Enterprise Compute Cloud
Unlike cloud native applications, enterprise applications were designed in the age of virtualisation and traditional hosting. These workloads support a wide variety of business processes: from back-office systems (such as payroll) to line-of-business applications (such as case management). Some enterprise applications have particular requirements in relation to resilience, assurance, and connectivity to legacy systems and secure communities of users.
UKCloud Enterprise Compute Cloud provides you with the trusted, connected and flexible cloud platform you need to deliver your critical enterprise applications.
Whether driven to overcome financial or operational constraints, or a desire to innovate and evolve existing services – Enterprise Compute Cloud is designed to help you achieve your business objectives.
|On demand – Billed by the hour for resources used||Enabling cost savings by controlling VM power states|
|Build and configure VMs via secure self-service portal & API||Get the resources you need, when you need them|
|A range of service levels, VM sizes and licencing options||Configure the solution that is right for your application|
|24/7 service desk included as standard with SLA response times||Feel supported to get the best from your application|
|Platform spans two UK data centres separated by over 100km.||Architect solutions with confidence that applications and services remain available|
|Cross-domain functionality: controlled access between internet and Elevated domains||Make compelling citizen facing services, whilst ensuring data remains safe|
|Assured; UK hosted by SC and NPPV cleared personnel||Have confidence in who has access to your data|
|Aligned with CESG Cloud Security Principles||Solutions on a cloud that aligns with CESG best practice|
|Connect over the PSN, PNN or RLI||Choose the right network to connect your solution to|
|Based on enterprise grade systems from VMware, Cisco and EMC||Use known technologies to de-risk your cloud transition|
When taken in combination with UKCloud’s other compute solutions, including Cloud Native Infrastructure (powered by OpenStack) and Enterprise Compute Cloud – Oracle, we can deliver a suite of services to deliver the outcomes you need in your organisation.
All enterprise workloads deployed using Enterprise Compute Cloud benefit from the following great features as standard:
- Proven compatibility. Powered by leading enterprise technologies from VMware (including vSphere ESX), EMC and Cisco, Enterprise Compute Cloud provides a familiar and proven technology platform that de-risks running your applications in the cloud (compared to other non-enterprise cloud platforms which are often based on unproven open-source or proprietary technology).
- Comprehensive and personalised support. Enterprise workloads are often mission critical and require immediate interactive support when issues arise. We are ready to stand shoulder-to-shoulder with you at times of crisis and there are no hidden charges with UKCloud support. As standard we include:
- Staffed telephone service desk and Network Operations Centre (NOC)
- 24/7 support for high-priority incidents
- A Customer Success team focused on supporting you during on-boarding and throughout the life of your workload.
- Technical Account Managers. UKCloud will allocate a Technical Account Manager (TAM) to provide you with an assigned point of contact and additional assistance with reporting and incident escalation, at all times following UKCloud’s ISO 20000-certified ITIL-based process framework
- Cloud Architect and subject matter expert (for example on networking, storage or VMware) engagement to help you optimise your solution for cloud operation
- Choice of location. We provide a variety of options that enable you to build resilience into your applications.
Enterprise Compute Cloud is offered from two geographically distinct regions, both located in the UK and separated by over 100 km for excellent geo-diversity
In addition, each region offers multiple physically separated availability zones, providing you with multiple options to build the resilience you require into your solution
- Protective Monitoring. Both our Assured and Elevated OFFICIAL security domains feature enhanced Protective Monitoring (SIEM) at the hypervisor layer and below to provide the highest levels of assurance aligned with CESG good practice guidance.
UKCloud Compute as a Service is based on market-leading VMware virtualisation technology. It includes:
- VMware vSphere as the hypervisor
- VM sizes ranging from 500MB to 96GB memory with between one and eight vCPUs founcontended performance
- Choice of storage configurations, including optimised storage for high IO
- Widest choice of supported operating systems including Microsoft, Red Hat, CentOS and other open-source platforms
- Availability of dedicated compute to satisfy specific licensing requirements (for example Oracle) or bespoke VM configurations, all managed as part of your cloud environment
- Integrated self-managed firewall, load-balancing and VPN functionality at no additional cost
- A documented API that enables auto-scale solutions and lets you start and stop VMs using scripts
We understand that each enterprise application has its own set of technical and service requirements that must be addressed on an individual basis. Many cloud platforms force you to compromise, but Enterprise Compute Cloud is completely configurable, and gives you the flexibility to use different service levels, VM sizes, security domains, connectivity and data protection options.
