Skip to main content
Version: User Guides (BYOC)

Bootstrap Infrastructure (Terraform)
Private Preview

This page demonstrates how to use Terraform to bootstrap the infrastructure for a Zilliz Cloud BYOC project, including creating an S3 bucket, all related roles, and a qualified VPC.

📘Notes

To run the Terraform script, you need to have Terraform and AWS CLI installed on your computer and an AWS account with associated credentials that allow you to create VPCs.

Clone the script repository​

In this step, you will use the following command to clone and pull the script repository.

$ git clone https://github.com/zilliztech/zilliz-byoc-prepare.git

Prepare the credentials​

In this step, you are going to edit the terraform.tfvars.json file located within client_init folder.

$ cd byoc-prepare
$ vi terraform.tfvars.json

The file is similar to the following:

{
  "aws_region": "us-west-2",
  "vpc_cidr": "10.0.0.0/16",
  "name": "test-byoc-lcf",
  "ExternalId": "cid-xxxxxxxxxxxxxxxxxxxxxxxxx"
}

Variable

Description

aws_region

The cloud region in which you will deploy Zilliz BYOC.

Currently, you can deploy your BYOC project in us-west-2. If you need to deploy your BYOC project in other cloud regions, please contact us by sending email to support@zilliz.com.

vpc_cidr

The CIDR blocks to be allocated within the customer-managed VPC. For example, 10.0.0.0/16.

name

The name of the BYOC project to create.

Please align the value with the one you have entered in the form below.

VQ3NbcrKDoC6faxIOGRc6RvGn4e

ExternalId

The External ID of the BYOC project to create. You can get this value from Zilliz Cloud console.

USjXbCTLBoMsfDxiMNDc0okbnIe

Bootstrap infrastructure​

Once you have prepared the credentials described above, bootstrap the infrastructure for the project as follows:

  1. Run terraform init to prepare the env.

  2. Run terraform plan if there are any errors, fix them, and then run the command again.

  3. Run terraform apply to create the VPC.

    The result might be similar to the following:

    bootstrap_role_arn = "arn:aws:iam::xxxxxxxxxxxx:role/zilliz-byoc-boostrap-role"
    bucket_name = "zilliz-byoc-bucket"
    eks-role-arn = "arn:aws:iam::xxxxxxxxxxxx:role/zilliz-byoc-eks-role"
    external_id = "cid-xxxxxxxxxxxxxxxxxxxxxxxxx"
    security_group_id = "sg-xxxxxxxxxxxxxxxxx"
    storage_role_arn = "arn:aws:iam::xxxxxxxxxxxx:role/zilliz-byoc-storage-role"
    subnet_id = [
      "subnet-xxxxxxxxxxxxxxxxx",
      "subnet-xxxxxxxxxxxxxxxxx",
      "subnet-xxxxxxxxxxxxxxxxx",
    ]
    vpc_id = "vpc-xxxxxxxxxxxxxxxxx"

  4. Collect the following information and fill it in the form on the Zilliz Cloud console.

    Parameter

    Value from

    Storage settings

    Bucket name

    Use the value of the bucket_name variable in the command output.

    Zilliz Cloud uses the bucket as data plane storage.

    IAM role ARN

    Use the value of the storage_role_arn variable in the command output.

    By assuming the role, Zilliz Cloud can access the above bucket on your behalf.

    EKS settings

    IAM role ARN

    Use the value of the eks_role_arn variable in the command output.

    By assuming the role, Zilliz Cloud can create and manage the EKS cluster on your behalf.

    Cross-account settings

    IAM role ARN

    Use the value of the cross_account_role_arn variable in the command output.

    By assuming the role, Zilliz Cloud can provision the data plane on your behalf.

    Network settings

    VPC ID

    Use the value in the vpc_id in the command output.

    Zilliz Cloud provisions the data plane and clusters of the BYOC project in this VPC.

    Subnets

    Use the values of the subnet_id variable in the command output.

    Zilliz Cloud requires a public subnet and three private subnets and deploys the NAT gateway in the public subnet to route the network traffic of the private subnets in each availability zone.

    You need to concatenate the three subnet IDs with commas as in subnet_xxxxxxxxxxxxxxxxx,subnet_xxxxxxxxxxxxxxxxx,subnet_xxxxxxxxxxxxxxxxx.