Skip to content

Commit

Permalink
chore: update doc
Browse files Browse the repository at this point in the history
  • Loading branch information
Telemaco019 committed Aug 6, 2024
1 parent 64c2ac1 commit 3b99dc4
Show file tree
Hide file tree
Showing 5 changed files with 71 additions and 83 deletions.
85 changes: 43 additions & 42 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,8 @@ Available on [Terraform Registry](https://registry.terraform.io/modules/nebuly-a

| Name | Description |
|------|-------------|
| <a name="output_helm_values"></a> [helm\_values](#output\_helm\_values) | The values.yaml file for installing Nebuly on the provisioned resources. |
| <a name="output_helm_values"></a> [helm\_values](#output\_helm\_values) | The `values.yaml` file for installing Nebuly with Helm.<br> The default standard configuration is used, which uses Nginx as ingress controller and exposes the application to the Internet.<br> This configuration can be customized according to specific needs. |
| <a name="output_secret_provider_class"></a> [secret\_provider\_class](#output\_secret\_provider\_class) | The secret-provider-class.yaml file for referencing from Kubernetes the secrets stored in the Key Vault. |


## Inputs
Expand Down Expand Up @@ -78,44 +79,44 @@ Available on [Terraform Registry](https://registry.terraform.io/modules/nebuly-a
## Resources


