Power Systems right next to your hand on IBM Cloud
Do you have workloads that are running in Power Systems? Do you want to move your workloads to Cloud? If your answer is YES, IBM Cloud can help.
IBM Cloud has a promising offering that you can use to build your AIX, IBM i or Linux in Power Systems Virtual Server (Power VS) in minutes.
Power VS is a self-managed infrastructure as a service (IaaS) offering that gives you a flexibility to configure your workloads with cores, types of cores, memory resources and the needed storage using an easy-to-use user interface. Power VS comes with a catalog of supported AIX and IBM i images or you can bring your own image if needed.
Power VS has a variety of backup strategies for AIX and Linux. You can use Veeam, IBM Spectrum Protect or Cloud Object Storage. For more information about the backup strategies, you can visit Power VS backup strategies documentation.
Power VS does not exist in the same network/colocation (colo) with IBM Classic Infrastructure. So, if you want to connect your Power VS to IBM Cloud Private network, you will need to setup a Direct Link service between you Power VS router and IBM private network. Direct Link is separate IBM Cloud offering. When you provision the Direct Link service, Power VS should be selected to be your Direct Link’s provider. Power VS offering includes a highly available up to 10 GB connection to IBM Cloud private network at zero cost. By creating Power VS Direct Link, you will be able to communicate between your IBM Cloud services, Kubernetes,openshift , Bare Metal Servers in classic infrastructure, etc. After you provision your Direct Link, you will need to create support ticket to establish the connection between your private Power VS VLan and your direct Link service.
Even if you want to build your own Hybrid Cloud between your on-prem and IBM Power VS. IBM makes this easy.
As illustrated in the above diagram, you need to have Gateway Appliance (GRE Tunnel) to route from/to your corporate network traffic to IBM Cloud Classic infrastructure network through this tunnel. You can create the tunnel form IBM Classic infrastructure console. You can choose between ATT Vyatta, Juniper or you can bring you own appliance.
Then, you will need to create your own Direct Link between your on-Perm network and IBM Cloud infrastructure. You may visit IBM Direct Link documentations for more details about the setup instructions.
So, Your Gateway Appliance will be used as a tunnel for you inbound and outbound traffic from your PowerVS to IBM Cloud Classic infrastructure and then you can use the Direct Link Service to connect to your corporate internal network.
At the end, I would like to list few security tips that you may need to implement when you provision your Servers.
1) Creates strong root Password.
2) Enables sudoers and once sudo is installed, add non-root users with strong passwords and enables sudo access.
3) Disables the public network interface if you do not need it.
4) Disables the root user SSH access.
5) If you do not need services like ftp, telnet, shell, login, exec, ntalk, etc, you can disable them.
6) Installs End Point Detection and Response tool like Crowdstrike and threats prevention tools if applicable.
7) Uses Two-Factor Authentication (2FA), if applicable.
The above list is a few examples of the actions that you may take to secure your servers. You may need to consult your security team to implement your corporate security standards in this offering.
