Questionnaire: Deploying in a Customer-Controlled Region—Common Questions
The following questions are part of the Questionnaire for Deploying PubSub+ Cloud in a Customer-Controlled Region. These questions are common to all deployment types. Once completed, proceed to answer the questions for the specific Kubernetes implementation you are deploying to PubSub+ Cloud to. If you intend to use multiple implementations, you must complete a questionnaire for each Kubernetes implementation:
- Amazon Elastic Kubernetes Service Questions
- Google Kubernetes Engine Questions
- Azure Kubernetes Service Questions
- Alibaba Cloud Container Service for Kubernetes Questions
- Huawei Cloud Container Engine Questions
- On-Premises Questions
The entire questionnaire can be downloaded as a PDF, including the common questions, and the Kuberenetes implementation specific questions, by clicking the button below and selecting the Kubernetes deployment type:
It can also be downloaded as an Excel spreadsheet, including the common questions, and the Kuberenetes implementation specific questions, by clicking the button below:
This section contains questions about the following common deployment factors:
Cluster
You must answer the following questions about your cluster.
Question | Possible Answers | How Solace Uses This Information | Links to Related Documentation |
---|---|---|---|
Do you have an existing cluster (or a defined specification for a new cluster), or do you require an architecture example to start from? |
I have an existing cluster (or clusters) or intend to create new clusters based on existing specification. I would like a best practice architecture example to start from. |
Solace's best practices documentation provides descriptions of how best to label and taint worker nodes with the correct resource requirements for the service classes that are supported in PubSub+ Cloud. If you have an existing cluster, you can use our best practices documentation to understand how to modify your cluster, and how to provide Solace with the node selectors and tolerations we need to deploy event broker services in your cluster. Solace provide You can download the reference Terraform projects from Beware that all sample scripts, Terraform modules, and examples are provided as-is. You can modify the files as required and are responsible for maintaining the modified files for your Kubernetes cluster. |
Support for nodeSelector, Labels, Taints, and Tolerations General Resource Requirements for Kubernetes and Default Port Configuration |
Will the cluster be used exclusively for PubSub+ Cloud or will it be shared with other applications or workloads? |
Exclusive Shared |
Providing this information allows Solace to understand the architecture of your cluster so we can better suggest changes that may help the operation of PubSub+ Cloud in your cluster. |
Deployment Architecture for Kubernetes General Resource Requirements for Kubernetes and Default Port Configuration |
Is the Kubernetes version of your cluster supported by PubSub+ Cloud? |
Yes No |
Only supported Kubernetes versions are tested and guaranteed to work with PubSub+ Cloud. If you use a different implementation of Kubernetes, contact Solace to find out how we can support your deployment. |
|
What is the cluster domain for your Kubernetes cluster? |
This is typically |
||
Are there any custom node selectors or tolerations required to successfully schedule the Mission Control Agent or event broker service pods? If so, what are they? |
If it varies from our best practices, Solace requires this information to ensure that the event broker service pods are scheduled successfully. |
||
Are there any custom labels that must be applied to the Mission Control Agent or event broker service pods? If so, what are they? |
Solace supports only fixed labels that can be applied to the Mission Control Agent or event broker services. We don't support dynamic labels. |
||
What geographic locations will the clusters reside in? For clusters in the cloud, provide a list of regions. For on-premises clusters provide a list of countries or regions. |
PubSub+ Cloud produces diagnostic logs that are pushed to an AWS S3 bucket for use by Solace. We use S3 buckets that are geographically close to the deployment to optimize retrieval. |
||
Does your cluster have any Pod Security Policies? Do you use a Policy Controller (for example, Gatekeeper) to enforce security in your cluster? If so, do any of these policies affect the operation of PubSub+ Cloud in your cluster? |
Policy controllers like Gatekeeper can enforce security policies in a cluster, such as required labels, a restricted set of container registry images, and so on. In most cases, PubSub+ Cloud can be configured to meet these requirements. |
||
Does your cluster enforce resource quotas? Have these quotas been updated to support the number of event broker services you expect to create in your cluster? |
Your cluster must have sufficient resource to successfully create event broker service. |
General Resource Requirements for Kubernetes and Default Port Configuration |
Operational Connectivity
You must answer the following questions about yourOperational Connectivity.
Question | Possible Answers | How Solace Uses This Information | Links to Related Documentation |
---|---|---|---|
Will you use access the Solace Container Registry directly or will you use a mirror? |
Direct Mirror |
PubSub+ Cloud container images are provided in a private registry that can either be accessed directly or mirrored (for example using Nexus or Artifactory). PubSub+ Cloud cannot push images to a private registry due to the frequency with which we publish and perform upgrades with new container images for our Mission Control Agent. |
|
If you are using a mirror container registry, what is its path? |
For example, for container image |
Solace requires this information to configure the Mission Control Agent to create event broker services using the correct container image name. |
|
If you are using a mirror container registry, what is the name of the image pull secret used to authenticate with it? |
|
The Mission Control Agent and event broker service may require a secret in the namespace they’re deployed in so they can pull images from the registry. |
Downloading the Registry Credentials for the Solace Container Registry |
Do you restrict outbound internet access? Is your environment configured to allow all outbound communication required for proper operation of PubSub+ Cloud? |
Restricted Not restricted |
If you restrict outbound access then you must read the documentation for details about how to allow access for PubSub+ Cloud. |
|
If you have an HTTP/HTTPS proxy that is required for outbound communication, what is its URL? Does it require credentials? If yes, we will contact you to securely provide them. |
For example: |
Solace needs this information to configure the Mission Control Agent to use your proxy. |
Messaging Connectivity
You must answer the following questions about yourMessaging Connectivity.
Question | Possible Answers | How Solace Uses This Information | Links to Related Documentation |
---|---|---|---|
Do you intend to create event broker services that are accessed via the public internet, private networking, or both? |
Public Private Both |
Solace needs this information to configure the Mission Control Agent to create event broker services that match your requirements. |
Feature Requirements
You must answer the following questions about your plans to use certain features that require special configuration.
Question | Possible Answers | How Solace Uses This Information | Links to Related Documentation |
---|---|---|---|
Do you intend to use MQTT Retain on any of your event broker services? |
Yes No |
Solace may need to allocate more memory to the event broker service’s pod for it to support MQTT Retain. |
|
Do you intend to provide a custom server certificate for your event broker services? |
Yes No |
Solace needs this information to configure the Mission Control Agent to use your custom server certificates. |
|
Will you be using more than one environment? If so, which environment do you want your initial datacenter created in? |
Yes, and the environment name No |
Solace uses this information to put your datacenter in the environment you specify. If you won’t be using more than one environment, or don’t specify the environment, the datacenter will be placed in your organization’s default environment. You can create environments, change your default environment, and move datacenters to different environments at a later time. |
Contact Information
You must provide a point of contact for each entry in the table below. Solace prefers a distribution list as the point of contact, though you can choose to provide individual contact details.
Contact Type | Distribution List or Contact Details |
---|---|
Event broker service incidents or issues. |
|
Event broker service upgrade notifications and scheduling. |
|
Release and maintenance notifications. |