IBM Cloud Virtual Private Cloud

IBM Cloud Virtual Private Cloud (VPC) is a highly resilient and highly secure software-defined network (SDN) on which you can build isolated private clouds for your business operations while maintaining essential public cloud benefits. You choose your compute, storage and networking resources and IBM provides maximum availability and scalability, plus various cost-effective options for your workload demands. IBM Cloud VPC is purpose-built for your cloud needs with solutions for VMware, SAP, and more. See IBM Cloud VPC Solutions.

The following reference architectures are documented for non-RISE SAP on IBM Cloud VPC:

• SAP HANA scale-out Reference Architecture - This reference architecture describes the Intel Bare Metal servers on Classic Infrastructure and Intel Virtual Servers in VPC Infrastructure (Gen2).
• SAP NetWeaver 7.x on UNIX with Sybase on IBM Cloud VPC - This reference architecture describes SAP NetWeaver 7.x APAB stack, Java stack, and dual stack (ABAP+Java) architectural design on Virtual server instances on IBM Cloud VPC.
• SAP NetWeaver 7.x on UNIX with Db2 on IBM Cloud VPC - This reference architecture describes two deployments on Virtual server instances on IBM Cloud VPC using IBM Db2; standard and distributed.
• SAP NetWeaver 7.x on Windows Servers with MS SQL on IBM Cloud VPC - This reference architecture describes two deployments on Virtual server instances on IBM Cloud VPC using Microsoft SQL; standard and distributed.
• SAP NetWeaver 7.x with SAP HANA IBM Cloud VPC - This reference architecture describes two deployments on Virtual server instances on IBM Cloud VPC using SAP HANA; single-host HANA system and multiple-host SAP HANA system.
• SAP Solutions and IBM Cloud Intel Bare Metal Servers on VPC Infrastructure
• SAP Solutions and IBM Cloud Intel Virtual Servers on VPC Infrastructure
• Overview of SAP on VPC - This pattern can be used as a guide to meet typical customer requirements and provide a base reference solution for a secure and resilient SAP NetWeaver and HANA or SAP NetWeaver and AnyDB deployment to IBM Cloud VPC.

The following reference architectures are documented for non-RISE, non-SAP on IBM Cloud VPC:

• Microsoft Software on IBM Cloud - IBM Cloud has a strategic relationship with Microsoft to offer their suite of software. We offer their software natively in our cloud offerings and as Bring Your Own Licenses (BYOL). This solution guide discusses IBM Cloud Bare Metal servers in Classis as well as Microsoft SQL Server in VPC.

• Red Hat OpenShift on VPC - The Red Hat OpenShift architecture is deployed on VPC servers across three availability zones within a region. From the IBM Cloud catalog, you can select from the compatible and recommended nodes that are available for Red Hat OpenShift on IBM Cloud. Worker pools are classified as variations of CPU, memory, and operating system characteristics. Choose the variation that's best suited to your use case. Shared Virtual Servers instances are used for worker nodes to run stateful applications in a production environment. Associated with this reference architecture are two deployable architectures:

  • Red Hat OpenShift Container Platform on VPC landing zone - Red Hat OpenShift Container Platform on VPC landing zone is a deployable architecture solution that is based on the IBM Cloud for Financial Services reference architecture. It creates secure and compliant Red Hat OpenShift Container Platform workload clusters on a Virtual Private Cloud (VPC) network.
  • Red Hat OpenShift Container Platform on VPC landing zone - QuickStart variation - The QuickStart variation of the Red Hat OpenShift Container Platform on VPC landing zone deployable architecture creates a fully customizable Virtual Private Cloud (VPC) environment in a single region. The solution provides a single Red Hat OpenShift cluster in a secure VPC for your workloads. The QuickStart variation is designed to deploy quickly for demonstration and development.

