Skip to main content
Skip table of contents

Deployment

Data Control Tower is a container-based architecture and is currently certified with Kubernetes and OpenShift to align with common enterprise container standards. The DCT architecture is comprised of multiple micro-services that are each run on individual pods. This lends DCT to be a highly flexible and resilient deployment by enabling customers and IT organizations to enact their own backup, scaling, and resiliency standards associated with hosting container-based applications. Below is an architectural diagram of all the services that make up DCT as well as the persistent storage for maintaining relationship metadata.

DCT is multi-cloud enabled, which means that a single DCT instance can be deployed to orchestrate (via HTTPS) Continuous Data and Continuous Compliance workloads with Delphix engines located in other networks. Alternatively, DCT can be localized to engines located within a network. DCT is a lightweight management application, which means that it does not require a highly performant connection to complete its work and can serve as a central management layer for Delphix engines globally.

This section will explain all of the required steps to deploy DCT on your container platform of choice.

Password policy default enablement

In order to enforce better security, a user password policy was enabled by default in DCT version 8.0. When a new user is created or a password is changed for an existing user, the given password must meet the following criteria:

  • Password must be a minimum of 15 characters

  • Password must contain a digit

  • Password must contain a capital letter

  • Password must contain a lowercase letter

  • Password must contain a special character

  • Username cannot be used as the password

  • Previous two (2) passwords cannot be reused

  • Maximum of five (5) incorrect password attempts allowed

To allow passwords without any restrictions or criteria, disable the password policy using the DCT API.

API: /management/accounts/password-policies

HTTP method: PATCH

Request body:

ACTIONSCRIPT3
{
  "enabled": false
}

/* Or, if you want to enforce a different password policy, use something similar to this request body: */

{
  "enabled": true,
  "min_length": 10,
  "reuse_disallow_limit": 1,
  "digit": true,
  "uppercase_letter": true,
  "lowercase_letter": true,
  "special_character": false,
  "disallow_username_as_password": true,
  "maximum_password_attempts": 3
}

Change in password policy will not impact the existing user’s password. The new password policy will only be applicable when the password is changed or a new user is created.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.