Azure Cloud Resources¶

Overview¶

Before installing the Privacera Manager software, the following Azure Cloud resources need to be created:

Prerequisite	Description
Azure Virtual Machine	A virtual machine to run the Privacera Manager software. Refer here for more details. For self-managed: Required. PrivaceraCloud Data plane: Required. PrivaceraCloud Data plane + Privacera Discovery: Required.
Azure AKS cluster	AKS cluster to run the Privacera software. Refer here for more details. For self-managed: Required. PrivaceraCloud Data plane: Required. PrivaceraCloud Data plane + Privacera Discovery: Required.
Azure Postgre SQL	Azure PostgreSQL server for the Privacera database. Refer here for more details. For self-managed: Required. PrivaceraCloud Data plane: Not Required. PrivaceraCloud Data plane + Privacera Discovery: Required.
Wildcard certificate and Key	A wildcard certificate for the domain name used for the Privacera service endpoints, along with the private key. Refer here for more details. For self-managed: Required. PrivaceraCloud Data plane: Required. PrivaceraCloud Data plane + Privacera Discovery: Required.

Appendix¶

Azure Virtual Machine for running Privacera Manager¶

Virtual Machine

Privacera Manager runs on a Virtual Machine that has access to the Kubernetes cluster and can create and manage cloud resources.

Tip

The Privacera Manager installation on this Virtual Machine will contain signed certificates necessary for subsequent upgrades. Therefore, it is recommended that this Virtual Machine is not deleted and is protected from termination. It is also strongly advised to backup the contents of the Privacera Manager folder on regular basis.

You don't need to run this Virtual Machine 24x7. You can stop the Virtual Machine when it is not in use.

Vitrual Machine configuration

The Vitrual Machine needs to be provisioned to run the Privacera Manager software. At a minimum, the instance should have the following specifications:

Ubuntu 20.04
Minimum 1 vCPUs
Minimum 4 GB RAM
Minimum 100 GB disk space
SELinux should be disabled

Following software should be installed on the virtual machine:

Packages

ssh, curl, tar, wget, gcc*,

Bash
sudo apt update
sudo apt install ssh curl tar wget gcc -y 

Openssl (v1.01, build 16 or later)

Bash
sudo apt install openssl -y
openssl version

Python3 (with python-devel*)

Text Only
1 2	`sudo apt install python3 python3-dev python3-pip python3-passlib -y python3 --version`

User account with sudo permissions

docker

Bash
sudo apt update -y 
sudo apt install docker.io -y 
sudo service docker start
sudo usermod -a -G docker azureuser

# log out and log back into the virtual machine to activate the new group
docker ps

kubectl

Follow the instructions on this link.

helm

Follow the instructions on this link.

Bash
curl -fsSL -o get_helm.sh \
  https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
chmod 700 get_helm.sh
./get_helm.sh

Azure AKS cluster for running Privacera Software¶

Azure AKS

Azure AKS cluster with the following specifications:

Kubernetes version - For supported version check Privacera release notes
Node type - D4s v3 or similar
Auto-scaling node group - min 3 to max 10 nodes

Azure PostgreSQL Server¶

Azure PostgreSQL Server

Azure PostgreSQL Server with the following specifications:

PostgreSQL Server.

create privacera_db as the database by following these commands

SQL
create database privacera_db character set latin1 collate latin1_swedish_ci;

Wildcard certificate and Private Key¶

Wildcard certificate and Private Key

A wildcard certificate for the domain name used for the Privacera service endpoints, along with the private key. This should one of these:

Wild-card certificate. The certificate requirements are given in TLS Certificate.
Certificate with specific host names generated by Privacera Manager
Certificate with specific host names generated by you for the service endpoints.

Prev Prerequisites
Next Setup