Skip to content

GKE deployment prototype #117

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
luarss wants to merge 4 commits into
base: master
Choose a base branch
from
Open

GKE deployment prototype #117

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
75988da
add initial gke scaffold
luarss Jan 6, 2025
0388c88
add kubectl readme
luarss Jan 18, 2025
1545d35
stash readme
luarss Jan 18, 2025
edbccba
stash
luarss Jul 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,3 +39,7 @@ faiss_db
# frontend
node_modules
.next

# deployment (Kompose files)
*-service.yaml
*-deployment.yaml
2 changes: 1 addition & 1 deletion .pre-commit-config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ repos:
hooks:
- id: check-ast
- id: check-toml
- id: check-yaml
# - id: check-yaml
- id: check-merge-conflict
- id: check-symlinks
- id: check-executables-have-shebangs
Expand Down
209 changes: 209 additions & 0 deletions deploy/.env.example
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,209 @@
# ORAssistant GKE Deployment - Example Configuration
# This file shows example values for all required configuration

# =============================================================================
# PROJECT CONFIGURATION
# =============================================================================
PROJECT_ID=my-openroad-project
DOMAIN=mycompany.com
REGION=us-central1
CLUSTER_NAME=orassistant-cluster
NAMESPACE=orassistant

# =============================================================================
# CONTAINER IMAGES
# =============================================================================
BACKEND_IMAGE=gcr.io/my-openroad-project/orassistant-backend:latest
FRONTEND_IMAGE=gcr.io/my-openroad-project/orassistant-frontend:latest
INIT_IMAGE=python:3.12-slim
CERT_MONITOR_IMAGE=alpine:latest

# =============================================================================
# DOMAIN CONFIGURATION
# =============================================================================
PRIMARY_DOMAIN=orassistant.mycompany.com
WWW_DOMAIN=www.orassistant.mycompany.com
DEV_DOMAIN=dev.orassistant.mycompany.com
STAGING_DOMAIN=staging.orassistant.mycompany.com
PROD_DOMAIN=orassistant.mycompany.com
ADMIN_EMAIL=admin@mycompany.com

# =============================================================================
# GKE CLUSTER CONFIGURATION
# =============================================================================
BACKEND_NODE_POOL=backend-pool
FRONTEND_NODE_POOL=frontend-pool
BACKEND_MACHINE_TYPE=n1-standard-4
FRONTEND_MACHINE_TYPE=n1-standard-2
BACKEND_DISK_SIZE=50GB
FRONTEND_DISK_SIZE=20GB
DISK_TYPE=pd-ssd

ZONE_A=us-central1-a
ZONE_B=us-central1-b
ZONE_C=us-central1-c

BACKEND_MIN_NODES=1
BACKEND_MAX_NODES=3
FRONTEND_MIN_NODES=1
FRONTEND_MAX_NODES=2

# =============================================================================
# APPLICATION SECRETS (Base64 encode these values)
# =============================================================================
# AI/ML API Keys (example format - replace with your base64 encoded keys)
OPENAI_API_KEY=c2stcHJvai0xMjM0NTY3ODkwYWJjZGVmZ2hpams= # Example: sk-proj-1234567890abcdefghijk
GOOGLE_API_KEY=QUl6YVN5QjEyMzQ1Njc4OTBhYmNkZWZnaGlqa2w= # Example: AIzaSyB1234567890abcdefghijkl
HUGGINGFACE_TOKEN=aGZfMTIzNDU2Nzg5MGFiY2RlZmdoaWprbA== # Example: hf_1234567890abcdefghijkl
ANTHROPIC_API_KEY=c2stYW50LTEyMzQ1Njc4OTBhYmNkZWZnaGlqa2w= # Example: sk-ant-1234567890abcdefghijkl
COHERE_API_KEY=MTIzNDU2Nzg5MGFiY2RlZmdoaWprbG1ub3A= # Example: 1234567890abcdefghijklmnop

# Database connections
MONGODB_URI=bW9uZ29kYjovL3VzZXI6cGFzc3dvcmRAY2x1c3Rlci5tb25nb2RiLm5ldC9vcmFzc2lzdGFudD9yZXRyeVdyaXRlcz10cnVl # mongodb://user:password@cluster.mongodb.net/orassistant?retryWrites=true

# External integrations (base64 encoded JSON)
GOOGLE_SHEETS_CREDENTIALS=eyJ0eXBlIjoic2VydmljZV9hY2NvdW50IiwicHJvamVjdF9pZCI6Im15LXByb2plY3QifQ== # {"type":"service_account","project_id":"my-project"}

# Application secrets
JWT_SECRET_KEY=bXktc3VwZXItc2VjcmV0LWp3dC1rZXktMTIzNDU2Nzg5MA== # my-super-secret-jwt-key-1234567890
SESSION_SECRET=bXktc2Vzc2lvbi1zZWNyZXQtMTIzNDU2Nzg5MA== # my-session-secret-1234567890

# Docker registry credentials (base64 encoded JSON)
DOCKER_CONFIG_JSON=eyJhdXRocyI6eyJnY3IuaW8iOnsidXNlcm5hbWUiOiJfanNvbl9rZXkiLCJwYXNzd29yZCI6IntcInR5cGVcIjpcInNlcnZpY2VfYWNjb3VudFwifSJ9fX0=

# Custom TLS certificates (leave empty to use managed certificates)
TLS_CERT=
TLS_KEY=

# =============================================================================
# APPLICATION CONFIGURATION
# =============================================================================
BACKEND_URL=0.0.0.0
BACKEND_WORKERS=2
BACKEND_PORT=8000
FRONTEND_PORT=3000
NODE_ENV=production
LOG_LEVEL=info
ENVIRONMENT=production
MAX_CONCURRENT_REQUESTS=100
REQUEST_TIMEOUT=30s
VECTOR_SEARCH_TIMEOUT=10s

