Virtual Private Servers

(1)

Virtual Private Servers

Application Form Guide

(2)

Internode | VPS Application Form Guide| v 1.0 page 2 of 14

Introduction 3

Definition of a Virtual Private Server

3 Internode Virtual Private Servers

3 Virtual Servers and Virtual Data Centres

3 Virtual Data Centre

3 Internet Virtual Data Centre

3 IBC Virtual Data Centre

4 Virtual Data Centre Name

4 Virtual Data Centre Managed Firewall Service

4 Virtual Private Server

4 Internal Server Name

5 Server Connectivity

5 RAM and CPU

5 Disk Space

5 Usage 5

Operating Systems

5 Applications 6

Management and Managed Services

8 Server Management

8 Operating System Layer

9 Application Layer

10 Managed Services

10 Backup Service

11

(3)

Introduction

Definition of a Virtual Private Server

A virtual private server (VPS, also referred to as Virtual Dedicated Server or VDS) is a method of dividing underlying hardware server resources into virtual servers, where resources can be allocated in a way that does not directly reflect the underlying hardware. Each virtual server can run its own full-fledged operating system, applications and each virtual server is an independent environment that can be independently rebooted, stopped, or started.

Internode Virtual Private Servers

Internode Virtual Private Servers provide a cost-effective and scalable option for customers requiring dedicated server solutions. It delivers the superior bandwidth and high availability benefits of data centre hosting; combined with the flexibility and security of a dedicated device. Key issues of redundancy, firewalling, monitoring, and management of both hardware and operating systems are all addressed as part of this comprehensive solution set.

The entire Virtual Private Server infrastructure is located and managed in Australia. This means that there is great connectivity to Australian networks and customers – with much faster response times, as traffic does not have to come from (typically) across the Pacific.

The platform features IBM hardware with redundant power supplies, fans and dual path fibre channel controllers. Each is connected to fast (15K) SAN storage in RAID configurations with hot Spares. The Storage Area Network features redundant SAN controllers, power supplies and fibre channel switching. The majority of hardware is hosted at the world class Sydney GlobalSwitch Data Centre.

This high-end hardware platform operates under VMWare vSphere,

delivering powerful virtualisation and automatic host recovery capabilities. The Networking is performed by a state of the art Gigabit Cisco Network capable of IPv6 support.

(4)

Virtual Servers and Virtual Data Centres

Every Virtual Private Server exists within a Virtual Data Centre:

One Virtual Private Server, it is the sole occupant of one Virtual Data Centre. Multiple Virtual Private Servers, can all reside within one Virtual Data Centre.

Virtual Data Centre

The analogy is that a Virtual Data Centre is like a physical rack in a data centre. It is possible within the rack to have a single server or several; here servers are Virtual Private Servers. It is also possible to add more servers at a later date if required.

Each of the servers within the rack can communicate with each other via unmetered private LAN. Internode offers two styles of Virtual Data Centre:

• Internet Virtual Data Centre • IBC Virtual Data Centre.

Internet Virtual Data Centre

An Internet Virtual Data Centre (VDC) has the Internet delivered via one connection or interface, and similar to a physical rack it is recommended that this be connected to a firewall. Should a managed firewall option be chosen, the Internet feed is filtered though it offering protection to the entire Virtual Data Centre. Internet Virtual Data Centre’s cannot be directly attached to an IBC, and will only be accessible via the Internet.

It is important when planning a VDC to calculate any future required number of public IP address, if the intent is to have several VPS’ in a VDC now or in the future. It is extremely difficult to add more IP addresses once the VDC has been established requiring professional services, and a small outage. Note that when specifying a Virtual Private Server each server will have an Internet usage plan. During provisioning, this quota will be added to the total usage from all other VPS’ within this VDC and added to the usage available or the Virtual Data Centre.

IBC Virtual Data Centre

IBC Virtual Data Centres have an IBC service delivered to them as one interface. All servers within this Virtual Data Centre are then accessible via the IBC.

If Internet access is required to a VPS that connects via an IBC Virtual Data Centre, the Internet must be connected via the IBC network. Typically this is a 100 Mbps connection directly to the IBC core. IP addressing is not as important with an IBC VDC as these will be private IP numbers and a /24 range is allocated, delivering approximately 250 usable addresses.

If you are interested in more information about IBC’s with a VPS, please contact the Internode Business Sales Team, your Account manager, or call 13 NODE (13 66 33).

