diff --git a/kubernetes/apps/finesse-guidance/finesse-guidance-backend-deployment.yml b/kubernetes/apps/finesse-guidance/finesse-guidance-backend-deployment.yml new file mode 100644 index 00000000..ec53bc22 --- /dev/null +++ b/kubernetes/apps/finesse-guidance/finesse-guidance-backend-deployment.yml @@ -0,0 +1,79 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: secrets-reader + namespace: finesse-guidance + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: finesse-backend + namespace: finesse-guidance +spec: + replicas: 1 + selector: + matchLabels: + app: finesse-backend + template: + metadata: + labels: + app: finesse-backend + annotations: + vault.hashicorp.com/agent-inject: 'true' + vault.hashicorp.com/role: 'secrets-reader' + vault.hashicorp.com/tls-skip-verify: 'true' + vault.hashicorp.com/agent-inject-template-.env: | + {{- with secret "apps/finesse-new" -}} + AZURE_OPENAI_CHATGPT_DEPLOYMENT="{{ .Data.data.AZURE_OPENAI_CHATGPT_DEPLOYMENT }}" + AZURE_OPENAI_GPT_DEPLOYMENT="{{ .Data.data.AZURE_OPENAI_GPT_DEPLOYMENT }}" + FINESSE_BACKEND_AZURE_SEARCH_API_KEY="{{ .Data.data.FINESSE_BACKEND_AZURE_SEARCH_API_KEY }}" + FINESSE_BACKEND_AZURE_SEARCH_ENDPOINT="{{ .Data.data.FINESSE_BACKEND_AZURE_SEARCH_ENDPOINT }}" + FINESSE_BACKEND_AZURE_SEARCH_INDEX_NAME="{{ .Data.data.FINESSE_BACKEND_AZURE_SEARCH_INDEX_NAME }}" + FINESSE_BACKEND_GITHUB_STATIC_FILE_URL="{{ .Data.data.FINESSE_BACKEND_GITHUB_STATIC_FILE_URL }}" + FINESSE_BACKEND_STATIC_FILE_URL="{{ .Data.data.FINESSE_BACKEND_STATIC_FILE_URL }}" + FINESSE_BACKEND_DEBUG_MODE="{{ .Data.data.FINESSE_BACKEND_DEBUG_MODE }}" + FINESSE_WEIGHTS="{{ .Data.data.FINESSE_WEIGHTS }}" + LOUIS_DSN="{{ .Data.data.LOUIS_DSN }}" + LOUIS_SCHEMA="{{ .Data.data.LOUIS_SCHEMA }}" + OPENAI_API_ENGINE="{{ .Data.data.OPENAI_API_ENGINE }}" + OPENAI_API_KEY="{{ .Data.data.OPENAI_API_KEY }}" + OPENAI_API_VERSION="{{ .Data.data.OPENAI_API_VERSION }}" + OPENAI_ENDPOINT="{{ .Data.data.OPENAI_ENDPOINT }}" + FINESSE_BACKEND_AZURE_SEARCH_PARAMS={{ .Data.data.FINESSE_BACKEND_AZURE_SEARCH_PARAMS }} + FINESSE_BACKEND_AZURE_SEARCH_TRANSFORM_MAP={{ .Data.data.FINESSE_BACKEND_AZURE_SEARCH_TRANSFORM_MAP }} + {{- end }} + spec: + serviceAccountName: secrets-reader + containers: + - name: finesse-backend + image: ghcr.io/ai-cfia/finesse-backend:main + imagePullPolicy: Always + command: ["/bin/sh", "-c"] + args: + - > + cp /vault/secrets/.env . && + gunicorn --bind :8080 --workers 1 --threads 8 --timeout 0 --forwarded-allow-ips "*" app:app + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /health + port: 8080 + initialDelaySeconds: 60 + periodSeconds: 10 + +--- +apiVersion: v1 +kind: Service +metadata: + name: finesse-backend-svc + namespace: finesse-guidance +spec: + clusterIP: None + selector: + app: finesse-backend + ports: + - protocol: TCP + port: 8080 diff --git a/kubernetes/apps/finesse-guidance/finesse-guidance-frontend-deployment.yml b/kubernetes/apps/finesse-guidance/finesse-guidance-frontend-deployment.yml new file mode 100644 index 00000000..f9b74b25 --- /dev/null +++ b/kubernetes/apps/finesse-guidance/finesse-guidance-frontend-deployment.yml @@ -0,0 +1,43 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: finesse-frontend + namespace: finesse-guidance +spec: + replicas: 1 + selector: + matchLabels: + app: finesse-frontend + template: + metadata: + labels: + app: finesse-frontend + spec: + serviceAccountName: secrets-reader + containers: + - name: finesse-frontend + image: ghcr.io/ai-cfia/finesse-frontend:main + imagePullPolicy: Always + ports: + - containerPort: 3000 + livenessProbe: + httpGet: + path: /health + port: 3000 + initialDelaySeconds: 60 + periodSeconds: 10 + +--- +apiVersion: v1 +kind: Service +metadata: + name: finesse-frontend-svc + namespace: finesse-guidance +spec: + clusterIP: None + selector: + app: finesse-frontend + ports: + - protocol: TCP + port: 3000 diff --git a/kubernetes/apps/finesse-guidance/finesse-guidance-ingress.yml b/kubernetes/apps/finesse-guidance/finesse-guidance-ingress.yml new file mode 100644 index 00000000..7539a511 --- /dev/null +++ b/kubernetes/apps/finesse-guidance/finesse-guidance-ingress.yml @@ -0,0 +1,60 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: finesse-backend-ingress + namespace: finesse-guidance + annotations: + nginx.ingress.kubernetes.io/use-regex: "true" + nginx.ingress.kubernetes.io/rewrite-target: /$2 # https://kubernetes.github.io/ingress-nginx/examples/rewrite/ + cert-manager.io/cluster-issuer: letsencrypt-http + ingress.kubernetes.io/force-ssl-redirect: "true" + kubernetes.io/tls-acme: "true" +spec: + ingressClassName: nginx + tls: + - hosts: + - finesse-guidance.ninebasetwo.xyz + secretName: aciacfia-tls + rules: + - host: finesse-guidance.ninebasetwo.xyz + http: + paths: + - path: /api(/|$)(.*) + pathType: ImplementationSpecific + backend: + service: + name: finesse-backend-svc + port: + number: 8080 + +--- +# For more information check https://github.com/nginxinc/kubernetes-ingress/issues/323 +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: finesse-frontend-ingress + namespace: finesse-guidance + annotations: + nginx.ingress.kubernetes.io/add-base-url: "true" + nginx.ingress.kubernetes.io/rewrite-target: / + cert-manager.io/cluster-issuer: letsencrypt-http + ingress.kubernetes.io/force-ssl-redirect: "true" + kubernetes.io/tls-acme: "true" +spec: + ingressClassName: nginx + tls: + - hosts: + - finesse-guidance.ninebasetwo.xyz + secretName: aciacfia-tls + rules: + - host: finesse-guidance.ninebasetwo.xyz + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: finesse-frontend-svc + port: + number: 3000 diff --git a/kubernetes/apps/finesse-guidance/finesse-guidance-namespace.yml b/kubernetes/apps/finesse-guidance/finesse-guidance-namespace.yml new file mode 100644 index 00000000..d615ec82 --- /dev/null +++ b/kubernetes/apps/finesse-guidance/finesse-guidance-namespace.yml @@ -0,0 +1,7 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: finesse-guidance + labels: + name: finesse-guidance diff --git a/kubernetes/apps/finesse/finesse-backend-deployment.yml b/kubernetes/apps/finesse/finesse-backend-deployment.yml index 157d7084..84feea3d 100644 --- a/kubernetes/apps/finesse/finesse-backend-deployment.yml +++ b/kubernetes/apps/finesse/finesse-backend-deployment.yml @@ -12,7 +12,7 @@ metadata: name: finesse-backend namespace: finesse spec: - replicas: 2 + replicas: 1 selector: matchLabels: app: finesse-backend @@ -41,6 +41,8 @@ spec: OPENAI_API_KEY="{{ .Data.data.OPENAI_API_KEY }}" OPENAI_API_VERSION="{{ .Data.data.OPENAI_API_VERSION }}" OPENAI_ENDPOINT="{{ .Data.data.OPENAI_ENDPOINT }}" + FINESSE_BACKEND_AZURE_SEARCH_PARAMS={{ .Data.data.FINESSE_BACKEND_AZURE_SEARCH_PARAMS }} + FINESSE_BACKEND_AZURE_SEARCH_TRANSFORM_MAP={{ .Data.data.FINESSE_BACKEND_AZURE_SEARCH_TRANSFORM_MAP }} {{- end }} spec: serviceAccountName: secrets-reader diff --git a/kubernetes/apps/finesse/finesse-frontend-deployment.yml b/kubernetes/apps/finesse/finesse-frontend-deployment.yml index 7b9d3610..7a9500a7 100644 --- a/kubernetes/apps/finesse/finesse-frontend-deployment.yml +++ b/kubernetes/apps/finesse/finesse-frontend-deployment.yml @@ -5,7 +5,7 @@ metadata: name: finesse-frontend namespace: finesse spec: - replicas: 2 + replicas: 1 selector: matchLabels: app: finesse-frontend