...
Access the Kyvos Installer using the URL and credentials provided by the Kyvos Support Team or use the default credentials admin | admin. If you do not have the URL, click here to contact support.
To create resources for installing Kyvos services like BI Server and Query Engine on the Azure environment, select the I want to create resources option on the Kyvos Installer page.
Click Create Resources. This displays the Create Resources wizard.
Here, select the services for which you want to create resources and provide information as:
NOTE: Resources will be created only for selected services. If you have pre-created resources for any of the services, you can uncheck them and configure them while installing Kyvos.
Panel | ||||||
---|---|---|---|---|---|---|
| ||||||
Note Function Deployment will always be created with the cluster resources being created to enable scheduling feature in the cluster. |
...
Parameter/Field | Remarks/Description |
---|---|
Create VNET | Select this checkbox to create a new virtual network with the deployment. |
Create Security Group | Select this checkbox to create a new Network Security Group with the deployment. |
Virtual machine(s) for BI Server | You cannot clear this check box. Here define:
|
Virtual machine(s) for Query Engine | Select this option to create virtual machines for Kyvos query engines, and define:
|
Web portal high availability | Select to enable Kyvos web portal high availability.
|
Virtual machine for Kyvos Manager |
Clear this option |
NOTE: This option will be displayed only in the case of automated deployment.
When using a multi-tenant environment, you can use the Deploy as Tenant checkbox to define a tenant instance for Kyvos Manager. Enable this option to deploy the cluster as a tenant. If enabled, you will see an input for the Management Console URL in the Template parameters, which manages all the tenants.
Select any one of the following Repository:
Bundled Postgres : To select bundled Postgres as aif you create stack for the wizard-based deployment. | |
External Repository for Kyvos | Select to create a PostgreSQL-based repository using Azure. Otherwise, the pre-bundled PostgreSQL-based Kyvos repository will be used.
|
|
|
Create Storage Account | Select |
Select any one of the following Repository:
Bundled Postgres : To select bundled Postgres as a repository for Kyvos Manager.
Create New Azure Postgres : To create a new external Azure Postgres repository for Kyvos Manager.
Use Existing Azure Postgres : To use the existing external Azure Postgres repository for Kyvos Manager.
Create Storage Account
Select this option to create ABFS Account and Container for storing Kyvos output, and define:
Storage Name Prefix
Container Name Prefix
Enhance Storage Account High Availability
this option to create ABFS Account and Container for storing Kyvos output, and define:
| |
Compute Cluster | Select the Kyvos Native option from the list. |
Kyvos Native Type | Select one of the following options from the list.
NOTE: A new Kubernetes cluster will be used as a compute server to process semantic models. |
Enhance Storage Account High Availability | Select this checkbox to create Zone-Redundant Storage (ZRS). |
Kyvos |
Select this checkbox if your Kyvos cluster nodes and Databricks cluster are either in the same network or shared using VPC peering.
NOTE: If this checkbox is not selected, an API gateway method will be created and used for communication between the Databricks cluster and Kyvos BI Server.
Kyvos Cluster Deployment with Load Balancer
Cluster Deployment with Load Balancer | The checkbox is selected by default if Web Portal high availability is enabled, or if a non-peered network exists between Kyvos and Databricks, the Kyvos cluster will be deployed with a load balancer. NOTE: If Web Portal high availability is not enabled, or if a peered network exists between Kyvos and Databricks, the Kyvos cluster will not be deployed with a load balancer. |
In this case, the checkbox is selected, but you can also clear it as per the requirement. | |
Use Custom Image | Select this option to use a custom image of your environment for deploying the Kyvos cluster. Custom images can be used to bootstrap deployment tasks like preloading applications, application configurations, and other configurations. NOTE:
|
Deploy with Enhanced Security | Enhanced security enables advanced security for Storage Accounts, Key Vaults, and Virtual machines. |
Credit based deployment | Select this option if you want to use credit-based licensing and your environment does not have pre-created credit information-related resources. |
Databricks Authentication
Select the authentication type for the Databricks cluster from:
AAD Token Using Managed Identity: This option is supported only with premium workspace.
