Orange County Cloud Services Are Easy with AIS
We provide client-specific Network, Compute, and Storage resources – a virtual data center (vDC) – on a fully-managed, extremely secure platform accessible via the Internet — or, for greater flexibility and security, Layer 3 VPN connectivity.
Orange County cloud computing clients add and remove resources (“virtual machines”) via an intuitive point-and-click interface (vCloud Director 5.1) to extract the application performance they require on a very flexible and cost-efficient basis.
There are two basic pricing models with AIS BusinessCloud1, both of which include real-time support and easy access to the secure, browser-based self-provisioning portal for full command over all resources: Pay-as-You-Go and Allocated Resources.
This Orange County cloud computing service features state-of-the-art hardware from market leaders Arista, Cisco, Dell, NetApp, and VMware — the market leader in virtualization with wide adoption, enterprise functionality, a superior roadmap, and a robust support ecosystem.
Network, compute, and storage resources are provided in the form of a Virtual Data Center (vDC) which is completely isolated and secure for each client.
From the secure, browser-based control portal — VMware vCloudDirector 5.1 — clients have API access and full command over all their resources:
- VMware HA (high availability) for automatic recovery from physical host failure
- Built-in QoS for both network and storage access
- vShield Edge included (firewall, VPN, load-balancing)
- Snapshot capability for rolling back VM configurations
- Private template catalog for client VM configuration management
- Import facility for VMware VMs and ISOs
- Direct VM console capability with ISO booting
- Hot-add RAM for running VMs
- Complex Multi-VM “cloning” through API and vCD interface
- Intuitive multi-layered private networking
Using the vCloud Director pop-out console utility, clients can access any of their virtual machine control consoles. This tool may be used even if a virtual machine itself has no network connectivity.
The vCloud Director self-provisioning system requires no human intervention, which means tasks are completed quickly with fewer errors.
Dual Arista 7000 Series switches and dual Cisco Catalyst 6500 Series switch/routers provide redundant Internet connectivity for client Virtual Data Centers — or more conveniently, Layer 3 VPN access to clients’ colocation or corporate facilities.
It is this secure, high availability (dual handoff) Layer 3 VPN connectivity that makes it particularly easy and powerful for AIS colocation clients to use AIS BusinessCloud1 services as a seamless extension of their existing networks.
The Arista and Cisco switches are configured with 2N redundancy and are dedicated to the cloud environment; they also have both power and link redundancy. There is 10GigE dedicated storage connectivity to each Dell compute node.
The Cisco 6500 Enterprise access routers are integrated into the AIS regional MPLS environment and provide flexible networking options for colo, multi-site, and metro-ethernet applications.
Security: AIS BusinessCloud1 has a full array of networking options to accommodate all security requirements:
- 100% Private Network: all operations kept internal to the client’s Virtual Data Center
- Firewalled Access to internal or external networks (VMware vShield)
- Internet Access via client colocation or corporate facilities
- Direct Internet Access
Clients may also configure unlimited, completely isolated internal networks with VMware’s built-in security features.
Compute resources consist of Dell R610/620 compute servers packed with fast 2.5Ghz processors and RAM – with each server being the equivalent in processing power to more than 100 standard servers.
These AIS BusinessCloud1 compute platforms use on-board SSD and network attached storage (NAS) for data instead of traditional disk drives.
The compute nodes are fully redundant in power, disk, and front-end/back-end connectivity
Since cloud performance is completely dependent upon data access, each remote host has dual, redundantly-configured 10Gbps links to the NAS devices for maximum availability and throughput.
AIS provides two grades of NetApp FAS3240 Enterprise Storage: high-performance SAS for transactional data and robust SATA for standard data storage.
The NetApp storage devices have dual controllers with HA configuration and RAID-DP (dual-parity) for maximum fault-tolerance and spindles.
The NetApp system is fully redundant and has additional features to enhance performance and efficiency, such as:
- NetApp Flash Cache
- Proprietary WAFL file system
AIS BusinessCloud1 is packed with enterprise-class features that would be prohibitively expensive if acquired by a single business just for its own use.
Storage – Storage partitions are not directly exposed to VMs.
Compute – Control and monitoring systems are physically isolated from the operational environment with dedicated security systems and access control.
Network – Explicit segregation of control, client, and storage access. Private client connectivity (internal and external) provided via dedicated VLANs.
