Application Platform
The Equinix Application Platform (EQAP) is a container runtime platform based on Docker and Kubernetes. This platform provides an ecosystem that simplifies the execution of applications in multiple clouds. It can be connected to the continuous delivery pipeline of DevOps teams for continuous development and seamless deployment of microservices and cloud native applications. EQAP is also suitable to run legacy applications repackaged in containers.
The use of containers is the next step in virtualization. Combined with the orchestration provided by Kubernetes, these allow you to virtualize on the level of the operating system instead of on the hardware stack. Containers are user-friendly, lightweight and portable. They efficiently start and share resources of the operating system, using only a fraction of the memory. The portability of Kubernetes allows flexible deployment of the containers as required on different operating systems on public, private and hybrid clouds.
The EQAP is a Platform as a Service, and is an integral part of the Equinix Managed Services portfolio. This service uses Infrastructure Platform Services (IPS) compute resources.
Advantages of the EQAP service are –
- Platform Equinix: EQAP is located on Platform Equinix in the UK. Platform Equinix is the complete offering of hosting and connectivity services in Equinix data centers that form the heart of the internet with Equinix Fabric and its direct links to internet exchanges and public clouds. The applications and data are located safely in the UK with the best options for connectivity to users, business partners and customers.
- Reliability and continuity: EQAP is a service-based architecture where applications can be checked for problems per container. Each service can be limited to specific resources, and containers can start and stop independently of each other, without the risk of the entire application failing. Operating systems also need to be restarted less often.
- Speed, flexibility and efficiency: Use of containers and EQAP leads to flexible development and production environments. With low overhead and efficient resource management, you can quickly adapt to ever-changing market demands.
Management and support
Equinix Managed Services is responsible for –
- Technical management of the EQAP components.
- Support and incident handling on EQAP components and the underlying IPS resources
- Using this platform to perform and develop managed services, and the necessary applications and tooling
The EQAP platform is provisioned by Equinix in consultation with the user. You can start using an EQAP platform with the support of Equinix Managed Services.
Operation
EQAP is a runtime platform deployed on IPS. The runtime platform consists of a Kubernetes cluster on which the user deploys applications and data. The diagram below shows the service (red), and the applications and data of a user(dark gray).
Customers can run their Docker containers on the Application Platform. For orchestration of the containers, Kubernetes is used.
Within a Kubernetes cluster, you can create your own pods, services and namespaces. When desired, applications can be scaled over multiple pods for increased redundancy and/or capacity. You can define namespaces within Kubernetes to separate multiple environments. This allows you to assign rights for several user groups to your own pods. You can also assign quotas for namespaces. Using namespaces prevents conflicts between service names and pods in different spaces.
The basic setup of the container runtime platform consists of three programmable nodes. The platform can be extended with additional nodes.
Services
The standard offering of EQAP is bundled with several services that enhance the platform’s ease of use. These services as listed below, are managed by Equinix and can be used on a self-service basis.
- Persistence: The platform supplied from IPS has a (standard) persistent storage provision based on NFS. It always comes with a storage of 100 GB, that can be dynamically assigned to pods.
- Identity and Access Management: An authentication feature based on oIDC is the heart of the platform. This means that all components of the platform are centrally authenticated. This provision (“federates”) can be linked to your existing authentication solution (Active Directory, LDAP, oIDC, SAML).
- Registry: EQAP always contains an image registry based on VMWare Harbor. This is a comprehensive registry that includes functionality to check your images for vulnerabilities.
- Ingress: EQAP always comes with Traefik, an ingress controller that is needed to unlock applications. If desired, Traefik can give applications a LetsEncrypt certificate automatically, for everything to be accessed via HTTPS.
Options
Several optional EQAP components are available to users. These components, delivered as a fully managed service, are described below –
- Monitoring: A monitoring stack can be supplied based on Prometheus and Grafana. This allows you to monitor applications and configure dashboards yourself. Equinix manages the underlying components.
- Logging: EFK stack-based logging (ElasticSearch, Fluent-bit and Kibana) is a service component that allows you to centralize, index and view logs from within the application.
- Secret Management: You can securely store passwords and/or certificates in the form of bitnami sealed secrets using this EQAP solution. This allows for user micro-services to be securely connected to each other without the key information ending up in the wrong place.
Relations and dependencies
The EQAP service has relations with, among others, Infrastructure Platform Services (IPS) Compute, Storage and Networking, the standard Infrastructure as a Service, which forms the basis of the Application Platform.
