Azure
/
AKS-Landing-Zone-Accelerator
зеркало из https://github.com/Azure/AKS-Landing-Zone-Accelerator.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

add option to reuse aoai and cleanup envs

This commit is contained in:
Elena Neroslavskaya 2023-08-29 05:47:35 -04:00
Родитель c9d1db5fdd
Коммит 29493d6216
8 изменённых файлов: 327 добавлений и 165 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

125
Scenarios/AKS-OpenAI-CogServe-Redis-Embeddings/README.md
Просмотреть файл

@ -36,12 +36,14 @@ This is a simple web application for an OpenAI-enabled document search. This rep
## Deploy this Scenario
### Pre-requisite
To Deploy this scenario, you must have Azure OpenAI Service enabled in your subscription. If you haven't registered it yet, follow the instructions [here](https://learn.microsoft.com/legal/cognitive-services/openai/limited-access) to do so.
### Pre-requisites
- To Deploy this scenario, you must have **Azure OpenAI** Service enabled in your subscription. If you haven't registered it yet, follow the instructions [here](https://learn.microsoft.com/legal/cognitive-services/openai/limited-access) to do so.
> **Warning**
> Registration may take multiple hours.
- kubectl 1.25 and above ( `az aks install-cli` )
> **Note**
> There are troubleshooting instructions at the end of this walkthrough.
@ -54,9 +56,9 @@ git clone --recurse-submodules https://github.com/Azure/AKS-Landing-Zone-Acceler
cd Scenarios/AKS-OpenAI-CogServe-Redis-Embeddings/infrastructure/
```
Ensure you are signed into the `az` CLI (use `az login` if not)
Ensure you are **signed into** the `az` CLI (use `az login` if not)
#### Setup environment specific variables
### Setup environment specific variables
This will set environment variables, including your preferred `Resource Group` name and `Azure Region` for the subsequent steps, and create the `resource group` where we will deploy the solution.
@ -67,12 +69,10 @@ This will set environment variables, including your preferred `Resource Group` n
UNIQUESTRING=<Your value here>
RGNAME=embedding-openai-rg
LOCATION=eastus
SIGNEDINUSER=$(az ad signed-in-user show --query id --out tsv)
az group create -l $LOCATION -n $RGNAME
SIGNEDINUSER=$(az ad signed-in-user show --query id --out tsv) && echo "Current user is $SIGNEDINUSER"
```
#### Infrastructure as Code
### Deploy Infrastructure as Code
Create all the solution resources using the provided `bicep` template and capture the output environment configuration in variables that are used later in the process.
@ -80,40 +80,73 @@ Create all the solution resources using the provided `bicep` template and captur
> Our bicep template is using the [AKS-Construction](https://github.com/Azure/AKS-Construction) project to provision the AKS Cluster and associated cluster services/addons, in addition to the other workload specific resources.
> **Important**
> Ensure you have enough quota to deploy the gpt-35-turbo and text-embedding-ada-002 models before running the command below. Failure to do this will lead to an "InsufficientQuota" error in the model deployment. Most subscriptions have quota of 1 of these models, so if you already have either of those models deployed, you might not be able to deploy another one in the same subscription and you might have to use that deployment as your model instead to proceed.
> Ensure you have enough **quota** to deploy the gpt-35-turbo and text-embedding-ada-002 models before running the command below. Failure to do this will lead to an "InsufficientQuota" error in the model deployment. Most subscriptions have quota of 1 of these models, so if you already have either of those models deployed, you might not be able to deploy another one in the same subscription and you might have to use that deployment as your model instead to proceed.