- resource.azuread_application.main (/terraform-docs/main.tf#217)
- resource.azuread_service_principal.main (/terraform-docs/main.tf#223)
- resource.azuread_service_principal_password.main (/terraform-docs/main.tf#228)
- resource.azurerm_cognitive_account.main (/terraform-docs/main.tf#412)
- resource.azurerm_cognitive_deployment.main (/terraform-docs/main.tf#431)
- resource.azurerm_key_vault.main (/terraform-docs/main.tf#151)
- resource.azurerm_key_vault_secret.api_key (/terraform-docs/main.tf#449)
- resource.azurerm_key_vault_secret.azuread_application_client_id (/terraform-docs/main.tf#232)
- resource.azurerm_key_vault_secret.azuread_application_client_secret (/terraform-docs/main.tf#237)
- resource.azurerm_key_vault_secret.postgres_passwords (/terraform-docs/main.tf#393)
- resource.azurerm_key_vault_secret.postgres_users (/terraform-docs/main.tf#382)
- resource.azurerm_kubernetes_cluster_node_pool.linux_pools (/terraform-docs/main.tf#621)
- resource.azurerm_management_lock.postgres_server (/terraform-docs/main.tf#325)
- resource.azurerm_monitor_metric_alert.postgres_server_alerts (/terraform-docs/main.tf#333)
- resource.azurerm_postgresql_flexible_server.main (/terraform-docs/main.tf#251)
- resource.azurerm_postgresql_flexible_server_configuration.mandatory_configurations (/terraform-docs/main.tf#302)
- resource.azurerm_postgresql_flexible_server_configuration.optional_configurations (/terraform-docs/main.tf#295)
- resource.azurerm_postgresql_flexible_server_database.main (/terraform-docs/main.tf#317)
- resource.azurerm_postgresql_flexible_server_firewall_rule.main (/terraform-docs/main.tf#309)
- resource.azurerm_private_dns_zone.blob (/terraform-docs/main.tf#112)
- resource.azurerm_private_dns_zone.dfs (/terraform-docs/main.tf#130)
- resource.azurerm_private_dns_zone.file (/terraform-docs/main.tf#94)
- resource.azurerm_private_dns_zone_virtual_network_link.blob (/terraform-docs/main.tf#118)
- resource.azurerm_private_dns_zone_virtual_network_link.dfs (/terraform-docs/main.tf#136)
- resource.azurerm_private_dns_zone_virtual_network_link.file (/terraform-docs/main.tf#100)
- resource.azurerm_private_endpoint.blob (/terraform-docs/main.tf#484)
- resource.azurerm_private_endpoint.dfs (/terraform-docs/main.tf#524)
- resource.azurerm_private_endpoint.file (/terraform-docs/main.tf#504)
- resource.azurerm_private_endpoint.key_vault (/terraform-docs/main.tf#177)
- resource.azurerm_role_assignment.key_vault_secret_officer__current (/terraform-docs/main.tf#207)
- resource.azurerm_role_assignment.key_vault_secret_user__aks (/terraform-docs/main.tf#202)
- resource.azurerm_role_assignment.storage_container_models__data_contributor (/terraform-docs/main.tf#479)
- resource.azurerm_storage_account.main (/terraform-docs/main.tf#461)
- resource.azurerm_storage_container.models (/terraform-docs/main.tf#475)
- resource.random_password.postgres_server_admin_password (/terraform-docs/main.tf#246)
- resource.tls_private_key.aks (/terraform-docs/main.tf#548)
- data source.azurerm_client_config.current (/terraform-docs/main.tf#71)
- data source.azurerm_resource_group.main (/terraform-docs/main.tf#68)
- data source.azurerm_subnet.aks_nodes (/terraform-docs/main.tf#77)
- data source.azurerm_subnet.private_endpoints (/terraform-docs/main.tf#82)
- data source.azurerm_virtual_network.main (/terraform-docs/main.tf#73)
- resource.azuread_application.main (/terraform-docs/main.tf#218)
- resource.azuread_service_principal.main (/terraform-docs/main.tf#224)
- resource.azuread_service_principal_password.main (/terraform-docs/main.tf#229)
- resource.azurerm_cognitive_account.main (/terraform-docs/main.tf#413)
- resource.azurerm_cognitive_deployment.main (/terraform-docs/main.tf#432)
- resource.azurerm_key_vault.main (/terraform-docs/main.tf#152)
- resource.azurerm_key_vault_secret.api_key (/terraform-docs/main.tf#450)
- resource.azurerm_key_vault_secret.azuread_application_client_id (/terraform-docs/main.tf#233)
- resource.azurerm_key_vault_secret.azuread_application_client_secret (/terraform-docs/main.tf#238)
- resource.azurerm_key_vault_secret.postgres_passwords (/terraform-docs/main.tf#394)
- resource.azurerm_key_vault_secret.postgres_users (/terraform-docs/main.tf#383)
- resource.azurerm_kubernetes_cluster_node_pool.linux_pools (/terraform-docs/main.tf#622)
- resource.azurerm_management_lock.postgres_server (/terraform-docs/main.tf#326)
- resource.azurerm_monitor_metric_alert.postgres_server_alerts (/terraform-docs/main.tf#334)
- resource.azurerm_postgresql_flexible_server.main (/terraform-docs/main.tf#252)
- resource.azurerm_postgresql_flexible_server_configuration.mandatory_configurations (/terraform-docs/main.tf#303)
- resource.azurerm_postgresql_flexible_server_configuration.optional_configurations (/terraform-docs/main.tf#296)
- resource.azurerm_postgresql_flexible_server_database.main (/terraform-docs/main.tf#318)
- resource.azurerm_postgresql_flexible_server_firewall_rule.main (/terraform-docs/main.tf#310)
- resource.azurerm_private_dns_zone.blob (/terraform-docs/main.tf#113)
- resource.azurerm_private_dns_zone.dfs (/terraform-docs/main.tf#131)
- resource.azurerm_private_dns_zone.file (/terraform-docs/main.tf#95)
- resource.azurerm_private_dns_zone_virtual_network_link.blob (/terraform-docs/main.tf#119)
- resource.azurerm_private_dns_zone_virtual_network_link.dfs (/terraform-docs/main.tf#137)
- resource.azurerm_private_dns_zone_virtual_network_link.file (/terraform-docs/main.tf#101)
- resource.azurerm_private_endpoint.blob (/terraform-docs/main.tf#485)
- resource.azurerm_private_endpoint.dfs (/terraform-docs/main.tf#525)
- resource.azurerm_private_endpoint.file (/terraform-docs/main.tf#505)
- resource.azurerm_private_endpoint.key_vault (/terraform-docs/main.tf#178)
- resource.azurerm_role_assignment.key_vault_secret_officer__current (/terraform-docs/main.tf#208)
- resource.azurerm_role_assignment.key_vault_secret_user__aks (/terraform-docs/main.tf#203)
- resource.azurerm_role_assignment.storage_container_models__data_contributor (/terraform-docs/main.tf#480)
- resource.azurerm_storage_account.main (/terraform-docs/main.tf#462)
- resource.azurerm_storage_container.models (/terraform-docs/main.tf#476)
- resource.random_password.postgres_server_admin_password (/terraform-docs/main.tf#247)
- resource.tls_private_key.aks (/terraform-docs/main.tf#549)
- data source.azurerm_client_config.current (/terraform-docs/main.tf#72)
- data source.azurerm_resource_group.main (/terraform-docs/main.tf#69)
- data source.azurerm_subnet.aks_nodes (/terraform-docs/main.tf#78)
- data source.azurerm_subnet.private_endpoints (/terraform-docs/main.tf#83)
- data source.azurerm_virtual_network.main (/terraform-docs/main.tf#74)
12 changes: 10 additions & 2 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,8 @@ locals {
}


key_vault_name = format("%snebulykv", var.resource_prefix)
key_vault_name = format("%snebulykv", var.resource_prefix)
secret_provider_class_name = "nebuly-platform"
}


