Deployment Roles and Responsibilities

Deploying and managing Solace Cloud in a Customer-Controlled Cluster requires coordination between you and Solace. The exact roles and responsibilities differ depending on the deployment environment.

In particular, the responsibilities are different between:

Solace-controlled environments. This includes Public Clusters (shared infrastructure) and Dedicated Clusters (not shared; reserved for a single customer).
Customer-Controlled Clusters. This includes customer-owned cloud regions and on-premises customer-owned networks, such as Kubernetes clusters.

The detailed responsibilities for installing and maintaining Solace Cloud are listed in the sections that follow. For security-specific responsibilities, see Customer Roles and Responsibilities for Security.

Mission Control Agent

Installation

Task Description		Responsibility		Notes
Task Description		Solace	Customer	Notes
Technical requirements gathering				Solace works with the customer to gather the technical requirements of the deployment. For Kubernetes, you can determine many of the technical details by answering the questions in Questionnaire: Deploying in a Customer-Controlled Cluster.
Ensuring that IaaS resources are available for install	Dedicated Cluster and Public Cluster			In a Public Cluster, Solace is responsible for the cluster configuration, including ensuring that sufficient IaaS resources are available.
Ensuring that IaaS resources are available for install	Customer-Controlled Cluster			In a Customer-Controlled Cluster, the customer is responsible for cluster configuration, including ensuring that sufficient IaaS resources are available. Solace can assist with solution architecture.
Installation and validation	Public Cluster or Dedicated Cluster			In a Public Cluster or Dedicated Cluster, Solace installs and validates the Mission Control Agent.
Installation and validation	Customer-Controlled Cluster			In a Customer-Controlled Cluster, the customer is responsible for installing the Mission Control Agent, using a `values.yaml` configuration file (see Private Regions) with assistance from Solace.
Post-installation validation				Solace works with the customer to set up the first event broker service and validate end-to-end functioning. This step does not include validating customer applications.
Creating additional Solace Cloud datacenters or regions				Solace can create new data centers or regions at the customer's request. To request additional data centers or regions, contact Solace.
Network Connectivity				Responsibility for network connectivity depends on the environment. See Networking, below.

Configuration of Event Broker Services

Task Description	Responsibility		Notes
Task Description	Solace	Customer	Notes
Creating services			Customers create event broker services using Mission Control.
System-level configuration (HA, config-sync, message spool, etc.)			These system-level settings are configured automatically by Solace Cloud when you create your event broker service.
Application-level configuration (users, queues, JNDI, etc.)			Customers directly configure application-level settings using Broker Manager or SEMP.
Manually Enabled Capabilities (Private Load Balancers, Message Retain, Replay, bridge certificates)			Certain functionality must be manually configured and enabled by the Solace Cloud team. To request this functionality, contact Solace.
VPN Bridge Configuration			You can configure VPN Bridges using Broker Manager or SEMP.
Event mesh configuration			You can configure your event mesh using Mesh Manager. If you are configuring event mesh with replication (for the proposes of disaster recovery), see Using Replication for Disaster Recovery of Event Broker Services.
DMR Cluster		^See Note	If you require an internally-linked DMR cluster, it must be manually configured by Solace. To request this functionality, contact Solace For the DMR clusters required for configuring replication, you are responsible. For more information, see Using Replication for Disaster Recovery of Event Broker Services.
Configuring emails and tuning alert levels for Solace Insights.			After Solace Insights is enabled in your account, you can set up the email addresses that you want to use and tune the alerts that you want to receive.
Disaster Recovery (Replication): connectivity and system-level configuration			Replication must be manually configured. To request this functionality, contact Solace. For more information, see Using Replication for Disaster Recovery of Event Broker Services.
Disaster Recovery (Replication): application-level configuration (topics, sync vs. async, etc.)			After replication has been configured for your event broker services, you can modify the related application-level settings using Broker Manager.
Adoption / Go-live Checklist / Validation			Solace works with the customer to ensure that the deployment can correctly create event broker services during deployment. The customer is responsible to ensure that the event broker services are correctly configured and ready to go live.