Personal Access Token
NOTE: Post deployment of the cluster, you can change the Databricks Authentication type from the Databricks page on Kyvos Manager.
W hen switching from AAD to PAT, you need to provide personal access token, which is saved as a secret in your Azure Key Vault and is read from there for authentication purposes. For this:
Go to Key Vault Secret.
Add KYVOS -DATABRICKS-SERVICE-TOKEN-DefaultHadoopCluster01 and provide DB token value and click Save.
When switching from AAD to PAT, you need to Configure Managed Identity in Azure Databricks .
Release Type Preferences
Select Kyvos Release as General Availability (GA) and Alpha.
...
Review all the settings, and click the BACK button if you want to make any changes.
Release Type Preferences | Select Kyvos Release as General Availability (GA) and Alpha. |
Click Next. The Review and Download Template dialog box is displayed with details of all the settings that you selected.
Review all the settings, and click the BACK button if you want to make any changes.
Panel | ||||||
---|---|---|---|---|---|---|
| ||||||
Note Function Deployment will always be created with the cluster resources being created to enable scheduling feature in the cluster. |
To continue, click the Download Template button to download the Azure resources template.
Click the Open Azure Resource Manager link to access the Azure portal to upload this template to your Azure environment to create resources.
Sign in to your Azure account having requisite permissions, as mentioned in the prerequisites.
On the Custom Deployment page, click the Process your own template in the editor option.
On the Edit Template page, click Load File, and upload your template. The Template is loaded.
Click Save.
The Deployment page is loaded with parameters required for deployment.
Fields marked * are mandatory.
Parameter | Description |
---|---|
Subscription* | Your account subscription. |
Resource Group* | Enter the name of your resource group. The resource group is a collection of resources that share the same lifecycle, permissions, and policies. |
Databricks Virtual Network Name
Enter the name of the Databricks Virtual Network to be used.
NOTE: This field is displayed only if you had selected the Deploy with Enhanced Security checkbox at the time of creating the template.
Databricks Private Subnet Name
Enter the name of the Private Subnet in which Databricks VMs will be running. The Subnet should be part of the above Virtual Network.
NOTE: This field is displayed only if you had selected the Deploy with Enhanced Security checkbox at the time of creating the template.
Databricks Public Subnet Name
Enter the name of the Public Subnet in which Databricks VMs will be running. The Subnet should be part of the above Virtual Network.
NOTE: This field is displayed only if you had selected the Deploy with Enhanced Security checkbox at the time of creating the template.
Databricks Network Resource Group Name
Enter the name of the Resource Group in which Databricks Virtual Network and Subnet are deployed.
NOTE: This field is displayed only if you had selected the Deploy with Enhanced Security checkbox at the time of creating the template.
Azure Postgres Server Sku Tier
Azure Database for PostgreSQL pricing tier.
SSH public key source
Select the required option from the SSH public key source list.
NOTE: If you select the Use Existing public key option from the list, the SSH Public Key field is displayed.
SSH Private Key*
Provide the RSA private key in the single-line format.
Kyvos Cluster Name
Provide a name for your Kyvos cluster.
Kyvos Installation Path
Provide the installation path to be used for deploying the Kyvos cluster.
Databricks URL*
Provide the URL in <https://<account>.cloud.databricks.com> format.
Databricks Cluster Id*
Enter the ID of the cluster you created.
To obtain this ID, click the Cluster Name on the Clusters page in Databricks. The page URL shows <https://<databricks-instance>/#/settings/clusters/<cluster-id>.
Databricks Cluster Organization ID*
Enter the Cluster Organization ID of your Azure cluster. To obtain this ID, click the Cluster Name on the Clusters page in Databricks.
The number after o= in the workspace URL is the organization ID. For example, if the workspace URL is https://westus.azuredatabricks.net/?o=7692xxxxxxxx, then the organization ID is 7692xxxxxxxx.
Postgres Password*
Provide the value of the password used for Postgres
License File Value*
Enter a valid Kyvos License.
Secret Key For Kyvos Bundle Download*
Enter the Secret key to access the Kyvos bundle.