```bash
INFRA_RESULT=($(az deployment group create \
-g $RGNAME \
--template-file intelligent-services.bicep \
az deployment sub create \
--name main-$UNIQUESTRING \
--template-file main.bicep \
--location=$LOCATION \
--parameters UniqueString=$UNIQUESTRING \
--parameters signedinuser=$SIGNEDINUSER \
--query "[properties.outputs.kvAppName.value,properties.outputs.aksOidcIssuerUrl.value,properties.outputs.aksClusterName.value,properties.outputs.blobAccountName.value,properties.outputs.openAIAccountName.value,properties.outputs.openAIURL.value,properties.outputs.formRecognizerAccountName.value,properties.outputs.translatorAccountName.value,properties.outputs.formRecognizerURL.value]" -o tsv \
))
KV_NAME=${INFRA_RESULT[0]}
OIDCISSUERURL=${INFRA_RESULT[1]}
AKSCLUSTER=${INFRA_RESULT[2]}
BLOB_ACCOUNT_NAME=${INFRA_RESULT[3]}
OPENAI_ACCOUNTNAME=${INFRA_RESULT[4]}
OPENAI_API_BASE=${INFRA_RESULT[5]}
FORMREC_ACCOUNT=${INFRA_RESULT[6]}
TRANSLATOR_ACCOUNT=${INFRA_RESULT[7]}
FORM_RECOGNIZER_ENDPOINT=${INFRA_RESULT[8]}
--parameters resourceGroupName=$RGNAME
```
#### Reusing existing OpenAI Service
If you are re-using existing OpenAI resource set following variables and pass them to Bicep template
```bash
OPENAI_RGNAME=$RGNAME
OPENAI_ACCOUNTNAME=<Name of existing OpenAI service>
```
Add optional variable variables to the script below
```bash
az deployment sub create \
--name main-$UNIQUESTRING \
--template-file main.bicep \
--location=$LOCATION \
--parameters UniqueString=$UNIQUESTRING \
--parameters signedinuser=$SIGNEDINUSER \
--parameters resourceGroupName=$RGNAME \
--parameters openAIName=$OPENAI_ACCOUNTNAME \
--parameters openAIRGName=$OPENAI_RGNAME
```
### Set Output Variables
```bash
KV_NAME=$(az deployment sub show --name main-$UNIQUESTRING --query properties.outputs.kvAppName.value -o tsv) && echo "The Key Vault name is $KV_NAME"
OIDCISSUERURL=$(az deployment sub show --name main-$UNIQUESTRING --query properties.outputs.aksOidcIssuerUrl.value -o tsv) && echo "The OIDC Issue URL is $OIDCISSUERURL"
AKSCLUSTER=$(az deployment sub show --name main-$UNIQUESTRING --query properties.outputs.aksClusterName.value -o tsv) && echo "The AKS cluster name is $AKSCLUSTER"
BLOB_ACCOUNT_NAME=$(az deployment sub show --name main-$UNIQUESTRING --query properties.outputs.blobAccountName.value -o tsv) && echo "The Azure Storage Blob account name is $BLOB_ACCOUNT_NAME"
FORMREC_ACCOUNT=$(az deployment sub show --name main-$UNIQUESTRING --query properties.outputs.formRecognizerName.value -o tsv) && echo "The Document Intelligence account name is $FORMREC_ACCOUNT"
FORM_RECOGNIZER_ENDPOINT=$(az deployment sub show --name main-$UNIQUESTRING --query properties.outputs.formRecognizerEndpoint.value -o tsv) && echo "The Document Intelligence endpoint URL is $FORM_RECOGNIZER_ENDPOINT"
TRANSLATOR_ACCOUNT=$(az deployment sub show --name main-$UNIQUESTRING --query properties.outputs.translatorName.value -o tsv) && echo "The Translator account name is $TRANSLATOR_ACCOUNT"
OPENAI_ACCOUNTNAME=$(az deployment sub show --name main-$UNIQUESTRING --query properties.outputs.openAIAccountName.value -o tsv) && echo "The Azure OpenAI account name is $OPENAI_ACCOUNTNAME"
OPENAI_API_BASE=$(az deployment sub show --name main-$UNIQUESTRING --query properties.outputs.openAIURL.value -o tsv) && echo "The Azure OpenAI instance API URL is $OPENAI_API_BASE"
OPENAI_RGNAME=$(az deployment sub show --name main-$UNIQUESTRING --query properties.outputs.openAIRGName.value -o tsv) && echo "The Azure OpenAI Resource Group is $OPENAI_RGNAME"
OPENAI_ENGINE=$(az deployment sub show --name main-$UNIQUESTRING --query properties.outputs.openAIEngineName.value -o tsv) && echo "The Azure OpenAI GPT Model is $OPENAI_ENGINE"
OPENAI_EMBEDDINGS_ENGINE=$(az deployment sub show --name main-$UNIQUESTRING --query properties.outputs.openAIEmbeddingEngine.value -o tsv) && echo "The Azure OpenAI Embedding Model is $OPENAI_EMBEDDINGS_ENGINE"
```
If variables are empty (some shells like zsh may have this issue) - see Troubleshooting section below.
