您可以自行托管 Looker(原始版本)实例或部署,也可以让 Looker 为您托管。在我们的文档中,我们将由 Looker 托管的实例或部署称为“Looker 托管”,将在本地托管的实例或部署称为“客户托管”或“自行托管”。
如果 Looker 托管您的部署,Looker 会根据资源利用率和业务需求,代表您管理与 Looker 应用相关的所有必要 IT 功能,从而大大减少安装、配置和维护 Looker 应用所需的工作量。相反,当您自行托管部署时,您需要负责管理许多此类流程和功能。客户托管的部署包括产品内服务,即由 Looker 托管并通过产品访问的服务,具体包括许可数据、配置备份、系统错误报告、数据操作和支持服务工单,如 Looker 的安全页面的 Looker 共享的应用数据部分中所述。
在两种托管选项之间进行选择时,需要在便捷性和控制权之间做出权衡。选择 Looker 托管型可让您专注于将 Looker 集成到业务工作负载中,而无需进行基础设施管理。反之,自行托管 Looker 部署可让您完全掌控基础架构管理,但会增加初始启动和持续维护的开销。
本页提供以下信息,帮助您选择最适合自己需求的托管选项:
每种托管方案的比较优势
下表比较了每种托管方案的优势。
| 优势 | Looker 托管 | 客户托管 |
|
对所有 Looker 功能的默认访问权限 |
X |
|
|
无需设置或维护硬件 |
X |
|
|
自动软件更新和维护(每月或每季度) |
X |
|
|
免费扩展硬件:
|
X |
|
|
应用和主机监控 |
X |
|
|
自动 Looker 实例备份 |
X |
|
|
后端数据库迁移(如有必要) |
X |
|
|
正常运行时间 SLA 99.9%(高级版和精英版) |
X |
|
|
S1 响应 SLA 1 小时 |
X |
|
|
Looker 状态信息中心 |
X |
|
|
Looker API 的使用 |
X |
X |
|
多实例迁移 |
X |
X |
|
直接访问和导出服务器及日志 |
X |
Looker 托管型方案的优势和限制
下表列出了使用 Looker 托管部署的优势和限制。
Looker 托管部署的优势
下表列出了使用 Looker 托管部署的优势。
|
Looker 实例的主动管理 |
将性能监控工作交给 Looker 团队,专注于根据 Looker 提供的富有实用价值的数据分析来制定决策。 |
|
始终获取最新功能和更新 |
您无需再手动下载其他更新。Looker 会对您的 Looker 实例进行测试、更新和优化。 |
|
性能稳定 |
Looker 会监控性能并根据需要调整容量。您无需决定需要多少台服务器来支持用户。 |
|
部署安全性 |
Looker 会管理您的平台基础架构。Looker 部署是离散的、安全的,并且会持续受到监控,以确保您的数据安全无虞。 |
|
关联的服务 |
每个 Looker 部署都包含必要的关联服务,可让您访问更相关的数据、获得更多数据洞见、简化和扩展数据建模,并与第三方系统集成,同时 Looker 会提供支持。 |
|
确保数据库连接安全无虞 |
使用 SSH 将 Looker 连接到您的数据库。 |
|
SAML/LDAP 集成 |
Looker 可以与您现有的身份验证方法集成。 |
|
实例状态监控 |
您可以通过 Looker 状态信息中心了解您的实例在产品中断/服务暂停方面的实时动态。 |
Looker 托管的部署的限制
在选择使用 Looker 托管的部署之前,请考虑下表中列出的限制。
|
特定安全/合规性要求 |
Looker 托管的环境基础架构可能不符合贵公司的具体安全/合规性要求。 |
|
需要能够导出日志/监控信息 |
由于 Looker 会管理实例的基础设施,因此您无法导出实例的使用情况日志。Looker 会管理所有监控。 |
|
自定义 SLA |
Looker 更新和维护会在预定义的维护窗口期间进行。部分客户可能需要更精细地控制维护时间。 |
|
自定义 JDBC 驱动程序 |
客户托管选项的优势和限制
下表列出了使用客户托管部署的优势和限制。
客户托管部署的优势
下表列出了使用客户托管部署的优势。
|
直接控制基础架构和伸缩决策 |
您可以实现 Looker 托管部署可能无法提供的基础架构和架构配置。 |
|
日志记录/监控访问权限 |
通过管理自己的基础设施,您可以直接访问和导出 Looker 应用日志,并根据自己的具体需求设置实例监控。 |
|
定制安全模型 |
在您自己的部署中托管 Looker 可让您完全控制应用环境的安全性,您可以根据公司/行业的特定安全标准调整该环境。 |
客户托管部署的限制
在选择使用客户托管部署之前,请考虑下表中列出的限制。
|
支持方面的限制 |
如果 Looker 支持团队不熟悉自定义部署架构,则排查问题可能会很困难。某些问题可能需要您组织中的人员更多参与。 |
|
每月更新要求 |
您有责任创建和维护相关流程,以确保用户从 Looker 获取最新功能和安全补丁。 |
|
人力资本要求 |
Looker 部署可能需要大量人力和站点可靠性工程专业知识。您的组织必须管理 Looker 部署的各个组件。 |
|
费用 |
组织必须管理时间、人力资本和云/数据中心费用。 |
|
使用关联服务时遇到的挑战 |
Looker 具有关联服务的优势,可让您访问相关行业数据、深入分析数据、简化数据建模并扩大其规模,以及与第三方系统集成。在自托管的 Looker 部署中,您可能需要在云端部署辅助服务才能使用这些功能。 |
|
灾难恢复和弹性 |
您将负责维持正常运行时间和提升服务弹性。 |
|
部分 Looker 功能无法使用 |
如需比较 Looker 各托管选项的功能支持情况,请参阅本页面的各托管选项对 Looker 功能的支持情况部分。 |
|
其他功能配置 |
客户托管的实例可能需要额外配置才能使用某些 Looker 功能。 |
客户托管部署的示例使用情形
如果您的部署符合以下任何使用情形,则客户托管选项可能非常适合您:
- 您的组织有定制的安全要求:有些组织的安全政策规定他们不能使用云服务。Looker(原始版本)旨在实现多云,Looker 托管的 Looker(原始版本)部署在各种云服务提供商(例如 Google Cloud、AWS 和 Azure)上。如果您的安全政策与使用云服务处理数据不兼容,则客户托管是替代方案。
- 您的组织偏好完全可自定义的部署模型:如果 Looker 托管您的环境,Looker 会假定这些环境旨在保持稳定。贵组织的要求可能与此假设不兼容,例如在以下情况下:
- 您的部署环境是广阔的,其中包含每个用户群组或客户的众多实例,这些实例可能仅在短暂的时间段内需要。
- 您的组织需要能够频繁构建新环境或拆除现有环境。
- 您的组织需要多个 Looker 实例,每个实例都需要自定义启动标志、模型或连接信息。
- 您的组织需要更直接地访问集成和配置功能:在 Looker 托管的环境中,您对部署的直接访问权限受到限制。客户托管部署允许您完全访问实例的文件系统、元数据数据库和 JVM 配置。在以下情况下,直接访问可能很有用:
- 您可以使用与开发流程同步的脚本,频繁更新每个实例的 LookML 模型和配置。
- 您的组织无法使用 Looker 用于部署的某些核心技术,例如 Git。通过完全控制实例的后端,您可以将 Looker 的任何核心组件替换为首选解决方案。
不同托管选项对 Looker 功能的支持
下表比较了 Looker 托管的 Looker(原始版本)、Looker (Google Cloud Core) 和客户托管的 Looker(原始版本)实例类型的功能支持情况。
Filter the table on supported instance types:
| Feature | Looker instance type | |||
|---|---|---|---|---|
| Platform features | Looker (original) | Looker (Google Cloud core) | Customer-hosted Looker (original) | Notes |
| Looker reports: Create and access reports in Looker | Yes | Yes | No | Not available for Looker (Google Cloud core) instances that use VPC Service Controls or CMEK. Not all Looker reports features are available on Looker (Google Cloud core) instances. See the Looker reports documentation for details. |
