Prerequisites
Before you deploy Unity Virtual Private Cloud to Amazon Web Services
Read time 2 minutesLast updated 6 days ago
Access to Amazon Web Services
Ensure that you have the following access to Amazon Web Services (AWS):- An AWS account
- A role with sufficient permissions to create and manage resources
Tooling
Ensure that you have this tooling:- Access to a terminal, and basic knowledge of the command line
-
One of these tools if you use Microsoft Windows:
- Windows Subsystem for Linux (WSL)
- Git for Windows
- AWS Command Line Interface (CLI), to set up a Terraform backend
- Helm, to install helm charts
- GNU Make, to run various convenience targets
- ORAS CLI, to download the required scripts and packaging
- Terraform, to provision cloud resources
- yq, to generate helm values
- jq, to read .json configuration
Networking
You must have Amazon Virtual Private Cloud (Amazon VPC). These practices are recommended:- To ensure that public exposure is restricted, provide a VPC with private subnets to the deployment configuration.
- Avoid using the default VPC, because you run the risk of exposing services to the internet through misconfigured security groups.
System requirements
Ensure that you have these elements:- A UVCS server with which the Kubernetes cluster can communicate, to store all asset data
- A valid hostname that can be updated to point to the IP of the Load Balancer
- A valid PixyzSDK license to run transformations on assets
Kubernetes
The deployment requires a Kubernetes cluster. We recommend that you use Kubernetes version 1.30. Newer versions are likely compatible but we haven't extensively tested them. Choose whether to deploy Virtual Private Cloud to a new cluster or to an existing cluster:- For a new cluster, the installation process can also deploy all the required dependencies.
- For an existing cluster, ensure that you already have all the required dependencies.
Dependencies
These third-party dependencies are required:- External Secrets Operator, to access and sync cloud-native secrets into the cluster
- Kubernetes Autoscaler, or a comparable node autoscaler, to automatically scale workloads up and down
- Argo Workflows, to enable transformations and 3D streaming
Namespaces
Services come preconfigured for use within a single Kubernetes namespace. You configure the target namespace when configuring deployment.Network policies
During deployment to an existing cluster, you may need to control the flow of network traffic by using network policies. You can deploy most Kubernetes resources in a single namespace, which you can you use to scope network isolation from other services that run in your cluster.Service meshes
We recommend that you don't use service meshes, such as Istio, because they can cause network issues and performance issues. If you are running a cluster-wide service mesh, we recommend that you disable it on the namespace where you have deployed the system.Regions
Virtual Private Cloud supports these regions:- ap-south-1
- ap-south-2
- ap-southeast-1
- ap-southeast-2
- ca-central-1
- eu-central-1
- eu-northeast-1
- eu-south-1
- eu-west-1
- eu-west-2
- eu-west-3
- sa-east-1
- us-east-1
- us-east-2
- us-west-1
- us-west-2
- aws_db_instance_postgres_instance_type
- aws_eks_node_group_instance_types
- aws_ec2_mongo_instance_type
- aws_ec2_flexlm_instance_type