To help you choose the right combination of options for your solution, consider the following:
- What are you your workload characteristics? Some workloads require the highest levels of resilience and performance, some are sensitive to changing conditions, whereas others merely require a reliable infrastructure. Tailor the compute characteristics of the VM to support the requirements of your workload.
- What type of storage do you need? Does your workload require high performance or longer-term retention storage? Choose from a variety of options and even deploy mixed environments to deliver exactly what you need.
- What type of data protection does your application require? Whether you’re driven by recovery point or recovery time, you can choose the right level of automated, on-platform protection for your environments.
You can build completely tailored solutions by mixing and matching service options. The choice doesn’t lock you to one service or size and you can always change it later.
|Your workload characteristics||UKCloud recommends|
|Workload type||Storage option||Protection option|
|Critical workloads handling important business processes that benefit from a steady state of operation||PRIORITY||Tier 1 block storage||Journaling-based backup|
|VMs have an uncontended compute (CPU/GiB) resource allocation. Automated rebalancing is configured to reduce workload movement around the platform, reducing workload disruption.||Fast storage optimised for data warehouses, busy transactional databases and other high IO workloads.||A non-invasive backup solution with configurable recovery points, providing near real-time data protection. Ideal for protecting important data with a high rate of change.|
|Key workloads that are resource intensive such as web and application workloads mid-sized databases, and caching services||POWER||Tier 2 block storage||Snapshot backup|
|VMs have an uncontended compute (CPU/GiB) resource allocation.
Automated rebalancing is enabled to pre-emptively optimise performance and availability.
|General all-purpose storage providing a balance of performance and cost.||Automated daily backup solution of the entire VM.
Simple backup protection for data that has an RPO of 24 hours.
|Lower-priority workloads, such as temporary applications, data processing or system modelling tasks||ESSENTIAL||Tier 2 block storage||Catalogue and template-based recovery|
|VMs can have contended resource allocation.
Automated rebalancing is enabled to ensure the workload receives the requested performance.
|General all-purpose storage providing a balance between performance and cost.||Configuration management solution can re-provision stateless servers to a new VM when required, using standard, and catalogue-based VM templates.|
Q What is the service?
Enterprise Compute Cloud from UKCloud is an Infrastructure as a Service (IaaS) offering which enables organisations to rapidly provision and scale secure virtual machines (VMs) in minutes, in a flexible and autonomous manner.
UKCloud provides this service across two security domains, Assured OFFICIAL (formerly PGA IL2) and Elevated OFFICIAL (formerly PGA IL3), and with a range of service levels offering up to 99.99% availability. This choice allows customers to precisely match application and user needs to an appropriate security domain, service level and cost, instead of designing to the highest level which may not always be needed.
Q Can VMs have different characteristics?
Yes. We offer three VM Types: Essential, Power and Priority.
VM characteristics are inherited from the vDC the VM is deployed in. It is not currently possible to have a vDC that has mixed VM types.
However, customers can have multiple vDCS to deliver their solution.
Q Are VMs contended?
Essential VMs are contended: VMs contend for memory and processor resources.
Power & Priority VMs: UKCloud has implemented a combination of technical and process controls (for example, an ISO 20000-certified capacity management process) to ensure that these VMs don’t contend for memory or processor resources.
Power VMs operate where automated rebalancing is enabled to pre-emptively optimise performance and availability.
Priority VMs differ from other VM types. Automated rebalancing is configured to reduce workload movement around the platform, reducing workload disruption.
Q Can a VM communicate to another VM at of a different type?
Yes. VMs can communicate with each other. In some cases, customers may need to use the built-in self-service IPsec VPN functionality to create a virtual private network within our Assured cloud platform.
Q Can VM types be changed?
Yes, but the customer must first export the VMs, then import them back into the virtual data centre (vDC) that has been created with the target VM type.
Q Can I convert from one VM type to another, without having to move VMs between vDCs?
Customers can manage the migration between VM types. Customers can also move vApps and VMs between vDCs as long as they’re in the same assurance domain, for example Assured to Assured.
More complex migrations, from the Assured to the Elevated platform, must be managed by UKCloud.