Monitoring

Task Description	Responsibility		Notes
Task Description	Solace	Customer	Notes
Solace Infrastructure: Monitoring, Incident Management, and Communication			Solace is responsible for monitoring, managing, and communicating incidents concerning Public Cluster and Dedicated Cluster infrastructure, including: Solace Home Cloud Mission Control Solace Event Portal Solace Insights Solace Cloud Console Event broker services and IaaS resources in Public Cluster and Dedicated Cluster Solace follows internal Incident Management Procedures that comply with SOC2 standards.
IaaS resources: Customer-Controlled Cluster			The customer is responsible for monitoring IaaS resources in cloud regions that they control. Joint troubleshooting with Solace may be required to resolve some IaaS issues.
Application-level monitoring and notification (queue depths, discards, etc)			The customer is responsible for monitoring their applications using Insights. The default configuration provides this functionality for customers.
Certificate expiry and renewal (customer-owned certificates)			The customer must update certificates before they expire. To request assistance, contact Solace .
Event Mesh monitoring and notification (DMR Links, Bridges)			The customer is responsible for proactively monitoring their event mesh using Insights. Solace can provide assistance to resolve issues.
Disaster Recovery (Replication): Connectivity and Status			The customer is responsible for monitoring their replication connectivity and status using SEMPv2 or Insights. Solace can provide assistance to resolve issues. For more information, see Using Replication for Disaster Recovery of Event Broker Services.
VPC peering			Responsibility for network connectivity depends on the environment. See Networking, below.

Operation

Task Description		Responsibility		Notes
Task Description		Solace	Customer	Notes
IaaS Operations—cluster, network, Kubernetes upgrades, Kubernetes patches	Public Clusters and Public Clusters			In a Public Cluster or Dedicated Cluster, Solace is responsible for maintaining IaaS operations. See Upgrading Public Clusters and Dedicated Clusters.
	Customer-Controlled Cluster			In a Customer-Controlled Cluster, the customer is responsible for maintaining IaaS operations, including the health of the Kubernetes cluster. See Upgrading Customer-Controlled Clusters. Solace can provide assistance to resolve issues.
Troubleshooting—application-level issues				The customer is responsible for troubleshooting and resolving application-level issues. Solace can provide assistance to resolve issues.
Disaster Recovery (Replication)				The customer is responsible for keeping replication operationally up. Joint troubleshooting with Solace may be required to resolve some issues. For more information, see Using Replication for Disaster Recovery of Event Broker Services.
VPC peering, VPN connectivity				Responsibility for network connectivity depends on the environment. See Networking, below.

Capacity Planning

Task Description	Responsibility		Notes
Task Description	Solace	Customer	Notes
Event broker services (service classes)			The customer is responsible for ensuring that the event broker services, are adequately scaled. Solace can assist with solution architecture and capacity planning.
Understanding and planning when to upscale (or scale up)			The customer is responsible for planning when to upscale their event broker services. Upscaling may require additional configuration or activation in the Solace Home Cloud. Consult Solace for assistance with this activity. For more information about upscaling, see Upscaling Event Broker Services.
IaaS resources: Customer-Controlled Cluster			In a customer-controlled environment, the customer is responsible for adequately provisioning their IaaS resources and planning their Kubernetes clusters. Solace can assist with solution architecture and capacity planning.

Solution Restoration

Task Description		Responsibility		Notes
Task Description		Solace	Customer	Notes
Restoration of services post-deletion	Public Cluster or Dedicated Cluster	N/A	N/A	Solace Cloud currently does not support restoring event broker services after deletion.
Restoration of services post-deletion	Customer-Controlled Cluster	N/A	N/A	Solace Cloud currently does not support restoring event broker services after deletion.
Restoration of service after IaaS issues	Public Cluster or Dedicated Cluster			In a Solace-controlled region, Solace is responsible for restoring service after IaaS problems.
Restoration of service after IaaS issues	Customer-Controlled Cluster			In a Customer-Controlled Cluster, the customer is responsible for restoring service after IaaS problems. Solace can provide assistance to troubleshoot and resolve issues.
Broker configuration: backup and restore				Event broker services are automatically configured as high availability (HA) services. Optionally, you can also configure disaster recovery (DR) using the replication feature. With both HA and DR configured, backing up and restoring the broker configuration should not be necessary. Solace Cloud does not provide any built-in functionality to back up and restore broker configuration. The customer must configure an alternative solution if required. For more information, see Backing up Event Broker Services.
Customer-owned certificates: backup and restore				Solace Cloud does not provide any built-in functionality to back up and restore certificates. The customer must configure an alternative solution.

