Installation
Deploy to Google GKE

Deploy MOSTLY AI to a Google GKE cluster

Welcome to the guide on how to deploy MOSTLY AI to a Google Kubernetes Engine (GKE) cluster!

Follow the tasks and steps outlined below to configure, deploy, and run MOSTLY AI in Google Cloud.

Prerequisites

Pre-deployment

Before you deploy MOSTLY AI to a GKE cluster, go over the pre-deployment tasks and complete any that are not yet available when you deploy.

Task 1. Create a GCP project

To create a GKE cluster, you need a project in Google Cloud Platform. The project is the logical container for your GKE cluster. Your Google Cloud Platform monthly billing is accumulated based on the usage of services in a project.

As a best practice, create a dedicated project for MOSTLY AI.

Steps

  1. Open the Google Cloud Console (opens in a new tab).
  2. Click the project menu at the top. Google Cloud - Click project menu
  3. Click NEW PROJECT. Google Cloud - Click NEW PROJECT
  4. On the New Project page, configure the new project.
    1. For Project name, enter a name for the project.
    2. For Organization, select your organization or select to use another billing account.
    3. For Location, select again your organization or click BROWSE to select another.
    4. Click CREATE. Google Cloud - Select organization and click CREATE
  5. Select the newly created project to work with. Google Cloud - Select project

Result

You can now create a GKE cluster dedicated to the MOSTLY AI application in the project.

Task 2. Create a GKE cluster

The GKE cluster is the container for your MOSTLY AI application. When you create the cluster, you define the number of nodes in the cluster and the type of nodes in the cluster. The type of nodes defines the compute resources that your cluster will have.

Steps

  1. From the Google Cloud Console, select Kubernetes Engine from the sidebar. Google Cloud - Select Kubernetes Engine
  2. If not already enabled, click ENABLE to enable the Kubernetes Engine API. Google Cloud - Enable Kubernetes Engine API
  3. From the sidebar, select Clusters and click CREATE. Google Cloud - Click CREATE
  4. Switch to standard cluster creation. Google Cloud - Switch to standard cluster
  5. Click SWITCH TO STANDARD CLUSTER in the dialog box.
  6. Configure the number of nodes in the cluster.
    1. From the sidebar under NODE POOLS, select the default-pool.
    2. Under Size, set the Number of nodes to 1. Google Cloud GKE - Configure nodes
  7. Select a node type and configure the disk size.
    1. From the sidebar on the left, expand default-pool and select Nodes.
    2. Under Machine configuration, select a powerful node to power your MOSTLY AI synthetic data workloads.
    3. For Machine type, select the e2-standard-16 type with 16 vCPUs, 8 cores, and 64GB memory.
    4. For Boot disk size, define at least 200GB. Google Cloud GKE - Configure compute and disk space
  8. Leave the remaining default configurations.
  9. Click CREATE at the bottom. Google Cloud GKE - Click CREATE

Result

The cluster creation starts. When complete, your cluster status turns green in the list.

What's next

Select your cluster after its status turns green. You can then connect to the cluster using your CLI.

Google Cloud GKE - Open cluster

Task 3: Connect to the GKE cluster

With the GKE cluster created, you can now use your command-line to connect to the cluster.

Make sure that you install gcloud CLI and kubectl as listed in the prerequisites.

Steps

  1. With the cluster open, click CONNECT. Google Cloud GKE - Select Connect to cluster
  2. In the modal window Connect to the cluster, copy the command to configure your cluster access. Google Cloud GKE - Copy connect command
  3. Open a terminal or a command-line application, and paste and run the command.

    For example, the following is a template command where you need to replace the values for the <cluster-name>, <zone-name>, and <project-identifier> arguments with your relevant values.

    When you copy the command in step 4, the values will be pre-filled for you.
    gcloud container clusters get-credentials <cluster-name> --zone <zone-name> --project <project-identifier>
    If you connected successfully, you will see the following output:
    Fetching cluster endpoint and auth data.
    kubeconfig entry generated for <cluster-name>.

Result

The GKE cluster connection is now configured on your local system.

What's next

You can now use kubectl to communicate with your GKE cluster and helm to install and manage packages.

Task 4: Install NGINX

Install the NGINX ingress controller to assign a LoadBalancer IP address to your cluster. You can then assign a FQDN to the IP address and make the MOSTLY AI web application accessible to your users in your organization.

Steps

  1. Add the helm chart repository for the Ingress NGINX Controller.
    helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
    You should see the following result:
    "ingress-nginx" has been added to your repositories
  2. Install the Ingress NGINX Controller.
    helm install nginx-ingress ingress-nginx/ingress-nginx

Result

The Ingress NGINX Controller is now installed for your GKE cluster. You might see a result similar to the output below.

