eva server Installation guide

Why use Helm?

Helm can make deployments easier and repeatable because all resources for an application are deployed by running one command:

$ helm install <chart>

With Helm, configuration settings are kept separate from the manifest formats. You can edit the configuration values without changing the rest of the manifest.

Configuration settings are in a values.yaml file. You update the runtime parameters in that file to deploy each application instance differently.

You can use single commands for installing, upgrading, and deleting eva releases. More information about Helm at https://helm.sh/.

Description

This chapter describes the design and governance for the eva helm charts.

These helm charts are designed to be a lightweight way to configure, package and deploy eva application onto Kubernetes clusters. These charts are currently tested against the following versions:

  • eva application: 3.4.1.0

  • Helm: 3.5.0

  • Kubernetes: 1.21

  • Istio: 1.11.4

The figure below shows the GitLab repository eva-helm-repository structure: Following is a description of each folder of the repository:

  • doc-resources: contains the documentation files explaining this approach.

  • eva-base-resources: a chart to deploy the base configurations for eva application.

  • eva-saas-resources: a chart to deploy the components for eva SaaS.

  • eva-server: a chart to deploy the core component for eva application.

  • istio-sample-file: contains the Istio Operator manifest, addons and extra configuration.

  • keycloak-files: contains the values.yaml file to use with helm installation and keycloak-realm.json file to configure realm in keycloak console.

  • mysql-scripts: contains sql scripts to create and configure mysql database.

Important eva helm charts configuration

eva deployment by Helm requires very little configuration to get started, but there are several components that must be considered before the installation:

NodeSelector

If the application environment is based on multi-node architecture, uncomment the nodeSelector section with the specific label into eva-base-resources and eva-server values.yaml files, and check if the label has been added on nodes.

If there is no node selection constraint, comment the nodeSelector section into values.yaml files.

PullSecret

If the application environment uses a private container registry with authentication, uncomment the imagePullSecret section with the specific name into eva-base-resources and eva-server values.yaml files.

If login information is not required, comment the imagePullSecret section into values.yaml files.

Redis and MongoDB

If the application environment uses a MongoDB or/and Redis as a service in the cloud, set to false the following fields, eva_redis, eva_cockpit_redis, and mongo in the enabled_components section into eva-base-resources values.yaml file, as shown in the image below:

## @Section enabled to customize deployment. set to true to deploy optional components

enabled_components:
## Storage components
eva_redis: "false"
eva_cockpit_redis: "false"
mongo: "false"

Then, it will be mandatory to provide the configuration data of these cloud services into Redis and MongoDB sections of eva-server values.yaml file.

If login information is not required, comment the imagePullSecret section into values.yaml files.

If they are not used as cloud services, set to true the following fields, eva_redis, eva_cockpit_redis, and mongo in the enabled_components section into eva-base-resources values.yaml file and use the Redis and mongo as configured by default.

eva-base-resources

eva-base-resources allow you set base components for eva application. You can choose to deploy optional components like eva-redis, eva-cockpit-redis, and MongoDB. Do this with values.yaml customization.

You can activate the section for pull secret if you need to use authentication to container Registry. Also, it´s possible to configure nodeSelector option for the deployment.

The following resources are mandatory for the deployment: eva-tls and the namespaces eva, keycloak11 an,d Minio.

Remember

Don't remove this chart once installed, resources such as Keycloack and MongoDB would be removed. Remove only if you want to uninstall eva application.