Virtual Data Centre Name

Ordering a VDC requires it to be named. This is used for administration purposes and when ordering further or future servers that are to be added to the VDC. Remember, all VPS’ within a single VDC can communicate with each other via a private network with no traffic usage charges.

(5)

Virtual Data Centre Managed Firewall Service

It is highly recommended that if you are going to connect you VPS to the Internet also obtain a firewall service for your VDC. Remembering that IBC VDC’s do not have direct access to the Internet except through their IBC, so a Managed Firewall service is not required.

Managed Firewall services have predefined rule sets that are applied, along with management services that are enabled by default based on the type of operating system chosen.

The management services enabled by default are port 3389 – terminal Services for Windows Operating Systems and port 21 – SSH for Unix Operating Systems.

There are three Managed Firewall service offerings:

• Shared Firewall Service

The shared firewall service is provided from a high availability firewall cluster configured to operate in a multi-tenanted environment without compromising on security. It offers a transparent routed service but does not offer either VPN Client or IPSec VPN.

Up to two predefined rule sets can be selected, these are more about the functionality of the services within the VDC.

• Dedicated Firewall Service

A firewall dedicated to the VDC offering either NAT or Transparent routed services and includes both VPN Client and IPSec VPN capabilities. Ensure that you supply your firewall rule set requirement with your application form.

• High Availability Firewall Service

Offers the same as a dedicated firewall, also includes an OSPF/HSRP redundant Uplink.

If managed server option (Level 2 and above) is being provided for any VPS then the following rule sets are automatically applied, which allow Internode engineers access to various service to provide the management:

• TCP 3389 – Terminal Services • Various – Backup Service • UDP 161 – SMNP

• TCP 21 – SSH • UDP 623 – IPMI

Ensure that you supply your firewall rule set requirement with your application form.

Note: IBC VDC’s and servers only have Private connectivity, so please ensure that the IBC VPS Application Form is being used - please contact the Internode Business Sales Team, your Account manager, or call

(6)

RAM and CPU

There is a direct relationship between RAM and the number of CPU cores. The more CPU cores required, the more RAM is included. The more RAM required the more CPU cores are included.

Disk Space

This is the equivalent to the size of the hard-drive that the server will have access to. Although it is virtualised, distributed across SAN’s and not a physical hard drive per user, it is much easier to think of it a physical harddrive. Once a server uses all the available storage, then – just like a real hard-drive – it is full.

When defining the correct storage size remember the operating system. It is strongly recommended that the minimum storage for any Windows OS is 50 GB.

Usage

Depending on the server connectivity type there are two different types of usage plans available:

• Internet (Connectivity selections Public Only, Public and Private)

Internet connected servers will require an Internet Usage plan, there are many options available ranging from 25 GB up to 1,000 GB. To avoid any excess usage charges ensure that the right plan is selected. It is also important to note Internet usage is measured in both directions (ie total of uploads plus downloads).

When an Internet plan is selected for a VPS, that amount of quota is added to the total available quota for the VDC in which the VPS resides. For example if there is a single existing VPS in the VDC with a 50 GB quota, and another VPS with a 75 GB quota is added to the VDC, then effectively the VDC has a 125 GB quota shared across both VPS.

• Private (Connectivity selection Private Only) Private connected servers will require an Unlimited Private Usage plan, with no excess charges or other limitations on traffic used. This is the only plan available with the IBC VPS Application Form. No direct Internet access is possible with an Unlimited Private Usage plan. Usage information for both connectivity types will be available via your myVPS.internode.on.net online portal.

Virtual Private Server

The specifications that you configure your server to become dedicated resources allocated to your server, unlike many other VPS offerings where the resources can be shared. This means that if you select 1 CPU core with 1 Gbyte of RAM you get full allocation of the memory and CPU cycles.

Internal Server Name

This is the Internal Name (commonly known as the host name) that is allocated to the server during the build phase. If nothing is chosen then the default will be ‘local’, however most will wish to have Internal names that mean something like ‘database_server’.

This does not affect the DNS name of the server. An IP address of the server will be supplied that can be used for DNS entries, once the server is built.

Server Connectivity

When a VDC has Internet connectivity it is possible to have a VPS with Public Connectivity only, Public and Private connectivity, or Private Only connectivity. Note that private in this context is only visible to the equivalent of a private LAN within the VDC, it is not related to IBC.

If Private Only is selected then ensure that there is a method to access the server with either another server in the VDC, or with a firewall option capable of offering VPN connectivity. Some Examples:

• Public Only

A webserver that is delivering HTML to the Internet and/or an FTP server that Internet users can copy files onto.