Expand Down Expand Up @@ -658,7 +659,14 @@ locals {
helm_values = templatefile(
"templates/helm-values.tpl.yaml",
{
platform_domain = var.platform_domain
platform_domain = var.platform_domain
secret_provider_class_name = local.secret_provider_class_name
},
)
secret_provider_class = templatefile(
"templates/secret-provider-class.tpl.yaml",
{
secret_provider_class_name = local.secret_provider_class_name
},
)
}
Expand Down
11 changes: 10 additions & 1 deletion outputs.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,14 @@
output "helm_values" {
value = local.helm_values
sensitive = true
description = "The values.yaml file for installing Nebuly on the provisioned resources."
description = <<EOT
The `values.yaml` file for installing Nebuly with Helm.
The default standard configuration is used, which uses Nginx as ingress controller and exposes the application to the Internet.
This configuration can be customized according to specific needs.
EOT
}
output "secret_provider_class" {
value = local.secret_provider_class
sensitive = true
description = "The secret-provider-class.yaml file for referencing from Kubernetes the secrets stored in the Key Vault."
}
46 changes: 8 additions & 38 deletions templates/helm-values.tpl.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ backend:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: nebuly-platform
secretProviderClass: ${secret_provider_class_name}

eventIngestion:
image:
Expand Down Expand Up @@ -92,7 +92,7 @@ lionLinguist:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: nebuly-platform
secretProviderClass: ${secret_provider_class_name}

ingestionWorker:
image:
Expand All @@ -108,7 +108,7 @@ ingestionWorker:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: nebuly-platform
secretProviderClass: ${secret_provider_class_name}

kafka:
external: false
Expand All @@ -130,7 +130,7 @@ kafka:
memory: 6Gi

analyticDatabase:
server: "nbllabplatformanalytics.c72cu4g06kwz.us-east-1.rds.amazonaws.com"
server: "${postges_server_url}"
name: "analytics"
existingSecret:
name: nebuly-platform-credentials
Expand All @@ -141,7 +141,7 @@ auth:
image:
repository: "ghcr.io/nebuly-ai/nebuly-tenant-registry"

postgresServer: "nbllabplatformauth.c72cu4g06kwz.us-east-1.rds.amazonaws.com"
postgresServer: "${postgres_server_url}"
postgresDatabase: "auth"
existingSecret:
name: nebuly-platform-credentials
Expand Down Expand Up @@ -169,7 +169,7 @@ auth:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: nebuly-platform
secretProviderClass: ${secret_provider_class_name}
ingress:
annotations:
nginx.ingress.kubernetes.io/rewrite-target: "/auth/$2"
Expand Down Expand Up @@ -200,39 +200,9 @@ frontend:

openAi:
enabled: true
insightsGeneratorDeployment: gpt-4-1106-preview-nebuly
textEmbeddingsDeployment: ada
frustrationDetectionDeployment: gpt-4-1106-preview-nebuly
chatCompletionDeployment: gpt-4-1106-preview-nebuly
endpoint: https://openaixpanseaisandbox-useast2.openai.azure.com/
frustrationDetectionDeployment: "" # TODO
endpoint: "" # TODO

existingSecret:
name: nebuly-platform-credentials
apiKey: openai-api-key

bootstrap-aws:
enabled: true
ingress-nginx:
controller:
allowSnippetAnnotations: true
config:
http-snippet: |
server {
if ($http_x_forwarded_proto = 'http') {
return 301 https://$host$request_uri;
}
}
service:
targetPorts:
http: http
https: http
annotations:
service.beta.kubernetes.io/aws-load-balancer-security-groups: "sg-0a2684cf0282660e5"
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "http"
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "arn:aws:acm:us-east-1:533267425677:certificate/6775c5fc-4e7a-4d61-9a1f-35c8455655fa"
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443"
cluster-autoscaler:
rbac:
serviceAccount:
annotations:
eks.amazonaws.com/role-arn: "arn:aws:iam::533267425677:role/nbllabeks"
Empty file.

0 comments on commit 3b99dc4

Please sign in to comment.