> **Important**
> Ensure you those commands above captured the correct values for the environment variables by using the echo command, otherwise you might run into errors in the next few commands.
Note: Verify in Azure OpenAI studio you have available quota for GPT-35-turbo model, otherwise you might get error: "code": "InsufficientQuota", "message": "The specified capacity '1' of account deployment is bigger than available capacity '0' for UsageName 'Tokens Per Minute (thousands) - GPT-35-Turbo'."
#### Store the resource keys Key Vault Secrets
### Store the resource keys Key Vault Secrets
OpenAI API, Blob Storage, Form Recognizer and Translator keys will be secured in Key Vault, and passed to the workload using the CSI Secret driver
> Note: If you get a bad request error in any of the commands below, then it means the previous commands did not serialize the environment variable correctly. Use the echo command to get the name of the AI services used in the commands below and run the commands by replacing the environment variables with actual service names.
```bash
az keyvault secret set --name openaiapikey --vault-name $KV_NAME --value $(az cognitiveservices account keys list -g $RGNAME -n $OPENAI_ACCOUNTNAME --query key1 -o tsv)
az keyvault secret set --name openaiapikey --vault-name $KV_NAME --value $(az cognitiveservices account keys list -g $OPENAI_RGNAME -n $OPENAI_ACCOUNTNAME --query key1 -o tsv)
az keyvault secret set --name formrecognizerkey --vault-name $KV_NAME --value $(az cognitiveservices account keys list -g $RGNAME -n $FORMREC_ACCOUNT --query key1 -o tsv)
@ -122,11 +155,11 @@ az keyvault secret set --name translatekey --vault-name $KV_NAME --value $(az c
az keyvault secret set --name blobaccountkey --vault-name $KV_NAME --value $(az storage account keys list -g $RGNAME -n $BLOB_ACCOUNT_NAME --query [1].value -o tsv)
```
### Federate AKS MI with Service account
Create and record the required federation to allow the CSI Secret driver to use the AD Workload identity, and to update the manifest files.
```bash
CSIIdentity=($(az aks show -g $RGNAME -n $AKSCLUSTER --query [addonProfiles.azureKeyvaultSecretsProvider.identity.resourceId,addonProfiles.azureKeyvaultSecretsProvider.identity.clientId] -o tsv | cut -d '/' -f 5,9 --output-delimiter ' '))
CLIENT_ID=${CSIIdentity[2]}
@ -134,7 +167,6 @@ IDNAME=${CSIIdentity[1]}
IDRG=${CSIIdentity[0]}
az identity federated-credential create --name aksfederatedidentity --identity-name $IDNAME --resource-group $IDRG --issuer $OIDCISSUERURL --subject system:serviceaccount:default:serversa
```
#### Kubernetes Manifests
@ -150,18 +182,20 @@ cd ../kubernetes/
az aks get-credentials -g $RGNAME -n $AKSCLUSTER
kubectl get nodes
INGRESS_IP=$(kubectl get svc nginx -n app-routing-system -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo "Ingress IP: $INGRESS_IP"
```
### Save variables in a new .env file
```bash
cat << EOF >> .env
cat << EOF > .env
CLIENT_ID=$CLIENT_ID
TENANT_ID=$(az account show --query tenantId -o tsv)
KV_NAME=$KV_NAME
OPENAI_API_BASE=$OPENAI_API_BASE
OPENAI_ENGINE=$OPENAI_ENGINE
OPENAI_EMBEDDINGS_ENGINE=$OPENAI_EMBEDDINGS_ENGINE
LOCATION=$LOCATION
BLOB_ACCOUNT_NAME=$BLOB_ACCOUNT_NAME
FORM_RECOGNIZER_ENDPOINT=$FORM_RECOGNIZER_ENDPOINT
@ -171,30 +205,49 @@ EOF
### Deploy the Kubernetes resources
Option 1:
Deploy kustomize manifests
```bash
kubectl apply -k .
```
if you are using kubectl below version 1.25, you would have to download and run `kustomize` separately
```bash
kustomize build . > deploy-all.yaml
kubectl apply -f deploy-all.yaml
```
Option 2:
```
kubectl apply -k .