AIS does 24x7x365 monitoring from three separate facilities. Netflows and other tools are used to identify potential security issues such as DDoS. AIS uses BGP communities in conjunction with our transit providers and internal systems to mitigate potential service-affecting attacks.
VMware built-in security features include vShield Edge, which provides sophisticated firewall capabilities such as NAT and VPN access. AIS has also hardened the underlying subsystems to circumvent common attack methods. Template catalogs allow simple configuration management to ensure standards compliance. VMware control domain is segregated between facilities to prevent multi-site security breaches.
AIS cloud facilities are SSAE 16 SOC 1, SOC 2, SOC 3 audited for compliance. All facilities require two-factor authentication for physical access.
Storage – Data distribution across multiple disk shelves to optimize I/O availability. RAID-DP with data striping ensures I/O efficiency under load conditions.
Compute – Each compute node has dual uplinks to the storage and external networks that are load-shared.
Network – Cisco and Arista enterprise-grade switches using HA technologies such as MLAG, HSRP, and BGP.
Cisco access routers are meshed to facility border routers. BGP and MPLS technology is tuned to provide efficient service even under load. Paired access routers allow router upgrades without service disruption. MPLS backbone is tuned to self-heal in the event of a network service issue.
AIS has implemented VMware’s vCloud Director suite of software with Enterprise+ features including HA, DRS, Network and Storage I/O. Using the built-in load-balancing, clients can perform hitless service upgrades. NetApp / VMware integration allows clients to perform snapshots of VM, providing a recovery point for software upgrades.
AIS cloud facilities are designed to operate independently with separate physical security and operations staff.
Fault-Tolerance & Redundancy
Storage – Dual NetApp controllers with dual power supplies, dual NICs, and dual 10Gbps uplinks into NAS switching. Disk shelves connected to both controllers. RAID-DP provides dual parity and a hot spare drive for redundancy at the shelf level.
Compute – All servers have dual power supplies and dual uplinks to both the storage and external networks. Each server has RAID SSD boot disks.
Network – Cisco and Arista enterprise-grade switches with dual power supplies and redundant links to both storage and external networks. Client interconnections use HSRP with dual Layer 3 VPN physical handoffs.
AIS operates its own BGP autonomous system to ensure IPv4 and IPv6 connectivity independent from external transit providers. All transit providers have dual entrance facilities. All inter-facility links (10Gbps MPLS) are redundant with different paths and providers Upstream transit connectivity is spread across 8 major backbone carriers and 4 facilities. Critical client resources such as DNS are anycast across all facilities.
VMware’s High Availability (HA) is built into BusinessCloud1; it intelligently manages recovery from a hardware node failure, restarting the affected VMs on other nodes. VMware control domain is segregated between facilities to prevent cascading service failure. AIS has designed in N+2 redundancy for VM resources.
All AIS cloud facilities have 2N power redundancy and cooling.
Storage – NetApp controllers are equipped with 1TB of Flashcache for performance caching. AIS has both standard (SATA) and performance (SAS) storage options.
Compute – Processors are the latest Intel model with multiple DMA channels and on-chip caching.
Network – Dual 10GigE connections to storage network to maximize I/O access. Dual 1GigE uplinks to external network for VM-VM and VM-world communications.
BusinessCloud1 routers have access to 45Gbps of upstream transit connectivity and more than 40Gbps of inter-facility transport. AIS has more than 80 direct and paid peering connections to optimize traffic flow. AIS uses Avaya performance routing to detect performance issues and reroute traffic. Servers use Load-Based Teaming (LBT) to detect and normalize traffic distribution.
VMware’s DRS provides dynamic, automated distribution of workload to optimize performance. Storage I/O Control monitors storage I/O performance and mitigates “noisy neighbor” issues. VMware’s VSS optimizes traffic flows between hosts even if they reside on different physical nodes. vApp template system allows rapid scaling of applications in a production environment.
Storage – Scalable to 1.2 Petabytes of storage with existing configuration. Storage network access scalable to 80Gbps.
Compute – Scalable up to 768GB RAM per node. AIS design will support 32 servers per cluster and more than 100 VMs/server.
Network – Scalable to 2 x 10GigE on external connections.
AIS network design is fully scalable for transit, transport, and dark fiber integrations.
AIS design allows for up to 1024 distinct virtual data centers per cluster. Client may create as many internal VLANs as required.
AIS facilities are capable of sustaining any power, cooling, or space requirements for the next 5 years.
Metrics for Evaluating Orange County Cloud Service
There are many metrics for measuring whether AIS BusinessCloud1 is right for you.