Enable Public IP
Select True to enable Public IP for the Kyvos Web portal.
Dns Label Prefix
Virtual Network Name* |
Azure region that's right for you and your customers. Not every resource is available in every region.
vnetAddress
Enter the CIDR notation for the new VPC that will be created in the deployment.
NOTE: This option is displayed only when the CreateVPC option is selected.
If a new VPC is created and you have enabled WebPortal HA (from the Kyvos Manager), then you must perform the post deployment steps after deploying the cluster.
NetworkSecurityGroupIpWhiteList
Provide the range of IP addresses allowed to access Kyvos Instances. Use 0.0.0.0/0 to allow all users access.
NOTE: This parameter is displayed only when a new network security group is created within the deployment.
Virtual Network Name*
Name of Virtual Network in which your VMs will run.
App Service Plan Name
Name of the service plan which is being used for the deployment. If left blank it will be created automatically.
NOTE: This field is displayed only if you had selected the Deploy with Enhanced Security checkbox at the time of creating the template.
VM Subnet Name*
Name of Subnet in which your VMs will run. This Subnet should be part of the above Virtual Network.
ApplicationGatewaySubnetName *
Name of the Subnet in which Application Gateway will be created. The Subnet should be part of the above Virtual Network.
NOTE: This parameter will display only if an existing VPC is used for deployment.
Azure Function Subnet Name*
Name of the Subnet in which Azure Functions will be running. The Subnet should be part of the above Virtual Network. A separate subnet is required for Azure Functions with a delegation to Microsoft.Web/serverFarms.
NOTE: This field is displayed only if you had selected the Deploy with Enhanced Security checkbox at the time of creating the template.
Virtual Network Resource Group Name*
Name of Resource Group in which Virtual Network and Subnet are deployed.
Security Group Name*
Name of the Security group that can be used to access the VMs.
Security Group Resource Group Name*
Name of the Resource Group in which the Security Group is deployed.
Network Resource Group Name*
Name of the Resource Group in which the Virtual Network, Subnet, and Security Group are deployed.
Enable Managed Identity Creation
Select True to create a new managed identity for Kyvos.
Select False to use an already existing managed identity.
Managed Identity Name*
Enter the name of the User-Managed Identity to be attached to all Kyvos VMs.
Managed Identity Resource Group Name
Name of the Resource Group in which Managed Identity is deployed.
Gallery Resource Group Name*
Name of Resource Group in which Gallery resides.NOTE: This field is displayed only if you selected the Use Custom Image checkbox when creating the template.
Gallery Subscription ID
Subscription ID in which Gallery resides.
NOTE: This field is displayed only if you selected the Use Custom Image checkbox when creating the template.
Gallery Name*
Name of the Shared Image Gallery.
An Azure image gallery is a repository for managing and sharing custom images. An image source can be an existing Azure VM.
NOTE: This field is displayed only if you selected the Use Custom Image checkbox when creating the template.
Gallery Image Definition Name*
Name of the Image Definition.
Image definitions are created within a gallery and carry information about the image and requirements for using it internally. This includes whether the image is Windows or Linux, release notes, and minimum and maximum memory requirements. It is a definition of a type of image.
NOTE: This field is displayed only if you selected the Use Custom Image checkbox when creating the template.
Gallery Image Version Name*
Name of the Image Version - should follow <MajorVersion>.<MinorVersion>.<Patch>.
NOTE: This field is displayed only if you selected the Use Custom Image checkbox when creating the template.
Databricks Token*
Enter the value of the token used to connect to Databricks Cluster.
Databricks Authentication
Shows the authentication type selected while creating the template from Kyvos Manager.
NOTE: If you selected the Personal Access Token option while creating the template from Kyvos Manager, you must provide the Databricks Token. For AAD, it is not required.
Kyvos Work Directory
Enter the path for the Kyvos work directory.
SSH Public Key*
Provide an RSA public key in the single-line format (starting with "ssh-rsa") or the multi-line PEM format.
You can generate SSH keys using ssh-keygen on Linux and OS X, or PuTTYGen on Windows.
