VK Cloud logo
Updated atMarch 6, 2024   01:50 PM

Platform architecture

Virtualization, monitoring, container, and data storage services can be deployed in VK Cloud. The architecture is based on four groups of services:

  • IaaS services are built on the basis of OpenStack and components of its own design. Manage dynamic resource allocation, scaling, and fault tolerance. Hosted in the same cloud data center with PaaS services.

  • PaaS services include open source solutions (Kubernetes) and solutions from technology partners. Built-in monitoring of VK Cloud services and individual entities is supported.

  • Common&Security-services ensure the safe operation of users and support a role model when using VK Cloud resources.

VK Cloud provides technical support for its services. Partner solutions (for example, AntiDDoS, WAF) are supported jointly with a partner.

The general scheme of VK Cloud components and services is shown below.

Cloud services are managed using the API. Users interact with the API through one or more tools:

  • VK Cloud personal account;
  • OpenStack CLI;
  • Terraform with a separate provider.

Fault tolerance

Physical fault tolerance is implemented by placing VK Cloud in two Tier III reliability level data centers in the Russian Federation. With this placement, it is guaranteed to maintain the SLA of data centers of more than 98% with a total SLA of 99.95%.

Network fault tolerance is provided by communication of data centers with routes with a bandwidth of 200 GB/sec. Communication of each server with backbone providers goes through two independent channels, through two routers.

Logical fault tolerance is implemented using availability zones, which are combined into regions.

Availability zones

Each availability zone has one or more data processing centers (data centers) where cloud infrastructure objects are physically located. In VK Cloud, the availability zone corresponds to a separate Tier III data center. VK Cloud provides availability zones:

  • GZ1: includes a data center Goznak;

    The address of the data center: Moscow, Mira avenue, 105, building 6.

  • MS1: includes a data center DataLine NORD4;

    The address of the data center: Moscow, Korovinskoe highway, 41.

  • ME1: includes a data center «Medvedkovo» Rostelecom-DPC;

    The address of the data center: Moscow, Chermyanskaya st., 4.

  • QAZ: includes a data center QazCloud.

    The address of the data center: Republic of Kazakhstan, Akmola region, Kosshy, Republic str. 1.

Each data center is equipped with independent power supply and cooling systems.

Availability zones within a region are connected using a redundant dedicated high-bandwidth and low-latency fiber network for high data transfer rates between zones.

The infrastructure of availability zones MS1 and GZ1 of the Moscow VK Cloud region is protected in accordance with the Federal Law of the Russian Federation “On Personal Data” No. 152-FZ.

Security

VK Cloud security is ensured by constant monitoring of VK Cloud services, conducting external audits. VK Cloud participates in the security audit program HackerOne. Infrastructure certified FSTEC of Russia for working with personal data.

For more information, see the section Platform security.

Migration to VK Cloud

VK Cloud supports migration using third-party software or platform tools. The transfer of virtual resources is cheaper due to the implementation of services based on OSS (Open Source Solutions).