• Public and Private

Best for webservers that use information from a database ‘Private Only Server’ to generate webpages for delivery to the Internet.

• Private Only

Database servers containing information (some of which might be confidential), and is used by a web server to generate web pages.

(7)

Operating Systems

All servers require an operating system at some point and VPS servers are no different. The operating system provides the functionality of a computer that administrators require, it also allows for the ability of remote management via either SSH or Remote Desktop.

There are many operating systems that are available with varying software licenses and management capabilities as displayed in the table below:

Operating System

License Type

Optional Management

Windows Server 2003 Web Edition PL Y

Windows Server 2003 Standard Edition PL Y

Windows Server 2003 Standard Edition – SAL SAL Y

Windows Server 2003 Data Centre Edition PL Y

Windows Web Server 2008 PL Y

Windows Server 2008 Standard Edition PL Y

Windows Server 2008 Standard Edition – SAL SAL Y

Windows Server 2008 Data Centre Edition PL Y

Small Business Server 2011 Standard – SAL SAL Y

Small Business Server 2011 Premium – SAL SAL Y

Windows Server Enterprise PL Y

Windows Server Enterprise - SAL SAL Y

Red Hat Enterprise Edition PL Y

CentOS – Linux Operating System GPL Y

Ubuntu – Linux Operating System GPL N

Debian – Linux Operating System GPL N

The operating systems are available as either 32 or 64 bit with the exception of Windows Server 2003 Web Edition that is only available in 32-bit mode.

There are also many different license types depending on the operating system supplier and type of use; a simple overview of the licenses follows:

PL: License permits the use of non-authenticated services such as public web application with a database

SAL: Required for authenticated services including; Remote Desktop, File and Print, Exchange or Sharepoint. This license is on a per user

basis.

GPL: GNU General Public License.

(8)

Applications

In general servers will require more than just an operating system, there will be application requirements as well. Internode can assist here with the installation and optional management of select applications. Each operating system has different capabilities, which can affect the types of applications that can be run.

Below is a table that defines combinations of applications for a given operating system that Internode can install on a VPS and optionally manage. This does not restrict custom applications be loaded on a VPS. Note when custom applications are being loaded on the VPS, Internode will not be able to offer Level 3 - Complete Management.

Example: You want a Windows Server 2003 – 32 bit with IIS6, ASP.NET 2.0, ASP.NET 3.0 and SQL Server 2005 Workgroup. This is possible for Internode to Install and optionally offer Complete Management as defined in the first row of the table.

Operating System

Application Builds

License

_Type

Optional

Management

Windows Server 2003 SP2 (Any Edition)

IIS 6 + ASP.NET 2.0, 3.0 PL Y

SQL Server 2005 Standard PL Y

SQL Server 2005 Workgroup PL Y

Sharepoint Server 2007* SAL Y

Remote Desktop ( 2 users (SAL’s) included for

administrative use )* SAL N

Microsoft Office SAL Y

Microsoft Visio SAL Y

Windows Server 2003 64-bit

All of above mentioned Applications

Exchange Server 2007* SAL Y

Active Directory* SAL Y

Windows Server 2008 (Any Edition)

IIS 7 + ASP.NET 2.0, 3.0 PL Y

SQL Server 2008 Web PL Y

SQL Server 2008 Standard PL Y

SQL Server 2008 Workgroup PL Y

Windows Server 2008 64-bit (Standard Edition)

Exchange Server 2010* SAL Y

Sharepoint Server 2010* SAL Y

Small Business Server 2011 (Standard Edition) Minimum 5 users/devices Maximum 75 users/devices Includes: SAL Y Exchange Server 2010 (SP1) Sharepoint Foundation 2010 Windows Server 2008 Standard (R2) Webhosting via IIS

Small Business Server 2011 (Premium Edition)

Minimum 5 users/devices Maximum 75 users/devices

All features of Small Business Server Standard

SAL Y

SQL Server 2008 (R2) Ability to install Office 2010

Remote Desktop ( 2 users (SAL’s) included for administrative use )

CentOS Linux Distribution x-bit LAMP GPL Y

Hadoop GPL Y

Red Hat Enterprise Edition x-bit LAMP GPL Y

Hadoop GPL Y

Ubuntu x-bit LAMP GPL N

Debian x-bit LAMP GPL N

* Requires Windows SAL licensed Operating System

Similar to operating systems, there are many different license types depending on application supplier and type of use; a simple overview of the licenses follows:

PL: License permits the use of non-authenticated services such as public web application with a database

SAL: Required where authenticated products such as Exchange or Sharepoint are utilised. This license is on a per user basis. GPL: GNU General Public License.