If you want to migrate a vApp larger than 1.5TiB, you’ll need to engage the UKCloud support team to facilitate the process. To do so, please raise a Service Request on the UKCloud Portal.
Q What hypervisor do you use?
UKCloud’s environment is built using VMware vSphere, the most ubiquitous and mature hypervisor available. Secure multi-tenancy is achieved with VMware vCloud Director.
Q Can I have a read-only account in vCloud for monitoring?
This is available on the UKCloud Portal under permissions that can be set by your account admin.
Q Do I get root access onto the local VM?
Yes, as this is a true IaaS cloud service, you have complete control and autonomy over each VM, and so have full ‘root’ or administrative access.
Q What VM sizes are available?
UKCloud offers a variety of ‘T-shirt sizes’ to meet customers’ needs. The smallest configuration is 512MB and 1 vCPU. The largest is 96GiB memory with 8 vCPU.
Check the Compute service description for more details on the currently available sizes.
Dedicated Compute provides the flexibility to build custom-sized VMs.
Q Can I resize my VM?
Yes, you can change processor, memory and storage allocations via the self-service UKCloud Portal and API.
Processors and memory can be added to or removed from VMs if the OS supports the ‘hot add’ capability.
Increasing CPU or memory allocations may result in the VM being billed at a higher rate.
Additional VM storage can be allocated instantly and will be billed on a per GiB basis.
Q What is the speed of each vCPU?
This is set at 2GHz for all VMs except Micro sized VMs, which can be restricted to run at 500MHz.
Q What is the fastest way of importing large amounts of data onto the UKCloud platform?
The speed of data transfer to the UKCloud platform isn’t guaranteed. However, during tests of the upload and download speeds, an average of 8 Mbit/s was achieved for VM import/export and 40 Mbit/s for data transferred over FTPS.
For a transfer time calculator, go to: http://techinternets.com/copy_calc?do
If you use FTPS to upload data to or download it from your environment, you can transfer up to 1TiB of data in a day.
Alternatively, we offer the Mass Transfer Facility option enabling customers to import large quantities of data via HDDs or NAS devices that are plugged directly into your environment. Please check the Mass Transfer Facility service scope on the UKCloud Knowledge Centre or the price guide further details.
Q Does UKCloud offer encryption on the VM?
Not by default but, if it’s required, you can implement it using technology of your choice.
Q Is UKCloud’s encryption service available for compute?
Not currently, but we are looking into options for G‑Cloud 9.
Q Is it possible to non-fast-provision vApps, and to convert current vApps into non-fast provisioned ones?
Fast provisioning is done only by customer request – by default, all vApps are non-fast-provisioned. Customers can right-click on a VM and consolidate. This can also be done via a Service Request.
Q What is Dedicated Compute?
Dedicated Compute comprises of physical blades assigned to a customer for their sole use. They’re managed using the standard tools and services in the UKCloud Assured cloud platform.
Dedicated Compute allows customers to:
- Comply with legacy licensing requirements from software suppliers whose licensing is based on a physical CPU (such as Oracle or desktop OSs)
- Build bespoke sized VMs on the UKCloud Assured cloud platform
Dedicated Compute uses the same storage infrastructure as the shared compute platform
There’s a longer deployment lead time for Dedicated Compute, as well as a longer contractual commitment than our shared cloud platform (three months rather than one hour).
For more details, please see the Compute service description available via the Digital Marketplace.
Q Can I utilise multiple storage types with my VM?
UKCloud offer three storage types to customers:
- Tier 1 which is a fast storage offering
- Tier 2 which is a standard storage offering
- Geo-resilient which is utilised by the synchronous protection technology
With Tier 1 and Tier 2 storage, customers can utilise both types to deliver their solutions – including running VMs utilising disks on different storage types.
Customers can not mix geo-resilient storage with any other storage type attached to a VM. So customers cannot leverage Geo-Resilient Storage in conjunction with Tier 1 or Tier 2 storage types.
Q Can I change between storage types associated with the VMs I’ve deployed?
If a customer has both Tier 1 and Tier 2 storage profiles available, they can self-migrate between these storage types.
Migration from, or to, Geo-Resilient storage and other storage types (Tier 1 and Tier 2) is an activity that can only be performed by UKCloud.
Q How many IP addresses do I get?
You’re initially allocated five external IP addresses with a new compute service.
