THIS SERVICE WILL BE RETIRED DECEMBER 2022. 

You can find replacement optons here: VIRTUAL HOSTING

************

Nebula is the award-winning ITS service that provides on-premise cloud computing and low-cost virtual servers, using Joyent Triton software. This service is based on servers and storage located in the UCSC Data Center.

While designed to be robust, reliable, and secure, this service is not architected for high availability, or to house PII or HIPAA data. This service is best suited to group or department websites, self-managed developer sandboxes, and non-critical applications with relatively low processing, storage, security and resiliency requirements.

In this way, this new service is a complement to, and not a replacement for, the ITS Virtual Hosting service.

Nebula uses operating-system virtualization to provide a high density of virtual machines that run SmartOS or container-native Linux (like CentOS). Non-container native operating systems like Windows, FreeBSD, and some Linux distributions are not supported.


Support Levels

There are three levels of support for Nebula: bronze, silver, and gold.

Bronze:  With bronze support, the customer is fully responsible for the management of the guests, including compliance with existing University policies such as those for acceptable use and minimum network connectivity. Customers on bronze support will be initially limited to eight virtual machines; additional virtual machines can be made available by individual arrangement.  No central firewall filtering will be configured, but recommendations and instructions will be provided for Bronze customers for how to configure Host Based Firewalls.
Example:  An IT specialist builds and manages guests for a department.  Community support is available in case questions or issues arise.

Silver:  With silver support, the customer has primary responsibility for management and maintenance of the guests, including policy compliance. Customers on silver support will be initially limited to eight virtual machines, and provided six professional system-administration support cases per year.  These customers pay a flat monthly fee for support (one hour per month at the Managed Services rate).  Additional virtual machines or support cases are available by individual arrangement, and may result in additional costs to the customer.
Example:  An IT specialist builds and manages guests for a department.  Community support is available, and the specialist has contracted with DCO for professional support to fall back on in case of security, performance, or other issues.

Gold:  With gold support, the Data Center is responsible for managing the guests under the same “Managed Services” model as any other physical or virtual system. Customers adopting this model will not be provided with root access, but instead will be granted a user account and permissions (through sudo) by the DCO UNIX team. These customers pay a flat monthly fee for support; this fee is estimated for each customer and depends on complexity, number of guests, and scope of the applications.

Example:  A department contracts with DCO to build servers and provide ongoing system-administration services.  This provides the department with a platform to install and manage their own applications as needed.


More Information About Nebula

Shared Responsibility Model

Nebula has a "shared responsibility model" for information security and compliance. Because you're building systems on top of the Nebula infrastructure, the security responsibilities will be shared: the Data Center has secured the underlying infrastructure and you must secure anything you put on the infrastructure.

If you select the "silver" or "bronze" support model, there are several security decisions you need to make and controls you must configure. If you're not comfortable taking on these responsibilities, consult with your ITS Divisional Liaison or consider using the "gold" support model instead.

UCSC Private Cloud Responsibilities                      Customer Responsibilities
  • Facilities
  • Physical security
  • Physical infrastructure
  • Network infrastructure
  • Virtualization infrastructure
  • Server account management
  • Application security
  • Host-based firewalls
  • Server and application patching

Resources for Nebula Users

Here are some resources for Nebula users:

Wiki - see notes and how-to information from Nebula users

Forum - ask questions and share answers with other Nebula users

Server backups - The BSOE provides a Bacula service that all are welcome to use.  The BSOE provides 100GB of backup space to each division at no cost.  Once a division's backup set exceeds 100GB, the division can pay the standard BSOE disk usage recharge rate, or can provide your own Bacula Storage Daemon hardware to store its backups on, while still enjoying the ease of use that the BSOE system provides.  For more information, please e-mail help@soe.ucsc.edu. 


Availability

The infrastructure that provides the Nebula is supported as a 24x7 service through the DCO Unix team. Escalation is provided through Data Center Operations and the DCO Unix team’s on-call rotation.

ITS reserves a maintenance window on the first Sunday of each month from 12Noon - 6PM. At least two weeks’ notice will be provided in the unlikely event that maintenance is expected to result in a service outage. For planned maintenance, the UCSC Data Center follows the ITS Change Management Process, and planned changes are posted on the ITS Maintenance Calendar.


Data Security

This service is appropriate only for P1 - P2 data. This service is not appropriate for P3 - P4 data.


Eligibility

Eligibility is limited to UCSC faculty and staff. Students with a faculty sponsor are also eligible for this service.


Costs

There are no costs associated with using Nebula. Customers at the Silver and Gold support levels are charged for support. 


Roles and Responsibilities

Responsibilities of the Data Center:

  • Monitor resource utilization for the Nebula infrastructure components

  • Participate as members of the UCSC self-support community, provide best-effort support and advisement for users

  • Ensure compliance to UCSC policy and associated security requirements

  • Apply patches and upgrades as recommended for Nebula

  • Monitor and tune the physical server and storage environment as needed

  • Manage permissions and security groups within Nebula

  • Coordinate with vendors for licensing, maintenance and support requests

  • Perform medium-term capacity planning for the private-cloud infrastructure

  • If the customer has arranged for ‘silver’ or ‘gold’ support, serve as a point of escalation for server administrators managing guests in the private-cloud infrastructure

Customers are encouraged to participate in the UCSC self-support community.


Request this Service

Click here to fill out the request form. 


Get Help

Contact the ITS Support Center for assistance.