Deployment and setup
The topics in this section cover prerequisites, setup, and installation steps required for each deployment method of DCT.
DCT is deployed on a containerized platform (Kubernetes or OpenShift) and operates above Continuous Data, Continuous Compliance, and Hyperscale Compliance Engines, constantly monitoring and directing engine usage through an HTTPS connection. Alternatively, DCT version 22.0.0 and above can be deployed using a hypervisor and downloadable OVA image, offering a virtual appliance-based option.
Deployment methods
Data Control Tower (DCT) is built on a container-based architecture and can be deployed via:
Kubernetes or OpenShift deployments, administrators without prior experience integrating with these platforms may need to work with their organization’s Cloud Architects or Cloud Administrators to complete configuration during installation.
Virtual appliance deployments follow a similar installation process as Continuous Data or Compliance Engines, by downloading an image from the Delphix Downloads site and using a hypervisor.
DCT architecture
The DCT architecture is composed of multiple microservices, each running on individual pods. This design enables flexible deployment by allowing users and IT teams to apply their own backup, scaling, and resiliency standards for container-based applications. The diagram below shows all DCT services and the persistent storage used to maintain relationship metadata.
DCT is multi-cloud capable, allowing a single instance to orchestrate Continuous Data and Continuous Compliance workloads with Delphix Engines in different networks via HTTPS. It can also be deployed in a localized configuration, managing engines within the same network. As a lightweight management application, DCT does not require a high-performance connection and can serve as a central management layer for Delphix Engines worldwide.
The Kubernetes installation of DCT is supported on any Certified Kubernetes platform that supports Helm. DCT is OCI-compliant and works with container runtimes that implement the OCI Runtime Specification, including CRI-O, Docker, and Podman.
The Virtual Appliance installation packages DCT’s containerization within a VM image, providing an installation and configuration experience similar to a Delphix Engine.
Once installed, DCT can connect to any number of Continuous Data, Continuous Compliance, or Hyperscale Compliance engines via HTTPS. For example, the diagram below shows DCT running in Azure Kubernetes Service (AKS) and connecting to a Continuous Data engine in AWS EC2 as well as another deployed on-premises.
DCT consists of ten Docker images, most of which are built by Delphix with proprietary applications. Some are based on third-party images such as GraphQL, Nginx, and PostgreSQL (a full list of dependencies is available upon request). Three persistent storage volumes manage metadata for general configuration, virtualization, and masking. DCT requires approximately 50GB of storage.
For connectivity, inbound port 443 must be open to allow HTTPS traffic from API clients or the UI to DCT. Outbound port 443 must also be open to allow HTTPS communication from DCT to Delphix Engines. Opening port 80 for non-encrypted HTTP traffic is not recommended.