|
1 | 1 |
|
2 | 2 | # Install the Run:ai Control Plane |
3 | 3 |
|
4 | | -## Prerequisites and preperations |
| 4 | +## Prerequisites and preparations |
5 | 5 |
|
6 | | -Make sure you have followed the Control Plane [prerequisites](./prerequisites.md) and [preperations](./preperations.md). |
| 6 | +Make sure you have followed the Control Plane [prerequisites](./prerequisites.md) and [preparations](./preparations.md). |
7 | 7 |
|
8 | | -## Install the Control Plane |
| 8 | +## Helm install |
9 | 9 |
|
10 | 10 | Run the helm command below: |
11 | 11 |
|
@@ -38,70 +38,84 @@ Run the helm command below: |
38 | 38 | !!! Tip |
39 | 39 | Use the `--dry-run` flag to gain an understanding of what is being installed before the actual installation. |
40 | 40 |
|
41 | | -### Additional configurations (optional) |
| 41 | +## Additional Run:ai configurations (optional) |
42 | 42 |
|
43 | | -There may be cases where you need to set additional properties as follows: |
| 43 | +There may be cases where you need to set additional properties, |
| 44 | +To apply the changes run `helm upgrade` and use `--set` to set specific configurations, and restart the relevant Run:ai pods so they can fetch the new configurations. |
44 | 45 |
|
45 | 46 | | Key | Change | Description | |
46 | | -|----------|----------|-------------| |
47 | | -| `redis.auth.password` | Redis (Runai internal cache mechanism) applicative password | Override the default password | |
48 | | -| `keycloakx.adminUser` | User name of the internal identity provider administrator | This user is the administrator of Keycloak | |
49 | | -| `keycloakx.adminPassword` | Password of the internal identity provider administrator | This password is for the administrator of Keycloak | |
50 | | -| `global.keycloakx.host` | KeyCloak (Run:ai internal identity provider) host path | Override the DNS for Keycloak. This can be used to access Keycloak from outside the Run:ai Control Plane cluster via ingress | |
| 47 | +|----------|----------|-------------| |
51 | 48 | | `global.ingress.ingressClass` | Ingress class | Run:ai default is using NGINX. If your cluster has a different ingress controller, you can configure the ingress class to be created by Run:ai | |
52 | | -| `global.ingress.tlsSecretName` | TLS secret name | Run:ai requires the creation of a secret with domain certificate. See [above](#domain-certificate). If the `runai-backend` namespace already had such a secret, you can set the secret name here | |
| 49 | +| `global.ingress.tlsSecretName` | TLS secret name | Run:ai requires the creation of a secret with [domain certificate](./preparations.md#domain-certificate). If the `runai-backend` namespace already had such a secret, you can set the secret name here | |
| 50 | +| `<component>` <br>  `resources:` <br>   `limits:` <br>     `cpu: 500m` <br>     `memory: 512Mi` <br>   `requests:` <br>     `cpu: 250m` <br>     `memory: 256Mi` | Pod request and limits | Set Run:ai and 3rd party services' resources | |
| 51 | +|<div style="width:200px"></div>| | | |
| 52 | + |
| 53 | +## Additional 3rd party configurations (optional) |
| 54 | + |
| 55 | +The Run:ai Control Plane chart, includes multiple sub-charts of 3rd party components: |
| 56 | + |
| 57 | +* [PostgreSQL](https://artifacthub.io/packages/helm/bitnami/postgresql){target=_blank} - Data store |
| 58 | +* [Thanos](https://artifacthub.io/packages/helm/bitnami/thanos |
| 59 | +){target=_blank} - Metrics Store |
| 60 | +* [Keycloakx](https://artifacthub.io/packages/helm/codecentric/keycloakx){target=_blank} - Identity & Access Management |
| 61 | +* [Grafana](https://artifacthub.io/packages/helm/grafana/grafana){target=_blank} - Analytics Dashboard |
| 62 | +* [Redis](https://artifacthub.io/packages/helm/bitnami/redis){target=_blank} - Caching (Disabled, by default) |
| 63 | + |
| 64 | +!!! Tip |
| 65 | + Click on any component, to view it's chart values and configurations |
| 66 | + |