• Web app multi-zone resiliency - The web app multi-zone resiliency architecture deploys a 3-tier web application on Virtual Servers for VPC by using compute, storage, and network cloud resources as well as other Cloud services provisioned across multiple availability zones within a single region.

• Web app cross-region resiliency - The web app cross-region resiliency architecture deploys a 3-tier web application on Virtual Servers for VPC using compute, storage, and network cloud resources as well as other Cloud services provisioned in multiple availability zones across two regions to protect from region-wide natural disasters or outages.

• Deployable architecture for Maximo Application Suite - The IBM Maximo Application Suite deployable architecture provides a simple automated way to get started with Maximo Application Suite on IBM Cloud. Maximo Application Suite is a set of applications for asset monitoring, management, predictive maintenance, and reliability planning. It is a single, integrated cloud-based platform that uses Artificial Intelligence (AI), Internet of Things (IoT), and analytics to optimize performance, extend asset lifecycles, and reduce operational downtime and costs.

• Dizzion Managed DaaS on IBM Cloud - Dizzion Managed Desktop as a Service (DaaS) on IBM Cloud can help enterprises build an agile, long-term remote work environment, using cloud desktops to optimize end-user performance, security and compliance. The solution can support a variety of challenging use cases, including streaming voice and video, compliant personal devices, and media-intense workloads.

• IBM MQ SaaS - IBM® MQ SaaS offers secure and reliable messaging across multiple clouds. Utilise IBM MQ SaaS as a fully managed service with quick and easy setup. IBM’s solution handles upgrades, patches, and many operational management tasks, allowing you to focus on integrating with your applications.

IBM Cloud Power Virtual Server

IBM Power Virtual Server offers a powerful and flexible cloud platform with built in security, reliability, availability and performance, allowing clients to meet their requirements for a variety of complex and highly regulated workloads.

With the latest update to IBM Cloud Security and Compliance Center (SCC) Workload Protection, Power servers on IBM Cloud and on-premises are now supported for compliance posture management, bringing a new layer of security to your critical workloads running on PowerVS. This new capability ensures that critical enterprise applications and workloads like SAP, Oracle, and DB2, can be protected and monitored more efficiently with a comprehensive security and compliance solution.

SCC Workload Protection now provides compliance posture management capabilities for critical workloads on PowerVS, including AIX and Enterprise Linux on Power. With compliance posture management, these capabilities are designed to provide unified monitoring of your workloads’ posture to help access and manage compliance against regulatory and industry standards, such as CIS Benchmarks, in addition to advanced workload protection capabilities with vulnerability scanning and real-time threat detection for Linux on Power. See Easily secure your IBM Cloud PowerVS Workloads with IBM Cloud Security and Compliance Center Workload Protection.

When a PowerVS workspace is created, automatically a SCC Workload Protection instance is created with cloud security posture management (CSPM) for IBM Cloud enabled enabled by default. See About IBM Cloud Security Posture Management (CSPM)

The following reference architectures are documented for non-RISE SAP on IBM Power Virtual Server:

• SAP Solutions on IBM Power Virtual Server
• SAP on Power Virtual Server - This pattern illustrates a Single-Zone, Multi-Region design deployed to IBM Power Virtual Server, which can provide both DR and HA to provide 99.95 availability for an SAP NetWeaver/HANA or SAP NetWeaver/AnyDB solution to meet typical customer requirements.

The following reference architectures are documented for non-RISE, non-SAP SAP on IBM Power Virtual Server:

• Oracle RAC on Power Virtual Server - The reference architecture for Oracle RAC, High Availability, in a single zone region, represents a solution, based on best practices and use-cases.
• Oracle Database Disaster Recovery on IBM PowerVS Cross Region - This reference architecture details how to design an Oracle Disaster recovery deployable architecture on IBM Power Virtual Server environment. This reference architecture assumes that there are x86 workloads hosted in the IBM Cloud VPC environment.

