Setting up Infrastructure
Requirements
All the compute plane requirements must be met in order to install the control plane. Below are the additional requirements for the control plane:| Requirements | Description | Reason for Requirement |
|---|---|---|
| Azure Flexible Server for PostgreSQL | Postgres >= 13 | The database is used by TrueFoundry control plane to store all its metadata. Ensure that require_secure_transport is kept OFF if you are using Azure Flexible Server for PostgreSQL. Ensure SSL is disabled, you can change the server parameter require_secure_transport to OFF |
| Container in Azure Storage Account | Any container bucket reachable from control-plane | This is used by control-plane to store the intermediate code while building the docker image |
| Egress Access for TrueFoundryAuth | Egress access to https://auth.truefoundry.com and analytics.truefoundry.com | This is needed to verify the users logging into the TrueFoundry platform for licensing purposes |
| Additional TrueFoundry information | Additional information for control plane deployment which will be provided by TrueFoundry team | This includes tenant name, licence key, and image pull secret |
| DNS | Domain for control plane and service endpoints | One endpoint to point to the control plane service (e.g., platform.example.com) The control-plane URL must be reachable from the compute-plane. The developers will need to access the TrueFoundry UI at the provided domain. |
| User/ServiceAccount to provision the infrastructure | Required permissions: - Azure subscription with billing enabled - Contributor Role to the subscription - Role Based Access Administrator to the subscription | Required to set up and manage the infrastructure components |
Permissions Required
For the control plane, we will be using the following permissions:- Compute plane permissions
- Azure Flexible Server for PostgreSQL permissions