| 67 | +If you have opted to connect to an [external PostgreSQL database](preparations.md#external-postgres-database-optional), refer to the additional configurations table below. Adjust the following parameters based on your connection details: |
| 68 | + |
| 69 | +1. Disable PostgreSQL deployment - `postgresql.enabled` |
| 70 | +2. Run:ai connection details - `global.postgresql.auth` |
| 71 | +3. Grafana connection details - `grafana.dbUser`, `grafana.dbPassword` |
| 72 | + |
| 73 | +### PostgreSQL |
| 74 | + |
| 75 | +| Key | Change | Description | |
| 76 | +|----------|----------|-------------| |
53 | 77 | | `postgresql.enabled`| PostgreSQL installation | If set to `false` the PostgreSQL will not be installed | |
54 | 78 | | `global.postgresql.auth.host` | PostgreSQL host | Hostname or IP address of the PostgreSQL server | |
55 | 79 | | `global.postgresql.auth.port` | PostgreSQL port | Port number on which PostgreSQL is running | |
56 | 80 | | `global.postgresql.auth.username` | PostgreSQL username | Username for connecting to PostgreSQL | |
57 | 81 | | `global.postgresql.auth.password` | PostgreSQL password | Password for the PostgreSQL user specified by `global.postgresql.auth.username` | |
58 | 82 | | `global.postgresql.auth.postgresPassword` | PostgreSQL default admin password | Password for the built-in PostgreSQL superuser (`postgres`) | |
| 83 | +| `global.postgresql.auth.existingSecret` | Postgres Credentials (secret) | Existing secret name with authentication credentials | |
59 | 84 | | `postgresql.primary.initdb.password` | PostgreSQL default admin password | Set the same password as in `global.postgresql.auth.postgresPassword` (if changed) | |
60 | | -| `grafana.dbUser` | Grafana database username | Username for accessing the Grafana database | |
61 | | -| `grafana.dbPassword` | Grafana database password | Password for the Grafana database user | |
62 | | -| `grafana.adminUser` | Grafana username | Override the Run:ai default user name for accessing Grafana | |
63 | | -| `grafana.adminPassword` | Grafana password | Override the Run:ai default password for accessing Grafana | |
64 | | -| `grafana.dbUser` | Grafana's username for PostgreSQL | Override the Run:ai default user name for Grafana to access Run:ai database (PostgreSQL) | |
65 | | -| `grafana.dbPassword` | Grafana's password for PostgreSQL | Override the Run:ai default password for Grafana to access Run:ai database (PostgreSQL) | |
66 | | -| `grafana.grafana.ini.database.user` | Reference to Grafana's username for PostgreSQL | Don't override this value | |
67 | | -| `grafana.grafana.ini.database.password` | Reference to Grafana's password for PostgreSQL | Don't override this value | |
68 | | -| `tenantsManager.config.adminUsername` | Run:ai first admin username | Override the default user name of the first admin user created with Run:ai | |
69 | | -| `tenantsManager.config.adminPassword` | Run:ai first admin user's password | Override the default password of the first admin user created with Run:ai | |
70 | | -| `thanos.receive.persistence.storageClass` and `postgresql.primary.persistence.storageClass` | Storage class | The installation to work with a specific storage class rather than the default one | |
71 | | -| `<component>` <br>  `resources:` <br>   `limits:` <br>     `cpu: 500m` <br>     `memory: 512Mi` <br>   `requests:` <br>     `cpu: 250m` <br>     `memory: 256Mi` | Pod request and limits | `<component>` may be anyone of the following: `backend`, `frontend`, `assetsService`, `identityManager`, `tenantsManager`, `keycloakx`, `grafana`, `authorization`, `orgUnitService`,`policyService` | |
72 | | -|<div style="width:200px"></div>| | | |
| 85 | +| `postgresql.primary.persistence.storageClass` | Storage class | The installation to work with a specific storage class rather than the default one | |
73 | 86 |
|
74 | | -Use the `--set` syntax in the helm command above. |
| 87 | +### Thanos |
75 | 88 |
|
76 | | -#### External PostgreSQL database |
77 | | - |
