Deploy Control Plane
GCP
Provisioning Control Plane Infrastructure on GCP
There are steps in this guide where TrueFoundry team will have to be involved. Please reach out to support@truefoundry.com to get the credentials
Setting up Infrastructure
Requirements
All the compute plane requirements must be met in order to install the control plane. Below are the additional requirements for the control plane:| Requirements | Description | Reason for Requirement |
|---|---|---|
| CloudSQL Postgres | Postgres >= 13 | The database is used by TrueFoundry control plane to store all its metadata, Ensure SSL is disabled (default is disabled), |
| GCS bucket | Any GCS bucket reachable from control-plane | This is used by control-plane to store the intermediate code while building the docker image |
| Egress Access for TrueFoundryAuth | Egress access to https://auth.truefoundry.com and analytics.truefoundry.com | This is needed to verify the users logging into the TrueFoundry platform for licensing purposes |
| Additional TrueFoundry information | Additional information for control plane deployment which will be provided by TrueFoundry team | This includes tenant name, licence key, and image pull secret |
| DNS | Domain for control plane and service endpoints | One endpoint to point to the control plane service (e.g., platform.example.com) The control-plane URL must be reachable from the compute-plane. The developers will need to access the TrueFoundry UI at the provided domain |
| User/ServiceAccount to provision the infrastructure | Permissions to run terraform | Permissions to run terraform code to bring up GKE and cloud SQL given below |
Permissions Required
For the control plane, we will be using the following permissions:- Compute plane permissions
- Cloud SQL Admin