Power Virtual Server Cloud Connections

Support for Power Virtual Server workspaces with Power Virtual Server Cloud Connections

The Power Virtual Server supports multiple workspaces from the same account. However, any given IBM Cloud connection can be used by only one workspace. If you want to configure a setup with multiple workspaces for the same account and if you want these workspaces to share an IBM Cloud connection, open an IBM Support case.

When you perform multiple Power Virtual Server Cloud Connection tasks, actions within a task can time out. When the timeout occurs, the tasks are completed in the background and the status might not change immediately.

Creating Power Virtual Server Cloud Connections

To create an Power Virtual Server Cloud Connection, complete the following steps:

1. Go to the Power Virtual Server user interface and click Cloud connections.

2. On the Cloud connections page, click Create connection.

3. In the Resource details section, complete the following:

   a. Specify a connection name and select a connection speed. Follow these guidelines for setting the speed:

   • Maximum connection speed is 10 Gbps.
   • You can select 10 Gbps speed only when you are creating a new connection.
   • If you select 10 Gbps as the required speed, the GRE tunneling option is disabled.
   • You cannot modify a Cloud connection with 10 Gbps to be GRE capable by reducing the speed.
   • You cannot modify the speed of an IBM Cloud connection when the speed is set to 10 Gbps at the time of creation.

   b. Select Enable global routing if you need access to other data centers outside your Power Virtual Server region. For example, you can use global routing to share workloads between dispersed IBM Cloud resources, such as Dallas to Tokyo, or Dallas to Frankfurt. If you want to enable IBM Transit Gateway for the Cloud connection, then global routing option is not required.

   c. Select Enable IBM Transit Gateway to interconnect your Power Virtual Server to the IBM Cloud classic and Virtual Private Cloud (VPC) infrastructures and to keep traffic within IBM Cloud. IBM Cloud Transit Gateway connects the private networks, such as classic, VPC, and Direct Link. For more information, see Getting started with IBM Cloud Transit Gateway. IBM Cloud Transit Gateway is currently available in WDC04, DAL12, DAL13, LON04, LON06, FRA04, FRA05, SAO01, SYD04, TOK04, TOR01, MON01, SYD05, and OSA21 data centers.

   You need to configure IBM Cloud Transit Gateway in WDC06 manually. Select Transit Gateway as the network connection type instead of Direct resources while creating Direct Link (2.0) Connect to use IBM Cloud Transit Gateway. Complete your connection by submitting an IBM Support case to the Power Virtual Server team. For more information, see Ordering Direct Link Connect.

4. In the Virtual connections section, you can establish a connection between multiple Power Virtual Server workspaces across different data centers by using an IBM Cloud Transit Gateway. You can create virtual connections that are directly attached to the Direct Link gateway, or you can choose to connect an IBM Cloud Transit Gateway and then create a connection from it to your networks (VPC, classic). You must create an IBM Cloud Transit Gateway to enable virtual connections. Select the virtual connections checkbox to continue. This setting is required if you selected the Enable IBM Transit Gateway checkbox in the previous step.

5. In the Subnets section, click Attach existing to attach an existing subnet to the connection. A GRE tunnel requires that a connection be attached to a subnet. You can create a new subnet. If you enable IBM Cloud Transit Gateway, you can configure the GRE tunnel by using the IBM Cloud Transit Gateway interface. For more information, see Configuring subnets. The table in this topic lists all the subnets that are attached to the IBM Cloud connection.

   Attaching a subnet to an IBM Cloud connection is required as the network traffic is routed over the connection. You must route Power Virtual Server private network subnets over IBM Cloud Direct Link to allow connectivity between Power Virtual Server instances and the IBM Cloud network. Attaching a subnet to Cloud connections allows Power Virtual Server VM to VM communication as well as for the VMs that are located in the same subnet or different subnet within the workspace to communicate.

   If the Cloud connection is attached to a transit gateway, the following subnet ranges are not supported 10.0.0.0/14, 10.200.0.0/14, 10.198.0.0/15 and 10.254.0.0/16. Please ensure, when attaching subnets to the cloud connection, you avoid subnets in these ranges (if used with a transit gateway).