The code below is the eva-base-resources values.yaml:

# Default values for eva-base-resources. 
## @section Global parameters for eva-base-resources. 
global: 
    
## Namespaces for Eva and Keycloak installations. 
namespace_eva: &nameeva "eva" 
namespace_keycloak: &namekeycloak "keycloak11" 
namespace_minio: "minio"
 
## @Section enabled customize deployment. Set true to deploy optional components. 
enabled_components: 
    ## Storage components 
    eva_redis: "true" 
    eva_cockpit_redis: "true"  
    mongo: "true" 
     
## @Section eva redis    
eva_redis_pass: &eva_redis_pass_default "020693" 
eva_redis_port: &eva_redis_port_default 6379 

## @Section cockpit redis    
eva_cockpit_pass: &eva_cockpit_pass_default"M#g3Fh" 
eva_cockpit_port: &eva_cockpit_port_default 6379 

## @Section Pull secret 
## If no value specified for section pull secret, neither the  
## secret nor the deployments will use authentication to Container Registry. 
#imagePullSecret:  
    #name: "containerregistrysecret" 
    #configjson: ***   
## @Section TLS. Configures SSL certificates. 
eva_tls: 
    crt: **** 
    key: ****  
## @Section eva-server parameters 
namespace: 
name:  
  - *nameeva 
  - *namekeycloak 
 
## @Section eva_redis parameters 
eva_redis:
config: 
    data: 
      - key: REDIS_PASS 
        value: *eva_redis_pass_default 
image: 
    repository: docker.io/redis 
    tag: 3.2-alpine 
    pullPolicy: Always 
    replicas: 1 
    cpu: "200m" 
    memory: "1Gi" 
service: 
    redisPort: *eva_redis_port_default 
#nodeSelector: 
    #apptype: storage 
 
## @Section eva_cockpit parameters 
eva_cockpit:
config: 
    data: 
      - key: REDIS_PASS 
        value: *eva_cockpit_pass_default 
image: 
    repository: docker.io/redis 
    tag: 3.2-alpine 
    pullPolicy: Always 
    replicas: 1 
    cpu: "50m" 
    memory: "50Mi" 
service: 
    redisPort: *eva_cockpit_port_default 
#nodeSelector: 
    #apptype: storage 
 
## @Section mongo parameters 
mongo:
image: 
    repository: docker.io/mongo 
    tag: "4.0" 
    pullPolicy: IfNotPresent 
    replicas: 1 
    environment: production 
    cpu: 750m 
    memory: 4Gi 
    storage: 10Gi 
#nodeSelector: 
    #apptype: storage 

eva-server chart

eva-server allows you to set core components for eva application. You can select to deploy optional components like automated-learning, masking, cockpit, question, nlp components and adapter.

This chart also allows changing the image tag version of each component, and container registry name. You can activate the section for pull secret if you need to use authentication to the container registry. Also, it's possible to configure nodeSelector option for the deployment. Do this with values.yaml customization.

The code below is the eva-server values.yaml:

# Default values for eva-server. 
 
## @section Global parameters for eva-server 
global: 
    
## Namespaces for Eva and Keycloak installations. 
namespace_eva: "eva" 
namespace_keycloak: "keycloak11"
 
## @Section enabled customize deployment.  
## Set true to deploy optional components. 
enabled_components: 
    alenabled: "false" 
    ## enabled to config broker to call masking 
    maskingenabled: "false" 
    ## change url for custom masking connector 
    maskingurl: "http://eva-masking-clever:8080" 
    cockpit: "true" 
    proxy: "true" 
    question: "false" 
    ## deploy masking clever connector 
    masking: "false" 
    ## NLP components 
    dialogflow: "true" 
    luis: "true" 
    watson: "true" 
    clever: "true"     
    ## Channel adapters 
    facebook: "false" 
    ga: "false" 
    infobip: "false" 
    ## Set true to deploy the gateway for eva-server but not deploy saas 
    gateway: "true" 