```
### Test the app
Get the URL where the app can be reached
```bash
kubectl get ingress
```
1. Copy the url under **HOSTS** and paste it in your browser.
1. Try asking the chatbot a domain specific question by heading to the **Chat** tab and typing a question there. You will notice it fail to answer it correctly.
1. Click on the `Add Document` tab in the left pane and either upload a PDF with domain information you would like to ask the chatbot about or copy and paste text containing the knowledge base in `Add text to the knowledge base` section, then click on `Compute Embeddings`
![add](../../media/openaiadddocs.png)
1. Head back to the **Chat** tab, try asking the same question again and watch the chatbot answer it correctly
![add](../../media/openaichat.png)
### Troubleshooting
#### Insufficient Quota
Depending on your subscription OpenAI quota you may get deployment error
```json
Inner Errors:
{"code": "InsufficientQuota", "message": "The specified capacity '120' of account deployment is bigger than available capacity '108' for UsageName 'Tokens Per Minute (thousands) - GPT-35-Turbo'."}
```
There are few options - point deployment to the existing OpenAI resource instead of provisioning new one, or adjust quota.
Note: check if you have soft-deleted OpenAI instances taking up quota and purge them.
#### Bad request errors
Depending on type of terminal you are using, the command to create environment variables by querying the **INFRA_RESULT** variable that gets created with the deployment might not work properly. You will notice then when you get bad request errors when running subsequent commands. Try using the **echo** command to print the values of those environment variables into your terminal and replace the environment variables like `$OPENAI_ACCOUNTNAME` and `$OIDCISSUERURL` with the actual string values.
#### Pod deployment issues
If you notice that the api pod is stuck in *ContainerCreating* status, chances are that the federated identity was not created properly. To fix this, ensure that the "CSIIdentity" environment variable was created properly. You should then run the "az identity federated-credential create" command again using string values as opposed to environment variables. You can find the string values by using the **echo** command to print the environment variables in your terminal. It is the API deployment that brings the secrets from Key vault into the AKS cluster, so the other two pods require the API pod to be in a running state before they can start as well since they require the secrets.

139
Scenarios/AKS-OpenAI-CogServe-Redis-Embeddings/infrastructure/intelligent-services.bicep
Просмотреть файл

@ -1,124 +1,13 @@
@description('Signed In User Id')
param signedinuser string
@minLength(3)
@maxLength(10)
@description('Used to name all resources')
param ResourcePrefix string = 'aksembed'
@minLength(3)
@maxLength(10)
@description('Used to name all resources')
param UniqueString string // need to specify this in your deployment command
param OpenAIEngine string = 'gpt-35-turbo'
param OpenAIEngineVersion string = '0301'
param OpenAIEmbeddingsEngineDoc string = 'text-embedding-ada-002'
param OpenAIEmbeddingsEngineDocVersion string = '2'
param location string = resourceGroup().location
param resourcePrefix string = ''
var BlobContainerName = 'documents'
var openAIName = '${ResourcePrefix}-${UniqueString}'
//---------Kubernetes Construction---------
module aksconst 'AKS-Construction/bicep/main.bicep' = {
name: 'aksconstruction'
params: {
location: location
resourceName: openAIName
enable_aad: true
enableAzureRBAC: true
omsagent: true
retentionInDays: 30
agentCount: 2
agentVMSize: 'Standard_D2ds_v4'
osDiskType: 'Managed'
AksPaidSkuForSLA: true
networkPolicy: 'azure'
azurepolicy: 'audit'
acrPushRolePrincipalId: signedinuser
adminPrincipalId: signedinuser
AksDisableLocalAccounts: true