| Gemini in Looker: Conversational Analytics, Code Interpreter, LookML writing assistance, and Visualization Assistant | Yes | Yes | No | Gemini assistance is not supported for Looker (Google Cloud core) instances that use CMEK or VPC Service Controls or for Looker (Google Cloud core) instances that are connected to Data Studio through the Looker connector. |
| Looker-managed MCP server: A Model Context Protocol (MCP) server provided directly by the Looker platform. | Yes | Yes | No |
The Looker-managed MCP server is in preview. It is the recommended method for connecting AI applications to Looker instances that are hosted by Looker. Customer-hosted instances can use the standalone MCP Toolbox instead. |
| BI Connectors: Connected Sheets and Looker Studio: Use Google Sheets to explore data from your LookML models or connect to Looker Studio data in your Looker instance. | Yes | Yes | No |
Complimentary licenses to use Looker Studio Pro are not available for customer-hosted Looker (original) instances. For private connections configurations in Looker (Google Cloud core) instances, your network administrator must configure your network so that traffic from Google Sheets or Looker Studio can reach your Looker instance. |
| BI Connectors: Microsoft Excel, Microsoft Power BI, Tableau Desktop: Data connectors to Excel, Power BI, and Tableau. | Yes | Yes | Yes | For the Power BI or Tableau connectors for Looker (Google Cloud core) instances that use private connections and for customer-hosted Looker (original) instances, your network administrator must configure your network so that traffic from Power BI or Tableau can reach your Looker instance. |
| Looker Action Hub and Looker Marketplace | Yes | Yes | Yes |
This feature may have limitations for Looker (Google Cloud core) instances that use private connections. Additional configuration may also be necessary for Looker (Google Cloud core) instances that use private connections. Additional configuration may be necessary for customer-hosted Looker (original) instances. |
| Schedule data to S3, SFTP, and webhook | Yes | Yes | Yes | This feature may have limitations for Looker (Google Cloud core) instances that use private connections. Additional configuration may also be necessary for Looker (Google Cloud core) instances that use private connections. |
| Looker extension for VS Code: Local LookML development in VS Code-based IDEs. | Yes | Yes | Yes | Supports syntax highlighting, autocomplete, real-time file synchronization, and LookML validation. Currently in preview. |
| Looker mobile application | Yes | Yes | Yes | |
| Custom themes | Yes | Yes | Yes | Custom themes are available only for Enterprise and Embed editions of Looker (Google Cloud core). |
| Custom extensions | Yes | Yes | Yes | Custom extensions are available only for Enterprise and Embed editions of Looker (Google Cloud core). |
| Knowledge Catalog integration: Automatically ingest Looker metadata into Knowledge Catalog for discovery | No | Yes | No | |
| Knowledge Catalog data lineage: Trace data flow from BigQuery to Looker dashboards | No | Yes | No | Supported only for BigQuery data sources. |
| Private embedding | Yes | Yes | Yes |
Private embedding is available for all editions of Looker (Google Cloud core). |
| Signed embedding | Yes | Yes | Yes |
Signed embedding is available only for the Embed edition of Looker (Google Cloud core). |
| Preview features | Yes | Yes | Yes | Looker preview features are enabled on Looker (Google Cloud core). However, preview features that are categorized as Labs features are not available in Looker (Google Cloud core). |