## @Section container registry and image tags. Change tag to apply fixes and upgrades. 
 
## Container registry 
container_registry: "gcr.io/calm-pre***********" 
 
## Image tags 
releases_image_tags: 
    ## Core components images tags 
    broker: 3.4.1.0 
    dialogmanager: 3.4.1.0 
    eva_training: 3.4.1.0 
    proxy: 3.4.1.0 
    cloner: 3.4.1.0 
    question: 3.4.1.0 
    masking: 3.4.1.0 
    ## NLP adapters images tags 
    clever: 3.4.1.0
    luis: 3.4.1.0 
    watson: 3.4.1.0 
    df: 3.4.1.0 
    qna: 3.4.1.0 
    ## Training images tags 
    tr_clever: 3.4.1.0 
    tr_luis: 3.4.1.0 
    tr_watson: 3.4.1.0 
    tr_df: 3.4.1.0 
    ## Automated Tests 
    auto: 3.4.1.0
    ## Cockpit       
    cockpit: 3.4.1.0     
    ## Channel adapters images tags 
    facebook: 3.4.1.0 
    ga: 3.4.1.0 
    infobip: 3.4.1.0 
    ## Automated learning images tags 
    al_nlp: 3.4.1.0 
    al_training: 3.4.1.0 
    os: 3.4.1.0 
     
## @Section eva redis  
eva_redis_host: "eva-redis" 
eva_redis_pass: "020693" 
eva_redis_port: 6379 
eva_redis_keep_alive_job: true 
eva_redis_keep_alive_time: 10000 
eva_redis_ssl: false 
eva_cachetype: "redis" 
 
## @Section cockpit redis  
eva_cockpit_host: "eva-cockpit-v2-redis.eva.svc.cluster.local" 
eva_cockpit_pass: "M#g3Fh" 
eva_cockpit_port: 6379 
eva_cockpit_keep_alive_job: true 
eva_cockpit_keep_alive_time: "10000" 
eva_cockpit_SSL: false 
 
## @Section Mariadb  
evadb_ds_url: "jdbc:mariadb://eva3coedev.mysql.database.azure.com/alvoradadb3403?useSSL=false&serverTimezone=UTC" 
evadb_ds_user: "evacoeadmin@eva3coedev" 
evadb_ds_pass: "******" 
 
## @Section nodeSelector Eva 
## If no value specified for section node selector, no nodeSelector  
## policies will be applied on the eva deployment. 
#nodeSelector: 
    #apptype: eva 
     
## @Section Pull secret 
## If no value specified for section pull secret, neither the  
## secret nor the deployments will use authentication to Container Registry. 
#imagePullSecrets: 
    #- name: "containerregistrysecret" 
    
## @Section Broker 
broker:     
    v1: 
      host: "api-helm-env.eva.bot"
      prefix: "/" 
    v2: 
      enabled: true 
      prefix: "/v1.0/" 
    hpa: 
      minreplicas: 2 
      maxreplicas: 7 

## @Section DialogManager 
dm: 
    hpa: 
      minreplicas: 2 
      maxreplicas: 7 
 
## @Section Proxy 
proxy: 
    keycloak_token: "https://keycloak11-helm-env.eva.bot" 
    realm: "eva.bot" 
    host: "keycloak11-helm-env.eva.bot"     
 
## @Section Cockpit 
cockpit: 
    v1:  
      host: "helm-env.eva.bot"      
      prefix: "/" 
    keycloak_master_username: "admin"  
    keycloak_master_password: "yRsWVbqBZE9Ul9Ji"
    ## keycloak_realm_public_key: Legacy need to have a value but is not used. Not need to be updated 
    keycloak_realm_public_key: ***      
    client_id: "eva-cockpit"     
    keycloak_realm: "eva.bot" 
    ## keycloak_secret: Legacy need to have a value but is not used. Not need to be updated 
    keycloak_secret: "b09a5c84-b590-4276-8ee9-f200e2f0eaca" 
    cache_base_url: "https://api-helm-env.eva.bot" 
    cockpit_url: "helm-env.eva.bot"
    db: 
      host: "eva3coedev.mysql.database.azure.com" 
      database: "alvoradadb3403" 
      user: "evacoeadmin@eva3coedev" 
      pass: "******" 
      ssl: "false"
 
