CockroachDB Cloud supports a Bring Your Own Cloud (BYOC) deployment model, where CockroachDB Cloud Advanced is hosted in your own cloud account rather than in an account managed by Cockroach Labs. This model allows you to take more control of security and take advantage of existing cloud service credits or discounts.
This feature is in preview and subject to change. To share feedback and/or issues, contact Support.
Shared responsibility model for BYOC
In any CockroachDB Cloud deployment, responsibility for a successful and healthy deployment is split between you and Cockroach Labs. In a BYOC deployment, all of the CockroachDB Cloud infrastructure except the control plane lives in an account under your control, which means that you incur additional responsibilities under the shared model.
The following table describes the split of responsibilities between you and Cockroach Labs in the shared responsibility model for BYOC:
| Area | Cockroach Labs responsibility | Customer responsibility |
|---|---|---|
| Uptime | Ensure 99.999% cluster uptime | Ensure that clusters remain accessible to CRL via cross-account IAM as documented in the corresponding deployment guide |
| Deployments | Automate cluster provisioning and scaling, provide hardware best practices | Provision new cloud service accounts and grant IAM permissions for Cockroach Labs to create and manage clusters |
| Upgrades | Provide automatic minor/patch upgrades and major upgrade automation via Terraform, APIs, or the Cloud Console | Initiate major version upgrades, set maintenance windows if applicable |
| Workload | Troubleshoot problems as they pertain to cluster availability | Size clusters to manage workload requirements, tune performance, and adjust schema designs with support from Cockroach Labs |
| Backups | Initialize a default backup schedule and write to customer-owned Cloud storage, ensure backup jobs run successfully | Configure a backup schedule as needed to meet RPO/RTO requirements |
| Support | Reactively and proactively identify and resolve availability-impacting incidents | Ensure sufficient hardware is made available to prevent scaling issues, including negotiating cloud resource quotas and availability with your cloud service provider. Maintain appropriate IAM permissions at all times |
| Billing | Meter vCPUs consumed, charge for vCPU consumption at the per-minute level | Negotiate with cloud service provider, manage infrastructure spend and discounts |
Next steps
CockroachDB supports BYOC deployments in Amazon Web Services, Microsoft Azure, and Google Cloud Platform. To prepare your cloud account for a BYOC deployment, refer to the corresponding deployment guide:
- Prepare a CockroachDB Cloud BYOC Deployment in Amazon Web Services
- Prepare a CockroachDB Cloud BYOC Deployment in Azure
- Prepare a CockroachDB Cloud BYOC Deployment in Google Cloud Platform
Once your cloud account is prepared for a BYOC deployment, cluster configuration and management is identical to a CockroachDB Cloud Advanced cluster. To learn more about CockroachDB Cloud Advanced cluster planning and management, refer to the following guides: