initial commit

Author: yacut

README.md

@@ -1 +1,29 @@
-# terraform-kubernetes-qdrant
+# Qdrant Terraform Module
+
+[![Terraform Registry URL](https://img.shields.io/badge/terraform-%235835CC.svg?style=for-the-badge&logo=terraform&logoColor=white)](https://registry.terraform.io/modules/ilert/qdrant/kubernetes/latest)
+
+Terraform module to deploy Qdrant vector DB on kubernetes
+
+## Usage
+
+> Make sure you have Terraform installed
+
+Create a `main.tf` file with the following content:
+
+```terraform
+module "qdrant" {
+  source       = "ilert/qdrant/kubernetes"
+  version      = "0.1.0"
+  name         = "qdrant"
+  namespace    = "default"
+  storage_size = "10Gi"
+}
+```
+
+Then run the following commands:
+
+```sh
+terraform init
+terraform apply
+```
+

config.tf

@@ -0,0 +1,16 @@
+resource "kubernetes_config_map" "this" {
+  metadata {
+    name      = var.name
+    namespace = var.namespace
+
+    labels = {
+      app = var.name
+    }
+  }
+
+  data = {
+    "initialize.sh"   = file("${path.module}/initialize.sh")
+    "entrypoint.sh"   = file("${path.module}/entrypoint.sh")
+    "production.yaml" = file("${path.module}/production.yaml")
+  }
+}

entrypoint.sh

@@ -0,0 +1,47 @@
+#!/bin/bash
+set -xe
+echo 'connect-timeout = 5' > $HOME/.curlrc
+echo 'retry = 5' >> $HOME/.curlrc
+echo 'retry-all-errors' >> $HOME/.curlrc
+
+if [ -d /mnt/secrets/certs ]; then
+  cp /mnt/secrets/certs/ca.pem /usr/share/pki/trust/anchors/private-ca.pem
+  update-ca-certificates
+fi
+
+QDRANT_COLLECTION="test_collection"
+echo "Connecting to qdrant.default:6333"
+QDRANT_URL="http://qdrant.default:6333"
+API_KEY_HEADER=""
+API_KEY_HEADER="Api-key: true"
+
+# Delete collection if exists
+curl -X DELETE -H "${API_KEY_HEADER}" $QDRANT_URL/collections/${QDRANT_COLLECTION}
+
+# Create collection
+curl -X PUT \
+-H 'Content-Type: application-json' \
+-d '{"vectors":{"size":4,"distance":"Dot"}}' \
+-H  "${API_KEY_HEADER}" \
+$QDRANT_URL/collections/${QDRANT_COLLECTION} --fail-with-body
+
+# Insert points
+curl -X PUT \
+-H 'Content-Type: application-json' \
+-d '{"points":[
+  {"id":1,"vector":[0.05, 0.61, 0.76, 0.74],"payload":{"city":"Berlin"}},
+  {"id":2,"vector":[0.19, 0.81, 0.75, 0.11],"payload":{"city":"London"}},
+  {"id":3,"vector":[0.36, 0.55, 0.47, 0.94],"payload":{"city":"Moscow"}},
+  {"id":4,"vector":[0.18, 0.01, 0.85, 0.80],"payload":{"city":"New York"}},
+  {"id":5,"vector":[0.24, 0.18, 0.22, 0.44],"payload":{"city":"Beijing"}},
+  {"id":6,"vector":[0.35, 0.08, 0.11, 0.44],"payload":{"city":"Mumbai"}}
+]}' \
+-H  "${API_KEY_HEADER}" \
+$QDRANT_URL/collections/${QDRANT_COLLECTION}/points --fail-with-body
+
+# Run query
+curl -X POST \
+-H 'Content-Type: application-json' \
+-d '{"vector":[0.2, 0.1, 0.9, 0.7],"limit":3}' \
+-H  "${API_KEY_HEADER}" \
+$QDRANT_URL/collections/${QDRANT_COLLECTION}/points/search --fail-with-body

initialize.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+set -e
+SET_INDEX=${HOSTNAME##*-}
+echo "Starting initializing for pod $SET_INDEX"
+if [ "$SET_INDEX" = "0" ]; then
+  exec ./entrypoint.sh --uri 'http://qdrant-0.qdrant-headless:6335'
+else
+  exec ./entrypoint.sh --bootstrap 'http://qdrant-0.qdrant-headless:6335' --uri 'http://qdrant-'"$SET_INDEX"'.qdrant-headless:6335'
+fi

pdb.tf

@@ -0,0 +1,15 @@
+resource "kubernetes_pod_disruption_budget_v1" "this" {
+  metadata {
+    name      = var.name
+    namespace = var.namespace
+  }
+
+  spec {
+    max_unavailable = 1
+    selector {
+      match_labels = {
+        app = kubernetes_stateful_set.this.metadata[0].name
+      }
+    }
+  }
+}

production.yaml

@@ -0,0 +1,6 @@
+cluster:
+  consensus:
+    tick_period_ms: 100
+  enabled: true
+  p2p:
+    port: 6335

secret.tf

@@ -0,0 +1,34 @@
+resource "random_password" "qdrant-api-key" {
+  length      = 128
+  special     = false
+  min_lower   = 3
+  min_numeric = 3
+  min_upper   = 3
+}
+
+resource "random_password" "qdrant-read-only-api-key" {
+  length      = 128
+  special     = false
+  min_lower   = 3
+  min_numeric = 3
+  min_upper   = 3
+}
+
+resource "kubernetes_secret" "this" {
+  metadata {
+    name      = var.name
+    namespace = var.namespace
+  }
+
+  data = {
+    "api-key"           = random_password.qdrant-api-key.result
+    "read-only-api-key" = random_password.qdrant-read-only-api-key.result
+    "local.yaml"        = <<EOL
+service:
+  api_key: ${random_password.qdrant-api-key.result}
+  read_only_api_key: ${random_password.qdrant-read-only-api-key.result}
+    EOL
+  }
+
+  type = "Opaque"
+}

service-account.tf

@@ -0,0 +1,7 @@
+resource "kubernetes_service_account" "this" {
+  metadata {
+    name      = var.name
+    namespace = var.namespace
+  }
+  automount_service_account_token = true
+}

service.tf

@@ -0,0 +1,77 @@
+resource "kubernetes_service" "this-headless" {
+  metadata {
+    name      = "${var.name}-headless"
+    namespace = var.namespace
+  }
+
+  spec {
+    selector = {
+      app = var.name
+    }
+
+    session_affinity            = "ClientIP"
+    cluster_ip                  = "None"
+    publish_not_ready_addresses = true
+
+    port {
+      name        = "http"
+      protocol    = "TCP"
+      port        = 6333
+      target_port = 6333
+    }
+
+    port {
+      name        = "grpc"
+      protocol    = "TCP"
+      port        = 6334
+      target_port = 6334
+    }
+
+    port {
+      name        = "p2p"
+      protocol    = "TCP"
+      port        = 6335
+      target_port = 6335
+    }
+
+    type = "ClusterIP"
+  }
+}
+
+resource "kubernetes_service" "this" {
+  metadata {
+    name      = var.name
+    namespace = var.namespace
+  }
+
+  spec {
+    selector = {
+      app = var.name
+    }
+
+    session_affinity = "ClientIP"
+
+    port {
+      name        = "http"
+      protocol    = "TCP"
+      port        = 6333
+      target_port = 6333
+    }
+
+    port {
+      name        = "grpc"
+      protocol    = "TCP"
+      port        = 6334
+      target_port = 6334
+    }
+
+    port {
+      name        = "p2p"
+      protocol    = "TCP"
+      port        = 6335
+      target_port = 6335
+    }
+
+    type = "ClusterIP"
+  }
+}