Skip to main content

Machine Configuration

When deploying Polaris through the Microsoft Azure and Google Cloud marketplace offers, you will be asked to perform some standard configuration for the underlying resoruces, like for example region, CPU and memory resources, networking, identity etc. We use the standard interface of the respective cloud provider for this configuration. For details, please refer to the section specific to your cloud provider below.

Google Cloud

For deployment on Google Cloud you need to provide the following configuration:

  • Deployment Service Account - the account that is used to dpeloy the infrastructure resources. You have the ability to create a new service account with all the required permissions or use an existing one.
  • Zone - the zone where the VM will be created. Please note the restictions
  • Machite Type - choose the machine type that fits your workload requirements. Please note the restrictions on the machine types that support Confidential Computing. We recommend using machines from the N2D family.
  • Boot Disk - choose based on the requirements of your workload
  • Networking - configure the network interface and VPC based on your requirements
  • Firewall - if you want the VM to be immediately accessible from the internet, you can configure the firewall rules. Alternatively, you can put the VM behind a load balancer or VPN.
info

Currently, the VM will use the default compute service account. This will be confiurable in future versions.

tip

If you need further configuration of the machine, please get in touch.

Deployment through Terraform

If you prefer to deploy Polaris using Terraform, you can choose to download the Terraform configuration files from the deployment page and integrate them into your environment. To do this please choose the option for "Command Line Deployment".

Azure

To deploy Polaris on Azure you first need to choose a plan. The plan determines the number of CPUs available for the client workload (the Polaris Proxy has separate infrastructure). You are able to choose between 1, 2 and 4 vCPUs for each container (see ACI restrictions). After that you can configure your managed application with the following parameters:

  • Subscription - the subscription where the resources will be created
  • Resource Group - the resource group where the resources will be created
  • Region - the region where the resources will be created
  • Memory - the amount of memory available for the client workload (see ACI restrictions)
  • Managed Identity - create a new managed identity or use an existing one
tip

If you need further configuration of the container or if you want to use Terraform for your deployment, please get in touch.