You can ask for more external IP addresses via a Service Request.
There’s no limit to the number of internal IP addresses (RFC1918) you can allocate.
Q How many PSN IP addresses do I get?
Customer organisations are initially allocated one external PSN IP address.
Additional external PSN IP addresses can be requested via a Service Request should a valid business requirement arise.
There’s no limit to the number of internal IP addresses (RFC1918) customers can allocate.
Q What Firewall services are available?
UKCloud controls and manages a perimeter firewall on the edge of our Assured cloud platform which securely segregates traffic. Within the Compute environment, we provide you with a dedicated self-managed virtual firewall which delivers typical firewall functionality such as access control lists and network address translation, as well as basic load balancing and support for VPNs.
You can also use your preferred firewall and security appliances, as long as they’re compatible with the VMware virtual infrastructure used to power the UKCloud Assured cloud platform.
Q How do I create and manage firewall rules?
Your UKCloud-provided dedicated virtual firewall is managed exclusively by you. You can set and manage firewall rules via the UKCloud Portal and API.
On-boarding guides and associated video tutorials are available to help customers configure and manage their firewalls.
Q Can I bring my own firewall?
Customers can choose to deploy the firewall technology of their choice.
This service, how to order it, and the constraints it may place on operation, is fully documented within our knowledge centre on the UKCloud portal.
Q How does UKCloud provide urgent maintenance notifications and incident reports?
Q When using fault tolerance on vCNS devices, is the TCP session state replicated between the devices?
Yes, the TCP session data/connection tables are replicated, but there’s no replication of the load-balancer.
Q Do you offer dynamic or static IP addresses?
The external IP addresses are static. Internal IPs can be assigned statically from a pool, manually or dynamically via DHCP.
Q Are external Domain Name System (DNS) services available?
No, we don’t currently offer this service. You can implement your own DNS servers within your solution, or configure your virtual firewall to enable connectivity to an externally hosted DNS server — for example, one hosted on a government secure network such as PSN, JANET or N3; or one available on the Internet such as Google 188.8.131.52.
Q Are domain name registration services available?
No, we don’t currently offer this service. Some government secure networks (such as PSN and N3) offer domain name registration and DNS hosting as part of their service.
For internet-facing services a third-party DNS provider will be required.
Q Is Network Time Protocol available for time synchronisation?
Yes this is available for Assured OFFICIAL and Elevated OFFICIAL. See the Enterprise Compute Cloud onboarding guide for details.
Q Can UKCloud provide SSL certificates or can existing SSL certificates be used?
UKCloud doesn’t provide SSL certificates, but you can use your existing ones.
Some government secure networks (such as PSN and N3) provide SSL certificates as part of their service.
Q Do you offer load balancing?
Yes. Load balancing can be configured within the service and is included within the price.
- Supported protocols: HTTP, HTTPS, TCP.
- Supported algorithms: Round Robin, IP Hash, URI, Least Connected.
Q Can I deploy my own load balancer?
Yes, you can deploy your own load-balancing virtual appliance (for example, F5, Stingray, Zeus) if support for other algorithms is required.
In addition, UKCloud offer Global Load Balancing from Neustar which can be customised for your own specific requirements. An FAQ and Service Scope are available in the Knowledge Centre.
Q How much storage do I get with a VM?
The default amount of storage with each VM is 60GiB.
The only exception is Micro sized VM’s which have a fixed 10GiB allocation which cannot be increased.
Q Can I reallocate storage across VM’s?
No, storage pooling isn’t possible. Each VM must have a minimum of 60GiB (except Micro VMs).
You can quickly and easily allocate additional storage via the self-service UKCloud Portal or API. Additional storage is charged on a per-GiB basis as listed in the UKCloud pricing guide.
Q Is storage persistent?
Yes, unlike some other cloud platforms, storage is persistent.
This means that your data and VM configuration remain available to you even if the VM is switched off or restarted.
Q What is the Tier 1 storage solution?
Tier 1 storage (formerly Optimised) is designed for the following scenarios:
- Applications that require improved performance when accessing stored data such as high activity databases
- Applications that have irregular usage patterns that require a consistent performance such as data warehouses or batch process applications
Existing applications can take advantage of Tier 1 Storage. A migration process maybe involved.
