您可以選擇自行代管 Looker (舊版) 執行個體或部署作業,也可以由 Looker 代管。在整份文件中,我們將 Looker 代管的執行個體或部署作業稱為「Looker 代管」,將在本機代管的執行個體或部署作業稱為「客戶代管」或「自行代管」。
如果 Looker 代管您的部署作業,Looker 會根據資源用量和業務需求,代表您管理與 Looker 應用程式相關的所有必要 IT 功能,大幅減少安裝、設定及維護 Looker 應用程式所需的工作量。反之,如果您自行代管部署作業,則必須負責管理許多程序和功能。客戶代管部署包括產品內服務,也就是由 Looker 代管且可透過產品存取的服務,具體來說包括授權資料、設定備份、系統錯誤報告、資料動作和支援單,詳情請參閱 Looker 安全性頁面的「Looker 分享的應用程式資料」一節。
選擇這兩種代管選項時,請權衡便利性與控制權。選擇 Looker 代管服務後,您就能專心將 Looker 整合至業務工作負載,不必費心管理基礎架構。反之,自行代管 Looker 部署作業可讓您全面控管基礎架構管理,但會增加初始推出和持續維護的間接費用。
本頁面提供下列資訊,協助您選擇最適合需求的代管選項:
各託管選項的比較優勢
下表比較各個託管選項的優點。
| 好處 | Looker 代管 | 客戶端代管 |
|
預設存取所有 Looker 功能 |
X |
|
|
無需設定或維護硬體 |
X |
|
|
自動軟體更新和維護 (每月或每季) |
X |
|
|
無須額外付費即可擴充硬體:
|
X |
|
|
應用程式和主機監控 |
X |
|
|
自動備份 Looker 執行個體 |
X |
|
|
視需要遷移後端資料庫 |
X |
|
|
運作時間服務水準協議 99.9% (進階版和頂級版) |
X |
|
|
S1 回應服務水準協議 1 小時 |
X |
|
|
Looker 狀態資訊主頁 |
X |
|
|
使用 Looker API |
X |
X |
|
多例項遷移 |
X |
X |
|
直接存取及匯出伺服器和記錄 |
X |
Looker 代管選項的優點和限制
下表列出使用 Looker 代管部署的優點和限制。
Looker 託管部署的優點
下表列出使用 Looker 代管部署的優點。
|
積極管理 Looker 執行個體 |
將成效監控工作交給 Looker 團隊,專心運用 Looker 提供的實用資料洞察資訊做出決策。 |
|
隨時取得最新功能和更新 |
您不必再手動下載更新。Looker 會測試、更新及最佳化您的 Looker 執行個體。 |
|
一致的效能 |
Looker 會監控效能,並視需要調整容量。您不必決定需要多少伺服器來支援使用者。 |
|
部署作業安全 |
Looker 會管理平台基礎架構。Looker 部署作業是獨立且安全的,我們會持續監控,確保資料安全無虞。 |
|
已連結的服務 |
每個 Looker 部署作業都包含必要的連線服務,可讓您存取更多相關資料、增加洞察資料、簡化及擴充資料模型,並與第三方系統整合,同時 Looker 也會提供支援。 |
|
確保資料庫連線安全 |
使用 SSH 將 Looker 連線至資料庫。 |
|
SAML/LDAP 整合 |
Looker 可與現有的驗證方法整合。 |
|
例項狀態監控 |
透過 Looker 狀態資訊主頁,查看執行個體的產品故障或服務中斷相關即時快訊。 |
Looker 託管部署項目的限制
選擇使用 Looker 代管部署作業前,請先考量下表列出的限制。
|
特定安全性/法規遵循規定 |
Looker 代管環境基礎架構可能不符合貴公司的個別安全性/法規遵循規定。 |
|
必須能夠匯出記錄/監控資訊 |
由於 Looker 會管理執行個體的基礎架構,因此您無法匯出執行個體使用情況的記錄。Looker 會管理所有監控作業。 |
|
自訂服務水準協議 |
Looker 更新和維護作業會在預先定義的維護期間執行。部分客戶可能需要進一步控管維護作業的執行時間。 |
|
自訂 JDBC 驅動程式 |
客戶代管選項的優點和限制
下表列出使用客戶代管部署的優點和限制。
客戶代管部署的優點
下表列出使用客戶代管部署的優點。
|
直接控管基礎架構和資源調度決策 |
您可以實作基礎架構和架構設定,這些設定可能無法透過 Looker 託管的部署作業提供。 |
|
記錄/監控存取權 |
自行管理基礎架構時,您可以直接存取及匯出 Looker 應用程式記錄,並根據個人需求設定執行個體監控。 |
|
專屬安全模式 |
在自己的部署環境中代管 Looker,可讓您完全掌控應用程式環境的安全性,並配合公司/產業的特定安全標準。 |
客戶代管部署作業的限制
選擇使用客戶代管部署作業前,請先考量下表列出的限制。
|
支援限制 |
如果 Looker 支援團隊不熟悉自訂部署架構,排解問題可能會很困難。某些問題可能需要貴機構投入更多心力。 |
|
每月更新規定 |
您有責任建立及維護相關程序,確保使用者能取得 Looker 的最新功能和安全性修補程式。 |
|
人力資本規定 |
部署 Looker 可能需要大量人力和網站可靠性工程專業知識。貴機構必須管理 Looker 部署作業的各種元件。 |
|
費用 |
貴機構必須管理時間、人力資本和雲端/資料中心成本。 |
|
使用連結服務時遇到的挑戰 |
Looker 具有連線服務的優勢,可讓您存取相關產業資料、增加洞察資料、簡化及擴充資料建模,並與第三方系統整合。在自行代管的 Looker 部署作業中,您可能需要在雲端部署輔助服務,才能存取這些功能。 |
|
災難復原和彈性 |
您必須負責維持正常運作時間和服務復原能力。 |
|
部分 Looker 功能無法使用 |
如要比較 Looker 各代管選項支援的功能,請參閱本頁面的「各代管選項支援的 Looker 功能」一節。 |
|
其他功能設定 |
如要使用特定 Looker 功能,客戶代管的執行個體可能需要額外設定。 |
客戶代管部署的應用實例
如果符合下列任一用途,則適合採用客戶代管選項:
- 貴機構有專屬安全需求:部分機構的安全政策規定不得使用雲端服務。Looker (原始版本) 的設計宗旨是支援多雲環境,而 Looker 代管的 Looker (原始版本) 部署作業則位於各種雲端服務供應商 (例如 Google Cloud、AWS 和 Azure) 上。如果您的安全政策不允許使用 Cloud 服務處理資料,客戶代管就是替代方案。
- 貴機構偏好完全可自訂的部署模型:當 Looker 代管您的環境時,Looker 會假設這些環境是為了穩定性而設計。貴機構的需求可能與這項假設不相容,例如在下列情況中:
- 您的部署環境是廣大的領域,每個使用者群組或客戶都有許多執行個體,但可能只需要短暫的時間。
- 貴機構需要頻繁建構新環境或拆除現有環境。
- 貴機構需要多個 Looker 執行個體,且每個執行個體都需要自訂啟動標記、模型或連線資訊。
- 貴機構需要更直接地存取整合和設定功能:在 Looker 代管環境中,您對部署作業的直接存取權受到限制。客戶代管部署作業可讓您完整存取執行個體的檔案系統、中繼資料資料庫和 JVM 設定。在下列情況中,直接存取可能很有幫助:
- 您可以使用與開發程序同步的指令碼,經常更新每個執行個體的 LookML 模型和設定。
- 貴機構無法使用 Looker 用於部署作業的某些核心技術,例如 Git。您可以完全控管執行個體的後端,並以偏好的解決方案取代 Looker 的任何核心元件。
支援各代管選項的 Looker 功能
下表比較了 Looker 代管的 Looker (原始版本)、Looker (Google Cloud Core),以及客戶代管的 Looker (原始版本) 執行個體類型支援的功能。
Filter the table on supported instance types:
| Feature | Looker instance type | |||
|---|---|---|---|---|
| Platform features | Looker (original) | Looker (Google Cloud core) | Customer-hosted Looker (original) | Notes |
