You can run MOSTLY AI in a Google Kubernetes Engine (GKE) cluster. If you follow the process provided below, you will be able to configure, deploy, run, and license MOSTLY AI.
The process below suggests the use of the following GKE cluster configuration:
- Single-node GKE cluster
- Node type:
- 16 vCPUs
- 8 cores
- 64GB memory
- 200GB disk space
- Cloud Filestore API enabled
You can of course use a different configuration. If you run into deployment issues, contact your MOSTLY AI Customer Experience Engineer.
- Install gcloud CLI (opens in a new tab).
- Install kubectl (opens in a new tab).
- Install helm (opens in a new tab).
- Obtain the MOSTLY AI Helm chart from your Customer Experience Engineer.
- Obtain the first-time log in credentials for the MOSTLY AI application from your Customer Experience Engineer.
You need the first-time log in credentials to complete Task 8: Log in to your MOSTLY AI deployment.
- Obtain the your MOSTLY AI license request key from your Customer Experience Engineer.
You need your MOSTLY AI license request key to complete Task 9: License MOSTLY AI.
Before you deploy MOSTLY AI to a GKE cluster, you need to complete the necessary pre-deployment tasks.
- Task 1: Create a GCP project
- Task 2: Create a GKE cluster
- Task 3: Connect to the GKE cluster from your CLI
- Task 4: Install NGINX
- Task 5: Enable Cloud Filestore API for your GCP project
To create a GKE cluster, you must first have a project in Google Cloud Platform.
The project is the logical container for your GKE cluster. Your Google Cloud Platform monthly billing is accumulated based on the usage of services in a project.
MOSTLY AI recommends that you create a dedicated project for your MOSTLY AI application.
- Open the Google Cloud Console (opens in a new tab).
- Click CREATE OR SELECT A PROJECT.
- Click NEW PROJECT.
- On the New Project page, configure the new project.
- For Project name, enter a name for the project.
- (Optional) For Organization, select your organization or select to use another billing account.
- (Optional) For Location, select again your organization or click BROWSE to select another.
- Click CREATE.
- From the success notification, click SELECT PROJECT.
- After the project opens, select Kubernetes Engine from the sidebar.
- On the Product details page for Kubernetes Engine API, click ENABLE.
Wait until the Kubernetes Engine API is enabled. This can take 30 to 60 seconds to complete.
The Kubernetes Engine opens on the Clusters page from where you can create a new Kubernetes cluster (also referred to as a GKE cluster).
After you have a GCP project, you can now create a new Google Kubernetes Engine (GKE) cluster.
When you create the cluster, you define the number of nodes in the cluster and the type of nodes in the cluster. The type of nodes defines the compute resources that your cluster will have.
For your initial configuration, MOSTLY AI recommends that you use a single-node cluster with the node type
e2-standard-16 which provides:
- 16 vCPUs
- 8 cores
- 64GB memory
- From the Clusters page, click Create.
- In the Create an Autopilot cluster wizard (which starts by default), click SWITCH TO STANDARD CLUSTER in the upper right.
- In the confirmation dialog box, click SWITCH TO STANDARD CLUSTER.
- Configure the number of nodes in the cluster.
- From the sidebar under NODE POOLS, select the default-pool.
- Under Size, set the Number of nodes to 1.
You can adjust to a higher number of nodes if you find that you need more nodes to process more synthetic data workloads.
- Configure a node type and disk size recommended by MOSTLY AI for your synthetic data workloads.
- From the sidebar on the left, expand default-pool and select Nodes.
- Under Machine configuration, select a powerful node to power your MOSTLY AI synthetic data workloads.
- For Machine type, select the e2-standard-16 type with 16 virtual CPUs, 8 cores, and 64GB memory.
- For Boot disk size, define at least 200GB.
- Enable the Filestore CSI driver.
- From the sidebar on the left under CLUSTER, select Features.
- Under Other, enable the checkbox for Filestore CSI Driver.
- Leave the remaining default configurations.
- Click CREATE at the bottom.
The cluster creation starts. It can take several minutes to complete the cluster creation.
With the GKE cluster created, you can now use your command-line to connect to the cluster.
Make sure that you install
gcloud CLI and
kubectl as mentioned in the Prerequisites.
- In Kubernetes Engine, select Clusters from the sidebar.
- Hover over the cluster and click the Actions three-dot button.
- Select Connect from the drop-down menu.
- In the modal window Connect to the cluster, copy the command to configure your cluster access.
- Open a terminal or a command-line application, and paste and run the command.
