NetIQ Documentation: NetIQ Cloud Manager 2.3 Product Overview - Private or Hosted Private Cloud

4.1 Private or Hosted Private Cloud

In a private cloud structure, the networking between the cloud provider and cloud consumers is controlled by one organization. All cloud resources belong to that organization, and are hosted on premise.

A hosted private cloud is hosted in a service provider’s environment, contracted for use by an organization. In this arrangement, the organization has the operational responsibility, while access control, power management and networking are provided by the service provider.

Depending on security requirements, the private cloud is implemented as dedicated components in a rack of servers, or perhaps in a secured room or cage. In most cases, a private cloud is custom-designed, and fulfills a particular set of business requirements. Cloud Manager complies with the security, heterogeneity and availability requirements of such a solution. It can also enable granular service level management and compliance delivery by integrating other NetIQ solutions.

If you use Cloud Manger as the basis of a private cloud, your organization should be committed to virtualizing its business computing resources. This requires a significant decisions regarding your existing resources.

The following diagram illustrates the components you should consider as integral in a private cloud environment where NetIQ Cloud Manager is the principal management tool of virtual computing resources.

Figure 4-1 Cloud Manager components in a private cloud structure

There are several deployment considerations in a Cloud Manager private cloud structure:

Access to virtual machine consoles is provided by the Cloud Manager Application Server Console (a Web-based interface). Alternatively, users can install VNC or RDP services in their cloud workloads and use those services to log into their workloads remotely, over the organization network.
If you set up a firewall between the Cloud Manager Application Server and cloud consumers, the firewall must allow inbound connections to the server on port 8183 (the default port) and on the remote console port (a high port between 8000 and 65535, as configured in Cloud Manager).
Cloud Manager must have access to the ports that expose workload consoles on the hypervisors. For VMware 5.x, these are ports 50000-50999.
The organization owns all operations responsibilities for the cloud, including template management, storage, and resource pooling. Cloud Manager administrative requirements vary according to how you structure the cloud Administrative duties can be assigned directly or delegated.