## @Section Mongo 
evadm_db_url: "mongodb://mongo:27017/evadm?retryWrites=true&maxPoolSize=200&minPoolSize=50&maxIdleTimeMS=30000&connectTimeoutMS=5000&socketTimeoutMS=5000&ssl=false" 

## @Section NLP adpaters 
clever_url: "http://34.107.137.81" 

## @Section hpa for NLP adapters 
df: 
    hpa: 
      minreplicas: 1 
      maxreplicas: 7 
clever: 
    hpa: 
      minreplicas: 1 
      maxreplicas: 7 
luis: 
    hpa: 
      minreplicas: 1 
      maxreplicas: 7 
watson: 
    hpa: 
      minreplicas: 1 
      maxreplicas: 7 
qna: 
    hpa: 
      minreplicas: 1 
      maxreplicas: 7      

## @Section Minio 
eva_minio_access_key: "2HmGL_6feb!=3mfN" 
eva_minio_secret_key: "24YzxmsngM^BCW3%" 
eva_minio_url: "http://eva-minio.minio.svc.cluster.local:9000" 

## @Section Gateway 
gateway:
    http_port: 80 
    https_port: 443 

## @Section Channels  
channels: 
    facebook_host: "facebook-helm-env.eva.bot"  
    facebook_prefix:"/" 
    ga_host: "ga-helm-env.eva.bot"  
    ga_prefix: "/" 
    infobip_host: "infobip-helm-env.eva.bot"
    infobip_prefix: "/" 

eva-saas-resources

eva-saas-resources allows you set components for deploy eva Saas application.

The code below is the eva-saas-resources values.yaml:

# Default values for eva-saas-resources. 

## @@section Local parameters 
ingress_ip_name: "evacloud-wil-teste-dev-global-ip"  
ingress_host: "*.eva.bot"
namespace_eva: "eva" 
namespace_keycloak: "keycloak11" 
ingress: 
port: 8080 
keycloak: 
    server: 8443 
    admin: 9990 
cockpit: 
    port: 8080 
egress: 
   micros: 
     port: 8080 
   clever: 
     cidr: "34.107.137.81/32" 
   mysql: 
     cidr: "0.0.0.0/0" 
     port: 3306 
   redis: 
     port: 6379 
   mongo: 
     port: 27017
   keycloak: 
     smtp: 587 
     postgres: 5432 
minio: 
port: 9000 
 
## @Section Gateway 
gateway:
http_port: 80 
https_port: 443 

Usage

Once you have installed or checked the dependencies needed onto system (review the section Supported Configurations for this), execute in order, the following commands to deploy eva helm charts:

1 - Install eva-base-resources chart. Don´t remove this chart once installed, resources such as Keycloak and mongo pvc, ... would be removed.

helm upgrade --install eva-base-resources

2 - Install eva-saas-resources chart. Once installed it, the ingress spreading to GKE can be delayed for 5 to 10 minutes.

helm upgrade --install eva-saas-resources

3 - Install Keycloak. Once installed by helm, it must be manually configured:

helm repo add codecentric 
https://codecentric.github.io/helm-charts 

helm repo update

helm upgrade --install keycloak11 codecentric/keycloak -n keycloak11 --version 9.4.0 --values keycloak-files/keycloak-values.yaml

4 - Install eva-server chart:

helm upgrade --install eva-server

Testing the charts

To debug templates, use the following options with the commands to have the server render the templates, and return the resulting manifest file:

helm upgrade --install eva-base-resources . --dry-run --debugTo render chart templates locally and display the output, use the following command:
helm template

To examine the chart for issues, use the following command:

helm lint

Supported Configurations

These charts are currently tested against 3.4.1.0 version from eva application. The table below shows the dependencies versions that have been tested:

Dependency
Version

Kubernetes

1.21

Helm

3.5.0

Istio

1.11.4

GKE

1.21.9-gke.1002

README.md

There is a useful README.md file into eva-helm-repository which provides the guide to configure and deploy eva helm charts.

Last updated