For example, the following is a template command where you need to replace the values for the
<project-identifier>arguments with your relevant values.
When you copy the command in step 4, the values will be pre-filled for you.If you connected successfully, you will see the following output:
gcloud container clusters get-credentials <cluster-name> --zone <zone-name> --project <project-identifier>
Fetching cluster endpoint and auth data. kubeconfig entry generated for <cluster-name>.
The GKE cluster connection is now configured on your local system.
You can now use
kubectl to communicate with your GKE cluster and
helm to install and manage packages.
Install the NGINX ingress controller to assign a LoadBalancer IP address to your cluster. You can then assign a FQDN to the IP address and make the MOSTLY AI web application accessible to your users in your organization.
- Add the helm chart repository for the Ingress NGINX Controller.
You should see the following result:
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
"ingress-nginx" has been added to your repositories
- Install the Ingress NGINX Controller.
helm install nginx-ingress ingress-nginx/ingress-nginx
The Ingress NGINX Controller is now installed for your GKE cluster. You might see a result similar to the output below.
Note the line that indicates that you are now waiting for the LoadBalancer IP to be available and a suggested command to check the status of when the IP is available.
NAME: nginx-ingress LAST DEPLOYED: Thu Sep 28 01:35:44 2023 NAMESPACE: default STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: The ingress-nginx controller has been installed. It may take a few minutes for the LoadBalancer IP to be available. You can watch the status by running 'kubectl --namespace default get services -o wide -w nginx-ingress-ingress-nginx-controller' An example Ingress that makes use of the controller: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: example namespace: foo spec: ingressClassName: nginx rules: - host: www.example.com http: paths: - pathType: Prefix backend: service: name: exampleService port: number: 80 path: / # This section is only required if TLS is to be enabled for the Ingress tls: - hosts: - www.example.com secretName: example-tls If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided: apiVersion: v1 kind: Secret metadata: name: example-tls namespace: foo data: tls.crt: <base64 encoded cert> tls.key: <base64 encoded key> type: kubernetes.io/tls
To check if cluster ingress IP address has been assigned, run the following command:
kubectl --namespace default get services -o wide -w nginx-ingress-ingress-nginx-controller
If your IP is assigned, you will see it under the
EXTERNAL-IP column. The
EXTERNAL-IP value below is masked on purpose.
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR nginx-ingress-ingress-nginx-controller LoadBalancer 10.48.12.255 34.140.40.*** 80:31623/TCP,443:32105/TCP 4m41s app.kubernetes.io/component=controller,app.kubernetes.io/instance=nginx-ingress,app.kubernetes.io/name=ingress-nginx
You can now use your ingress IP and assign it to the domain name that you intend to use for your MOSTLY AI cluster.
- Go to https://console.cloud.google.com/marketplace/product/google/file.googleapis.com (opens in a new tab).
- Select the project for which you want to enable the Cloud Filestore API.
- Click Enable.
After the Cloud Filestore API is enabled, you can see that the Manage button is now available which you can use to disable the API (if you that is necessary at a later stage).
When you are ready with the pre-deployment tasks, you can configure your deployment in the
values.yaml file and use the
helm command to start the deployment process.
values.yaml file is part of the MOSTLY AI Helm chart. The Helm chart includes configuration files that define the resources and configurations needed to deploy MOSTLY AI.
As mentioned in the Prerequisites, contact your Customer Experience Engineer to obtaint the MOSTLY AI Helm chart.
- Open the
values.yamlfile in a text editor.
- Define the domain name (FQDN) for your MOSTLY AI application.
domain, define the domain name from which you want to reach the MOSTLY AI application.values.yaml
name: mostlyai domain: mostlyai-cluster.com ...
ingress.domaindefine the domain name again.values.yaml
... ingress: fqdn: mostlyai-cluster.com ...
- For the line
nginx.ingress.kubernetes.io/cors-allow-origin, edit it to reflect your domain as shown below.values.yaml
... nginx.ingress.kubernetes.io/default-backend: ingress-nginx-controller nginx.ingress.kubernetes.io/cors-allow-origin: https://*.mostlyai-cluster.com nginx.ingress.kubernetes.io/enable-cors: "true" ...
- Define the secret to the MOSTLY AI image repository on the
You can obtain the secret from the MOSTLY AI image repository from your MOSTLY AI Customer Experience Engineer.
If you plan to use an internal image repository, see Configure an internal image repository.values.yaml
... domain: mostlyai-cluster.com # required to be updated with provided by Mostly AI json encoded with base64 docker config docker_secret: eyJhdXR**** ...
