Infrastructure Configuration
Setting Up the Network and Creating a VPC
- Navigate to the VPC Network service in the Google Cloud Console.
- Select Create VPC network to initiate the creation of a new VPC. Name it
care-vpc
. - Enter the following values for the new VPC:
- Maximum Transmission unit (MTU):
1460
- VPC network ULA internal IPv6 range:
Disabled
- Subnet creation mode:
Custom
- Maximum Transmission unit (MTU):
- Create a new subnet with the following values:
- Name:
cluster-snet
- Region:
asia-south1
- IP stack type:
IPv4 (single-stack)
- IPv4 range:
10.0.0.0/16
- Private Google Access:
On
- Flow logs:
Off
- Name:
- Leave the default firewall rules.
- Set the dynamic routing mode to
Regional
. - Use the following equivalent commands if you prefer to use the command line:
gcloud compute networks create care-vpc --project=$PROJECT --subnet-mode=custom --mtu=1460 --bgp-routing-mode=regional
gcloud compute networks subnets create cluster-snet --project=$PROJRCT --range=10.0.0.0/16 --stack-type=IPV4_ONLY --network=care-vpc --region=asia-south1 --enable-private-ip-google-access
- Reserve a static IP address by navigating to VPC Networks > IP Addresses > RESERVE EXTERNAL STATIC IP ADDRESS.
- Enter the following values for the static IP address:
- Name:
pip-care
- Network Service Tier:
Premium
- IP version:
IPv4
- Type:
Regional
- Region:
asia-south1 (Mumbai)
- Attached to:
None
- Name:
- Note down the IP address for future use.
- Use the following equivalent command if you prefer to use the command line:
gcloud compute addresses create pip-care --project=$PROJECT --region=asia-south1
Setting Up Databases
- Go to the Google Cloud Console and find the Cloud SQL service.
- Create a new database instance using the
PostgreSQL
engine. - For the first database:
- Set the instance ID as
care-db
. - Use Cloud SQL for Authentication and provide a strong master password.
- Set the Database version to
PostgreSQL 16
. - Choose Enterprise for the Cloud SQL edition.
- Set the Region to
asia-south1
and the Primary zone toasia-south1-a
. - Configure the machine with
2 vCPU
,8 GB memory
, andSSD storage of 20 GB
. - Enable automatic storage increases.
- Under connections, set the Instance IP assignment to
Private IP
and associate it withcare-vpc
. - Disable
Public IP
. - Enable
Automated backups
,point-in-time recovery
, anddeletion protection
. - Set the automated backup window to
2:30 AM - 6:30 AM
and the maintenance window toSunday
. - Once the instance is initialized, create a new database named
care
.
- Set the instance ID as
- Repeat the above steps for the second database with the following changes:
- Set the instance ID as
metabase-db
. - Configure the machine with
1 vCPU
,3.75 GB memory
. - Create a new database named
metabase
.
- Set the instance ID as
Configuring the Cloud Storage
- Navigate to the Cloud Storage service in the Google Cloud Console.
- Go to buckets and click on create.
- Create a new bucket for facility images:
- Name:
<prefix>-care-facility
- Location type:
Region
- Location:
asia-south1 (Mumbai)
- Default storage class:
Standard
- Public access prevention:
Off
- Access control:
Uniform
- Protection tools:
None
- Name:
- Create a second bucket for patient data:
- Name:
<prefix>-care-patient-data
- Location type:
Region
- Location:
asia-south1 (Mumbai)
- Default storage class:
Standard
- Public access prevention:
On
- Access control:
Uniform
- Protection tools:
Retention policy: 7 days
- Name:
- Navigate to Settings > Interoperability.
- Under Access keys for service accounts, click on Create a key for a service account.
- Create a new service account:
- Name:
care-bucket-access
- Role:
Storage Object Admin
under Cloud Storage
- Name:
- Click Continue then Done.
- Select
care-bucket-access
and click on create key. - Note down the Access key and Secret for later use.
Configuring CORS for Cloud Storage
- Navigate to the Cloud Storage service in the Google Cloud Console.
- Go to buckets and select the
<prefix>-care-facility
bucket. - Click on Edit bucket permissions.
- Under CORS configuration, add the following rules:
[
{
"origin": ["*"],
"responseHeader": ["Content-Type"],
"method": ["GET", "HEAD", "PUT", "POST", "DELETE"],
"maxAgeSeconds": 3600
}
] - Click Save.
- Repeat the above steps for the
<prefix>-care-patient-data
bucket. - Under CORS configuration, add the following rules:
[
{
"origin": ["care.example.com",],
"responseHeader": ["Content-Type"],
"method": ["GET", "HEAD", "PUT", "POST", "DELETE"],
"maxAgeSeconds": 3600
}
] - Click Save.
- This can also be done using the
gsutil
command line tool:wheregsutil cors set cors.json gs://<prefix>-care-facility
gsutil cors set cors.json gs://<prefix>-care-patient-datacors.json
contains the CORS configuration.
Configuring the Google Kubernetes Engine (GKE) Cluster
- Navigate to the Kubernetes Engine service in the Google Cloud Console.
- Go to clusters and click on create.
- Select the
Standard
mode for the new cluster. - Set the following values for the cluster basics:
- Name:
care-gke
- Location type:
Zonal
- Zone:
asia-south1-a
- Name:
- Under Node pools, select the
default pool
and set the number of nodes to2
. - In the Node pools > default pool > nodes section, configure the machine as follows:
- Machine configuration:
General purpose
- Series:
E2
- Machine type:
e2-standard-2
(2 vCPU, 8 GB memory)
- Machine configuration:
- In the Node pools > default pool > networking section, add
care-gke
to the Network tags. - In the Node pools > Cluster > Networking section, configure the network settings as follows:
- Network:
care-vpc
- Node subnet:
cluster-snet
- Network access:
Public cluster
- Network:
- Enable
HTTP load balancing
.