On-Premise Requirements

Cluster and Server Requirements

• Kubernetes v1.23+ (Important: Recommend containerd runtime)

• Namespaces for Arize Deployment

• Storage - 2x storage buckets

• Credentials for Platform to Read/Write Storage

In the case of a Proof of Concept (POC) deployment our team recommends a minimum of 5 nodes, each with at least:

• 8 CPU

• 64Gi of Ram

Sizing is based on your expected volume, access patterns, and expected shape of data, please reach out to our team to discuss the best cluster sizing for your needs.

Cloud Storage Options

The distribution includes deployment manifests for running a blob storage implementation with one of the three major clouds:

• Google Cloud Storage

• Amazon S3

• Azure Storage

Examples of Blob Storage Credentials:

Amazon S3

[profile default]
region=us-east-1
...

[default]
aws_access_key_id=ACCESS_KEY
aws_secret_access_key=SECRET_KEY_123
...

    annotations:
      eks.amazonaws.com/role-arn: '<AWS_IAM_ROLE_FOR_SERVICE_ACCOUNT>'

Google Cloud

service-account.json

{
  "type": "service_account",
  "project_id": "<<PROJECT ID>>",
  "private_key_id": "<<PRIVATE KEY ID>>",
  "private_key": "<<PRIVATE KEY>>",
  ...
}

Azure

azurePrincipalId: <id>
azurePrincipalPassword: <id>
azureStorageAccountName: <id>
azureStorageAccountKey: <id>

Permissions

The person running the installation is assumed to have administrator privileges on the cluster.

• kubectl and helm installed and configured for a user to create Workloads, ClusterRoles, and ClusterRoleBindings

• permissions to create storage buckets, service accounts, and modify IAM roles

Firewall Configuration

Ingress

• TCP port 443 for the application

• TCP port 443 for record receivers

Egress

NAT access to docker registry ch.hub.arize.com. Alternatively, you can mirror images on your private container images registry such as ECR, GCR, ACR, Artifactory, etc.

SMTP

Egress to an SMTP server with email send permissions is required for full platform functionality.