IBM Cloud Classic

The IBM Cloud Classic IaaS environment leverages a traditional network architecture, best suited for lift and shift workloads so you can move applications quickly and keep the same architecture. See IBM Cloud Bare Metal Servers on Classic Infrastructure, IBM Cloud Virtual Servers on IBM Cloud Classic Infrastructure and Classic Infrastructure environment introduction.

The following reference architectures are documented for non-RISE SAP on IBM Cloud Classic:

SAP Solutions and IBM Cloud Intel Bare Metal Servers on Classic Infrastructure

The following documentation is applicable for non-RISE, non-SAP on IBM Cloud Classic:

• IBM Bare Metal Servers for Oracle workloads - This document discusses the IBM Cloud servers that are certified to run Oracle Linux and Virtualization and Oracle Hardware Certification List (HCL) compliant. IBM Bare Metal Servers for Oracle workloads are true, raw-performance, no-hypervisor, single-tenant bare metal servers and feature the latest generation of Intel® Xeon® processors for advanced core and memory demands.
• Gateway appliances - Gateway appliances are devices that give you enhanced control over network traffic, let you accelerate your network’s performance, and give your network a security boost. Manage your physical and virtual networks for routing multiple VLANs, for firewalls, VPN, traffic shaping and more.

IBM Cloud for VMware Solutions

IBM Cloud for VMware Cloud Foundation as a Service is a managed service that delivers a VMware Cloud Director (VCD) based stack that enables businesses to build cloud computing environments that support their business needs. Whether opting for a single-tenant or multitenant model, IBM handles the configuration, capacity management, monitoring, patching, upgrades, and security of the underlying VMware infrastructure, through a highly available management plane, so you can quickly deploy your VMware-based cloud computing environments. You can purchase compute resources at the host level, leveraging several IBM Bare Metal Server and profiles, or on-demand compute resources at the vCPU, RAM, and Storage level. With our multi-tenant consumption model, you can start as small as 1 VM comprising 1vCPU, 1GB RAM, 20 GB vSAN, and 1 network efficiency edge.

IBM Cloud for VMware Solutions enables you to seamlessly migrate and modernize VMware workloads to the cloud, allowing you to leverage your existing investments for a consistent VMware experience—retaining the same level of access, security and control.

The following reference architecture are documented for non-RISE SAP on IBM Cloud for VMware Solutions:

• SAP Solutions and IBM Cloud for VMware on Classic Infrastructure
• Solution design for the deployment of SAP to VMware Cloud Foundation (VCF) for Classic on IBM Cloud - This pattern can be used as a guide to meet typical customer requirements and provide a base reference solution for a secure and resilient SAP NetWeaver and SAP HANA or SAP NetWeaver and SAP AnyDB deployment to VMware Cloud Foundation (VCF) for Classic on IBM Cloud. Broadcom provides guidelines for SAP HANA, see Architecture guidelines and best practices for deployments of SAP HANA on VMware vSphere architecture and technical considerations guide.

The following reference architectures are documented for non-RISE, non-SAP on IBM Cloud for VMware Solutions:

• Three-tier web application on VCFaaS across MZR - This reference architecture outlines a resilient, multi-zone, 3-tier web application deployment on IBM Cloud® for VMware Cloud Foundation as a Service (VCFaaS). Provision compute, storage, and network resources with other cloud services, all within a single region.
• SQL Server Failover Cluster Instance on VMware vSAN Native.
• Using Oracle RAC on a vSAN Datastore.

IBM Cloud Services

IBM Cloud services is a suite of Platform as a Service (PaaS), and Software as a Service (SaaS) offerings hosted on the IBM Cloud platform. With these offerings you can consume the service without managing the infrastructure and software. To view these services see the IBM Cloud Catalog. The following reference architectures are documented for non-RISE, non-SAP on IBM Cloud Services:

• IBM Cloud Databases - The IBM Cloud® Databases portfolio contains database-as-a-service offerings on IBM Cloud, including the following

  • IBM Cloud Databases for PostgreSQL.
  • IBM Cloud Databases for MongoDB.
  • IBM Cloud Databases for Redis.
  • IBM Cloud Databases for Elasticsearch.
  • IBM Cloud Databases for MySQL.
  • IBM Cloud Messages for RabbitMQ.
  • IBM Cloud Databases for EnterpriseDB.

