Provisioning Control Plane Infrastructure on GCP
Requirements | Description | Reason for Requirement |
---|---|---|
CloudSQL Postgres | Postgres >= 13 | The database is used by TrueFoundry control plane to store all its metadata |
GCS bucket | Any GCS bucket reachable from control-plane | This is used by control-plane to store the intermediate code while building the docker image |
Egress Access for TrueFoundryAuth | Egress access to https://auth.truefoundry.com and analytics.truefoundry.com | This is needed to verify the users logging into the TrueFoundry platform for licensing purposes |
Additional TrueFoundry information | Additional information for control plane deployment which will be provided by TrueFoundry team | This includes tenant name, licence key, and image pull secret |
DNS | Domain for control plane and service endpoints | One endpoint to point to the control plane service (e.g., platform.example.com) The control-plane URL must be reachable from the compute-plane. The developers will need to access the TrueFoundry UI at the provided domain |
User/ServiceAccount to provision the infrastructure | Permissions to run terraform | Permissions to run terraform code to bring up GKE and cloud SQL given below |