Additional Tags
Enter the additional tags to put on all resources.
Use the syntax as: {"Key1": "Value1", "Key2" : "Value2"}
Storage Account Name
Enter the name of the Storage Account to be used for Kyvos.
Storage Account Container Name
Enter the name of the Container in the Storage Account which will be used for Kyvos.
CustomPrefixVirtualMachines
Enter a custom prefix that you want to append before the name of the virtual machines to be used for Kyvos.
CustomPrefixVPC
Enter the custom prefix you want to append before the name of VPC in case a new VPC is created for use with Kyvos.
CustomPrefixNSG
Enter the custom prefix you want to append before the name of the Network Security Group in case a new group is created for use with Kyvos.
CustomPrefixKeyVault
Enter the custom prefix you want to append before the name of Key Vault in case a new Key Vault is created for use with Kyvos.
CustomPrefixScaleSet
Enter the custom prefix you want to append before the name of Scaleset that will be created for use with Kyvos.
Vault URL
Provide the URL for your existing Azure Key vault. If the Key Vault is not provided, Kyvos will create a new Key Vault named kyvosvault<XXXXX>. Here, XXXXX is a unique five-digit identity generated as a suffix to the Kyvos vault.
Vault Resource Group
Name of Resource group in which the Key Vault is deployed.
Boot Diagnostics Storage Account Resource ID
Resource ID of a storage account of type gen1 for enabling Boot Diagnostics of VMs. If left blank Storage Account of type gen1 will be created.
Log Analytics Workspace Name
Name of Log Analytics Workspace. Leave blank if you don't wish to enable the Log Analytics agent for VMs.
NOTE: This field is displayed only if you had selected the Deploy with Enhanced Security checkbox at the time of creating the template.
Log Analytics Resource Group
NOTE: This field is displayed only if you had selected the Deploy with Enhanced Security checkbox at the time of creating the template.
Firewall Ip White List
Provide a comma-separated list of the IP rules to be set for the Key Vault and Azure Storage Account.
NOTE: This field is displayed only if you had selected the Deploy with Enhanced Security checkbox at the time of creating the template.
Azure Function Crontab
Crontab entry to call Azure functions for use with cluster scheduling.
Default value: [utcNow('u')]
Storage Account Resource Group
Enter the name of the Resource Group in which the Storage Account is deployed.
Object Id of Service Principal*
The Object ID assigned to the Service principal. This maps to the ID inside the Active Directory.
Databricks Vpc Type*
CustomerManagedVnet: Select this option to allow Network ACLs of the storage account to include Databricks and Kyvos V-net as whitelisted in it.
DatabricksManagedVnet: Select this option to disable Network ACLs for the storage accounts. In this case, the Databricks managed VNET will be used.
NOTE: This option is displayed only if you selected the Deploy with Enhanced Security option at the time of creating the template from the Kyvos Manager.
Name of Virtual Network in which your VMs will run. | |
VM Subnet Name* | Name of Subnet in which your VMs will run. This Subnet should be part of the above Virtual Network. |
ApplicationGatewaySubnetName * | Name of the Subnet in which Application Gateway will be created. The Subnet should be part of the above Virtual Network. NOTE: This parameter will display only if an existing VPC is used for deployment. |
Flexible Server Subnet Name | Name of the Subnet in which Flexible Server will be created. The Subnet should be a part of above Virtual Network. |
Virtual Network Resource Group Name* | Name of Resource Group in which Virtual Network and Subnet are deployed. |
Security Group Name* | Name of the Security group that can be used to access the VMs. |
Security Group Resource Group Name* | Name of the Resource Group in which the Security Group is deployed. |
Enable Managed Identity Creation | Select True to create a new managed identity for Kyvos. |
Managed Identity Name* | Enter the name of the User-Managed Identity to be attached to all Kyvos VMs. |
Managed Identity Resource Group Name | Name of the Resource Group in which Managed Identity is deployed. |
Kyvos Work Directory | Enter the path for the Kyvos work directory. |
SSH Public Key* | Provide an RSA public key in the single-line format (starting with "ssh-rsa") or the multi-line PEM format. |
