Setup
This section describes the steps that the platform team has to follow to deploy and operate the MLOps platform on their GCP infrastructure. This offering uses Rafay Environment Manager to provision and manage infrastructure in GCP and Rafay Kubernetes Manager to provision and manage the GKE cluster and associated resources in Kubernetes.
The high level steps that the administrator has to follow to get this operational on their infrastructure are:
- Load the Rafay provided templates into their Org
- Update configuration (e.g. credentials, GCP project name etc)
- Deploy the template
The sequence diagram below describes the high level steps visually.
sequenceDiagram
participant plat as Platform Team
participant rafay as Environment Manager
participant idp as Identity Provider
participant gcp as Google Cloud
plat->>rafay: Load Environment Templates
plat->>rafay: Configure Contexts
plat->>rafay: Deploy Environment Template
rafay->>gcp: Provision Infrastructure
rafay->>idp: Integrate MLOps<br> with Corporate IdP (OKTA)
rafay-->>plat: Setup Complete
In this step, you will use the Template Loader Utility to import the Rafay provided templates into your Org. The loader utility is composed of the following components:
README
This file provides detail on the usage of the utility
values.yaml
This file contains the user specific configuration parameters used by the script
createtemplates.sh
This script is the file that is executed to run the utility
Environment Manager Templates
The utility has two modes of operation. The first mode uses the Rafay MLOps repository and the second mode uses a user defined private repository to load the Environment Manager templates into the organization. For this template, you will use the user defined private repository option.
Private Repository
Since a private repository will be used, a System Sync pipeline will be automatically created to allow for bidirectional synchronization of the Environment Manager resources to the private Git repository.
Install Prerequisites¶
The following tools will need to be installed on the machine running the utility.
- docker
- docker-compose
- git
- grep
- awk
- jq
- yq
- rctl
Install RCTL¶
The RCTL CLI allows you to programmatically interact with the controller enabling users to construct sophisticated automation workflows.
- Login into your Org
- Navigate to "My Tools" to download both the RCTL CLI and the "CLI Config" file
- Initialize RCTL using the step-by-step instructions
- Ensure you update your OS's Path environment variable for RCTL
Load Data Into Repository¶
In this step, you will load the provided templates into your private GIT repository. Be sure to load the data into the root of the repository.
Note
The Rafay agent automatically writes back changes to Git if you make any changes to the resources via the web console or other supported interfaces.
- The resources (esp. secrets) you identify as sensitive. will be automatically encrypted using a secret sealer before being synced to your Git repo.
- If you forget to mark resources as sensitive, they will not be encrypted
Clone Git Repository¶
In this step, you will clone a Git repository to your local machine to simplify interacting with the repository.
- Clone the Git repository to your laptop using the command below. Be sure to update the repository URL with your private repository's URL.
git clone <Repository URL>
- Once complete, you should see a directory with the name of the repository. This directory contains the resources needed for the loader utility.
Configure Environment Parameters¶
In this step, you will configure a values file that will then be used by the loader utility.
- Open a Terminal (on macOS/Linux) and navigate to the directory where you cloned the Git repository
-
Navigate to the folder < Repo_Name >/setup
-
Update the values in the "values.yaml" file with the values from your environment. Use the README for assistance.
-
Be sure to uncomment - ../templates/gcp within the templates section of the values file
If you want to define user resource quotas, uncomment - ../templates/resource-quota within the templates section of the values file
Note The following parameters should be configured as isPrivateRepo should be set to true: userName, token, endPoint, branch and path
Note
Watch this video for the steps
Create GitHub Token¶
If needed, create a Personal Access Token in Github to allow access to the GitHub repository.
- Ensure you are logged into your GitHub.com account
- Go to the GitHub Account Settings
- Click "Generate new token (classic)"
- Provide a note for the token,
- Select the repo scope
- Click Generate token
- Copy this token for use in the values.yaml file
Run Utility¶
In this step, you will run the utility which will assist in creating the resources for this guide.
- Navigate to the folder < Repo_Name >/setup
- Execute the createtemplates.sh script
The script will begin to run and create the resources in the organization.
Note
The script will provide webhook details at the end of the output. Use these webhook details in the next step.
Setup GitHub Webhook¶
This step is only required if you will be using a private repository. In this step, you will configure your repository webhook. The webhook will be used to trigger the System-Sync pipeline in the controller.
- Navigate to your GitHub repository -> Settings -> Webhooks
- Click Add webhook
- Copy and Paste the "Payload URL" and "Secret" from the script output
- Click Add webhook
Once Complete, you will see the new environment card in your organization under Environments -> Environments