compute cloud service definition
TRANSCRIPT
OVERVIEW
IndonesianCloud Compute.Cloud, a VMware Hybrid Cloud powered Data Center Solution is a web-
based Infrastructure as a Service “IaaS” solution. Compute.Cloud combines multi-tenancy of the
same physical infrastructure with logical separation between clients to provide a dedicated compute
and storage operating environment that leverages IndonesianCloud’s data center security services.
The Compute.Cloud Infrastructure is fully redundant and configured for automatic failover. The
Compute.Cloud Infrastructure consists of
Data Center Services
Server hardware, SAN Storage, network devices, and hypervisor software used to provide
the clients virtual datacenter environment.
INDONESIANCLOUD COMPUTE.CLOUD INFRASTRUCTURE
The Compute.Cloud infrastructure consists of the following components: virtual infrastructure,
network, compute, and storage.
Virtual Environment
Each client has a logically-isolated virtual datacenter segregated by a virtual firewall. The following
functionality is included within each VDC.
Firewall – Supported rules include IP 3-tuple configuration with IP and port ranges for
stateful inspection for TCP, UDP, and ICMP
Network Address Translation – Separate controls for Source and Destination IP addresses, as
well as TCP and UDP port translation
Dynamic Host Configuration Protocol (DHCP) – Configuration of IP pools, gateways, DNS
servers
VPN Tunnels – Compute.Cloud supports IPSEC-compliant VPN tunnels to a client VPN
termination point. The client is responsible for providing the IP address of the VPN
termination point of the VPN tunnel.
Compute Capacity
vCPU – a thread or processor cycle of the physical processors of the environment. For
example a 2vCPU virtual machine would provide use of 2 concurrent threads or cycles of the
processors at a speed of no less than 2Ghz per vCPU.
vRAM – Virtual system memory on the physical infrastructure.
Storage is accessible from the client’s IndonesianCloud Compute.Cloud VDC or Virtual Data
Center. See Storage Options for details on storage configurations.
Networks
NIC – each Virtual Machine is configured with at least one virtual NIC and can be connected
to the client’s Compute.Cloud networks.
Networks – Clients are provided both internal and external networks. Internal networks are
non-routable and only accessible by the client. Internal networks can be connected to
external networks.
External networks are routed or directly connected to the Internet, providing connectivity
outside the Compute.Cloud environment.
Public IPs are available to be allocated to any virtual machines that needs to be accessed via
the Internet.
Storage
IndonesianCloud Compute.Cloud provides SAN-based storage as a component of the Compute.Cloud
Service, and is available in either Premium or standard performance.
Premium
Used for high performance and high I/O applications and databases and other
mission critical and performance sensitive applications.
Standard
Suitable for development and test workloads or other applications which do not
require intense or heavy disk IOPS.
IndonesianCloud provides the hardware, software, connectivity, facilities, systems administration,
problem management, and maintenance associated with the storage system. The client owns and is
solely responsible for any client data maintained within the storage system.
IndonesianCloud monitors 24x7x365 for the following events:
Storage availability
Available capacity
Excessive write errors
ACCESS SECURITY
Compute.Cloud clients have the ability to automate the setup, configuration and administration of
virtual servers and network topology within their own Virtual Data Center. With the ability to
implement role-based access controls, a client administrator can create user accounts with specific
privileges ranging from full administrative privileges to read-only access.
VIRTUAL MACHINE CONFIGURATIONS
With Compute.Cloud, clients have the ability to configure their virtual machines as follows:
Each virtual machine, including disk storage, networking, CPU and RAM, can be configured
to run a full operating system and multiple applications.
Clients can change their virtual machine hardware settings at any time:
vCPU: between 1 – 32 cores, each of 2Ghz performance
RAM: between 1 GB and 255 GB RAM
Disk: allocations of up to 2TB per virtual drive
Drives: Up to 60 drives per virtual machine
Clients can build their virtual machines with up to 1 external network interfaces and 5
internal network interfaces to enable advanced multi-tiered networks, including firewalls,
load balancers and server tiers with different security rules.
Clients have the ability to import their own existing virtual machines and configurations or
build new operating system installations from scratch.
Clients can expose or “publish” individual virtual machine ports, individual URLs or the entire
virtual machine to the Internet.
Through the use of virtualization software and/or server partitioning, IndonesianCloud will provide
the client with the use of CPU cycles, system memory and storage within a physical infrastructure,
based on the configuration selected.
Optionally (for an additional fee) IndonesianCloud provides full Managed Support for the virtual
machines.
INDONESIANCLOUD COMPUTE.CLOUD DATA CENTERS
IndonesianCloud’s delivers Compute.Cloud infrastructure from two data centers located in
Indonesia. One datacentre (Equinix) is a Tier 4 certified facility, and the other datacentre (IDC) is a
Tier 3 designed facility.
Each data center is located in a locked room, accessible only via keycard access to a restricted subset
of IndonesianCloud personnel. IndonesianCloud clients may receive a tour of a IndonesianCloud data
center, but are not allowed physical access to the servers/equipment.
Each data center is configured with:
Raised floors
Proactive fire detection and suppression systems
Redundant air handlers supported by redundant chillers
Uninterrupted Power Supply (redundant) and diesel generation capacity sufficient to
operate the facility at full load, even with the loss of a single unit (N+1 or greater)
Physical security measures typically including exterior proximity sensors and closed circuit
surveillance
DATA CENTER NETWORK SERVICES
Standard Network Infrastructure
IndonesianCloud provides the data center network infrastructure required to host the
compute.Cloud service. Clients are provisioned on a leveraged, multi-client, network infrastructure
environment.