78 | | -If you have opted to connect to an [external PostgreSQL database](preperations.md#external-postgres-database-optional), refer to the additional configurations table below. Adjust the following parameters based on your connection details: |
| 89 | +| Key | Change | Description | |
| 90 | +|----------|----------|-------------| |
| 91 | +| `thanos.receive.persistence.storageClass` | Storage class | The installation to work with a specific storage class rather than the default one | |
79 | 92 |
|
80 | | -* `postgresql.enabled` - set to `false` |
81 | | -* `global.postgresql.auth.password` |
82 | | -* `global.postgresql.auth.username` |
83 | | -* `global.postgresql.auth.host` |
84 | | -* `global.postgresql.auth.port` |
85 | | -* `grafana.dbUser` |
86 | | -* `grafana.dbPassword` |
| 93 | +### Keycloakx |
87 | 94 |
|
88 | | -#### External PostgreSQL database |
| 95 | +| Key | Change | Description | |
| 96 | +|----------|----------|-------------| |
| 97 | +| `keycloakx.adminUser` | User name of the internal identity provider administrator | This user is the administrator of Keycloak | |
| 98 | +| `keycloakx.adminPassword` | Password of the internal identity provider administrator | This password is for the administrator of Keycloak | |
| 99 | +| `keycloakx.existingSecret` | Keycloakx Credentials (secret) | Existing secret name with authentication credentials | |
| 100 | +| `global.keycloakx.host` | KeyCloak (Run:ai internal identity provider) host path | Override the DNS for Keycloak. This can be used to access Keycloak from outside the Run:ai Control Plane cluster via ingress | |
89 | 101 |
|
90 | | -If you have opted to connect to an [external PostgreSQL database](preperations.md#external-postgres-database-optional), refer to the additional configurations table below. Adjust the following parameters based on your connection details: |
| 102 | +### Grafana |
91 | 103 |
|
92 | | -* `postgresql.enabled` - set to `false` |
93 | | -* `global.postgresql.auth.password` |
94 | | -* `global.postgresql.auth.username` |
95 | | -* `global.postgresql.auth.host` |
96 | | -* `global.postgresql.auth.port` |
97 | | -* `grafana.dbUser` |
98 | | -* `grafana.dbPassword` |
| 104 | +| Key | Change | Description | |
| 105 | +|----------|----------|-------------| |
| 106 | +| `grafana.db.existingSecret` | Grafana database connection credentials (secret) | Existing secret name with authentication credentials | |
| 107 | +| `grafana.dbUser` | Grafana database username | Username for accessing the Grafana database | |
| 108 | +| `grafana.dbPassword` | Grafana database password | Password for the Grafana database user | |
| 109 | +| `grafana.admin.existingSecret` | Grafana admin default credentials (secret) | Existing secret name with authentication credentials | |
| 110 | +| `grafana.adminUser` | Grafana username | Override the Run:ai default user name for accessing Grafana | |
| 111 | +| `grafana.adminPassword` | Grafana password | Override the Run:ai default password for accessing Grafana | |
99 | 112 |
|
100 | | -!!! Note |
101 | | - If you modify one of the usernames or passwords (KeyCloak, PostgreSQL, Grafana) after Run:ai is already installed, perform the following steps to apply the change: |
| 113 | +### Redis |
102 | 114 |
|
103 | | - 1. Modify the username/password within the relevant component as well (KeyCloak, PostgreSQL, Grafana). |
104 | | - 2. Run `helm upgrade` for Run:ai with the right values, and restart the relevant Run:ai pods so they can fetch the new username/password. |
| 115 | +| Key | Change | Description | |
| 116 | +|----------|----------|-------------| |
| 117 | +| `redisCache.auth.password` | Redis (Runai internal cache mechanism) applicative password | Override the default password | |
| 118 | +| `redisCache.auth.existingSecret` | Redis credentials (secret) | Existing secret name with authentication credentials | |
105 | 119 |
|
106 | 120 | ## Next Steps |
107 | 121 |
|
|
0 commit comments