Data Control Tower (DCT) Installation Cheat Sheet
Summary
Data Control Tower (DCT) is Delphix’s data governance solution. DCT sits above Continuous Data, Continuous Compliance, andHyperscale Compliance, where it continuously monitors and directs usage of the engines through an HTTPS connection. DCT is a Dockerized product that is traditionally installed on a containerized platform. Starting with DCT v22, we began offering an OVA installation approach, just like the other Delphix Engines.
This guide is meant to assist with the first-time installation of DCT.
Audience
Kubernetes Installation
Traditional Delphix Administrators who do not have Kubernetes, OpenShift, or Docker knowledge might need to rely upon their organization's Cloud Architects or Cloud Administrators. These roles typically have the Docker, Kubernetes, and Networking expertise to perform the DCT installation steps provided in this document.
OVA Installation
Delphix Administrators who have successfully installed any other Delphix Engine should have no challenges installing the OVA installation of DCT. It should feel very similar.
Architecture
The DCT Kubernetes installation is designed to run and is supported on any Certified Kubernetes platform that supports Helm. The DCT product is OCI-compliant and may use any container runtime that implements the OCI Runtime Specification including CRI-O, Docker, and Podman.
The DCT OVA installation still runs Kubernetes underneath the hood, but obfuscates it all through a VM image. Its installation and configuration closely model the Delphix Engine.
Once installed, DCT will connect with any number of Continuous Data, Continuous Compliance, or Hyperscale Compliance engines through HTTPS. As an example, you can see in the picture below that DCT is installed in Azure Kubernetes Service (AKS) where it is connecting with a Continuous Data engine in AWS EC2 and another Continuous Data engine deployed on-prem.
DCT is composed of ten Docker images. Delphix builds most of these Docker images with proprietary applications, while others are built on top of third-party images: GraphQL, Nginx, and PostgreSQL. (A complete list of dependencies is available on request.) Three persistent storage volumes manage metadata for general configuration, virtualization, and masking. DCT requires approximately 50 GB for storage - unlike a Delphix Engine which often requires far more. Inbound port 443 must be opened to enable incoming HTTPS traffic to DCT from an API client or the UI. In addition, outbound port 443 (HTTPS) must be opened to enable outgoing HTTPS traffic from DCT to the Delphix Engines. Opening port 80 for non-encrypted traffic (HTTP) is not recommended.
Find additional details about Data Control Tower’s architecture here.
Installation and Configuration
Once you have identified a supported certified Kubernetes platform within your organization, proceed with the installation steps described here.
Find the complete system requirements within each installation documentation above.
As a final step, share the initial "bootstrapping" API Key as explained in the Kubernetes or OpenShift documentation with your Delphix Administrator so you can login to the UI. If installing with the OVA, then it will be covered during the normal installation steps.
Additional details about the Data Control Tower installation and configuration are here.
Connect Delphix Engines
With DCT successfully installed, the inbound and outbound ports opened, and the bootstrapping API key in hand, the Delphix Administrator can now connect to existing Delphix Engines by following this video.
Important Links
#DCT
#installation
#kubernetes
#openshift