GVC (Global Virtual Cloud)


Refer to the GVC concepts page.

Create a GVC

Refer to the Create a GVC guide for additional details.

Switching between GVCs

Using the console, if an org has multiple GVCs, there will be an angle bracket > to the right of the current GVC name in the left menu. Click the bracket to show and select a GVC.

GVC Namespace

The GVC namespace is used when constructing the canonical endpoint and individual location endpoints to avoid naming collision between workloads with the same name in different GVCs. The namespace is also used when performing service-to-service calls.

GVC Domain

A custom domain that has been configured for an org can be assigned to a GVC.

If a domain is not selected, the default domain names will be:

  • Global and canonical endpoints: cpln.app
  • Individual location endpoints: controlplane.us

GVC Locations

The cloud provider locations that workloads will be served from are mapped to a GVC. At least one location is required. The global and canonical endpoints will use DNS to route the request to the nearest healthy location.


Adding or removing a location will immediately provision or deprovision it from all workloads, respectively.

The available locations are scoped to an org and can be enabled/disabled globally. Any changes to the location at the org will be propagated to all GVCs using that location.

Pull Secrets

Pull secrets are secrets that are assigned to a GVC and used by workloads when authentication is required when pulling an image from a private registry. Only the Docker, Amazon ECR, and GCP secret types are supported.


If the image was pushed to the Control Plane registry for the same org, no secret is required.

Multiple pull secrets can be assigned to a GVC. A workload's container will use the appropriate secret when pulling the image from a private registry. If there are multiple secrets, the container will cycle through each one.

If authentication fails, the deployment will not be updated and the image pull will have an exponential backoff retry starting at 10 seconds until 5 minutes (e.g., 10 seconds, 20 seconds, 40 seconds, etc.).


The permissions below are used to define policies together with one or more of the four principal types:

createCreate new gvcs
deleteDelete existing gvcs
editModify existing gvcsview
manageFull accesscreate, delete, edit, manage, view
viewRead-only access

Access Report

Displays the permissions granted to principals for the GVC.


Refer to the CLI documentation for a GVC.

Copyright © 2021 Control Plane Corporation. All rights reserved. Revision 30221ec6