Deploy Control Plane
Azure
Provisioning Control Plane Infrastructure on Azure
There are steps in this guide where TrueFoundry team will have to be involved. Please reach out to support@truefoundry.com to get the credentials
Setting up Infrastructure
Requirements
All the compute plane requirements must be met in order to install the control plane. Below are the additional requirements for the control plane:| Requirements | Description | Reason for Requirement |
|---|---|---|
| Azure Flexible Server for PostgreSQL | Postgres >= 13 | The database is used by TrueFoundry control plane to store all its metadata. Ensure that require_secure_transport is kept OFF if you are using Azure Flexible Server for PostgreSQL |
| Container in Azure Storage Account | Any container bucket reachable from control-plane | This is used by control-plane to store the intermediate code while building the docker image |
| Egress Access for TrueFoundryAuth | Egress access to https://auth.truefoundry.com and analytics.truefoundry.com | This is needed to verify the users logging into the TrueFoundry platform for licensing purposes |
| Additional TrueFoundry information | Additional information for control plane deployment which will be provided by TrueFoundry team | This includes tenant name, licence key, and image pull secret |
| DNS | Domain for control plane and service endpoints | One endpoint to point to the control plane service (e.g., platform.example.com) The control-plane URL must be reachable from the compute-plane. The developers will need to access the TrueFoundry UI at the provided domain. |
| User/ServiceAccount to provision the infrastructure | Required permissions: - Azure subscription with billing enabled - Contributor Role to the subscription - Role Based Access Administrator to the subscription | Required to set up and manage the infrastructure components |
Permissions Required
For the control plane, we will be using the following permissions:- Compute plane permissions
- Azure Flexible Server for PostgreSQL permissions