KX Managed kdb Insights Enterprise Deployment
The Managed kdb Insights Enterprise Deployment offer on the Azure Marketplace spins up the resources and infrastructure as well as deploying the application. This offer leverages the Azure Managed Application mechanism. KX will have access to the relevant resource groups and will be able to manage the application on your behalf.
Follow the Install Prerequisites to get your system ready before installing kdb Insights Enterprise.
kdb Insights Enterprise on Azure Marketplace is deployed as a Managed Application and the set of resources provisioned in your subscription depends on your configuration choices.
The following third party dependencies are installed and used by kdb Insights Enterprise:
- Keycloak - identity & access management
- PostgreSQL - SQL database used by Keycloak
- Cert Manager - certificate management
- nginx Ingress Controller - ingress, load balancing and routing
The following third party dependency is optional and will only be deployed if you select this in your configuration:
- Rook-Ceph as a distributed storage system.
The following Azure resources are created and deployed during installation:
Azure Kubernetes Service (AKS) - Kubernetes cluster hosting the kdb Insights Enterprise components
- Managed Identity - used by the deployment to have access to other Azure services
- Azure Managed Disks - used to store the data and logs of the internal components
- Virtual machine scale set - provides VMs for the AKS Node pools used to run the workloads of the deployment
Issues with HWE kernel 6.2.0 and rook-ceph
In rare cases where Azure deploys AKS nodes with HWE kernel 6.2.0, there is an issue that causes rook-ceph to be incompatible with it. These HWE kernels are expected only for special VM families, for example GPU enabled ones.
If you have any issues or questions please contact Support.
Azure Container Instances - execute parts of the deployment (they may disappear after some time)
- Deployment Script - the actual commands executed during the deployment (they may disappear after some time)
- Azure Storage Account
- used to store the kdb data if Rook-Ceph is not selected during installation
- used internally by kdb Insights Enterprise for audit logging and metrics
- Azure Policies - to help assess compliance of the deployment
- Log Analytics Workspace - allows you to access data from the Azure Monitor Logs store
- Azure Virtual Network - encapsulates all the network traffic that is internal to the deployment
- Public IP address - makes your deployment accessible from your network
- Azure Load Balancer - provides outbound connections for the deployment
- Network interfaces - the interconnection between a virtual machine and a virtual network
- Private Endpoints - allow ingress of traffic from your virtual network to an Azure resource securely
- Private DNS zone - to resolve the private endpoint IP address to the fully qualified domain name (FQDN) of the connection string
- Network security groups - to filter network traffic between Azure resources in an Azure virtual network
The kdb Insights Enterprise Helm charts and images are stored in our Azure Container Registry ACR and are all pulled from here at deployment time, except for Keycloak. The CLI will be used to upgrade your application when new versions are available.