Overview of Power Virtual Server with VPC landing zone deployable architectures
Provisioning Power Virtual Server with VPC landing zone by using deployable architectures provides an automated deployment method to create an isolated Power Virtual Server workspace and connect it with IBM Cloud services and public internet. Network management components like DNS, NTP, proxy servers and NFS as a Service might be installed. Comparing the provisioning through the projects UI, user interaction is minimized and ready-to-go deployment time of a Power Virtual Server workspace is reduced from days to less than 1 hour.
Automated Power Virtual Server with VPC landing zone provisioning that is described in this guide is based on IBM Cloud catalog deployable architectures. In this documentation, we describe only specifics that are related to Power Virtual Server with VPC landing zone deployable architecture.
In the following sections, the deployable architecture variants are described.
1. Standard variation
This deployable architecture variation deploys these resources:
Resource Type | Optional | Description |
---|---|---|
Workspace for Power Virtual Server | Workspace for Power Virtual Server with 2 subnets and an SSH key | |
Stock Images | Yes | Imports IBM Provided Stock Catalog Images into Workspace for Power Virtual Server |
Custom Images | Yes | Imports up to three custom images from Cloud Object Storage into Workspace for Power Virtual Server |
Resource Type | Optional | Description |
---|---|---|
VPC | Edge VPC: ACL, SGs, SSH Key and 4 Subnets | |
Intel VSI | Jump box running RHEL 9.4 with floating IP attached | |
Intel VSI | Network Services running RHEL 9.4 configured as squid proxy, NTP and DNS servers(using Ansible Galaxy collection roles IBM Power Linux for SAP). Also configured as central ansible execution node | |
Intel VSI, IBM Cloud Monitoring Instance |
Yes | Monitoring Host Running SLES 15SP5 to collect metrics and forward it to IBM Monitoring Instance IBM Cloud monitoring Instance displays the platform metrics and OS metrics |
File storage share, Application load balancer |
Yes | NFS as a Service Application Load Balancer is deployed along with File storage share to access the share IP from Power Virtual Server |
Virtual Private Endpoint Gateway | A Virtual Private Endpoint Gateway to reach the Cloud Object Storage bucket | |
Flow Logs for VPC | Flow Logs for VPC enables the collection, storage, and presentation of information about the Internet Protocol (IP) traffic going to and from network interfaces within your VPC | |
Client to Site VPN Server, Secrets Manager |
Yes | Client to Site VPN Server provides client-to-site connectivity, which allows remote devices to securely connect to the VPC network using an OpenVPN software client. Secrets Manager Instance is deployed along with VPN to store the VPN Certificate |
Resource Type | Optional | Description |
---|---|---|
Key Protect | Key Protect provides key management by integrating the IBM Key Protect for IBM Cloud service. These key management services help you create, manage, and use encryption keys to protect your sensitive data | |
Transit Gateway | Global or local Transit Gateway to interconnect VPC and Power Virtual Server workspace | |
Cloud Object Storage | Cloud Object Storage instance, buckets and credentials are created |
2. Standard Extend variation
This variation has a prerequisite. You must deploy the 'Create a new architecture Standard' variant first.
The 'Extend Power Virtual Server with VPC landing zone' variation creates an additional Power Virtual Server workspace and connects it to the existing Power Virtual Server with VPC landing zone. It builds on existing Power Virtual Server with VPC landing zone deployed as a variation 'Create a new architecture'. This is typically used for High Availability scenarios in the same regions.