| Legacy features | Yes | No | Yes | |
| Security and authentication features | Looker (original) | Looker (Google Cloud core) | Customer-hosted Looker (original) | Notes |
| Security features: private connections, CMEK, VPC Service Controls | No | Yes | No | Private connections and VPC Service Controls are available only for Enterprise and Embed editions of Looker (Google Cloud core). |
| IAM integration | No | Yes | No | |
| SAML authentication, OpenID authentication | Yes | Yes | Yes | |
| Username and password setting for login, LDAP authentication | Yes | No | Yes | |
| IP Allowlist setting | Yes | Yes | No | |
| Ability to sudo as another user | Yes | No | Yes | For the Embed edition of Looker (Google Cloud core), impersonation of embed users is available by using the API endpoint Login user. |
| FIPS encryption | No | Yes | Yes | FIPS encryption is available only in the Enterprise and Embed editions of Looker (Google Cloud core). |
| Compliance certifications (for example, FedRAMP High and other Assured Workloads products) | No | Yes | Yes | Compliance certifications are available only in the Enterprise and Embed editions of Looker (Google Cloud core). |
| LookML development and database connections | Looker (original) | Looker (Google Cloud core) | Customer-hosted Looker (original) | Notes |
| Dialect support | Yes | Yes | Yes | The documentation lists the dialects that are supported by Looker (Google Cloud core) and the dialects that are supported by Looker (original) and customer-hosted Looker (original). |
| Customer-hosted Git on the public internet | Yes | Yes | Yes | This feature may have limitations for Looker (Google Cloud core) instances that use private connections. Additional configuration may also be necessary for Looker (Google Cloud core) instances that use private connections. |
| Looker Continuous Integration | Yes | Yes | No | Not available for Looker (Google Cloud core) instances that use private connections or CMEK. |
| Service agent access to BigQuery | No | Yes | No | |
| SSH tunnels (for on-premises databases) | Yes | n/a | Yes | |
| Logging | Looker (original) | Looker (Google Cloud core) | Customer-hosted Looker (original) | Notes |
| Access to internal database and verbose logs | No (see note) | No | Yes | For Looker-hosted Looker (original) instances, internal database and verbose logs are available only through a Google Cloud support request. |
| Cloud Audit Logs | No | Yes | No | |
| Elite System Activity | Yes | Yes | No |
Elite System Activity is available only as a paid feature in the Elite version of Looker (original). Elite Style Activity is available only in the Enterprise and Embed editions of Looker (Google Cloud core). |
| Infrastructure and instance management | Looker (original) | Looker (Google Cloud core) | Customer-hosted Looker (original) | Notes |
| Fully Google Cloud-managed Google service | No | Yes | No | Google Cloud support has a much greater ability to troubleshoot issues with the Looker (Google Cloud core) environment, because it is managed on Google Cloud. |
| Self-service instance creation | No | Yes | No | |
| Terraform support | No | Yes | No | |
| Startup options | Yes | No | Yes | |
| Customer-defined maintenance windows | No | Yes | No | |
| Non-production instances | Yes | Yes | Yes |
Two non-production instances are available for the Elite version of Looker (original). No other Looker (original) versions offer non-production instances. Non-production instances are purchased separately for Looker (Google Cloud core). |
| Export | Yes | No | No |
This feature is required to migrate from Looker (original) to Looker (Google Cloud core). |