• IBM Cloud private connectivity offerings - This guide describes the various ways of connecting to IBM Cloud with a private connection using the following topologies:

  • Direct Link Dedicated - Single tenant connection to IBM Cloud Point of Presences (PoPs)
  • Direct Link Connect - Multi-tenant service provider connection to IBM Cloud PoPs
  • VPN (site-to-site) - VPN tunnel from on-premises firewall to IBM Cloud VPN
  • VPN (client-to-site) - VPN tunnel from laptop to IBM Cloud VPN
  • Satellite Connector - A layer-7, endpoint-oriented connection from IBM Cloud to access on-premises data source.

• Observability - IBM Cloud offers Observability services that you can use to monitor, troubleshoot, and understand the activity in your account. You can also use them to keep records for auditing and compliance. This guide describes the following services:

  • IBM Cloud Logs - IBM Cloud Logs is a scalable logging service that persists logs and provides users with capabilities for querying, tailing, and visualizing logs.
  • IBM Cloud Monitoring - IBM Cloud Monitoring is a cloud-native, and container-intelligence management system that you can include as part of your IBM Cloud architecture. Use it to gain operational visibility into the performance and health of your applications, services, and platforms.
  • IBM Cloud Activity Tracker Event Routing - Use IBM Cloud Activity Tracker Event Routing to configure how to route auditing events, both global and location-based event data, in your IBM Cloud. Auditing events are critical data for security operations and a key element for meeting compliance requirements. Control of the storage location is critical to building enterprise-grade solutions on the IBM Cloud.
  • IBM Cloud Logs Routing - You can use IBM Cloud Logs Routing to collect and route IBM Cloud logs from your account to a configured target.
  • IBM Cloud Metrics Routing - Use IBM Cloud Metrics Routing to configure how to route platform metrics in your IBM Cloud account.

• IBM Cloud Internet Services - IBM Cloud Internet Services brings market-leading security and performance to your external web content and internet applications before they reach the cloud.

• Veeam on IBM Cloud - Veeam on IBM Cloud can deliver reliable backup and predictable disaster recovery (DR) for virtual and physical workloads, wherever they reside—across your data center and the cloud.

• IBM Cloud Backup - IBM Cloud Backup is a full-featured, agent-based backup and recovery system managed through a web interface. Back up data between IBM Cloud servers in one or more IBM Cloud global data centers.

• Zerto on IBM Cloud - Zerto provides disaster recovery and cloud mobility for your VMware workloads within a single, simple, scalable solution.

• IBM Cloud Object Storage - IBM Cloud® Object Storage is a software-defined hyper-scale storage solution that runs on premises.

• IBM Cloud Block Storage - High-performance data storage solutions with customizable IOPS and predictable billing.

• IBM Cloud File Storage - Flash-backed, durable, fast and flexible NFS-based file storage—with customizable IOPS and predictable billing.

• IBM Cloud DNS Services - IBM Cloud DNS Services offers public and private authoritative DNS services with fast response time, unparalleled redundancy and advanced security—managed through the IBM Cloud web interface or by API.

• IBM Cloud Container Registry - Store and distribute container images in a fully managed private registry. Push private images to conveniently run them in the IBM Cloud® Kubernetes Service and other runtime environments. Images are checked for security issues so you can make informed decisions about your deployments.

To use IBM Cloud services hosted in your IBM Cloud account directly with your SAP workloads hosted in RISE with SAP on Power Virtual Server, IBM Cloud VPC Virtual Private Endpoints will need to be utilized. See About virtual private endpoint gateways and VPE-enabled services.