This page provides an overview of the architecture, requirements and steps to install the TrueFoundry compute plane cluster in GCP
Access Policies Overview
Policy | Description |
---|---|
RolePolicy with policies for - Artifact registry, Secrets manager, Blob storage, Cluster viewer, IAM serviceaccount token creator, Logging viewer | Role <cluster_name>-platform-user with permissions for:- Creating and managing blob storage buckets - Managing secrets in secret manager - Pulling and pushing images to artifact registry - Enabling cloud integration for GCP (node level details) - Viewing cluster autoscaler logs - Creating Service Account keys (Service Account key creation should be allowed) |
Required APIs
public.ecr.aws
, quay.io
, ghcr.io
, tfy.jfrog.io
, docker.io/natsio
, nvcr.io
, registry.k8s.io
so that we can download the docker images for argocd, nats, gpu operator, argo rollouts, argo workflows, istio, keda, etc.services.example.com/tfy/*
, however, many frontend applications do not support this. For certificate, check this document for more details.Choose to create a new cluster or attach an existing cluster
Clusters
. You can click on Create New Cluster
or Attach Existing Cluster
depending on your use case. Read the requirements and if everything is satisfied, click on Continue
.Fill up the form to generate the terraform code
Submit
when doneRegion
- The region and availability zones where you want to create the cluster.Project ID
- The project ID where you want to create the cluster.Cluster Name
- A name for your cluster.Cluster Version
and Master node IPv4 block
- The version of the cluster and the IPv4 block for the master nodes.Network Configuration
- Choose between New network
or Existing network
depending on your use case.GCS Bucket for Terraform State
- Terraform state will be stored in this bucket. It can be a preexisting bucket or a new bucket name. The new bucket will automatically be created by our script.Platform Features
- This is to decide which features like BlobStorage, ClusterIntegration, Container Registry and Secrets Manager will be enabled for your cluster. To read more on how these integrations are used in the platform, please refer to the platform features page.Copy the curl command and execute it on your local machine
curl
command to download and execute the script. The script will take care of installing the pre-requisites, downloading terraform code and running it on your local machine to create the cluster. This will take around 40-50 minutes to complete.Verify the cluster is showing as connected in the platform
Create DNS Record
Base Domain URL
section.Record Type | Record Name | Record value |
---|---|---|
CNAME | *.tfy.example.com | LOADBALANCER_IP_ADDRESS |
Setup routing and TLS for deploying workloads to your cluster
Start deploying workloads to your cluster