Tier 1 Storage is available for use with all VM types and compatible with all protection technologies – with the exception of those using Synchronous protection (which has a specific requirement to use geo-resilient storage).
Talk to your UKCloud Account Director or Cloud Architect to understand if Tier 1 storage can benefit your solution.
Q How do I access my systems?
You can access your VMs using:
- The remote console through the UKCloud Portal
- Remote access protocols (RDP/SSH) over a VPN or secure network
Q What reports can I get about VM performance?
You can monitor their performance using standard tools within the operating system.
Additionally, UKCloud provides retrospective performance information via its Portal API.
Q Does UKCloud patch the VMs?
No, customers are responsible for the patching of their services. We make a patch repository available to customers for VMs on the Elevated OFFICIAL cloud platform (which cannot connect to the internet) for common operating systems that we provide.
Q How do I find the latest patches to the UKCloud infrastructure?
UKCloud maintains a Knowledge Centre article advising the current patch level of the UKCloud infrastructure.
Q How do I access support and patches for operating systems that UKCloud licenses?
UKCloud provides a repository of patches for common operating systems for customers to access and update from. Please refer to the onboarding guide or the UKCloud Portal’s Knowledge Centre for details.
For support, you’ll need to log a request with UKCloud, who will log the ticket with the relevant supplier. UKCloud will then inform you about any updates. However, UKCloud isn’t responsible for the actual resolution of non-IaaS issues.
Q Do you have a Key Management System (KMS) for activating Windows?
Yes. A step-by-step guide on configuring and using this service is included in the onboarding guide, available from the UKCloud Portal’s Knowledge Centre. In addition, there are additional supporting documents regarding the registration on VMs targeting the UKCloud KMS.
Q How do I control the VM?
You control a VM via the UKCloud Portal or API. Controls include stop, start, restart, load media, clone, snapshot, and so on.
Q Do you monitor VMs?
UKCloud monitors the underlying platform but doesn’t monitor customers’ OSs or applications. Customers can implement their own application performance monitoring solutions within the VDC.
Q Do you offer auto scaling?
There’s no standard product offering for autoscale, but the platform API can be used to do this with a little developer effort. UKCloud provides blueprints in the Knowledge Centre on the UKCloud Portal which offer guidance on this.
Q How quickly can I scale my service up or down?
Horizontal scale can be achieved quickly by adding additional VMs (usually in just a few minutes). Vertical scaling can be achieved by ‘hot adding’ CPU or RAM to a VM (where supported by the guest OS). This operation usually takes seconds.
LICENCING, SOFTWARE AND ANTI-VIRUS
Q What operating systems are available?
UKCloud Enterprise Compute Cloud is powered by VMware technology, so is compatible with a wide range of x86/x64 operating systems.
VMware provides a compatibility matrix at:
You can use the UKCloud catalogue of operating systems or upload your own.
We offer Windows Server 2008 R2 Enterprise, Redhat Enterprise Linux 6.1 and CentOS 6.1.
We will also be introducing Windows Server 2012 and MS SQL templates.
In addition, we provide access to common templates provided by the Bitnami service such as Drupal, Joomla, LAMP and WordPress.
Q How can I licence the Operating System?
Microsoft terms and conditions preclude customers from using their own licence agreements for Windows Server in the Cloud. That means all licensing for Windows Server operating systems must be provided by UKCloud.
Microsoft offers License Mobility, a scheme that allows a customer to provide additional software such as Exchange, SQL and so on, as long as the customer has appropriate Microsoft licensing as per the licence terms and conditions and usage rights. In order to use License Mobility, you must complete the form that is available in the Knowledge Centre and send this by post to Microsoft.
If you require SQL licencing to be provided by UKCloud, this can be done by completing a Service Request from the MyCalls section of the UKCloud Portal. SQL standard licencing is charged per hour per VM, whilst SQL Enterprise is charged monthly per VM. It is essential that UKCloud are informed of every instance of SQL on the platform, and that you complete a Licence Mobility form for all licences that you use on the UKCloud platform.
RHEL operating systems can be licensed by UKCloud or the customer.
The customer is responsible for ensuring correct licensing for any other operating system they chose to install. If you wish to use your own RHEL licencing, please a Service request
Q How up to date are the operating system images and mirrors?