(9)

Selecting Exchange Version

(if required) There are several different styles of Microsoft’s Exchange available, the following table is offered for assistance and as a quick guide.

Basic

Standard

Standard Plus

Enterprise

Enterprise Plus

Personal Mail Folders

Personal Contacts Global Address List

Personal Domain Personal Tasks Personal Calendar

All features from Basic Shared Folders Shared Calendars Shared Contacts Shared Tasks Public Folders Group Scheduling Mobile Device Access

MAPI Enabled

All features from Standard Outlook/Entourage

All features from Standard Unified Messaging Compliance Management Exchange 2007 Anti-Spam Forefront AV EHS AV/AS

All features from Enterprise Outlook/Entourage

It is always important to independently research your requirements and ensure that you are selecting the correct product for your needs.

agement and Managed Services

Server Management

There are three levels of management that are available and all Virtual Private Servers receive Level 1 –Basic management. Depending on your requirements Internode also offer Operating System Management (Level 2) or even a Complete Management solution (Level 3). It is also worth noting that the management levels are accumulative, that is if you opt for Level 3 you also get Level 1 and 2.

Level 1 – Basic Management (Included)

This is included with every server and ensures that the server is functional from the equivalent of a hardware level. All other functions including administration, operating system patching, and application patching are your responsibility. This should be thought of as Internode has built the server and handed the controls to you.

Level 2 – Operating System Management

This level of management offers shared administration rights on the server. Internode is responsible for the patching and monitoring of the operating system; all other management tasks are the responsibility of your system administrator. Included, as part of this management offering is Basic Server Monitoring.

Level 3 – Complete Management

This is the ultimate management level, including operating system and supported application management. Internode retains full administration control over the server and software. For example if a new user account is required a request would be made to Internode.

(10)

Service

Level 1

Level 2

Level 3

Virtualisation Layer

Operating System Layer

OS License

Standard OS Installation

OS Patch Deployment Customer

OS Support & Recovery Customer

Root cause analysis and rectification Customer

Anti\-virus License and Installation Customer Customer

Anti\-virus Update Deployment Customer Customer

Application Layer

Application Installation* Customer Customer

Application Patching Customer Customer

Change Management* Customer Customer

Application and Database depth monitoring and reporting Customer Customer

End User/Customer administrative access Ultra Serve administrative access

Managed Services

1-hour of included System Administration Services per month

Basic Monitoring Service Option

Advanced Monitoring Service Option Option

Basic Managed Backup Service

Advanced Managed Backup Service Option Option Option

* Internode provides these services on a reasonable use basis limited to 1 hours of included works per month, Internode will advise the customer in advance if this is exceeded and if ADHOC System Administration will be chargeable.

(11)

Operating System Layer

OS License

Supply of requested Operating System license for the use on the service. These licenses are generally provided under a “Service Provider” style arrangement where licenses are paid for monthly rather than once off, allowing for upgrades and flexibility to incrementally pay for licensing as needed.

Standard OS Installation

Installation of the base operating system onto the server provided. The operating system will be installed using best practices to ensure that maximum performance, stability and security is delivered.

OS Patch Deployment

Internode operates a patch management plan to regularly install operating system vendor patch and security fixes. The installation of patches occurs within a regular scheduled maintenance window.

OS Support & Recovery

Internode will provide support in situations where there has been an issue with the operating system template or operating system configuration. Internode may charge professional services fees for such services.

Root cause analysis and rectification

Internode will conduct root cause analysis on faults to determine the underlying reason of problems or incidents. Root cause analysis is completed after an incident is resolved. We will recommend and put into place corrective actions to prevent that problem from re-occurring.

Anti-virus License and Installation

Depending on the OS e.g., Linux, Windows 2003, Windows 2008, etc, we will on request install a market leading anti-virus software package on the server to provide protection against viruses, trojans and other file or system based exploits. Anti-virus Update Deployment

(12)

Application Layer

Application Installation

Internode will provide installation services for applications listed on the supported application sheet. Where advised in advance, Internode may charge professional services for such services.

Application Patching

Internode will provide patching for Supported application builds on monthly basis, only critical or important patches for the installed version (major release version) of the software are installed.

Change Management

All requests for changes to the operating system and installed applications will be recorded for the purposes of change management.

