Delphix Products

 View Only

Data Control Tower (DCT) - Installation Cheat Sheet

By Nicholas Mathison posted 04-02-2024 04:35:12 PM


Data Control Tower (DCT) Installation Cheat Sheet



Data Control Tower (DCT) is Delphix’s data governance solution. DCT sits above the Delphix Engines (Continuous Data, Continuous Compliance, or Hyperscale Compliance), where it continuously monitors and directs usage of the engines through an HTTPS connection. DCT is a Dockerized product that is installed on a containerized platform. It is not installed like a traditional Delphix Engine.

This guide is meant to assist with the first time installation of DCT.


Traditional Delphix Administrators who do not have Kubernetes, OpenShift, or Docker knowledge might need to rely upon their organization's Cloud Architects or Cloud Administrators. These roles typically have the Docker, Kubernetes, and Networking expertise to perform the DCT installation steps provided in this document.


DCT is designed to run and is supported on any Certified Kubernetes platform that supports Helm. The DCT product is OCI-compliant and may use any container runtime that implements the OCI Runtime Specification including CRI-O, Docker, and Podman. Once installed, DCT will then connect with any number of Delphix Engines (Continuous Data, Continuous Compliance, or Hyperscale Compliance) through HTTPS.


As an example, you can see in the picture below that DCT is installed in Azure Kubernetes Service (AKS), and it’s connecting with a Continuous Data engine in AWS EC2 and another Continuous Data engine deployed on-prem. 



DCT is composed of ten Docker images. Delphix builds most of these Docker images with proprietary applications, while others are built on top of third-party images: GraphQL, Nginx, and PostgreSQL. (A complete list of dependencies is available on request.) Three persistent storage volumes manage metadata for general configuration, virtualization, and masking. DCT requires approximately 50 GB for storage - unlike a Delphix Engine which often requires far more. Inbound port 443 must be opened to enable incoming HTTPS traffic to DCT from an API client or the UI. In addition, outbound port 443 (HTTPS) must be opened to enable outgoing HTTPS traffic from DCT to the Delphix Engines. Opening port 80 for non-encrypted traffic (HTTP) is not recommended.


Find additional details about Data Control Tower’s architecture here.

Installation and Configuration

Once you have identified a supported certified Kubernetes platform within your organization, proceed with the installation steps described here. 


Find the complete system requirements within each installation documentation above.

As a final step, share the initial "bootstrapping" API Key as explained in the Kubernetes or OpenShift documentation with your Delphix Administrator.

Additional details about the Data Control Tower installation and configuration are here.

Connect Delphix Engines

With DCT successfully installed, the inbound and outbound ports opened, and the bootstrapping API key in hand, the Delphix Administrator can now connect to existing Delphix Engines by following this video.

Important Links