The service is delivered on IPS within a single data center.
You are responsible for:
- The reliability and integrity of application and user data
- Defining and creating pods, services and namespaces
- Defining own containers
- Archiving of application data
- Operation and life cycle management of own workload
- Functional management of additional standard and optional services
Equinix is responsible for:
- The availability, security and updates of the container runtime platform
- The management of components in the underlying IPS such as compute, storage and networking
- Technical management of additional standard and optional services
Service Levels
Availability
The service is available in two variants, Standard and Premium, as shown in the below table.
| Availability Level | Availability (%) | Implementation | RPO | RTO |
|---|---|---|---|---|
| Standard | 99.9% | Within 1 data center | 24 hours1 | 8 hours3 |
| Premium | 99.95% | Within 1 data center | 4 hours2 | 4 hours2 |
-
To achieve this RPO value, a purchase of the Equinix Managed Services Backup & Restore service is required.
-
For lower RPO and/or RTO values, a custom design is needed.
-
Times mentioned depend on data volume.
Features of the Standard level are –
- In one availability zone (data center), one (or more) EQAPs are delivered.
- The service has a 8x5 breakdown service.
- For questions, requests for changes and other types of support, business hours apply.
- The underlying storage of the platform is backed up at block level through snapshots in accordance with the standard SLA.
- The Virtual Machines on which the Container platform runs are included in the backup as is already the case for regular Virtual Machines. This way the cluster itself, including the settings, stays protected.
Features of the Premium level are –
- In one availability zone (IPS data center), one (or more) EQAPs are delivered.
- The service has a 24/7 breakdown service.
- For questions, requests for changes and other types of support, business hours apply.
- The underlying storage of the platform is backed up at block level through snapshots in accordance with the premium SLA.
- The Virtual Machines on which the Container platform runs are included in the backup as is already the case for regular Virtual Machines. This way the cluster itself, including the settings, stays protected.
Maintenance and Support
Response and Resolution Times
The standard response and resolution times for failures is handled by priority. This is shown in the table below.
| Priority | Response Time1 | Resolution Time | Execution of Work | SLA2 |
|---|---|---|---|---|
| P1 | < 15 min | < 4 hours (Premium) | 24 x 7 | 95 % |
| < 8 hours (Standard) | ||||
| P2 | < 30 min | < 8 hours | Service Window | 95 % |
| P3 | < 60 min | < 24 hours | Service Window | 95 % |
-
Response time is from registering the incident and contacting an Equinix Managed Services specialist.
-
SLA applies to the reaction and resolution time.
Incident Priority Matrix
All incidents are handled based on priority. Priority is determined after the failure has been reported and assessed by Equinix based on the provided information. The urgency of incidents based on impact is depicted in the below table.
| IMPACT | ||||
|---|---|---|---|---|
| URGENCY | High | Medium | Low | |
| High | P1 | P1 | P2 | |
| Medium | P2 | P2 | P3 | |
| Low | P3 | P3 | P3 |
Impact and Urgency Assessment When Handling Failures
| Urgency | Impact | Description |
|---|---|---|
| High | Unforeseen unavailability of a service / environment delivered and managed by Equinix, in accordance with service description due to a disruption. The user cannot fulfill its obligations towards its users. The user suffers direct demonstrable damage due to the unavailability of this functionality. | The service must be restored immediately; the production environment(s) is/ are unavailable, with platform-wide disruptions. |
| Medium | The service does not offer full functionality or has partial functionality or a reduced performance, as a result of which the users are impacted. The user suffers direct demonstrable damage due to unavailability of the functionality. The service may be impacted due to limited availability of this functionality. | The service must be repaired the same working day; the management environment is not available. |
| Low | The service functions with limited availability for one or more users and there is a workaround in place. | The moment of repair of the service is determined in consultation with the reporting person. |
This classification does not apply to disruptions that are, for example, caused by user-specific applications, actions by the user, or dependent on third parties.
Maintenance
Scheduled maintenance takes place once a quarter as a standard operation during the specified maintenance window. These events are announced by Equinix change management.
For emergency maintenance, Equinix reserves the right to deviate from the agreements regarding the maintenance windows below. In the above situation, an emergency maintenance request can be scheduled immediately, after which you will be informed when the maintenance will take place.
The standard windows of maintenance are from 00.00 – 07.00 hours on business days, weekends, and holidays; except for that offered for Managed Backup and Application Platform from 08.00 – 18.00 hours.