Bringing the power of the fastest real-time analytical database to customer VPCs
As enterprises look to modernize and adopt cloud-native architectures, they must still comply with existing security mandates and geographic regulations. This becomes especially challenging with cloud-based database services, where any data leaving the enterprise Virtual Private Cloud (VPC) requires thorough security review. These considerations are critical for organizations in regulated industries or those handling sensitive customer data.
ClickHouse BYOC was built to address this very challenge. It allows organizations to adopt unique capabilities of the fully-managed ClickHouse Cloud service, a leading real-time analytical database, while maintaining full ownership and control of their data within their VPC. In ClickHouse BYOC architecture, the data plane consisting of storage and compute resources resides in the customer VPC, which ensures that customers are able to adhere to data residency and governance requirements, while offloading operational complexities of managing ClickHouse.
“The evolution of ClickHouse Cloud is influenced by the insights we gain from working closely with our users,” said Tanya Bragin, VP of Product & Marketing at ClickHouse. “Our users in banking, healthcare, and cybersecurity must adhere to data governance mandates. With ClickHouse BYOC on AWS, we make all the features of a fully-managed ClickHouse Cloud available in an operating environment known and trusted by our customers…their own AWS VPC.”
By adopting ClickHouse BYOC, customers can benefit from full compute-storage separation (powered by the proprietary SharedMergeTree engine), seamless vertical and horizontal scaling of compute nodes, and compute-compute separation. These capabilities enable granular isolation of workloads in multi-tenant environments and more targeted, independent allocation of compute resources, resulting in more optimized compute resource usage and lower infrastructure costs.
“ClickHouse BYOC on AWS has transformed the way we deploy and manage ClickHouse, making it more streamlined and cost-effective. By moving to shared-storage architecture and utilizing compute-compute separation capability, we have significantly optimized our infrastructure costs compared to our self-managed ClickHouse deployments.” — Krishna Sai, CTO, SolarWinds.
ClickHouse BYOC Architecture
In the BYOC deployment model, all customer data is hosted in the customer VPC. This includes data stored on disk, data processed via compute nodes (including in memory and local disk cache), and backup data. The only components hosted in the ClickHouse VPC are the web and API interfaces used to manage the organization and services, responsible for operations like user management, service start/stop, and scaling.
Detailed logs and metrics collected by the system are stored in the customer VPC, with only the most critical telemetry and alerts allowed to leave to enable resource utilization and health monitoring.
ClickHouse BYOC Benefits
The launch of ClickHouse BYOC on AWS is a key milestone in our journey to enable flexible, secure, and high-performance analytics for verticals and markets that need to adhere to the strictest data governance and residency mandates, including cybersecurity, banking, healthcare, and other businesses that manage sensitive PII.
Businesses no longer need to choose between cloud-native agility and control; they can achieve both, with the following benefits:
- Data security and control: BYOC gives customers complete control over their data, ensuring compliance with internal security policies and regulatory requirements. Sensitive data stays within the customer’s cloud environment, and they have full visibility into system access.
- Greater operational flexibility: BYOC offers a hybrid deployment model, allowing customers to control their data, while relying on ClickHouse experts for database management, which includes ongoing software upgrades and patches.
- Performance predictability: Deploying ClickHouse Cloud data plane in a dedicated customer account ensures optimal workload isolation and gives customers greater flexibility in selecting instance types to best support their workloads.
- Cloud spend optimization: With BYOC, customers can continue to leverage existing cloud provider commitments and discounts, and thus optimize their cloud spending. In addition, this model supports VPC peering, which helps reduce data transfer costs, especially at large data volumes.
Part of a broader partnership
On December 10, 2024, ClickHouse, Inc. announced a five-year strategic collaboration agreement with Amazon Web Services (AWS) to enhance real-time data warehousing, observability, business intelligence, machine learning, and generative AI solutions. This partnership aims to integrate ClickHouse Cloud more closely with AWS services, facilitating the development of high-performance analytics and generative AI applications. General availability of ClickHouse BYOC exclusively available on AWS today is a significant milestone in this journey.
Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!
