Skip to content

Setup

This section describes the steps that the platform team has to follow to deploy and operate the MLOps platform on their GCP infrastructure. This offering uses Rafay Environment Manager to provision and manage infrastructure in GCP and Rafay Kubernetes Manager to provision and manage the GKE cluster and associated resources in Kubernetes.

The high level steps that the administrator has to follow to get this operational on their infrastructure are:

  1. Load the Rafay provided templates into their Org
  2. Update configuration (e.g. credentials, GCP project name etc)
  3. Deploy the template

The sequence diagram below describes the high level steps visually.

sequenceDiagram 
    participant plat as Platform Team 
    participant rafay as Environment Manager 
    participant idp as Identity Provider 
    participant gcp as Google Cloud

    plat->>rafay: Load Environment Templates
    plat->>rafay: Configure Contexts
    plat->>rafay: Deploy Environment Template
    rafay->>gcp: Provision Infrastructure
    rafay->>idp: Integrate MLOps<br> with Corporate IdP (OKTA)
    rafay-->>plat: Setup Complete 

In this step, you will use the Template Loader Utility to import the Rafay provided templates into your Org. The loader utility is composed of the following components:

README

This file provides detail on the usage of the utility

values.yaml

This file contains the user specific configuration parameters used by the script

createtemplates.sh

This script is the file that is executed to run the utility

Environment Manager Templates

The utility has two modes of operation. The first mode uses the Rafay MLOps repository and the second mode uses a user defined private repository to load the Environment Manager templates into the organization. For this template, you will use the user defined private repository option.

Private Repository

Since a private repository will be used, a System Sync pipeline will be automatically created to allow for bidirectional synchronization of the Environment Manager resources to the private Git repository.


Install Prerequisites

The following tools will need to be installed on the machine running the utility.

  • docker
  • docker-compose
  • git
  • grep
  • awk
  • jq
  • yq
  • rctl

Install RCTL

The RCTL CLI allows you to programmatically interact with the controller enabling users to construct sophisticated automation workflows.

  • Login into your Org
  • Navigate to "My Tools" to download both the RCTL CLI and the "CLI Config" file
  • Initialize RCTL using the step-by-step instructions
  • Ensure you update your OS's Path environment variable for RCTL

Load Data Into Repository

In this step, you will load the provided templates into your private GIT repository. Be sure to load the data into the root of the repository.

Note

The Rafay agent automatically writes back changes to Git if you make any changes to the resources via the web console or other supported interfaces.

  • The resources (esp. secrets) you identify as sensitive. will be automatically encrypted using a secret sealer before being synced to your Git repo.
  • If you forget to mark resources as sensitive, they will not be encrypted

Clone Git Repository

In this step, you will clone a Git repository to your local machine to simplify interacting with the repository.

  • Clone the Git repository to your laptop using the command below. Be sure to update the repository URL with your private repository's URL.
git clone <Repository URL>
  • Once complete, you should see a directory with the name of the repository. This directory contains the resources needed for the loader utility.

Configure Environment Parameters

In this step, you will configure a values file that will then be used by the loader utility.

  • Open a Terminal (on macOS/Linux) and navigate to the directory where you cloned the Git repository
  • Navigate to the folder < Repo_Name >/setup

  • Update the values in the "values.yaml" file with the values from your environment. Use the README for assistance.

  • Be sure to uncomment - ../templates/gcp within the templates section of the values file

If you want to define user resource quotas, uncomment - ../templates/resource-quota within the templates section of the values file

Note The following parameters should be configured as isPrivateRepo should be set to true: userName, token, endPoint, branch and path

Note

Watch this video for the steps


Create GitHub Token

If needed, create a Personal Access Token in Github to allow access to the GitHub repository.

  • Ensure you are logged into your GitHub.com account
  • Go to the GitHub Account Settings
  • Click "Generate new token (classic)"
  • Provide a note for the token,
  • Select the repo scope
  • Click Generate token
  • Copy this token for use in the values.yaml file

Run Utility

In this step, you will run the utility which will assist in creating the resources for this guide.

  • Navigate to the folder < Repo_Name >/setup
  • Execute the createtemplates.sh script

The script will begin to run and create the resources in the organization.

Note

The script will provide webhook details at the end of the output. Use these webhook details in the next step.


Setup GitHub Webhook

This step is only required if you will be using a private repository. In this step, you will configure your repository webhook. The webhook will be used to trigger the System-Sync pipeline in the controller.

  • Navigate to your GitHub repository -> Settings -> Webhooks
  • Click Add webhook
  • Copy and Paste the "Payload URL" and "Secret" from the script output
  • Click Add webhook

Webhook in GitHub

Once Complete, you will see the new environment card in your organization under Environments -> Environments