Getting started with RPC-VMware#
Rackspace Private Cloud powered by VMware (RPC-VMware) offers you the ability to quickly expand data center capacity without the need for further investment in physical assets. With direct access to the VMware APIs, you can use your existing scripts, and the same VMware and third-party tools to easily manage the hosted VMware environment. It improves agility by helping to eliminate long procurement lead times, so that you can readily meet new business demands while maintaining control.
RPC-VMware is a hosted cloud dedicated to you. It contains core components, such as: vCenter, vSphere, VMware NSX, and VMware vRealize Operations. You can choose to add more components, such as vRealize Automation. If you choose to include all of the components, you can implement a private cloud offering with on-demand, self-service features for deploying and managing applications and infrastructure in a Software-Defined Data Center (SDDC).
This section provides the following overview information about RPC-VMware:
- RPC-VMware architecture
- RPC-VMware features
- RPC-VMware roles and permissions
- Managed services for RPC-VMware
- Spheres of support for RPC-VMware
- RPC-VMware compatibility
- RPC-WMware authentication methods
The following diagram shows the architecture of RPC-VMware as configured with optional add-on components.
The core features of RPC-VMware are based on the underlying VMware vCenter Server and VMware vSphere products. These features include the following capabilities for you:
- Deploy virtual machines (VMs) on-demand into clusters that are preconfigured for high availability and load balancing.
- Run your VMs on hypervisors that are dedicated solely to you and that are using preconfigured datastores and networks.
- Migrate VMs on-demand between hypervisors and datastores.
- Resize your VMs on-demand. If prerequisites are met, you can resize running VMs.
The following table provides details about the Managed Backup (MBU) for Management Services feature. If any component of your RPC-VMware cloud encounters a failure, Rackspace might determine that a restore of the component is required. If you want to request a restore of any component, contact your account team.
|File-level backup and restore||Some of the management services allow file-level backups. Where necessary, Rackspace uses file-level backups.|
|Image-level backup and restore||All VMs and appliances in the management resource pool are backed up at an image level for a complete system backup.|
The following table describes the vSphere features available to you in RPC-VMware.
|vMotion®||Configured by Rackspace, but the customer is responsible for executing migrations.|
|Storage vMotion®||Configured by Rackspace, but the customer is responsible for executing migrations.|
|Performance graphs||Enables you to view the performance and resource usage for all vSphere objects, such as ESXi hosts, VMs, and datastores.|
|Virtual disk thin provisioning||Enables you to configure any VM for thick or thin provisioning. If vSAN is used as storage for your virtual machines, thick provisioning should not be used.|
|Hot add||If a VM has a hot-add enabled, you can add or remove memory or CPU.|
You can choose to use additional features in your RPC-VMware cloud (some of which are optional add-ons). These features include the following capabilities:
- Deploy and manage a virtual network built on software-defined networking, where you configure switching, routing, and security on-demand.
- Deploy VMs onto software-defined storage, where you can control the performance and availability policies with VM granularity.
- Provide quality of service and operational efficiency in your private cloud, with minimum manual effort, by leveraging software-based cloud operations and analysis services.
- Use cloud management services to provide your applications, VMs, and SDDC as on-demand services.
- Rely on image-level backups of all VMs in your private cloud without the need to install a backup agent within the VM.
- Request on-demand database administration support by Rackspace database administrators (DBAs).
For details about the currently available optional add-on features, see the appropriate add-on handbook or contact your account team.
RPC-VMware roles and permissions#
To implement the separation of customer and Rackspace duties in RPC-VMware, Rackspace uses built-in and custom roles in the vCenter Server. Rackspace assigns you a maximum permission role (customer role) and any lesser privileged roles that you request for specific users or groups.
Customers have permissions to create, delete, and manage VMs within their private cloud. Rackspace manages and maintains the ESXi hosts, the vCenter Server, Platform Services Controller, and additional management VMs as required by the RPC-V solution. Customers therefore have limited permissions on hosts and management servers.
Specific resource pools and folders are created to house customer created VMs
and ensure separation from management VMs. In support of this separation,
customers are granted permissions to create, delete, and manage VMs in the
Network-ResourcePool resource pools and in
Networking VMs virtual machine
If required for organisational or resource management purposes, customers can
create new resource pools below the
Network-ResourcePool, and new folders below the
Networking VMs folders.
