations have been completed, a final delta synchronisation job is executed at cut-over.
The migration is settled with a price per environment.
For more information, see Migration to Managed Private Cloud.
Equinix Connect
An optional part of your Managed Private Cloud environment is access to external network connectivity. The service that makes this possible is called Equinix Connect. This service is a necessary component if, for example, you want to connect to your own cabinet, another Equinix data centre, an on-premises location, a WAN provider, or a combination of thereof.
The service is purchased as a redundant connection with a bandwidth up to 10 Gbps.
For questions about the use of extra bandwidth, additional internet-related services such as Anti-DDoS or IDS/IPS functionality, you can contact an Equinix account manager.
Customer Connect
The Customer Connect service enables you to establish network connectivity between your branch/HQ location and the Equinix Managed Private Cloud service.
Equinix Fabric
With Equinix Fabric, you can make a connection to one or more public cloud providers. To establish the connection within your Managed Private Cloud platform, virtual devices for BGP-based routing functionalities must be installed. These can be provided by Equinix as part of an order.
Managed Firewall
An optional part of the Managed Private Cloud environment is a NGFW Managed Firewall solution. This service may be relevant to:
- Facilitate secure access to the public cloud and other external networks.
- Add functions for intrusion detection (IDS) / intrusion prevention (IPS) to the Managed Private Cloud platform.
- Transfer operational firewall management to Equinix.
Important features of the Managed Firewall service are:
- Firewalling
- Routing
- Intrusion Detection/Prevention
- Load balancing
- VPN
Managed Private Cloud Single Tenant Responsibilities
These tables indicate who is responsible for the provisioning, installation. and operation of the platform.
| Installation and Configuration | Equinix | Customer |
|---|---|---|
| Initial configuration of the purchased Managed Private Cloud solution in accordance with design | X | |
| Initial configuration of the management layer for the Managed Private Cloud customer solution | X | |
| Create, import, and manage VMs and vApps | X | |
| Scale VMs up and down | X | |
| Manage VM Snapshots | X | |
| Manage access to VMs with console | X | |
| Configure monitoring of VMs and vApps | X | |
| Create and fill Library with your own ISO/OVA files | X | |
| Separate or group VMs for availability or performance | X | |
| Configure network functions – routing, firewall, NAT, VPN, etc. | X |
| Operational Management | Equinix | Customer |
|---|---|---|
| Functional management of the customer environment within the service (overall) | X | |
| Monitoring and maintenance of the underlying components of the service provided | X | |
| Operation of Integrated Backup Functions (schedule etc.) | X | |
| Management of Managed Backup product (where applicable) | X | |
| Management of the Shared Management service layer | X |
Managed Private Cloud Service Requests
The following standard changes can be requested through the Equinix Managed Services Customer Portal as a service request. Basic requests are included in the cost of Managed Private Cloud. Additional services may be requested and billed at an agreed rate.
| Request Name | Description | Included/Additional |
|---|---|---|
| Expand storage | Increasing the quota of a storage tier | Included |
| Expand compute capacity | Expanding the CPU capacity (where applicable) | Included |
| Whitelist IP | Add IP to trusted range for Management | Included |
| Add/delete user | Add user to the Managed Private Cloud portal | Included |
| VM and network configuration changes | Creating, adding, modifying VMs and networks within the environment | Additional |
| All other configuration changes | Bespoke service requests can be made, and the cost associated determined and approved by the customer | Additional |