Virtual Server Hosting

The ITS Data Center offers virtual servers that provide enterprise-grade high availability. Virtual servers managed by Core Technologies are offered with Windows, Redhat Linux, or FreeBSD. Virtual servers managed by outside (of Core Technologies) IT staff can run any operating system that can run on VMware ESXi (Intel processor OS). Virtual servers can be provided without the customer purchasing hardware or operating system (OS) software. The ITS virtual server farm is located in the UCSC ITS Data Center.


Options

ITS provides two options for virtual hosting in the ITS Data Center:

Self-managed: The customer is responsible for all aspects of administering the server, operating system, and application. Rack space, network ports, and environmental monitoring are provided. Firewall and VPN services are also available upon request.

Managed Services: A team of system engineers works with the client to manage their hosting requirements.  More information

ITS can also assist with requests for hosting at the SDSC Data Center.


Features and Benefits

Features and benefits of virtual server hosting in the ITS Data Center:

  • Operations Monitoring - Data center operators monitor server availability 24x7
  • Backups – Optional service. Daily incremental back-ups and weekly full backups are completed by the Operations staff.
  • Firewall Protection - Most virtual servers in the ITS Data Center are behind a redundant pair of firewalls. Firewalls limit access between computer networks based on security policies to protect sensitive data on servers and systems. Any network segment that is available inside of the ITS Data Center can be configured inside of the virtual infrastructure. 
  • Systems Administration - Optional service. OS Layer administration, patch installation and upgrade maintenance by Core Tech System Administrator staff.
  • Load Balancing - Optional service. Distributes workload across two or more servers by optimizing resources, output and response times.
  • Operating System Licensing - The Virtual Hosting Service provides operating-system licenses for Windows Server and Red Hat Linux.

Roles and Responsibilities

Virtual Hosting engineers are generally responsible for the Virtual Infrastructure [VI] that the virtual guests run on -- that is, the physical equipment, the operating systems on that equipment, and the configuration and management of the virtualization software. The customer is responsible for the management of the virtual guests.

Responsibilities of Virtual Hosting engineers:

  • Provide engineering assistance to ensure right-size and right-performing virtual guests

  • Monitor resources and provide tuning and advisement for virtual-guest performance issues

  • Provide assistance with integrating virtual guests into the Data Center network topology

  • Engineer all layers of the VI technology stack for high availability and compliance with UC, UCSC, and ITS policy

  • Apply patches and upgrades as recommended for the virtual infrastructure

  • Monitor and tune the physical server and storage environment as needed

  • Manage permissions and security groups within the virtual infrastructure

  • Coordinate with vendors for licensing, maintenance and support requests

  • Perform medium-term capacity planning for the virtual infrastructure

  • Serve as a point of escalation for server administrators managing virtual guests

Virtual guests may be managed by the customer, or management may be contracted to the Data Center systems teams.

In either case, the responsibilities of the server administrator of a virtual guest are:

  • Serve as the primary troubleshooter for issues with a virtual guest system

  • For the virtual guest:

    • Review logs, performance metrics, system status, resource usage and events; identify and implement parameter changes to improve the performance and security of the virtual guest

    • Maintain base OS and network security; this includes OS patching and configuration, as well as firewall settings for the virtual guest

    • Perform system tuning for the virtual guest

    • Create new virtual guests, and perform ongoing virtual-hardware changes as needed

      • for self-managed systems, the VHE performs these tasks on behalf of the client (creating the VM and any virtual-hardware changes)

      • for systems managed by the Data Center systems teams, the server administrators are trained and generally authorized to perform virtual-hardware changes on guests they manage

    • Escalate to Virtual Hosting Engineering for additional support, for issues that might be related to physical hardware resources

Other responsibilities and operational assumptions:

  • Application and database administrators can have read-only access to hypervisor management for access to performance charts to assist with managing the virtual guest and troubleshooting

  • Resource contention may occur due to a server host failure or over-allocation; if this occurs, production systems will have priority in resource allocation over non-production systems

Availability

This is a 24x7 service supported by the Data Center VM Hosting team. Escalation is provided through Data Center Operations.

ITS reserves a pre-scheduled maintenance window every second and fourth Friday from 7-11pm for non-disruptive maintenance.


Data Security

UCSC policies and procedures related to protecting personal and confidential information are strictly adhered to for all servers in the ITS Data Center. Restricted and sensitive data includes:

  • Personal Identity Information (PII)
  • Electronic Protected Health Information (ePHI & HIPAA)
  • Student Records Protected by FERPA (The Federal Family Educational Rights and Privacy Act of 1974)
  • Credit Card Data

General virtual hosting service is cleared for running virtual servers with PII and FERPA. HIPAA in-scope systems may be hosted after configuring some specific architecture and passing audit. The ITS Data Center is not cleared for PCI-DSS scope systems.

Please see the following websites for detailed information on the protection of restricted and sensitive data:

All virtual servers are required to meet UCSC's Minimum Network Connectivity Requirements

Policies

Acceptable Use Policy
UCSC Password Strength & Security Standards
Minimum Network Connectivity Requirements
Electronic Communications Policy (ECP)


Eligibility

UCSC faculty and staff are eligible for this service.


Costs

For fiscal year 2016-17, the charge for each virtual machine (VM) is calculated as follows:

  • Storage: $4.08 per GB per year for high-performance storage; $1.22 per GB per year for standard-performance storage.
  • Basic computational resources: $660 per VM per year, for a host with 1 virtual CPU or 1 GB of memory.
  • Incremental computational resources: $72 per VM per year, for each additional CPU or GB of memory.

The VM Cost Calculator can be used to model costs for storage and computational resources. 


Request this Service

Virtual Servers should be configured with the smallest amount of resources needed to run the peak load. If you have a need for a virtual machine over 4 CPU, 16G of memory, high disk IOPS or over 2TB of disk space please ask for assistance to make sure your workload fits our shared hosting environment.


Get Help:


Note:This service is also offered by Academic Divisional Computing and can be found here.