Vespa Cloud Enclave builds on top of some tooling that it is necessary to become familiar with before getting started. Terraform is especially important, and understanding the basics is necessary.
Setting up Enclave in your account requires:
Contact support@vespa.ai stating which tenant should be on-boarded to use Vespa Cloud Enclave. Also include the GCP Project ID to associate with the tenant.
Note: We strongly recommend dedicated projects to use for your Vespa Cloud Enclaves. Resources in these accounts will be fully managed by Vespa Cloud.
The same project used in step one must be prepared for deploying Vespa applications. Use Terraform to set up the necessary resources using the modules published by the Vespa team.
Modify the multi-region example for your deployment.
If you are unfamiliar with Terraform: It is a tool to manage resources and their configuration in various cloud providers, like AWS and GCP. Terraform has published a GCP tutorial, and we strongly encourage Enclave users to read and follow the Terraform recommendations for CI/CD.
By default, all applications are deployed on resources in Vespa Cloud accounts. To deploy in your Enclave account, update deployment.xml to reference the account used in step 1:
<deployment version="1.0" cloud-account="gcp:a-project-id">
<dev />
</deployment>
After a successful deployment to the dev environment, iterate on the configuration to implement your application on Vespa. The dev environment is ideal for this, with rapid deployment cycles.
For production serving, deploy to the prod environment - follow the steps in production deployment.
Identities restricted by domain: If your GCP organization is using domain restriction for identities you will need to permit Vespa.ai GCP identities to be added to your project. For Vespa Cloud the organization ID to allow identities from is: 1056130768533, and the Google Customer ID is C00u32w3e.