Page tree
Skip to end of metadata
Go to start of metadata

This section explains the prerequisites for installing and deploying Kyvos in the GCP environment.


To deploy Kyvos in a GCP environment, you must ensure that the following prerequisites are met.

  1. Google Console users should have the privilege to launch Google resources like Instances, Dataproc cluster, Google Storage, and Disks in the Project.
  2. Kyvos needs a service account to launch the Kyvos instance. Refer to the steps given in the Service Account section to create it.
  3. The logged-in user will need access to VPN, Subnet, Network Interface/Security Group, and Service Account which will be used by Kyvos to launch compute engines, Dataproc, and Instance Group.
  4. The Network Security Group with the following ports opened in inbound rules for all internal communication between Kyvos instances.
    6602, 6903, 6703, 45450, 45460, 6603, 6803, 45440, 6605, 45421, 45564, 4000, 8080, 8081, 8005, 8009, 8443, 8444, 9443, and 9444.
  5. Following ports must be opened for inbound rules for all internal communication between the Dataproc cluster and Kyvos.
    8030, 8031, 8032, 8033, 9083, 8188, 18080, 8050, 8051, 8020, 10020, 19888, 10033, 8188, 9870, 10200, 10000, 10002, and 9866-9867
  6. Ports 22, 8080, and 8081 should be accessible from outside of the cluster from where you want to access the Web application.
  7. In case the Kyvos instances and Dataproc clusters are launched in a different VPN/Subnet, then Network Peering should be created between both the networks.
  8. There should be a private and public key for creating the Kyvos instances and the Dataproc cluster.
  9. Kyvos will need the Storage Legacy Bucket Owner role on the storage bucket to store data (cubes).
  10. To access the storage bucket from the Kyvos instances, a NAT Gateway in VPN or Endpoint between storage and VPN should be available.
  11. Internet should be available on the Kyvos Manager nodes to download the Kyvos bundle and Zookeeper. If the internet is not available, the Kyvos bundle and Zookeeper should be available on the Kyvos Manager node.
  12. Kyvos recommended autoscaling policy for Dataproc.
  13. Private Google Access must be enabled for the subnet that you will use for deploying Kyvos and Dataproc cluster.
  14. Kyvos recommend instance configuration:
    1. For BI Server, Kyvos Manager, and Query Engine nodes
      Series: N1
      Machine Type – N1 standard 8 (8 vCPU and 30 GB)
    2. Master and worker nodes of Dataproc cluster
      Master Node
      Series: N1
      Machine Type – n1-highmem-4 (4 vCPU and 26 GB)

      Worker Node
      Series: N1
      Machine Type: n1-highmem-8 (8 vCPU and 52 GB)

Creating service account from Google Cloud Console

  1. Click Roles > Create new role. Provide a name like Kyvos-role for storage service, and assign the following permissions.
    1. storage.buckets.get
    2. storage.buckets.list
    3. storage.objects.create
    4. storage.objects.delete
    5. storage.objects.get
    6. storage.objects.list
    7. storage.objects.update
    8. compute.instances.get
    9. compute.instances.start
    10. compute.instances.stop

  2. Go to IAM & Admin > Service Account. Create a service account for Kyvos.
  3. Click Edit to add roles in the service account and add the following roles.
    1. Kyvos-role (created in step 1)
    2. BigQuery data viewer
    3. BigQuery user
    4. Dataproc Worker

Installing Kyvos on GCP

To install the Kyvos Cluster in your GCP environment, you need to first create the resources for use in Kyvos deployment.

For this, can use any of the following methods:

  1. Automated resource creation using script: In this method, you can quickly create resources using an automated script.
  2. Manual resource creation: In this method, you need to perform the following steps:
    1. Create Instance for Kyvos BI Server, Query Engines, and Kyvos Manager
    2. Create Dataproc (compute cluster)

Once you have created the resources, Configure the Kyvos GCP cluster on Kyvos Manager.

Optionally, to enable TLS on your installation, make sure OpenSSL is available on Kyvos Manager and Kyvos BI server nodes.
You can install OpenSSL on Kyvos Manager and Kyvos BI server machines, using the following command:

yum install openssl
  • No labels