The Contractor teams will provide the cloud hosting services in accordance with the DoD PA they have received for their CSO. General characteristics and attributes for Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) cloud service models are summarized below. Specific requirements will be defined in TOs.
• Allow the cloud service customer to provision and use processing resources (central processing unit, random access memory, and storage) via, for example, an on demand web-based portal, to perform operations relevant to VM lifecycle operations, such as VM reboot, shut down, migration, backup, snapshot, clone, and reservation • Allow the cloud service customer to view and configure metric data about VMs and allow the configuration of thresholds and alerts • Provide x86-architecture based computing resources capable of hosting/installing industry standard operating systems on virtual machines • Allow the cloud service customer to use virtual networking resources and perform virtual network functions such as Internet Protocol (IP) address, subnets/Virtual Local Area Networks (VLANs), routers, switches, load balance, and firewall to enable the creation of virtual networks between VMs such as isolated user, management, or data planes • Provide an infrastructure that is Internet Protocol version 6 (IPv6) enabled and support Internet Protocol version 4 (IPv4) legacy applications • Provide Virtual Private Network (VPN) services to enable access to IaaS resources via a VPN connection from an on-premise location • Allow the attachment of storage at various tiered performance levels to accommodate use cases such as archival-quality storage and high-performance storage • Provide an Application Programming Interface (API) for VM provisioning and management • Provide options to synchronize/replicate a different data center when backup services are provided. The cloud service customer shall be able to select/configure backup services, including selection of backup locations, frequency of backups, and attributes of the backup (incremental, differential, full, application and database support, encryption, etc.), including backup versioning • Services for monitoring the health and status of the VMs shall be available in near real-time, including VM operational status, VM uptime, and VM resource status (configured resources, used resources, maximum resources available). Trending and other historical usage shall also be made available • Follow FedRAMP and DoD PA guidelines to keep the IaaS infrastructure fully patched against known vulnerabilities
• The services and tools provided in a PaaS environment shall streamline the development and deployment of cloud-enabled/cloud-optimized applications • The tools and software components provided in the PaaS CSO shall be kept patched and up-to-date IAW with articulated Army and DoD standards • A process or mechanism shall be available to the consumer to allow upgrading from one version of the PaaS CSO to a newer (patched) version of the CSO with minimal/managed disruption to the hosted application • The PaaS layer shall provide the automation of provisioning, configuration, and administration of the underlying PaaS resources • The PaaS layer shall provide support for multiple environments including, but not limited to, development, development test, testing, staging, production • The PaaS layer shall provide support for a variety of program languages, such as Java, Python, Ruby, ASP.NET, Node.js, PHP, etc. • The PaaS layer shall provide support for a variety of server types, such as Application Server, Java Enterprise Edition Container, Web Server, .NET Server and Ruby Application Server • The PaaS layer interface shall allow authorized Application Developers to upload compiled code (e.g., a .war file or .NET library) into the PaaS layer. This may be a web based user interface, or ideally, be integrated with popular Integrated Development Environments (IDEs) • The PaaS layer shall include an IDE Toolkit. This is a toolkit that integrates with one or more IDEs • The IDE toolkit should give an authorized developer the ability to deploy an application into the cloud development environment • The PaaS environment shall include support for various build tools, such as Maven or Ant • The PaaS environment shall offer a continuous integration tool, such as Jenkins or Hudson • A version control system shall be available to developers • A Configuration Management tool shall be made available to developers. The tool(s) shall include the ability to deploy, configure, and patch an application. The tool(s) shall work with the development environment and link into the version control system • At least one relational database service shall be provided that supports Structured Query Language. It is preferred that both an open source database as well as a commercial database be offered. At least one of the databases shall offer support for geospatial queries • Follow FedRAMP and DoD PA guidelines to keep the PaaS infrastructure fully patched against known vulnerabilities
• Manage and control all of the underlying cloud infrastructure, operating systems, application platforms and capabilities • Ensure application and data availability, performance, and durability meet or exceed thresholds defined by capability owner requirements • Allow cloud service customers to export all of their data from the SaaS CSO at any time, as well as the capability to import/re-import data to the SaaS CSO • Follow FedRAMP and DoD PA guidelines to keep the SaaS environment fully patched against known vulnerabilities.
Contractor teams may be required to provide cloud computing in either an on-premise or off-premise environment. In these environments, ownership and operation of cloud computing service, to include operating environment, real estate, and capital equipment can be either Contractor Owned Contractor Operated (COCO), Government Owned Contractor Operated (GOCO), Contractor Owner Government Operated (COGO).