| Looker reports: Create and access reports in Looker | Yes | Yes | No | Not available for Looker (Google Cloud core) instances that use VPC Service Controls or CMEK. Not all Looker reports features are available on Looker (Google Cloud core) instances. See the Looker reports documentation for details. |
| Gemini in Looker: Conversational Analytics, Code Interpreter, LookML writing assistance, and Visualization Assistant | Yes | Yes | No | Use of the Code Interpreter, LookML writing assistance, and custom visualization creation assistance are not supported for Looker (Google Cloud core) instances that use CMEK or VPC Service Controls.Conversational Analytics, Code Interpreter, LookML writing assistance, and custom visualization creation assistance are not supported for Looker (Google Cloud core) instances that are connected to Looker Studio through the Looker connector. |
| BI Connectors: Connected Sheets and Looker Studio: Use Google Sheets to explore data from your LookML models or connect to Looker Studio data in your Looker instance. | Yes | Yes | No |
Complimentary licenses to use Looker Studio Pro are not available for customer-hosted Looker (original) instances. For private connections configurations in Looker (Google Cloud core) instances, your network administrator must configure your network so that traffic from Google Sheets or Looker Studio can reach your Looker instance. |
| BI Connectors: Microsoft Excel, Microsoft Power BI, Tableau Desktop: Data connectors to Excel, Power BI, and Tableau. | Yes | Yes | Yes | For the Power BI or Tableau connectors for Looker (Google Cloud core) instances that use private connections and for customer-hosted Looker (original) instances, your network administrator must configure your network so that traffic from Power BI or Tableau can reach your Looker instance. |
| Looker Action Hub and Looker Marketplace | Yes | Yes | Yes |
This feature may have limitations for Looker (Google Cloud core) instances that use private connections. Additional configuration may also be necessary for Looker (Google Cloud core) instances that use private connections. Additional configuration may be necessary for customer-hosted Looker (original) instances. |
| Schedule data to S3, SFTP, and webhook | Yes | Yes | Yes | This feature may have limitations for Looker (Google Cloud core) instances that use private connections. Additional configuration may also be necessary for Looker (Google Cloud core) instances that use private connections. |
| Looker mobile application | Yes | Yes | Yes | |
| Custom themes | Yes | Yes | Yes | Custom themes are available only for Enterprise and Embed editions of Looker (Google Cloud core). |
| Custom extensions | Yes | Yes | Yes | Custom extensions are available only for Enterprise and Embed editions of Looker (Google Cloud core). |
| Private embedding | Yes | Yes | Yes |
Private embedding is available for all editions of Looker (Google Cloud core). |
| Signed embedding | Yes | Yes | Yes |
Signed embedding is available only for the Embed edition of Looker (Google Cloud core). |
| Labs and legacy pages | Yes | No | Yes | Some preview features are made available in Looker (Google Cloud core) through allowlists. |
| Security and authentication features | Looker (original) | Looker (Google Cloud core) | Customer-hosted Looker (original) | Notes |
| Security features: private connections, CMEK, VPC Service Controls | No | Yes | No | Private connections and VPC Service Controls are available only for Enterprise and Embed editions of Looker (Google Cloud core). |
