Available only on Enterprise Plan
With the Bring Your Own Cloud option, Streakmap will host the control plane in our environment while the data plane is deployed within your VPC on your infrastructure in a sub-account of your cloud vendor.
All that is needed is a single cloud IAM account that grants initial provisioning access and this setup can done via any of these methods
- 1-click install template
- Manually using the Cloud console
This IAM user is only used during the initial install, and can be deleted after. It has create but no get access.
Streamkap uses this install role to do the initial install provisioning:
- Create base layer sandbox — VPC, Kubernetes cluster, ECR resources
- Install the runner/agent
From there, the runner takes over the install and no cross account access is ever required again, until deleting the install. The runner is responsible for the following:
- Capturing logs when requested + providing basic debugging capabilities
- Continuous monitoring of the install
- Managing components — provisioning terraform, helm, container components
- Syncing and managing OCI artifacts into the account
The runner will provision servers and install the data plane portion of the Streamkap application.
The runner is also responsible for the delivery of upgrades.
- We will deploy a VPN with you to secure the communication
- Inbound from Streamkap Control Plane to Customer Data Plane
- Port 8083 (Data Plane Configuration for setup/maintenance of connectors)
- Outbound from Customer Data Plane to Streamkap Control Plane
- Port 8433 (Logs)
- Port 9701 (Runner/Agent to maintain the deployment)
The sub-account/VPC will need to be able to comunicate with the sources of data and the destinations to write to.
An example will be SQL Server as a source. We need the IP address of the database and the the standard port 1433.
The normal deployment here is to create a sub-account in your cloud vendor for Streamkap to use.
A kubernetes cluster will be deployed which will contain a number of VMs. The CPU count for the deployment depends on the volume of data being processed but 4 CPU/12GB setup is typical. We mostly utilise object storage.
No. Our agent/runner will maintain all systems and software in the sub-account. We will deploy Kubernetes and our agent will maintain, upgrade and handle entirely.
Your confidential data does not leave the data plane.
Monitoring logs and some configuration is stored with Streamkap. This is all kept encrypted and covered under our SOC2 compliance.
The deployment should be placed within the same region and ideally zone as your current systems.
Ingress is typically free regardless of the data source.
Egress depends on where you are sending the data. Egress is usually free in the same region/zone and only becomes more substantial if you are sending to do a different cloud vendor - in which case it could cost up to $0.10 per GB. By different cloud vendor, this refers to AWS, GCP, Azure or Oracle Cloud for example.
Updated 2 days ago