Note the line that indicates that you are now waiting for the LoadBalancer IP to be available and a suggested command to check the status of when the IP is available.

NAME: nginx-ingress
LAST DEPLOYED: Thu Sep 28 01:35:44 2023
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
The ingress-nginx controller has been installed.
It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status by running 'kubectl --namespace default get services -o wide -w nginx-ingress-ingress-nginx-controller'

An example Ingress that makes use of the controller:
  apiVersion: networking.k8s.io/v1
  kind: Ingress
  metadata:
    name: example
    namespace: foo
  spec:
    ingressClassName: nginx
    rules:
      - host: www.example.com
        http:
          paths:
            - pathType: Prefix
              backend:
                service:
                  name: exampleService
                  port:
                    number: 80
              path: /
    # This section is only required if TLS is to be enabled for the Ingress
    tls:
      - hosts:
        - www.example.com
        secretName: example-tls

If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided:

  apiVersion: v1
  kind: Secret
  metadata:
    name: example-tls
    namespace: foo
  data:
    tls.crt: <base64 encoded cert>
    tls.key: <base64 encoded key>
  type: kubernetes.io/tls

What's next

To check if cluster ingress IP address has been assigned, run the following command:

kubectl --namespace default get services -o wide -w nginx-ingress-ingress-nginx-controller

If your IP is assigned, you will see it under the EXTERNAL-IP column. The EXTERNAL-IP value below is masked on purpose.

NAME                                     TYPE           CLUSTER-IP     EXTERNAL-IP     PORT(S)                      AGE     SELECTOR
nginx-ingress-ingress-nginx-controller   LoadBalancer   10.48.12.255   34.140.40.***   80:31623/TCP,443:32105/TCP   4m41s   app.kubernetes.io/component=controller,app.kubernetes.io/instance=nginx-ingress,app.kubernetes.io/name=ingress-nginx

You can now use your ingress IP and assign it to the domain name that you intend to use for your MOSTLY AI cluster.

Deployment

You can deploy MOSTLY AI with from the Google Cloud Marketplace or manually with the MOSTLY AI Helm chart.

Deploy from the Google Cloud Marketplace

MOSTLY AI is available in the Google Cloud Marketplace and you can use the offering to deploy in your GKE cluster.

Steps

  1. Go to https://console.cloud.google.com/marketplace/browse?q=mostly%20ai (opens in a new tab).
  2. Select MOSTLY AI Synthetic Data Platform BYOL. GCP Marketplace - View MOSTLY AI offerings
  3. Click GET STARTED. GCP Marketplace - Click GET STARTED
  4. Select a Google Cloud project for MOSTLY AI, select the Terms and agreements checkbox, and click AGREE. GCP Marketplace - Select Google Cloud project and click Agree
  5. Click DEPLOY in the prompt. GCP Marketplace - Click DEPLOY
  6. On the Deploy MOSTLY AI page, click OR SELECT AN EXISTING CLUSTER. GCP Marketplace - Select existing cluster
  7. For Existing Kubernetes Cluster, select your GKE cluster. GCP Marketplace - Select existing cluster 02
  8. For Namespace, select Create a namespace, and for New namespace name set mostly-ai.
    💡

    We recommend that you use a separate namespace called mostly-ai to aid deployment and eventual cleanup.

    GCP Marketplace - Select namespace
  9. For App instance name, set the GKE app name.
  10. For The domain name, set a fully-qualified domain (FQDN) name for the MOSTLY AI app. GCP Marketplace - Select namespace
  11. Click DEPLOY.

Result

Google Cloud redirects your browser to the Applications tab of your GKE cluster and shows the deployment progress.

GCP Marketplace - MOSTLY AI deployment in progress

When the deployment completes, the Application details page lists all components and their status.

GCP Marketplace - MOSTLY AI deployment complete

Deploy manually with MOSTLY AI Helm chart

If you wish to deploy MOSTLY AI manually with the Helm chart, you need to obtain the Helm chart from your MOSTLY AI Customer Experience Manager. You can then configure your deployment in the values.yaml file and use the helm command to start the deployment process.

The values.yaml file is part of the MOSTLY AI Helm chart. The Helm chart includes configuration files that define the resources and configurations needed to deploy MOSTLY AI.

Steps

  1. Open the values.yaml file in a text editor.
  2. At the start, set the application domain name to an FQDN. Do the same as listed below for minio.
    💡

    minio is the shared storage service.

    values.yaml
    _customerInstallation:
      domainNames:
        mostly-ai: &fqdn yourfqdn.com
        minio: &fqdnMinio minio-yourfqdn.com
  3. (Optional) Apply one of the configurations below depending on whether you intend to use TLS-encrypted access to the MOSTLY AI application.