custom_vnet: true
upgradeChannel: 'stable'
workloadIdentity: true
CreateNetworkSecurityGroups:true
//Workload Identity requires OidcIssuer to be configured on AKS
oidcIssuer: true
//We'll also enable the CSI driver for Key Vault
keyVaultAksCSI: true
keyVaultCreate: true
keyVaultOfficerRolePrincipalId: signedinuser
warIngressNginx: true
}
}
output kvAppName string = aksconst.outputs.keyVaultName
output aksOidcIssuerUrl string = aksconst.outputs.aksOidcIssuerUrl
output aksClusterName string = aksconst.outputs.aksClusterName
resource OpenAI 'Microsoft.CognitiveServices/accounts@2023-05-01' = {
name: openAIName
location: location
kind: 'OpenAI'
sku: {
name: 'S0'
tier: 'Standard'
}
properties: {
customSubDomainName: openAIName
networkAcls: {
defaultAction: 'Allow'
virtualNetworkRules: []
ipRules: []
}
publicNetworkAccess: 'Enabled'
}
resource OpenAIDeploymentGPT 'deployments' = {
name: 'gpt-deployment'
sku: {
name: 'Standard'
capacity: 120
}
properties: {
model: {
format: 'OpenAI'
name: OpenAIEngine
version: OpenAIEngineVersion
}
}
}
resource OpenAIDeploymentEmbeddings 'deployments' = {
name: OpenAIEmbeddingsEngineDoc
sku: {
name: 'Standard'
capacity: 120
}
properties: {
model: {
format: 'OpenAI'
name: OpenAIEmbeddingsEngineDoc
version: OpenAIEmbeddingsEngineDocVersion
}
}
dependsOn: [
OpenAIDeploymentGPT
]
}
}
//---------FormRecognizer Construction---------
resource FormRecognizer 'Microsoft.CognitiveServices/accounts@2023-05-01' = {
name: '${ResourcePrefix}-${UniqueString}-formrecog'
name: '${resourcePrefix}-formrecog'
location: location
kind: 'FormRecognizer'
sku: {
@ -133,9 +22,9 @@ resource FormRecognizer 'Microsoft.CognitiveServices/accounts@2023-05-01' = {
publicNetworkAccess: 'Enabled'
}
}
//---------Translator Construction---------
resource Translator 'Microsoft.CognitiveServices/accounts@2023-05-01' = {
name: '${ResourcePrefix}-${UniqueString}-translator'
name: '${resourcePrefix}-translator'
location: location
kind: 'TextTranslation'
sku: {
@ -150,9 +39,9 @@ resource Translator 'Microsoft.CognitiveServices/accounts@2023-05-01' = {
publicNetworkAccess: 'Enabled'
}
}
//-----------------Storage Account Construction-----------------
resource StorageAccount 'Microsoft.Storage/storageAccounts@2022-09-01' = {
name: '${ResourcePrefix}${UniqueString}sa'
name: '${resourcePrefix}sa'
location: location
kind: 'StorageV2'
sku: {
@ -202,10 +91,8 @@ resource StorageAccount 'Microsoft.Storage/storageAccounts@2022-09-01' = {
}
output blobAccountName string = StorageAccount.name
output openAIAccountName string = OpenAI.name
output openAIURL string = OpenAI.properties.endpoint
output formRecognizerAccountName string = FormRecognizer.name
output formRecognizerURL string = FormRecognizer.properties.endpoint
output translatorAccountName string = Translator.name
output TranslatorName string = Translator.name
output FormRecognizerName string = FormRecognizer.name
output FormRecognizerEndpoint string = FormRecognizer.properties.endpoint
output StorageAccountName string = StorageAccount.name

155
Scenarios/AKS-OpenAI-CogServe-Redis-Embeddings/infrastructure/main.bicep Normal file
Просмотреть файл

@ -0,0 +1,155 @@
targetScope = 'subscription'
@description('Signed In User Id')
param signedinuser string
@minLength(3)
@maxLength(10)
@description('Used to name all resources')
param ResourcePrefix string = 'aksembed'
@minLength(3)
@maxLength(10)
@description('Used to name all resources')
param UniqueString string // need to specify this in your deployment command
@description('OpenAI Service Name if already exists')
param openAIName string = ''
param openAIRGName string = ''
param OpenAIEngine string = 'gpt-35-turbo'
param OpenAIEngineVersion string = '0301'
param OpenAIEmbeddingsEngineDoc string = 'text-embedding-ada-002'
param OpenAIEmbeddingsEngineDocVersion string = '2'
param OpenAIQuota int = 120
param resourceGroupName string = ''
