Deployment overview
The pages in this section outline the required steps to successfully deploy Delphix Data Control Tower (DCT) on your container platform of choice. This overview introduces available deployment methods and DCT architecture.
DCT operates above Continuous Data, Continuous Compliance, and Hyperscale Compliance, continuously monitoring and directing engine usage through an HTTPS connection. It is delivered as a Dockerized product, typically deployed on a containerized platform. As of DCT version 22.0.0, an Appliance-based installation option—similar to other Delphix Engines—is also available.
Deployment methods
Data Control Tower (DCT) is built on a container-based architecture and can be deployed through Kubernetes, OpenShift, or as a Virtual Appliance (OVA image).
Please note, when deploying on Kubernetes or OpenShift, administrators without prior experience in these platforms (or with Docker) may need to work with their organization’s Cloud Architects or Cloud Administrators to complete configuration during installation.
For administrators familiar with installing other Continuous Data or Compliance Engines, the Virtual Appliance deployment of DCT will follow a similar process and should be straightforward to complete.
DCT architecture
The DCT architecture is composed of multiple microservices, each running on individual pods. This design enables flexible deployment by allowing users and IT teams to apply their own backup, scaling, and resiliency standards for container-based applications. The diagram below shows all DCT services and the persistent storage used to maintain relationship metadata.
DCT is multi-cloud capable, allowing a single instance to orchestrate Continuous Data and Continuous Compliance workloads with Delphix Engines in different networks via HTTPS. It can also be deployed in a localized configuration, managing engines within the same network. As a lightweight management application, DCT does not require a high-performance connection and can serve as a central management layer for Delphix Engines worldwide.
The Kubernetes installation of DCT is supported on any Certified Kubernetes platform that supports Helm. DCT is OCI-compliant and works with container runtimes that implement the OCI Runtime Specification, including CRI-O, Docker, and Podman.
The Appliance installation packages DCT’s containerization within a VM image, providing an installation and configuration experience similar to a Delphix Engine. Once installed, DCT can connect to any number of Continuous Data, Continuous Compliance, or Hyperscale Compliance engines via HTTPS. For example, the diagram below shows DCT running in Azure Kubernetes Service (AKS) and connecting to a Continuous Data engine in AWS EC2 as well as another deployed on-premises.
DCT consists of ten Docker images, most of which are built by Delphix with proprietary applications. Some are based on third-party images such as GraphQL, Nginx, and PostgreSQL. (A full list of dependencies is available upon request.) Three persistent storage volumes manage metadata for general configuration, virtualization, and masking. DCT requires approximately 50GB of storage.
For connectivity, inbound port 443 must be open to allow HTTPS traffic from API clients or the UI to DCT. Outbound port 443 must also be open to allow HTTPS communication from DCT to Delphix Engines. Opening port 80 for non-encrypted HTTP traffic is not recommended.