    ➡️ You use an TLS certificate. Replace your-tls-secret with the TLS secret name as defined in your cluster configuration.
    💡

    Your IT department or Kubernetes administrator creates the FQDN and its TLS certificate and adds it to the configuration of your cluster. When added, it comes with a TLS secret name that you can define in the values.yaml file. For details, see Configure your domain TLS certificate.

    values.yaml
    _customerInstallation:
    ...
      deploymentSettings:
        tlsSecretName: &tlsSecretName your-tls-secret
    ...
    ➡️ You do not use an TLS certificate. Replace the your-tls-secret with an empty string and, for global.tls, set enabled to false.
    values.yaml
    _customerInstallation:
    ...
      deploymentSettings:
        tlsSecretName: &tlsSecretName [] # your-tls-secret
    ...
    global:
      ...
      tls:
        enabled: false
    ...
  4. (Optional) If you host third-party container images in an internal repository, replace docker.io in registryFor3rdPartyComponents.
    values.yaml
    _customerInstallation:
    ...
      deploymentSettings:
      ...
        registryFor3rdPartyComponents: &registryFor3rdPartyComponents docker.io
    ...
  5. (Optional) If you need to host MOSTLY AI container images in an internal repository, replace harbor.env.mostlylab.com/mostlyai in mostlyRegistry.
    values.yaml
    _customerInstallation:
    ...
      deploymentSettings:
      ...
        mostlyRegistry: &mostlyRegistry harbor.env.mostlylab.com/mostlyai
    ...
  6. (Optional) If you intend to use the MOSTLY AI image repository at harbor.env.mostlylab.com/mostlyai, set its secret in mostlyRegistryDockerConfigJson.
    💡

    To obtain the secret, contact your MOSTLY AI Customer Experience Engineer.

    values.yaml
    _customerInstallation:
    ...
      deploymentSettings:
      ...
        mostlyRegistryDockerConfigJson: &mostlyRegistryDockerConfigJson <HARBOR_SECRET>
    ...
  7. Define the Default compute under mostly-app.

    Use CPU and memory resources that are slightly below the ones defined for your worker nodes. For example, if your worker node has 14 CPU cores and 24GB memory, define 10 CPU cores and 20GB memory in your Helm chart.
    values.yaml
    mostly-app:
    ...
        mostly:
          defaultComputePool:
            name: Default
            type: KUBERNETES
            toleration: engine-jobs
            resources:
              cpu: 10
              memory: 20
              gpu: 0
    ...
  8. Enable the ingress annotations for NGINX.
    1. Assign the ingressClassName to be nginx under global.ingress.ingressClassName.
      values.yaml
      global:
      ...
        ingress:
          annotations:
            route.openshift.io/termination: edge
          ingressClassName: nginx
      ...
    2. Enable the ingress annotations under mostly-app.
      values.yaml
      mostly-app:
          ingress:
              annotations:
                nginx.ingress.kubernetes.io/proxy-body-size: 10240m
                nginx.ingress.kubernetes.io/proxy-buffer-size: 128k
                nginx.org/proxy-connect-timeout: 3000s
                nginx.org/proxy-read-timeout: 3000s
                nginx.org/client-max-body-size: 3000m
              # annotations: {}
    3. Enable the ingress annotations under mostly-keycloak.
      values.yaml
      mostly-keycloak:
          deployment:
              resources: {}
              tolerations: []
              affinity: {}
          ingress:
              annotations:
                  nginx.ingress.kubernetes.io/proxy-body-size: 10240m
                  nginx.ingress.kubernetes.io/proxy-buffer-size: 128k
              # annotations: {}

Result

Your values.yaml file is now configured with the required settings for your MOSTLY AI deployment.

Result

The MOSTLY AI applications and services pods are queued for start up in your GKE cluster.

What's next

You can track the startup progress in Kubernetes Engine on the Workloads tab. While the pods are starting, you might see the status column showing errors, such as Does not have minimum availability.

Give the pods some time (~5-10 minutes) to start and establish the necessary connections between services.

After you see that all pods have a successful startup, you can continue with the post-deployment tasks.

Post-deployment

With the MOSTLY AI pods running, you can now log in to your MOSTLY AI deployment for the first time.

Log in to your MOSTLY AI deployment

Log in for the first time to your MOSTLY AI deployment to set a new password for the superadmin user.

Prerequisites

Contact MOSTLY AI to obtain the supeadmin credentials as you need them to log in for the first time.

Steps

  1. Open your FQDN in your browser.
    Step result: You Sign in page for your MOSTLY AI deployment opens. MOSTLY AI Deployment - Log in page
  2. Enter the superadmin credentials and click Sign in.
  3. Provide a new password and click Change password.

Result

Your superadmin password is now changed and you can use it to log in again to your MOSTLY AI deployment.