6. Review the summary and the terms and conditions. Then, click Create to create an IBM Cloud connection.

IBM Power Virtual System Cloud Connections are currently not supported on the WDC06 data center. If you do not have the authorization and attempt to create a Cloud Connection (Direct Link Connect), a link will be generated. This Direct Link is not operational and must be authorized by the IBM Cloud account user who has the required authority via IBM Cloud Console Direct Link Portal.

Modifying IBM Cloud connections

When you create or edit a subnet, you can attach an existing IBM Cloud connection to the subnet. For more information, see Configuring and adding a private network subnet.

To view or edit IBM Cloud connections, complete the following steps:

1. From the Power Virtual Server dashboard, click Cloud connections in the left navigation pane.

2. Click the Cloud connection that you want to configure. The corresponding Connection details page appears.

3. If a transit gateway is enabled for the connection, you can view the Managed with IBM Transit Gateway details.

4. Click the Edit details icon.

   If you have an existing IBM Cloud connection with a speed of 5 Gbps or less, you cannot increase the speed limit to 10 Gbps. Also, you cannot modify an IBM Cloud connection with 10 Gbps to be GRE-capable by reducing the speed.

5. Modify the details, review the pricing changes, and click Save edits.

Deleting an IBM Cloud connection

To delete an IBM Cloud connection, complete the following steps:

1. From the Power Virtual Server dashboard, click Cloud connections in the left navigation window.

   You can see the list of IBM Cloud connections that are currently configured.

   1. To delete a specific IBM Cloud connection, click the Delete icon in the last column of the table.

When you delete a virtual server instance, it deletes the private networks (subnets) and other resources. It would help if you considered the following:

• You must delete the Cloud Connection (Direct Link) from the IBM Cloud Transit Gateway interface before deleting the Cloud Connection.
• When there are more than one virtual server instances that use the Cloud Connection, and you delete one, you can delete the Cloud Connection from the existing server instances.

Setting up high availability over IBM Cloud connections

By default, IBM Cloud Direct Link (2.0) is not a redundant service. You must order a separate Direct Link (2.0) Connect instance for redundancy.

To set up high availability to the IBM Cloud network by using Direct Link connect, complete the following steps:

1. Create two IBM Cloud connections for your Power Virtual Server.
2. Attach subnets to the primary and redundant IBM Cloud connections.

When subnets are attached to IBM Cloud connections, the Power Virtual Server supports routing the subnets over the IBM Cloud connections and Border Gateway Protocol (BGP) configuration, which provides the redundant paths.

Configuring a Generic Routing Encapsulation (GRE) tunnel

A Generic Routing Encapsulation (GRE) tunnel connects two endpoints (a firewall or a router and another network appliance) in a point-to-point logical link. Power Virtual Server use GRE tunnels to enable connectivity to IBM Cloud VMware™ networks and other destinations by using a router appliance. A GRE tunnel enables Bring Your Own IP (BYOIP) functionality, as well as the ability for data to transit through the IBM Cloud classic network.

GRE tunnel configuration requires a tunnel source IP (Power Virtual Server router end), GRE subnet, and destination IP address. For more information, see Creating IBM Cloud connections.

A GRE tunnel subnet supports addressing for GRE tunnels. It is used for the tunnel source IP, local IP, and remote IP. The first half of the subnet IP range (s1) is used for source IPs and the second half (s2) is used for local and remote IPs. GRE tunnels use the first IP from s1 as the source IP. The local IP is first IP of s2 and the remote IP is the second IP of s2.

GRE Destination IP: 10.148.252.83 (VRA private IP)
GRE Subnet:       : 172.16.3.0/29 (GRE subnet that you chose)
PowerVS source IP : 172.16.3.1 mask 255.255.255.255
PowerVS tunnel IP : 172.16.3.5

GRE Destination IP: 172.16.3.1/32 (PowerVS Tunnel End-point Destination IP)
VRA source IP     : 10.148.252.83
VRA tunnel IP     : 172.16.3.6
VRA ASN           : 64880
PowerVS ASN       : 64999

Migrating an existing network configuration

You can continue to have your existing configuration managed using the Power Virtual Server IBM Support case process. You are not required to migrate to a Power Virtual Server network.

If you want to use the new features that are offered by network automation, you can migrate your existing network configuration by creating a Power Virtual Server operations IBM Support case.