Duck Data Platform
GitHub repository

Getting Started

First Operator Setup

Stand up the mental model for auth, governance, storage, and compute in a production-minded deployment.

Use this quickstart when you are responsible for platform posture. The goal is not just to make Duck start, but to make it safe, governable, and observable.

What You Are Establishing

Operator Concern Why It Matters First Decision
Trusted identity path Users and services need a safe, auditable auth path How people and services authenticate
Secure runtime configuration The deployment should start from a production-safe baseline Which env vars, secrets, and listeners are required
Storage and external-data strategy Data location and integration posture affect both security and reliability How storage credentials and external locations are managed
Clear policy ownership Governance breaks down when nobody owns grants and policy changes Who approves and verifies access changes
Compute topology Runtime shape affects scale, isolation, and fallback behavior Whether local execution is enough or remote workers are needed

1. Establish identity first

Before exposing data, decide:

  • how people authenticate
  • how services authenticate
  • how principals, groups, and grants are managed
  • which credential types are allowed in production

2. Lock down the runtime baseline

Confirm the production minimums:

  • ENV=production
  • encryption key configured from a managed secret source
  • listener addresses aligned to network boundaries
  • auth configured before opening shared access

3. Decide how storage and integration work

Operators should know:

  • where data lives
  • how external locations and storage credentials are managed
  • how Git or other integrations are approved and monitored

4. Choose the compute topology

Start with local execution unless you have a reason to separate workers. Move to remote compute when you need:

  • execution isolation
  • staged routing and fallback
  • lifecycle-style asynchronous workloads

Deployment shape at a glance

Topology diagram showing principals reaching the Duck control plane, policy enforcement, local execution, optional remote workers, and storage.

5. Add health and troubleshooting paths

Before broad rollout, make sure the team can answer:

  • is the service healthy
  • is auth working
  • is a policy denying access
  • is a worker unhealthy
  • is storage misconfigured

Next Steps

Operate DuckGo deeper on runtime ops. Platform SettingsSet the production baseline. Security ChecklistReview release-gate controls. Observability And TroubleshootingFind failures faster.
← First Data Product Ways to Access Duck →