The components of the Standard Network Infrastructure (SNI) include:
Routers – IndonesianCloud provides redundant managed routers throughout the SNI.
Switches – IndonesianCloud provides redundant managed switches throughout the SNI. It is
a high-end service designed to supporting complex switches. This service supports numerous
network segments (VLANs) per switch.
Management Infrastructure – IndonesianCloud provides internal management functionality
via a management network within the SNI through the data center firewalls and/or private
VLANs (PVLANs). IndonesianCloud monitors and manages the entire SNI environment.
IndonesianCloud monitors 24x7x365 for the following events:
Network element interface status
Network element hardware environmental status
Abnormal routing configuration changes
Network element CPU utilization
Network element interface utilization
Network element memory utilization
Hardware and interface errors
Data Center Internet Connectivity
IndonesianCloud’s Data Center Internet Connectivity service consists of the installation and
management of ISP network connections to the data center via redundant network routers and
switches.
As part of provisioning the Data Center Internet Connectivity service, IndonesianCloud provides the
following services:
Circuit capacity management from IndonesianCloud’s ISP suppliers
High availability and Redundant connectivity
Anti-spoofing configuration
BGP configuration including AS number administration
Monitoring and alerting
Border Security Services
The following sections describe the data center-level security services that IndonesianCloud provides
as part of IndonesianCloud Compute.Cloud.
Denial of Service Prevention Services
IndonesianCloud’s anti-DDoS technology inspects traffic entering the Compute.Cloud
environement looking for common denial of service attack patterns, including both “low and
slow” and bandwidth saturation attacks. When attacks are identified, the anti-DDoS
technology takes immediate corrective action to temporarily block the sending machine
network IP address.
Network Intrusion Detection Services
IndonesianCloud’s Network Intrusion Detection Services (NIDS) technology examines
unencrypted traffic entering and leaving the Compute.Cloud environment from the data
center Ingress/Egress point looking for attack patterns that match against a database of
known attack “signatures” in a similar fashion to anti-virus.
MONITORING SERVICES
IndonesianCloud Compute.Cloud includes 24x7x365 predictive alert and fault monitoring for the
Compute.Cloud Infrastructure. Clients will be notified of all service-impacting conditions in
accordance with Event Management procedures.
CHANGE MANAGEMENT
A change is any action to the Compute.Cloud infrastructure which, when taken, alters the system
configuration or the current state of the client’s existing Compute.Cloud environment — whether it
is an upgrade, modification, or addition.
IndonesianCloud’s Change Management process involves a formal review of each proposed change
by a cross-functional team of managers and/or technicians who are responsible for approving the
steps for all qualified change-control activities. This approval process is part of a checks-and-
balances approach to make sure that appropriate planning has taken place and proper advance
notice has been given to all parties before the change activity begins.
EVENT MANAGEMENT
As part of the services provided to every IndonesianCloud Compute.Cloud client, IndonesianCloud
uses a comprehensive Event Management process for detecting, reporting, addressing, resolving,
closing and preventing problems impacting service. When a service event or problem occurs,
IndonesianCloud’s primary goals are:
To resolve the problem and/or return to an operational state in the minimum time possible
To provide timely notification and ongoing communications with the client’s
technical/management personnel
To work with the client to identify any remaining issues and institute corrective/preventive
measures
TICKET CENTER
Clients can report problems by opening tickets through the IndonesianCloud Cloud helpdesk Portal.
IndonesianCloud provides clients with a Web-based customer service system that is integrated into
the workflow and ticketing tool that IndonesianCloud’s support teams utilize for problem
management and service requests. Ticket Center gives clients the ability to create, update, and
search ticket history. This feature provides a real-time Web-based channel for understanding and
servicing the client’s environment.
SERVICE LEVEL AGREEMENTS
The IndonesianCloud Compute.Cloud Service Level Agreements (SLAs) provides clients with defined
service credits in the event that IndonesianCloud fails to meet stated performance metrics.
IndonesianCloud offers Availability and Response Time SLAs.
Availability SLA
Availability means that the client can access its IndonesianCloud Compute.Cloud virtual Data Center
environment. Availability will be based on a client’s cumulative outages over a calendar month.
The Availability TARGET SLA for Compute.Cloud is 99.90% uptime; the Availability GUARANTEE SLA
for Compute.Cloud is 99.50% uptime.
Response time SLA’s
Response time SLA’s (otherwise known as “Time to Respond” which does not include Resolution)
assures all clients are entitled to a credit if IndonesianCloud fails to meet response times defined by
severity level. Only severity 1 (system down), and severity 2 (major impact) events are subject to
response time SLAs. Severity 3 and 4 are responded to on a best effort basis.
Severity 1
Complete loss of infrastructure connectivity or server functionality.
IndonesianCloud will Respond within 15 minutes from the initial alert or receipt of the ticket
Once IndonesianCloud has confirmed that a Severity 1 event has occurred, IndonesianCloud
will notify the client of the issue within 15 minutes from the initial monitoring alert.
Severity 2
Degradation of performance for any infrastructure component that has a material adverse
effect on the site’s performance
IndonesianCloud will Respond within one (1) hour from the initial alert or receipt of the
ticket
Once IndonesianCloud has confirmed that a Severity 2 event has occurred, IndonesianCloud
will notify the client within one (1) hour from the initial monitoring alert.
Severity 3
Single member of redundant unit or circuit has failed, but there is no impact on end users or
any degradation of service
Severity 4
A service request that is not a problem
CREDITS AND REMEDIES
If in any month Service availability or performance is less than the stated availability guarantee,
IndonesianCloud will issue a service credit for the next month of 1 day’s hosting for every hour the
Service is unavailable in the relevant month.