Setup BYOC with AWS
BYOC is our recommended setup option, in which our platform's infrastructure is installed in a cloud environment owned by your organization, allowing you to delegate its entire setup, update, and maintenance to groundcover.
To install groundcover BYOC, sign up to groundcover Console and start the installation process.
Installation steps
BYOC requires to create an isolated account within your AWS organization, that will be managed by groundcover's control plane and will establish, configure, and maintain the infrastructure and workloads within the account. These include AWS VPC, S3, EKS, LB, etc.
groundcover BYOC can be deployed using one the following configurations:
In line with AWS’s recommended unit of containerization, the default and preferable option is to deploy in a dedicated AWS account. This acts as an identity, resources, quota and access management isolation boundary.
Option A: Creating a new, dedicated sub-account
We recommend naming the account [groundcover-byoc] and placing the account in OU=Infrastructure/OU=Managed. For additional information please see Establishing your best practice AWS environment (external link to a page on the AWS website).
Option B: Use an existing AWS account
If you prefer using a single account approach, BYOC can also be deployed into an existing account, running alongside existing production workloads in your existing AWS account. To limit access and prevent resource collusion, we implement a “scoping territory” approach using ABAC tags for access control and VPC subnets for network control.
Once the account is ready, start the installation process through the Console. The entire process should run for about 20-30 minutes. Upon completion, you will see a Go to App button that will lead you to your dedicated workspace.
Troubleshooting
There are 2 types of potential problems you may encounter in the installation process:
Validation issues - before kicking off the installation process, groundcover will verify that the provided role has the correct permissions. In case of validation issues, please expand the relevant section and address the validation issue. After the issue is fixed, click on Validate again to ensure all the permissions were granted properly.
Deployment issues - once the installation process has started, we may encounter issues while attempting to install one or more components. These issues will appear in the backends main screen. If the issues persist, reach out to our team.
Add monitoring to your environment
Once groundcover backend is deployed, the final step is to add data sources to monitor your environment, such as deploying our sensors to monitor your clusters or add cloud providers. To do so, go to the data sources page and select the relevant data sources for your needs.
Last updated