| IAM integration | No | Yes | No | |
| SAML authentication, OpenID authentication | Yes | Yes | Yes | |
| Username and password setting for login, LDAP authentication | Yes | No | Yes | |
| IP Allowlist setting | Yes | No | No | For Looker (Google Cloud core), access to the instance is controlled with private connections. |
| Ability to sudo as another user | Yes | No | Yes | For the Embed edition of Looker (Google Cloud core), impersonation of embed users is available by using the API endpoint Login user. |
| FIPS encryption | No | Yes | Yes | FIPS encryption is available only in the Enterprise and Embed editions of Looker (Google Cloud core). |
| Compliance certifications (for example, FedRAMP High and other Assured Workloads products) | No | Yes | Yes | Compliance certifications are available only in the Enterprise and Embed editions of Looker (Google Cloud core). |
| LookML development and database connections | Looker (original) | Looker (Google Cloud core) | Customer-hosted Looker (original) | Notes |
LookML parameter: synonyms |
Yes | No | Yes | |
| Dialect support | Yes | Yes | Yes | The documentation lists the dialects that are supported by Looker (Google Cloud core) and the dialects that are supported by Looker (original) and customer-hosted Looker (original). |
| Customer hosted Git on the public internet | Yes | Yes | Yes | This feature may have limitations for Looker (Google Cloud core) instances that use private connections. Additional configuration may also be necessary for Looker (Google Cloud core) instances that use private connections. |
| Looker Continuous Integration | Yes | Yes | No | Not available for Looker (Google Cloud core) instances that use private connections or CMEK. |
| Service agent access to BigQuery | No | Yes | No | |
| SSH tunnels (for on-premises databases) | Yes | n/a | Yes | |
| Logging | Looker (original) | Looker (Google Cloud core) | Customer-hosted Looker (original) | Notes |
| Access to internal database and verbose logs | No (see note) | No | Yes | For Looker-hosted Looker (original) instances, internal database and verbose logs are available only through a Google Cloud support request. |
| Cloud Audit Logs | No | Yes | No | |
| Elite System Activity | Yes | Yes | No |
Elite System Activity is available only as a paid feature in the Elite version of Looker (original). Elite Style Activity is available only in the Enterprise and Embed editions of Looker (Google Cloud core). |
| Infrastructure and instance management | Looker (original) | Looker (Google Cloud core) | Customer-hosted Looker (original) | Notes |
| Fully Google Cloud-managed Google service | No | Yes | No | Google Cloud support has a much greater ability to troubleshoot issues with the Looker (Google Cloud core) environment, because it is managed on Google Cloud. |
| Self-service instance creation | No | Yes | No | |
| Terraform support | No | Yes | No | |
| Startup options | Yes | No | Yes | |
| Customer-defined maintenance windows | No | Yes | No | |
| Non-production instances | Yes | Yes | Yes |
Two non-production instances are available for the Elite version of Looker (original). No other Looker (original) versions offer non-production instances. Non-production instances are purchased separately for Looker (Google Cloud core). |
| Export | Yes | No | No |
This feature is required to migrate from Looker (original) to Looker (Google Cloud core). |