The following permission sets are predefined in the vCenter Server:
- Customer Access
- VM Power User
- VM User
- Read Only
The following table shows which vCenter Server permissions are available to each role.
vCenter permissions and roles
|Permission||Customer Access||VM Power User||VM User||Read Only|
|Alarms||Full access||No access||No access||No access|
|Datastore||Limited access||Limited access||No access||No access|
|Folder||Full access||No access||No access||No access|
|Network||Limited Access||No access||No access||No access|
|Performance||Full access||No access||No access||No access|
|Profile-Driven Storage||Full access||No access||No access||No access|
|Resource||Full access||No access||No access||No access|
|Scheduled Task||Full access||Full access||Full access||No access|
|Tasks||Full access||Full access||Full access||No access|
|vApp||Full access||No access||No access||No access|
|Virtual Machine||Full access||Full access||Limited access||No access|
|Datacenter||Limited access||No access||No access||No access|
|Global||Limited access||Limited access||Limited access||No access|
|Host||Limited access||No access||No access||No access|
|Sessions||Limited access||No access||No access||No access|
|Storage Views||Limited access||No access||No access||No access|
|Datastore Cluster||Full Access||No access||No access||No access|
|Distributed Virtual Switch||No access||No access||No access||No access|
|Distributed Virtual Port Group||No access||No access||No access||No access|
|ESX Agent Manager||No access||No access||No access||No access|
|Extension||No access||No access||No access||No access|
|vCenter Inventory Service||No access||No access||No access||No access|
|vSphere Update Manager||No access||No access||No access||No access|
|VRM Policy||No access||No access||No access||No access|
|vService||No access||No access||No access||No access|
|vSphere Tagging||Full Access||No access||No access||No access|
Managed services for RPC-VMware#
Rackspace offers 24x7x365 support for RPC-VMware. Rackspace is one of VMware's largest global Cloud Provider Program partners, with elevated access to technical specialists for rapid resolution of unexpected software-related issues within the VMware stack.
Rackspace's VMware Certified Professionals (VCPs) assist in the architecture, deployment, and troubleshooting of the RPC-VMware environment. Rackspace monitors and maintains the VMware software stack, including installing and configuring the RPC-VMware services and any add-on services, backing up and restoring the VMware service VMs as needed, and monitoring the hypervisors for hardware issues and availability.
Rackspace manages and supports the physical infrastructure and the ESXi hypervisors. However, customers are expected to manage the virtual systems that they deploy, including VMs and the guest OS of those systems.
VMs or other virtual systems deployed, configured, or created by you within the RPC-VMware environment do not qualify for Rackspace managed services unless specifically enabled by an add-on service. Services for VMs such as OS or application monitoring, OS patching, antivirus, and backups are your responsibility unless you have purchased an add-on that provides that service. Not all services mentioned are currently available as add-on services.
The following table provides describes the features that Rackspace provides as a managed service to you in RPC-VMware.
Features provided as managed services
|High Availability (HA)||HA clustering is set up by Rackspace.|
|Dynamic Resource Scheduler (DRS)||DRS clustering is set up by Rackspace.|
|vStorage API for Array Integration (VAAI)||VAAI is available if it is supported on the storage array.|
|Distributed Switch™||Rackspace configures the distributed virtual switch and distributed port groups to which customers can connect VMs.|
Spheres of support for RPC-VMware#
This section lists the areas that are considered managed by Rackspace, and the areas that require you to manage them.
|Area||Managed by Rackspace|
|Virtualization||Management service VMs and appliances|
|Security||Maintain RPC-VMware security|
|Area||Managed by customer|
|Security||Maintain security specifications for VMs|
RPC-VMware might not be compatible with all Rackspace products and services. Contact your Rackspace support specialist for detailed information about whether any specific Rackspace product is compatible with your RPC-VMware.
RPC-VMware compatibility with third-party products#
You can access RPC-VMware by using various VMware services APIs. You can use any third-party management, orchestration, or other type of tools that are compatible with these APIs. In this case, the functionality of any such tool is limited by the RPC-VMware features and capabilities as described in this handbook. Ensure that the VMware services API versions of your environment are compatible with the third-party tools that you want to use.
RPC-VMware compatibility when elevated permissions are needed#
In some cases, existing role permissions provided by Rackspace do not allow a custom or third-party tool to function. Contact the Rackspace account team to determine if role permission adjustments are possible.
RPC-VMware authentication methods#
RPC-VMware customers have two choices for vCenter authentication. When your private cloud is being built, you have the option to use either a Rackspace-provided directory service or your own Active Directory service.
Rackspace support still authenticates to your RPC-VMware cloud with the Rackspace hosted directory service. Your directory service is added as an additional authentication source.
You must also indicate the groups and roles to be assigned in vCenter from the vCenter roles available in RPC-VMware roles and permissions.