At the hardware level, AIS cloud services are designed with complete redundancy. Every piece of Arista, Cisco, Dell, and NetApp equipment is:
- Configured to eliminate any single point of failure
- A/B powered from separate uninterruptible power supply (UPS) systems
- And either dual-power supplied or powered from a static transfer switch
Network access is both redundant and diversified, and the entire systems architecture is self-healing with automated failover.
Bottom Line: There is no Single Point of Failure (SPoF) in AIS BusinessCloud1.
The VMware vCloud Director self-provisioning system used in AIS BusinessCloud1 requires no human intervention, which means that tasks are completed quickly and with fewer errors.
Comprehensive internal and external monitoring is also important, and so the VMware vCenter Operations application provides continuous monitoring of services and subsystems.
External monitoring and vCenter Operations provide fault isolation and help with capacity planning for system resources.
More fundamentally, the AIS cornerstone for ensuring superior reliability across every one of our offerings is our commitment to Information Technology Infrastructure Library (ITIL) standards for establishing and operating IT service management as well as continuous improvement.
Bottom Line: As an enterprise-class service, AIS BusinessCloud1 is as reliable as you can get.
AIS cloud services incorporate decades of industry and vendor best practices, resulting in a VMware-optimized hardware and software environment engineered for enterprise success.
To maximize I/O performance, we built redundant I/O paths and segregated management traffic from the storage network.
Furthermore, we implemented VMware’s latest Quality of Service (QoS) features, including Network / Storage I/O and dynamic resource scheduling (DRS).
We designed in additional performance wherever possible, such as SSD-based vhost local caching and NetApp Flash Cache.
Bottom Line: AIS BusinessCloud1 is purpose-built for maximum performance.
AIS cloud services have a full array of networking options to accommodate all security requirements, such as:
- No Internet access: all operations kept internal to the client’s vDC
- Firewalled access to internal or external networks (VMware vShield)
- Direct Internet access
- Private switched access to client colocation or corporate facilities
Clients may also configure unlimited, completely isolated internal networks with VMware’s built-in security features.
Physical security is assured with SSAE 16 compliant, SOC 1, 2, and 3 audited access controls standard at every AIS data center.
Bottom Line: Clients have full and flexible control over AIS BusinessCloud1 security.
AIS has the most reliable private regional network in the southwestern United States.
AIS cloud services provides easy, rapid deployment of individual virtual machines (VMs) or entire applications (vApps).
Additional resources are available on demand with no human intervention required.
For true integration, clients may leverage VMware’s vCloud Director API (application programming interface) and manage AIS BusinessCloud1 resources from within their existing vCenter management portal.
With this approach, large data sets may be stored and processed quickly by using Layer 3 VPN connections into the client’s vDC.
Bottom Line: It is tremendously easy, fast, and convenient to scale AIS BusinessCloud1 resources.
AIS selected VMware for many reasons, including widespread adoption, inherent functionality, feature roadmap, and robust support ecosystem.
Note: VMware is the market leader in virtualization. As such, our technology is field-proven and used by more than 170,000 customers – including 100% of the Fortune 100.
Because VMware is already the hypervisor of choice for most AIS clients, this means that their VMs are already formatted for use in AIS BusinessCloud1 – hence a trivial migration.
Furthermore, some BC1 features – such as vCenter Operations – may be extended into the client environment to monitor and maintain the client’s cloud.
Bottom Line: AIS BusinessCloud1 offers a familiar, trusted environment for IT professionals.
AIS has seasoned professionals who are trained in advanced cloud technologies.
Building and operating a cloud environment requires a high level of expertise. Skill sets must be obtained through training and/or experience, and AIS employees have invested in the knowledge and hands-on training needed to rise above the rest.
Our goal is to increase functionality within and outside of AIS cloud services while maintaining the highest standards of performance and availability.
Bottom Line: You can count on the experts at AIS to deliver the quality of cloud services you seek.
We use that optical network to provide flexible and secure Layer 3 VPN connectivity to/from AIS facilities in San Diego, Phoenix, and Los Angeles.
The AIS wide area network may be used to enable rapid restoration in a client disaster recovery (DR) situation, as data can be replicated almost synchronously between AIS BusinessCloud1 instances and/or colocation environments.
Bottom Line: Private, secure Layer 3 VPN connectivity is a key differentiator of AIS BusinessCloud1.
Contact Us Now to learn more about Orange County Cloud Computing.