Getting started with Vespa Cloud Enclave in GCP

Vespa Cloud Enclave builds on top of some tooling that it is necessary to become familiar with before getting started. Terraform is especially important, and understanding the basics is necessary. Going through a tutorial for AWS will help.

In addition, please see our Terraform guidelines for how our modules should be deployed in a continually deployed and tested manner.

Getting started

Setting up Enclave in your account requires:

  1. Registration of the GCP project in Vespa Cloud
  2. Running a Terraform configuration to provision necessary GCP resources in the project
  3. Deployment of a Vespa application.

1. Onboarding

Contact stating which tenant should be on-boarded to use Vespa Cloud Enclaves. Also include the GCP Project ID to associate with the tenant.

Note: We strongly recommend dedicated accounts to use for your Vespa Cloud Enclaves. Resources in these accounts will be fully managed by Vespa Cloud.

2. Configure GCP Project

The same used in step one must be prepared for deploying Vespa applications. Use Terraform to set up the necessary resources using the modules published by the Vespa team.

A minimal example can be found in the GitHub repository.

If you are unfamiliar with Terraform: It is a tool to manage resources and their configuration in various cloud providers, like AWS and GCP. Terraform has published an GCP tutorial, and we strongly encourage Enclave users to read and follow the Terraform recommendations for CI/CD.

3. Deploy your Vespa application

By default all applications are deployed on resources in Vespa Cloud accounts. To deploy in your Enclave account, updatedeployment.xml to reference the account used in step 1.

<deployment version='1.0' cloud-account='gcp:a-project-id'>

Production deployments

When deploying to production zones in a tenant controlled GCP project, beware that system tests and staging tests can run in either in the tenant account or in Vespa Cloud’s account. If running tests in the tenant account is desirable, test and staging zones must also be provisioned in step 2 in the Onboarding guide.

See the multi-region example for details.