This deployable architecture variation deploys these resources:
Resource Type | Optional | Description |
---|---|---|
Workspace for Power Virtual Server | Workspace for Power Virtual Server with 2 subnets and an SSH key | |
Stock Images | Yes | Imports IBM Provided Stock Catalog Images into Workspace for Power Virtual Server |
Custom Images | Yes | Imports up to three custom images from Cloud Object Storage into Workspace for Power Virtual Server |
3. Quickstart variation
This deployable architecture variation deploys these resources:
Resource Type | Optional | Description |
---|---|---|
Workspace for Power Virtual Server | Workspace for Power Virtual Server with 2 subnets and an SSH key | |
Power Virtual Server Instance | A Power Virtual Server instance of chosen T-shirt size or a custom t-shirt size. Refer to the table below. |
Resource Type | Optional | Description |
---|---|---|
VPC | Edge VPC: ACL, SGs, SSH Key and 4 Subnets | |
Intel VSI | Jump box running RHEL 9.4 with floating IP attached | |
Intel VSI | Network Services running RHEL 9.4 configured as squid proxy, NTP and DNS servers(using Ansible Galaxy collection roles IBM Power Linux for SAP). Also configured as central ansible execution node | |
Intel VSI, IBM Cloud Monitoring Instance |
Yes | Monitoring Host Running SLES 15SP5 to collect metrics and forward it to IBM Monitoring Instance IBM Cloud monitoring Instance displays the platform metrics and OS metrics |
File storage share, Application load balancer |
Yes | NFS as a Service Application Load Balancer is deployed along with File storage share to access the share IP from Power Virtual Server |
Virtual Private Endpoint Gateway | A Virtual Private Endpoint Gateway to reach the Cloud Object Storage bucket | |
Flow Logs for VPC | Flow Logs for VPC enables the collection, storage, and presentation of information about the Internet Protocol (IP) traffic going to and from network interfaces within your VPC | |
Client to Site VPN Server, Secrets Manager |
Yes | Client to Site VPN Server provides client-to-site connectivity, which allows remote devices to securely connect to the VPC network using an OpenVPN software client. Secrets Manager Instance is deployed along with VPN to store the VPN Certificate |
Resource Type | Optional | Description |
---|---|---|
Key Protect | Key Protect provides key management by integrating the IBM Key Protect for IBM Cloud service. These key management services help you create, manage, and use encryption keys to protect your sensitive data | |
Transit Gateway | Global or local Transit Gateway to interconnect VPC and Power Virtual Server workspace | |
Cloud Object Storage | Cloud Object Storage instance, buckets and credentials are created |
You can run AIX, IBM i, and Linux images on your virtual server instances. Select the required T-shirt size and a virtual server instance with chosen T-shirt size or custom configuration is deployed. The T-shirt sizes and the configuration parameters mapping are shown in the following table:
XS | S | M | L | |
---|---|---|---|---|
Cores | 1 | 4 | 8 | 15 |
Memory | 32 | 128 | 256 | 512 |
Storage Tier-3 (GB) | 100 | 500 | 1000 | 2000 |
XS | S | M | L | |
---|---|---|---|---|
Cores | 0.25 | 1 | 2 | 4 |
Memory | 8 | 32 | 64 | 132 |
Storage Tier-3 (GB) | 100 | 500 | 1000 | 2000 |
US1 Test/Dev |
|
---|---|
Cores | 4 |
Memory | 128 |
Storage Tier-3 (GB) | 750 |
4. Import variation
Create an IBM Cloud schematics workspace for your pre-existing VPC and Power Virtual Server infrastructure resources using the new Power Virtual Server (PowerVS) with VPC landing zone variation - 'Import Power Virtual Server Workspace'.
This variation helps to install the deployable architecture 'Power Virtual Server for SAP HANA' on top of a pre-existing Power Virtual Server(PowerVS) landscape. 'Power Virtual Server for SAP HANA' automation requires a schematics workspace id for installation. The 'Import' solution creates a schematics workspace by taking pre-existing VPC and Power Virtual Server infrastructure resource details as inputs. The ID of this schematics workspace will be the pre-requisite workspace id required by 'Power Virtual Server for SAP HANA' to create and configure the Power Virtual Server instances for SAP on top of the existing infrastructure.
Check the pre-requisites for this variation here.
Other Power Virtual Server related deployable architectures
In addition to the Power Virtual Server with VPC landing zone other deployable architectures and terraform based solutions might be deployed.