All CentOS, Ubuntu, Red Hat and Debian distributions are automatically updated to contain the latest patches and releases. For a list of supported operating systems, and instructions on how to access these repositories, see the Knowledge Centre on the UKCloud Portal.
Q What anti-virus do you offer on this service?
Customers are advised to install their own anti-virus (AV) software, as UKCloud doesn’t provide any.
Q What applications are available as part of the default service?
UKCloud does not offer any additional software other than what’s included in the UKCloud Portal catalogue. Any additional software, including its licensing, is the customer’s responsibility.
Q Is Open Virtualisation Format (OVF) for VM images supported?
Yes, OVF images can be uploaded to the platform, and VMs built in the platform can be downloaded as OVF.
Q What is Bring Your Own licencing for Red Hat?
BYO licensing for Red Hat allows customers to select VMs running on the UKCloud Assured cloud platform for covering by their own commercial agreement with Red Hat.
UKCloud will remove the cost of the Red Hat licence from the customer’s monthly bill for the selected VMs. Customers need to raise a Service Request to let us know which VMs they will cover with their own Red Hat licence.
Q How do I raise a support ticket?
The secure online UKCloud Portal provides most common service management functionality. Alternatively, you can contact support by phone or email.
Q How do I manage my services?
Services on the Assured OFFICIAL platform can be managed over the internet (or other connectivity) via the UKCloud Portal.
For the Elevated OFFICIAL platform, security requirements are stricter and require either a PSN-approved connection, UKCloud Secure Remote Access or a self-managed CPA-approved VPN solution (for example, site-to-site VPN).
Q What are your service maintenance windows?
As far as possible, planned maintenance of UKCloud’s infrastructure takes place between the hours of 00:00 and 06:00 (UK local time) Monday to Sunday, or between the hours of 08:00 and 12:00 (UK local time) on a Saturday or Sunday. We provide customers with at least 14 days advance notice of planned maintenance.
As far as possible, emergency maintenance of UKCloud’s infrastructure takes place between the hours of 00:00 and 06:00 (UK local time) Monday to Sunday, or between the hours of 08:00 and 12:00 (UK local time) on Saturday or Sunday, unless there is an identified and demonstrable immediate risk to a customer’s environment. Whenever possible, we provide customers with at least six hours’ advance notice of emergency maintenance.
Q Can I configure email alerts from the Portal?
Yes, you can have Portal notifications sent to you at the email address associated with your Portal login. Notifications provide information about updates to UKCloud services, in addition to maintenance and incident notifications. This feature is currently not available in the Elevated Portal.
Q How can I get started with the service?
Within four hours of accepting your order, we’ll create your primary administrator account, and send you a Welcome Pack, which includes the URL for the UKCloud Portal and associated authentication details.
You administrator can then create additional accounts for users within the project. Each user can
then log on and begin using the service (depending on the security domain and connectivity).
At the time of order, you can specify which of our two UK data centres you’d like to be deployed into. Meeting your request is at UKCloud’s discretion.
Q Is there a free trial?
Yes, we offer a 30-day free trial so that you can test and evaluate our service without commitment. Your trial provides you with a live environment on the UKCloud platform to test our services and verify whether they are suited to your needs.
Q How do I request a trial?
You can request a trial via the UKCloud website: http://www.UKCloud.com/free-trial-sign-up and accept the trial terms and conditions. Your environment will then be set up and you will be given trial credits to the equivalent of £500.
Q What do I do when my trial comes to an end?
You will be contacted by your Cloud Architect or CSM when your trial is due to end, either because you have run out of credits or reached 30 days (whichever is sooner).
At the end of your trial, you have the option to transition to production or cease the trial.
Q Can I create a Clone of my environment?
Yes, you can do this through the UKCloud Portal by right-clicking on a VM and selecting ‘Clone’. This operation can also be performed programmatically via the API.
It’s not possible to restrict the automated VM snapshot backup to specific files or directories. You can install your own backup service and use our Cloud Storage if you need more flexibility.
Q How quickly can a VM be restored?
This depends on the size of the VM, the location from which it’s being restored, and the priority of the support ticket raised to request the restoration.
Customers should expect recovery to take two to three days. If you require a faster recovery time, you must implement your own backup/restore solution which will be entirely under their control. Our Cloud Storage platform could be an appropriate target for self-managed backups using software such as CommVault and NetWorker.