Kubernetes Cluster

Task Description		Responsibility		Notes
Task Description		Solace	Customer	Notes
Configuration, monitoring, and operation of the Kubernetes cluster.	Public Cluster or Dedicated Cluster			In a Public Cluster, Solace is responsible for the configuration, monitoring, and operation of the Kubernetes cluster.
	Customer-Controlled Cluster			In a Customer-Controlled Cluster, the customer is responsible for the configuration, monitoring, and operation of the Kubernetes cluster.

Networking

Task Description	Responsibility	Notes
Configuration, monitoring, and resolving issues with VPC peering	Public Cluster or Dedicated Cluster			In Public Clusters, Solace is responsible for configuring, monitoring and resolving issues with VPC peering. Peering between Dedicated Clusters or Public Clusters and customer VPCs requires that the customer assist with configuration and provide Solace with the required access to the customer network. In this scenario, Solace is responsible for maintaining only the Public Cluster and Dedicated Cluster parts of the network.
Customer-Controlled Cluster			In Customer-Controlled Clusters, the customer is responsible for configuring, monitoring, and resolving issues with VPC peering and VPN connectivity. Peering between Public Clusters or Dedicated Clusters, and customer VPCs requires that the customer assist with configuration and provide Solace with the required access to the customer network. In this scenario, Solace is responsible for maintaining only the Public Cluster or Dedicated Clusters.

Task Description

Responsibility

Notes

Solace

Customer

Configuration, monitoring, and resolving issues with VPC peering

Public Cluster or Dedicated Cluster

In Public Clusters, Solace is responsible for configuring, monitoring and resolving issues with VPC peering.

Peering between Dedicated Clusters or Public Clusters and customer VPCs requires that the customer assist with configuration and provide Solace with the required access to the customer network. In this scenario, Solace is responsible for maintaining only the Public Cluster and Dedicated Cluster parts of the network.

Customer-Controlled Cluster

In Customer-Controlled Clusters, the customer is responsible for configuring, monitoring, and resolving issues with VPC peering and VPN connectivity.

Peering between Public Clusters or Dedicated Clusters, and customer VPCs requires that the customer assist with configuration and provide Solace with the required access to the customer network. In this scenario, Solace is responsible for maintaining only the Public Cluster or Dedicated Clusters.

Upgrades to Mission Control Agent and Event Broker Services

To upgrade event broker services to adopt security fixes, critical fixes, or features, the responsibilities of the customer and Solace are listed in the following table.

Task Description		Responsibility		Notes
Task Description		Solace	Customer	Notes
Upgrades to the Solace Cloud platform ( includes the Cloud Console)				Solace updates both the Solace Cloud platform and the Cloud Console.
Upgrades to the Mission Control Agent that are deployed on Kubernetes.	Public Cluster or Dedicated Cluster			In a Public Cluster, Solace is responsible for upgrading the Mission Control Agent.
	Customer-Controlled Cluster			In a Customer-Controlled Cluster, the Mission Control Agent is self-upgrading in Kubernetes deployments, and Solace is responsible for the upgrade. Any upgrade issues are coordinated with the customer.
Upgrades to Event Broker Services for New Releases and Maintenance Loads	Public Cluster or Dedicated Cluster			You are responsible for scheduling an upgrade slot after the full support phase ends. When the technical support phase ends, if you have not yet scheduled an upgrade slot for your event broker services, Solace automatically upgrades them to the latest production release (that supports upgrades). For more information about scheduling an upgrade slot and upgrades, see Upgrading Event Broker Services in Solace Cloud. Generally, customers don't need to be present on a call to coordinate the upgrade, but it is recommended to include contact information when booking an upgrade slot in Calendly in case issues arise. In some deployments to Customer-Controlled Clusters, the customer is required to be present on a call based on the network connectivity configuration. For details about upgrades, availability, and release cadence, see Upgrading Event Broker Services in Solace Cloud.
	Customer-Controlled Cluster			You are responsible for scheduling an upgrade slot after the full support phase ends. When the technical support phase ends, if you have not yet scheduled an upgrade slot for your event broker services, Solace automatically upgrades them to the latest production release (that supports upgrades). For more information about scheduling an upgrade slot and upgrades, see Upgrading Event Broker Services in Solace Cloud. When booking an upgrade slot in Calendly, customers must include contact information. Customer also must be available on a call with Solace since the deployment is within a Customer-Controlled Cluster. For details about upgrades, see Upgrading Event Broker Services in Solace Cloud.

Provide feedback