Virtual Servers for VPC
IBM Cloud® Virtual Servers for Virtual Private Cloud provide compute instances within an isolated virtual private cloud environment to deliver flexible, scalable compute resources with integrated networking, storage, and security capabilities when you deploy virtual server-based workloads on IBM Cloud. IBM Cloud® Virtual Servers for Virtual Private Cloud offer a wide range of compute profiles that include balanced, compute-optimized, memory-optimized, GPU, and very high memory configurations. These virtual servers are shared tenancy with optional dedicated host placement for compliance and licensing requirements.
The platform includes networking features such as security groups, network ACLs, VPN connectivity, and load balancers. These options provide network isolation and security controls.
Storage options include boot and data volumes by using Block Storage for VPC, that integrate with File Storage for VPC and Object Storage for extra data management capabilities.
For enterprise management and governance, IBM Cloud services such as IBM Cloud® Monitoring, IBM Cloud Logs Routing, and IBM Cloud Security and Compliance Center provide visibility, audit trails, and compliance scanning across your VPC infrastructure.
IBM Cloud Virtual Servers for VPC architecture overview
The following diagram shows the high-level reference architecture for your virtual servers.
Components
The following table outlines the products or services that are used in the architecture for each component.
| Component | Architecture components | How the component is used |
|---|---|---|
| Workload Migration | IBM Consulting and expert labs | Professional services organizations that provide migration and deployment services. |
| 3rd-party migration tools | Tools that are in the IBM Cloud catalog such as RackWare RMM, Wanclouds. | |
| Self-service | Direct migration by using image import, instance provisioning, and configuration management tools. | |
| Security | 3rd party Virtual network functions | 3rd party firewalls |
| IBM Cloud Key Protect | IBM Key Protect for IBM Cloud® service helps you provision and store encrypted keys for apps across IBM Cloud services, so you can see and manage data encryption and the entire key lifecycle from one central location. | |
| IBM Cloud Security and Compliance Center Workload Protection | IBM Cloud Security and Compliance Center Workload Protection to find and prioritize software vulnerabilities, detect and respond to threats, and manage configurations, permissions, and compliance. | |
| Resiliency | IBM Cloud Snapshots | Point-in-time copies of block storage volumes for backup and recovery. |
| IBM Cloud VPC Backup Service | Scheduled point-in-time copies of Block Storage volumes for backup and recovery. | |
| IBM Cloud Backup and recovery | Agent-based backup service for file-level and folder-level backup. | |
| 3rd-party backup solutions | Self-managed backup solutions such as Veeam, Commvault, or Rubrik. | |
| Multi-zone deployment | Distribution of virtual servers across availability zones for high availability. | |
| Observability | IBM Cloud Console, CLI, or API | Web-based console, command-line interface, and REST APIs for managing VPC resources. |
| IBM Cloud® Monitoring | Agent-based monitoring for metrics collection. | |
| IBM Cloud Logs Routing | Agent-based log aggregation and analysis. | |
| IBM Cloud IBM Cloud Activity Tracker Event Routing | Audit logging for VPC resource management activities. | |
| IBM Cloud security and compliance center | Posture management and compliance scanning for your VPC infrastructure. | |
| Storage | Block Storage for VPC | High-performance block storage volumes with configurable IOPS for boot and data disks. |
| File Storage for VPC | Persistent, fast, and flexible network-attached, NFS-based file storage. | |
| IBM Cloud® Object Storage | Designed for unstructured data. Ideal for workloads such as backup, archiving, big data analytics, and application data storage. | |
| IBM Cloud Key Protect | Provision and store encrypted keys that are used for volume encryption. | |
| Compute | Virtual server instances | Shared tenancy virtual servers with customizable profiles. |
| Dedicated hosts | Optional single-tenant physical servers for compliance and licensing requirements. | |
| Instance profiles | Balanced, compute-optimized, memory-optimized, GPU, and very high memory configurations. | |
| Custom Images | User-provided operating system images for specialized workload requirements. | |
| Networking | Virtual Private Cloud (VPC) | Logically isolated network environment with user-defined IP address ranges. |
| Subnets | Network segments within availability zones that use configurable routing. | |
| Security groups | Firewalls that control inbound and outbound traffic at the instance level. | |
| Network ACLs | Firewalls that control traffic at the subnet level. | |
| Public gateways | Enable outbound internet connectivity for virtual servers on private subnets. | |
| Floating IPs | Static public IP addresses that can attach to virtual servers for inbound internet access. | |
| Load balancers | Application and network load balancers that distribute traffic across virtual servers. | |
| VPN gateways | Site-to-site VPN connectivity to on-premises networks. | |
| Transit gateway | Hub that connects multiple VPCs and Classic infrastructure. | |
| Direct link | Connects dedicated, minimal latency connections to on-premises data centers. | |
| Virtual Network Functions (VNFs) | Virtual firewalls and network appliances that run as virtual servers. |
Next steps
Now that you understand the Virtual Servers for VPC architecture, explore the following resources:
- Plan your deployment: Review the design considerations for compute, networking, storage, and security
- Migrate workloads: Learn about migration strategies from VMware to VPC
- Hands-on tutorial: Follow the step-by-step migration tutorial to migrate your first workload
- Get started: Create your first Virtual Server for VPC