SYNCHRONOUS PROTECTION (DR)
Q Does UKCloud provide a Disaster Recovery option?
An automated replication and failover service is included for VMs utilising the Synchronous protection capability. It provides synchronous data replication which enables a near-zero recovery point objective (RPO).
The recovery time objective (RTO) depends on the nature of the disaster or failure scenario. In some scenarios, VMs utilising Synchronous protection will be automatically restarted at the other data centre. In other scenarios, manual intervention by UKCloud will be needed, and the recovery time might be extended from minutes to hours.
If you need more control and assurance around how data is replicated, the DR service is tested, or the solution handles failover and failback, we recommend you create your own DR solution by using independent sets of VMs in the various regions offered by the UKCloud platform.
Q How does UKCloud enable customers to create their own DR solutions?
Although we have engineered our cloud platform to tolerate failures and ensure customers services remain available, we encourage all our customers to design for failure and build DR capabilities into the system design, or in the application.
To help this process, the UKCloud platform has been designed to give you the options you need to design a disaster tolerant solution. UKCloud’s platform is about providing customers with choice. Clearly, customers need to balance the low probability of these failure scenarios occurring with the cost and complexity involved in mitigating their impact.
Depending on the type of failure you are trying to mitigate, UKCloud has been developed to allow you design appropriate resilience into your solution.
At a macro level, UKCloud operate out of two sites. Designing across multiple sites will provide resilience against even the most unlikely of scenarios – including natural disasters and mass WAN failure. UKCloud currently offer two sites:
- The independent cloud platform at our Corsham site
- The independent cloud platform at our Farnborough site
Each site also offers independent regions. These are physically segregated parts of the UKCloud platform that have an independent power and networking components – allowing customers to architect resilient solutions out of a single site.
Services in different regions also have independent control planes. By architecting for separate regions you improve your resilience to outages that effect the control and management of your VMs.
Finally, each region has a number of distinct hardware zones. For customers looking to architect against mass hardware failures.
Zones can be utilised to provide additional confidence in your ability to tolerate outages. For example you can load-balance across two zones to ensure that your service stays online in the event of an unlikely outage.
In some rare failure scenarios (such as DDoS or Split Brain) the availability of the cloud platform at both our sites may be effected. These scenarios can be mitigated by deploying across multiple cloud providers.
BILLING & LEGAL
Q What is the smallest unit of time that I will be billed for?
The minimum unit of time for use is one hour. Part hours will be rounded up.
Dedicated Compute has a minimum commit of three months.
Q What are the charges to transfer data between VMs within the same data centre?
None. Data transfer between VMs in this scenario is free.
Q Will I be charged even if my Virtual Machine is powered off?
You will not be charged for any Virtual Machines whilst they are turned off, however whilst the VM is in a powered off state, any storage associated with the VM will be charged for at the prevailing rate. This includes the 10GiB included with Micro machines and 60GiB in all other VM sizes of Tier 2 storage.
Q How will I be billed for additional storage?
Customers can allocate additional storage to VMs on demand. UKCloud will bill customers for additional allocated storage, regardless of the powered on/off state.
Q How can I view billing information?
Billing information is available via the UKCloud Portal.
Q How can I pay for the services?
UKCloud will issue invoices as follows:
- At point of order for upfront fees and service options
- Annually in advance for pre-payment fees
- Monthly in arrears for monthly fees
Payment can be made by direct bank transfer (BACS/CHAPS).
Q What are the termination fees?
There are no termination costs for this service. Customers are responsible for extracting their own data from the Enterprise Compute Cloud if required.
UKCloud may make an additional charge for transferring data out of the service.
Q What data is suitable for the UKCloud assured cloud platform?
The service is hosted in the UK and operated by UK government security-cleared staff. It has extensive independent validation (including CESG design reviews) that it is fully aligned with the 14 CESG Cloud Security Principles, and is therefore ideal for all data classified at OFFICIAL (including OFFICIAL SENSITIVE).
Q Can systems on different UKCloud security domains communicate with one and another?
UKCloud’s Cross Domain Security Zone allows customers to use the UKCloud-defined and managed UKCloud Guard, or a customer-designed and managed Walled Garden to enable communication between platforms.
For more information, see the Cross Domain Security Zone documentation.
Q Is there a protective monitoring service?
Protective monitoring is included for our IaaS platform and follows GPG 13.