GVC (Global Virtual Cloud)
Overview
Refer to the GVC concepts page.
Create a GVC
Refer to the Create a GVC guide for additional details.
Switching between GVCs
Using the console, if an org has multiple GVCs, there will be an angle bracket > to the right of the current GVC name in
the left menu. Click the bracket to show and select a GVC.
GVC Namespace
The GVC namespace is used when constructing the canonical endpoint and individual location endpoints to avoid naming collision between workloads with the same name in different GVCs. The namespace is also used when performing service-to-service calls.
GVC Domain
A custom domain that has been configured for an org can be assigned to a GVC.
If a domain is not selected, the default domain names will be:
- Global and canonical endpoints:
cpln.app - Individual location endpoints:
controlplane.us
GVC Locations
The cloud provider locations that workloads will be served from are mapped to a GVC. At least one location is required. The global and canonical endpoints will use DNS to route the request to the nearest healthy location.
Adding or removing a location will immediately provision or deprovision it from all workloads, respectively.
The available locations are scoped to an org and can be enabled/disabled globally. Any changes to the location at the org will be propagated to all GVCs using that location.
Pull Secrets
Pull secrets are secrets that are assigned to a GVC and used by workloads when authentication is required when pulling an image from a private registry. Only the Docker, Amazon ECR, and GCP secret types are supported.
If the image was pushed to the Control Plane registry for the same org, no secret is required.
Multiple pull secrets can be assigned to a GVC. A workload's container will use the appropriate secret when pulling the image from a private registry. If there are multiple secrets, the container will cycle through each one.
If authentication fails, the deployment will not be updated and the image pull will have an exponential backoff retry starting at 10 seconds until 5 minutes (e.g., 10 seconds, 20 seconds, 40 seconds, etc.).
Permissions
The permissions below are used to define policies together with one or more of the four principal types:
| Permission | Description | Implies |
|---|---|---|
| create | Create new gvcs | |
| delete | Delete existing gvcs | |
| edit | Modify existing gvcs | view |
| manage | Full access | create, delete, edit, manage, view |
| view | Read-only access |
Access Report
Displays the permissions granted to principals for the GVC.
CLI
Refer to the CLI documentation for a GVC.