- For the
k8s. This corresponds to the use of GKE as a platform.values.yaml
... platform: k8s ...
- Define the storage class for each service that requires one.
- If you deploy onto a single node in a cluster, you can define an
RWOstorage class for all services. Make sure that you specify
... PSQL: ... name: mostly-psql ... pvc: name: mostly-db size: 50Gi storageClassName: standard-rwo ... RABBITMQ: ... pvc: name: rabbitmq-data size: 20Gi storageClassName: standard-rwo ... CORDINATOR: pvc: name: mostly-data size: 50Gi accessMode: ReadWriteOnce storageClassName: standard-rwo ... APP: name: mostly-app ... pvc: name: mostly-license size: 50Mi storageClassName: standard-rwo
- If you do a multi-node installation, you need an
RWXstorage class for
... CORDINATOR: ... pvc: name: mostly-data size: 50Gi accessMode: ReadWriteMany storageClassName: standard-rwx ...
- If you deploy onto a single node in a cluster, you can define an
- Verify the
affinity.nodeAffinitylines and set the label
mostly-app=yesto the application node and the label
mostly-worker=yestoo all worker nodes. If you deploy onto a single node in a cluster, set both labels on that node.
- View all nodes.
kubectl get nodes
- Apply the
mostly_app=yeslabel to the node that will run MOSTLY AI application services.
kubectl label nodes APP_NODE mostly-app=yes
- Apply the
mostly_worker=yeslabel to the nodes that will run AI tasks and generate synthetic datasets.
kubectl label nodes WORKER_NODE mostly-worker=yes
- Make sure to leave the lines below as indicated.
... PSQL: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: mostly_app operator: In values: - 'yes' ... RABBITMQ: affinity: ... ... KEYCLOAK: affinity: ... ... COORDINATOR: affinity: ... ... DATA: affinity: ... ... APP: affinity: ... ... UI: affinity: ... ... agent: ... affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: mostly_worker operator: In values: - 'yes' ... engine: ... affinity: ...
- View all nodes.
- For each service in the
values.yamlfile, you can set its security context so that the service can securely access
mostly-data. The lines below are available for each service (total of 9) and you can use them to set the security context based on your internal security policies.values.yaml
... name: mostly-psql ... name: mostly-rabbitmq ... name: mostly-keycloak ... name: mostly-coordinator ... name: mostly-data ... name: mostly-app ... name: mostly-ui ... ### Agent settings agent: ... ### Engine settings engine: ... podSecurityContext: fsGroup: 1001 securityContext: securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault supplementalGroups: - 26 - 70
- Save the file.
- In a terminal or command-line application, change directory to where your MOSTLY AI Helm chart is located.
- Run the
helm upgradecommand with the options defined below.
helm upgrade --install mostly-ai ./ --values values.yaml --namespace mostly-ai --create-namespace --debug
The MOSTLY AI applications and services pods are queued for start up in your GKE cluster.
You can track the startup progress in Kubernetes Engine on the Workloads tab. While the pods are starting, you might see the status column showing errors, such as
Does not have minimum availability.
At the same time, the RWX storage class from the Cloud Filestore API is being provisioned which needs to be successful before all pods return a green OK status.
Give the pods at least 10 minutes to start properly and establish the necessary connections between services.
After you see that all pods have a successful startup, you can continue with the post-deployment tasks.
With the MOSTLY AI pods running, you can now log in to your MOSTLY AI deployment for the first time and install the license.
Log in for the first time to your MOSTLY AI deployment to set a new password for the
Contact MOSTLY AI to obtain the supeadmin credentials as you need them to log in for the first time.
- Open your FQDN in your browser.
Step result: You Sign in page for your MOSTLY AI deployment opens.
- Enter the superadmin credentials and click Sign in.
- Provide a new password and click Change password.
superadmin password is now changed and you can use it to log in again to your MOSTLY AI deployment.
You need a license to enable all features in your MOSTLY AI deployment.
Obtain a License request key from your MOSTLY AI Customer Experience Engineer.
- Click Settings in the upper right.
- Select the License tab.
- For License request, paste your license key.
- Click Create activation request. Step result: Under Activation request, an activation request key is generated.
- Copy the activation request key and send it to your Customer Experience Engineer.
Step result: Your Customer Experience Engineer will generate an activation response.
- For Activation response, paste the response provided by your Customer Experience Engineer and click Activate.
Your MOSTLY AI app is now licensed and you can use the features enabled for you by the license.