Google Cloud Platform installation

This section covers the virtual machine requirements for the installation of a dedicated Continuous Compliance Engine on Google Cloud Platform (GCP).

Machine types

The following is a list of instance types that are supported to deploy Delphix on GCP. Delphix periodically certifies new instance types, which will be added to the list here.

Requirements

Notes

The minimum requirements are listed below:

  • 8vCPUs minimum

  • 64GB RAM minimum

  • 10Gbps min (25Gbps recommended)

  • Processors: Intel or AMD (No ARM)

  • Storage

    • SSD(No HDD)

Recommended Memory Optimized instance families:

  • N2 standard

  • N2 high-mem

  • N4 standard

  • N4 high-mem

  • Larger instance types provide more CPU, which can prevent resource shortfalls under high I/O throughput conditions.

  • Larger memory instances can be utilized by the Delphix Engine for operations such as job execution or Engine Sync Import/Export.

  • N4 instances are only supported on new installs of Delphix version 2025.6.0.* or newer.

  • Information on GCP general-purpose machines

Network configuration

Requirements

Notes

Virtual Private Cloud

You must deploy the Delphix Engine and Data sources (database / file servers) in a VPC network to ensure that private IP addresses are static and do not change when you restart instances. When adding connectors to the Masking Engine, you must use the host's VPC (static private) IP addresses.

Static Public IP

The GCP Delphix instance must be launched with a static IP address; however, the default behavior for VPC instances is to launch with a dynamic public IP address – which can change whenever you restart the instance.

Security Group Configuration

The default security group will only open port 22 for SSH access. You must modify the security group to allow access to all of the networking ports used by the Delphix Engine and the various source and target engines.
gVNIC support For 2025.6 and newer installations, Continuous Data supports Google Virtual NIC (gVNIC) for Google Cloud Platform deployments. gVNIC provides higher network performance and is the only supported network interface for new machine types (Generation 3 and newer). For more information, read Using Google Virtual NIC.

Premium Networking

It is recommended to use GCP Premium Tier Networking.

Storage configuration

You must always attach a minimum of 2 storage pools to the Delphix Engine; one for root filesystem and other for metadata storage pool.
System disk

The minimum recommended storage size for the System Disk is 127 GB.

Metadata disk(s)

The minimum recommended storage size of the Metadata Volume is 50 GB.

Additional GCP configuration notes

  • Delphix supports both Zonal and Regional SSD persistent disks.

Deployment in the Google Cloud console with Secure Boot enabled image

Prerequisites

  • Install the gcloud CLI. For more information, read Install the Google Cloud CLI.

  • Download the latest Delphix Platform for GCP tar.gz file from Delphix Download.

  • Download the Secure Boot certificate tar file, gcp-certs.tar.gz from Delphix Download.

    Before deploying the Delphix Engine on Google Cloud Platform, you must disable the OS Login feature. OS Login can allow privileged user access through the GCP guest agent and is not supported for Delphix VMs. For instructions on disabling the login, read Google Compute Engine doc.

Procedure

  1. Create a GCP storage bucket.

  2. Upload the downloaded CGP tar.gz file to the GCP storage bucket.

  3. When the upload completes, click the three vertical dots on the far left and select Copy gsutil URI. Save this URI to use later with gcloud commands.

  4. On the system with gcloud installed, unpack gcp-certs.tar.gz to extract the following files:

    1. pk.der

    2. kek.der

    3. db.der

  5. Use the following sample command to create an image with gcloud compute images create:

    6. Copy 
    gcloud compute images create Image-Name \
      --source-uri=gs://dlpx-system/storage/external-standard-gcp.gcp.tar.gz \
      --guest-os-features=UEFI_COMPATIBLE,GVNIC \
      --platform-key-file=PK.cer \
      --key-exchange-key-file=KEK.cer \
      --signature-database-file=db.cer \
      --storage-location=us \             # Multi-region (examples: us, eu, asia)
      --family=delphix-secureboot \       # Optional
      --description="UEFI Secure Boot image with GVNIC; Oct 2025 build" \  # Optional
      --labels=owner=delphix,env=dev,boot=uefi,net=gvnic \                 # Optional
      --kms-key=projects/PROJECT_ID/locations/us/keyRings/RING/cryptoKeys/KEY  # Optional

  6. After your image is created, select it and create an instance.

  7. Configure the instance creation screen:

    1. Select the region and zone for your virtual databases.

    2. Choose a supported machine type appropriate for your expected workload.

    3. Update the Boot Disk to SSD Persistent Disk. (Defaults to Standard Persistent Disk)

    4. Add Data Disks (minimum of four recommended) with a total capacity at least equal to the combined size of your source DBs. Make sure to use SSD Persistent Disks.

    5. Configure Networking to match the Network and Subnet(s) where your target non-production instances reside. A target is an instance running the DB platform identical to the source DBs.

    6. On the Security page under Shielded VM, check Turn on Secure Boot, Turn on vTPM, and Turn on Integrity Monitoring.

    7. Once all configuration details are complete, click Create.

  8. Wait for the instance to be created and available.

    You can now connect to your newly deployed Delphix Continuous Data Engine using the assigned IP address or hostname via the support web browser.

Deploying in the Google Cloud marketplace

  1. Log in to the Google Cloud Marketplace.

  2. In the Search field, enter Delphix.

  3. Select the Delphix Data Virtualization for GCP (3TB).

  4. Review the information on the initial Marketplace page.

  5. Click Launch.

  6. Review the deployment configuration and software subscription information.

  7. Accept Google Cloud’s and Delphix Corp’s Terms of Service.

  8. Click Deploy, which will start the deployment of the instance.

  9. After the deployment, add equally-sized data disks to the instance.

  10. To enable Secure Boot:

    1. Stop the VM.

    2. Edit the VM configuration and select Turn on Secure Boot, Turn on vTPM, and Turn on Integrity Monitoring under Security and Access > Shielded VM.

    3. Save the changes and start the VM.

Configuring the Delphix Continuous Compliance Engine

  1. Connect to the running Delphix instance with a web browser. Use the IP address or DNS name noted in the Instance Description. Upon successful connection, the browser will automatically redirect to the Delphix Setup Page.

  2. Refer to the Setting up the Delphix Engine section to complete the Delphix deployment.

Reset integrity boot measurements for GCP Shielded VM

On GCP Shielded VMs with virtual Trusted Platform Module (vTPM) and Integrity Measurement Architecture (IMA) enabled, engine upgrades may introduce a new kernel image and/or bootloader, which can trigger lateBootReportEvent alerts on subsequent boots. You can view these alerts in the GCP Console under VM > Observability > Logs. To accept the updated boot components as the new trusted baseline, run the following command:

Copy 
gcloud compute instances update INSTANCE_NAME --zone=ZONE \
    --shielded-learn-integrity-policy

This command generates a SetShieldedInstanceIntegrityPolicy event and records the current boot measurements as trusted. After you run the command, subsequent reboots no longer produce lateBootReportEvent alerts, confirming the upgraded system components are recognized as trusted.