# =============================================================================
# STORAGE CONFIGURATION
# =============================================================================
HUGGINGFACE_REPO=The-OpenROAD-Project/ORAssistant_RAG_Dataset
RAG_DATA_PATH=/ORAssistant-backend/data
VECTOR_STORE_PATH=/ORAssistant-backend/data/vectorstore
PV_NAME=rag-dataset-pv
PVC_NAME=rag-dataset-pvc
STORAGE_SIZE=10Gi
STORAGE_CLASS=ssd-regional
DISK_NAME=rag-dataset-disk

# =============================================================================
# RESOURCE LIMITS
# =============================================================================
BACKEND_CPU_REQUEST=1000m
BACKEND_CPU_LIMIT=2000m
BACKEND_MEMORY_REQUEST=4Gi
BACKEND_MEMORY_LIMIT=8Gi
FRONTEND_CPU_REQUEST=100m
FRONTEND_CPU_LIMIT=500m
FRONTEND_MEMORY_REQUEST=512Mi
FRONTEND_MEMORY_LIMIT=1Gi
INIT_CPU_REQUEST=200m
INIT_CPU_LIMIT=500m
INIT_MEMORY_REQUEST=512Mi
INIT_MEMORY_LIMIT=1Gi

# =============================================================================
# AUTOSCALING CONFIGURATION
# =============================================================================
BACKEND_MIN_REPLICAS=1
BACKEND_MAX_REPLICAS=3
BACKEND_CPU_TARGET=70
BACKEND_MEMORY_TARGET=80
FRONTEND_MIN_REPLICAS=1
FRONTEND_MAX_REPLICAS=2
FRONTEND_CPU_TARGET=70
FRONTEND_MEMORY_TARGET=80
SCALE_DOWN_STABILIZATION=300
SCALE_UP_STABILIZATION=60
SCALE_DOWN_PERCENT=50
SCALE_UP_PERCENT=100

# =============================================================================
# NETWORKING CONFIGURATION
# =============================================================================
STATIC_IP_NAME=orassistant-ip
BACKEND_LB_TYPE=Internal
FRONTEND_LB_TYPE=External
BACKEND_SERVICE_NAME=backend-service
FRONTEND_SERVICE_NAME=frontend-service
BACKEND_INTERNAL_LB=backend-internal-lb
FRONTEND_EXTERNAL_LB=frontend-external-lb
ALLOW_DNS_PORT=53
ALLOW_HTTP_PORT=80
ALLOW_HTTPS_PORT=443
ALLOW_MONGODB_PORT=27017

# =============================================================================
# SSL CERTIFICATE CONFIGURATION
# =============================================================================
MANAGED_CERT_NAME=orassistant-ssl-cert
LETSENCRYPT_CERT_NAME=orassistant-letsencrypt-cert
TLS_SECRET_NAME=orassistant-tls-secret
SSL_POLICY_NAME=orassistant-ssl-policy
SSL_PROFILE=MODERN
MIN_TLS_VERSION=TLS_1_2
CERT_MANAGER_VERSION=v1.13.0
LETSENCRYPT_SERVER=https://acme-v02.api.letsencrypt.org/directory
CERT_ISSUER_NAME=letsencrypt-prod
CERT_EXPIRY_THRESHOLD=30
CERT_CHECK_SCHEDULE="0 9 * * *"

# =============================================================================
# HEALTH CHECK CONFIGURATION
# =============================================================================
BACKEND_HEALTH_PATH=/healthcheck
BACKEND_LIVENESS_INITIAL_DELAY=180
BACKEND_LIVENESS_PERIOD=30
BACKEND_LIVENESS_TIMEOUT=10
BACKEND_READINESS_INITIAL_DELAY=60
BACKEND_READINESS_PERIOD=10
BACKEND_STARTUP_INITIAL_DELAY=30
FRONTEND_HEALTH_PATH=/
FRONTEND_LIVENESS_INITIAL_DELAY=30
FRONTEND_LIVENESS_PERIOD=30
FRONTEND_READINESS_INITIAL_DELAY=10
FRONTEND_READINESS_PERIOD=10
FRONTEND_STARTUP_INITIAL_DELAY=10
HEALTH_CHECK_INTERVAL=10
HEALTH_CHECK_TIMEOUT=5
HEALTH_CHECK_HEALTHY_THRESHOLD=2
HEALTH_CHECK_UNHEALTHY_THRESHOLD=3
CONNECTION_DRAINING_TIMEOUT=60

# =============================================================================
# MAINTENANCE AND MONITORING
# =============================================================================
MAINTENANCE_START=2023-01-01T09:00:00Z
MAINTENANCE_END=2023-01-01T17:00:00Z
MAINTENANCE_RECURRENCE="FREQ=WEEKLY;BYDAY=SA"
LOGGING_CONFIG=SYSTEM,WORKLOAD
MONITORING_CONFIG=SYSTEM
SESSION_AFFINITY_TYPE=CLIENT_IP
SESSION_AFFINITY_TTL=3600

# =============================================================================
# DEVELOPMENT CONFIGURATION
# =============================================================================
DEV_MODE=false
DEBUG_ENABLED=false
ENABLE_PREEMPTIBLE_NODES=false
IMAGE_PULL_POLICY=Always
BACKEND_TAINT_KEY=backend-workload
FRONTEND_TAINT_KEY=frontend-workload
TAINT_VALUE=true
TAINT_EFFECT=NoSchedule
Loading