Application and Database Depth Monitoring and Reporting (Advanced Monitoring) On occasions it is important to see exactly how and application or database is behaving on a VPS. If detailed metrics for the application hosting VPS required then Internode can supply this information on request.

End User administrative access

You are granted administrative (or root access) to the operating system; and will be responsible for the operating system configuration and application installations. Internode administrative access

Internode requires administrative or root access to the operating system to perform management services. When access is permitted to both you and Internode then management of the server is shared. Internodes responsibility will be limited to issues caused by the patching and monitoring of the operating system only.

Managed Services

System Administration Services

Internode provides these services on a reasonable use basis limited to 1 hour of included works per month, Internode will advise you in advance if this is exceeded and if ADHOC System Administration will be chargeable.

Server Monitoring

The monitoring service provides a simple, automated method to ensure that servers and applications are checked to ensure availability. The monitoring service tests the requested services from a local server within the data centre. It will not alert when external Internet or carrier issues arise.

There are two levels of Server Monitoring:

• Basic Monitoring

This features monitoring of basic services such as (PING, HTTP, HTTPS, SMTP) every 5 minutes. Should any one of these services fail three times, an email notification will be sent to one contact.

• Advanced Monitoring

This features monitoring of up to 10 services every 5 minutes. Should any one of these services fail three times, an email notification will be sent to two contacts, and an SMS notification will be sent to one contact.

(13)

Description

Protocol

Type

Notes

HTTP TCP:80 TCP Service Check Monitors web server service availability HTTPS TCP:443 TCP Service Check Monitors secure web server service availability Ping ICMP TCP Service Check Checks network connectivity

FTP TCP:21 TCP Service Check Monitors file transfer protocol (FTP) server availability SMTP TCP:25 TCP Service Check Monitors outbound mail server availability

POP3 TCP:110 TCP Service Check Monitors pop3 mail service availability IMAP TCP:143 TCP Service Check Monitors Imap mail service availability

DNS TCP/UDP:53 TCP Service Check Monitors domain name resolution server (DNS) availability MSSQL TCP:2433 TCP Service Check Monitors the Microsoft SQL Server availability

MySQL TCP:3306 TCP Service Check Monitors mySQL database server availability

Secure Shell TCP:22 TCP Service Check Monitors availability of secure file transfer or secure shell _{(remote administration protocol} RDP TCP:3389 TCP Service Check Monitors the availability of Microsoft Remote Desktop Service

Advanced Monitoring: Port Check Advance

Description

Protocol

Type

Notes

HTTP Content HTTP HTTP Text Search This searches for a text string within the html of a specified _{URL to measure success} HTTPS Content HTTP HTTPS Text Search This searches for a text string within the html of a specified _{URL to measure success} Service Status SNMP OS Check Checks to ensure the status of a system service is "running" Low Disk Space SNMP OS Check Checks all mounted partitions and notifies if disk utilisation _{drops below 5} High CPU Load SNMP OS Check Checks for high system processing load

(14)

Backup Service

If using the VPS solution where the data is of value then planning for the worse is always a good idea. Backing up is a great way to ensure that should things go wrong the server and its data can be back up and running in the shortest time possible.

Every VPS server has included a daily backup, which occurs between 1 and 5 am. This included service has a 1-day retention policy and allows for either file level or full server restores. Further options for Backup Services are:

• 7-Day retention policy • 30-Day retention policy

Simply write in the size of the Storage Space that you selected for your sever in to the Managed Backup section. The formula will allow you to calculate the monthly charge for this service. Please note, restorations are charged at ADHOC Professional Services rates unless the fault is caused by Internode.

Description of the back up service

• File level restores

File level restores provide the ability to restore selected files and folders within the virtual machine from a restore point. This process can take a number of hours to complete depending on the size of the virtual machine. Files can be restored directly their original location, be restored to a separate folder within the virtual server, or alternatively can be made available by FTP or emailed to you directly in a compressed zip format.

• Full image restores

Point in time snapshots are made of the server when completing the backup, this provides the ability to restore a virtual machine from a restore point (the time the backup was made) replacing the failed or corrupt existing machine. This method provides a fast way to restore services as it preserves all operating system configuration, application configuration and data.

• Retention Policy

Retention policy means that we will keep snapshots or versions of the VM in various states for the retention period. Example if you were on a 7 day retention, and deleted a file 6 days ago, there’s hope for you that we can restore from the 7th backup file, even though you deleted it 6 days ago and it’s missing from the current image.