Deployment
All Core Components and NLP Services can be deployed into Kubernetes cluster using Helm charts.
Before you start with deployment you have to ensure that your Kubernetes cluster is appropriately preconfigured and contains all requested resources, including
- Ingress component to configure processing of incoming web traffic
- Certificate Manager and Cluster Issuer for managing issuing and renewal of SSL certificates used by web hosts
- Secrets containing required configuration files with sensitive
We recommend ingress-nginx from Kubernetes
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update
kubectl apply -f deploy/nginx-config.yaml # optional: SSL cipher order setup update (stronger first - Alexa requires it)
helm install ingress-nginx ingress-nginx/ingress-nginx --set controller.service.loadBalancerIP=35.198.81.12 --set rbac.create=true --set controller.publishService.enabled=true
helm repo add jetstack https://charts.jetstack.io
helm repo update
# helm v2
helm install --name cert-manager --namespace cert-manager --version v1.0.1 --set installCRDs=true jetstack/cert-manager
# helm v3
helm install cert-manager jetstack/cert-manager --namespace cert-manager --version v1.0.1 --set installCRDs=true
Cluster certificate issuer have to be installed (e.g. Let's Encrypt) to issue certificate for ingress resources.
kubectl apply -f deploy/clusterissuer-letsencrypt.yaml
Before Core Components can be deployed using Helm, there must be two secrets in place
app-localcontaining runtime configuration for Core componentsgoogle-sacontaining Google Service Account key
kubectl create secret generic google-sa --from-file=google-sa.key
kubectl create secret generic app-local --from-file=app.local.properties
database.url=mongodb+srv://user:[email protected]
illusionist.url=https://illusionist.flowstorm.ai
illusionist.apiKey=xxx
aws.secret-key=xxx
aws.access-key=xxx
mscs.key=xxx
mscs.location=xxx
mailgun.domain=mg-domain.com
mailgun.apikey=xxx
mailgun.baseUrl=https://api.eu.mailgun.net/v3/
Helm is the package and deployment manager for Kubernetes.
Core Components have their Helm charts available as a part of project source code at https://github.com/flowstorm/core/tree/master/deploy.
Following variables can be used to parametrise Kubernetes deployment using Helm charts:
Name | Default | Description |
baseDomain | flowstorm.ai | Base domain for ingress host |
clusterIssuer | letsencrypt | Cluster certificate issuer |
namespace | default | Cluster namespace |
imagePullSecrets | promethistai-registry | Secret name of type kubernetes.io/dockerconfigjson |
imagePullPolicy | IfNotPresent | Pulling policy |
app.image.name | registry.gitlab.com/promethistai/flowstorm-core/runner/appregistry.gitlab.com/promethistai/flowstorm-core/builder/app | Docker image |
app.image.tag | latest | Docker tag |
app.mem | 1024 for runner, 512 for builder | Memory limit (- XmX java parameter value in megabytes) |
app.resources.requests.cpu | 0.01 | Minimum CPU requested for pod |
app.resources.requests.memory | 1024Mi for runner, 512Mi for builder | Minimum memory for pod |
If you want to deploy to different than default namespace, use -
-set namespace=namespace-name for helm command and -n namespace-name for kubectl command.helm upgrade --install flowstorm-runner deploy/runner/app
helm upgrade --install flowstorm-builder deploy/builder/app
�If you want to check deployed resources
kubectl get all -l app=flowstorm-runner
kubectl get all -l app=flowstorm-builder
TBD @jan.pichl