Additional Tags | Enter the additional tags to put on all resources. |
Storage Account Name | Enter the name of the Storage Account to be used for Kyvos. |
Storage Account Container Name | Enter the name of the Container in the Storage Account which will be used for Kyvos. |
CustomPrefixVirtualMachines | Enter a custom prefix that you want to append before the name of the virtual machines to be used for Kyvos. |
CustomPrefixVPC | Enter the custom prefix you want to append before the name of VPC in case a new VPC is created for use with Kyvos. |
CustomPrefixNSG | Enter the custom prefix you want to append before the name of the Network Security Group in case a new group is created for use with Kyvos. |
CustomPrefixKeyVault | Enter the custom prefix you want to append before the name of Key Vault in case a new Key Vault is created for use with Kyvos. |
CustomPrefixScaleSet | Enter the custom prefix you want to append before the name of Scaleset that will be created for use with Kyvos. |
Vault URL | Provide the URL for your existing Azure Key vault. If the Key Vault is not provided, Kyvos will create a new Key Vault named kyvosvault<XXXXX>. Here, XXXXX is a unique five-digit identity generated as a suffix to the Kyvos vault. |
Vault Resource Group | Name of Resource group in which the Key Vault is deployed. |
Log Analytics Workspace Resource ID | Resource ID of the existing Log Analytics Workspace. NOTE: If you want to create a new Log Analytics Workspace, leave the value blank. |
Azure Function Crontab | Crontab entry to call Azure functions for use with cluster scheduling. Default value: [utcNow('u')] |
Custom Prefix Scale Set | Enter the prefix to be append before Scale Set. The name can be up to 60 characters long. It must begin with a word character, and it must end with a word character. |
Storage Account Resource Group | Enter the name of the Resource Group in which the Storage Account is deployed. |
Virtual Machine Type for Kyvos Postgres | Virtual Machine Type which will be launched |
Enable HA For Kyvos Postgres | Enable High Availability for Kyvos PostgreSQL pricing tier. |
Backup Retention for Kyvos Postgres | Number of days the backup should be kept for Kyvos PostgreSQL. The value can be between 7 to 35. |
SSH Private Key* | Provide the RSA private key in the single-line format. |
Kyvos Cluster Name | Provide a name for your Kyvos cluster. |
Kyvos Installation Path
| Provide the installation path to be used for deploying the Kyvos cluster. |
Postgres Password* | Provide the value of the password used for Postgres |
License File Value* | Enter a valid Kyvos License. |
Secret Key For Kyvos Bundle Download* | Enter the Secret key to access the Kyvos bundle. |
Firewall Ip White List | Provide a comma-separated list of the IP rules to be set for the Key Vault and Azure Storage Account. |
Dns Label Prefix | Unique DNS Name for the Public IP used to access the Virtual Machine. |
Perform Env Validation | Select True to perform environment validation before cluster deployment to ensure all the resources are created correctly. |
Host Name Based Deployment | Select True to use hostnames instead of IP Addresses for instances during cluster deployment. |
Worker Instance Type | Enter Worker Instance Type |
Min Pod Count | Enter required number of Pod count. |
Max Worker Node Count | Enter maximum number of worker nodes. |
Private Dns Zone Resource ID | Resource ID of existing Private DNS Zone which will be used with Flexible Server. If you want to create new Private DNS Zone, leave the value blank. |
Object Id of Service Principal* | The Object ID assigned to the Service principal. This maps to the ID inside the Active Directory. |
Azure Postgres Server Sku Tier | Azure Database for PostgreSQL pricing tier. |
SSH public key source | Select the required option from the SSH public key source list. |
Enable Public IP | Select True to enable Public IP for the Kyvos Web portal. |
Type of Public IP | Type of Public IP address for Kyvos Web portal from Dynamic or Static |
Host Name Based Deployment
Select True to use hostnames instead of IP Addresses for instances during cluster deployment.
Perform Env Validation
. |
Click Review + Create .
The system validates your inputs and displays a summary of the provided inputs. To continue with deployment, click Create.
This creates all the resources and services required for deploying the Kyvos cluster.