param location string = deployment().location
resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = {
name: !empty(resourceGroupName) ? resourceGroupName : 'openai-embedding-rg-${UniqueString}'
location: location
}
//---------Kubernetes Construction---------
module aksconst 'AKS-Construction/bicep/main.bicep' = {
name: 'aksconstruction'
scope: resourceGroup
params: {
location: location
resourceName: '${ResourcePrefix}-${UniqueString}'
enable_aad: true
enableAzureRBAC: true
omsagent: true
retentionInDays: 30
agentCount: 2
agentVMSize: 'Standard_D2ds_v4'
osDiskType: 'Managed'
AksPaidSkuForSLA: true
networkPolicy: 'azure'
azurepolicy: 'audit'
acrPushRolePrincipalId: signedinuser
adminPrincipalId: signedinuser
AksDisableLocalAccounts: true
custom_vnet: true
upgradeChannel: 'stable'
workloadIdentity: true
CreateNetworkSecurityGroups:true
//Workload Identity requires OidcIssuer to be configured on AKS
oidcIssuer: true
//We'll also enable the CSI driver for Key Vault
keyVaultAksCSI: true
keyVaultCreate: true
keyVaultOfficerRolePrincipalId: signedinuser
warIngressNginx: true
}
}
output kvAppName string = aksconst.outputs.keyVaultName
output aksOidcIssuerUrl string = aksconst.outputs.aksOidcIssuerUrl
output aksClusterName string = aksconst.outputs.aksClusterName
//---------OpenAI Construction---------
resource openAIRG 'Microsoft.Resources/resourceGroups@2021-04-01' existing = if (!empty(openAIRGName)) {
name: !empty(openAIRGName) ? openAIRGName : resourceGroup.name
}
resource OpenAIExisting 'Microsoft.CognitiveServices/accounts@2023-05-01' existing = if (!empty(openAIName)) {
name: openAIName
scope: openAIRG
resource OpenAIDeploymentGPTExisting 'deployments' existing = if (!empty(openAIName)){
name: OpenAIEngine
}
resource OpenAIDeploymentEmbeddingsExisting 'deployments' existing = if (!empty(openAIName)){
name: OpenAIEmbeddingsEngineDoc
}
}
module OpenAI 'openai.bicep' = if (empty(openAIName)) {
name: 'openai'
scope: resourceGroup
params: {
name: '${ResourcePrefix}${UniqueString}'
location: location
customSubDomainName: '${ResourcePrefix}${UniqueString}'
sku: {
name: 'S0'
}
deployments: [
{
name: OpenAIEngine
model: {
format: 'OpenAI'
name: 'gpt-35-turbo'
version: OpenAIEngineVersion
}
sku: {
name: 'Standard'
capacity: OpenAIQuota
}
}
{
name: OpenAIEmbeddingsEngineDoc
model: {
format: 'OpenAI'
name: 'text-embedding-ada-002'
version: OpenAIEmbeddingsEngineDocVersion
}
capacity: OpenAIQuota
}
]
}
}
//---------Form Recognizer and Translator Construction---------
module intelligentServices 'intelligent-services.bicep' = {
name: 'intelligent-services'
scope: resourceGroup
params: {
location: location
resourcePrefix: '${ResourcePrefix}${UniqueString}'
}
}
//---------Outputs Construction---------
output blobAccountName string = intelligentServices.outputs.StorageAccountName
output openAIAccountName string = ((empty(openAIName)) ? OpenAI.outputs.OpenAIName : OpenAIExisting.name)
output openAIURL string = ((empty(openAIName)) ? OpenAI.outputs.OpenAIEndpoint: OpenAIExisting.properties.endpoint)
output openAIEngineName string = OpenAIEngine
output openAIEmbeddingEngine string = OpenAIEmbeddingsEngineDoc
output openAIRGName string = ((empty(openAIName)) ? resourceGroup.name : openAIRG.name)
output formRecognizerName string = intelligentServices.outputs.FormRecognizerName
output formRecognizerEndpoint string = intelligentServices.outputs.FormRecognizerEndpoint
output translatorName string = intelligentServices.outputs.TranslatorName

45
Scenarios/AKS-OpenAI-CogServe-Redis-Embeddings/infrastructure/openai.bicep Normal file
Просмотреть файл

@ -0,0 +1,45 @@
param name string
param location string = resourceGroup().location
param tags object = {}
param customSubDomainName string = name
param deployments array = []
param kind string = 'OpenAI'
param publicNetworkAccess string = 'Enabled'
param sku object = {
name: 'S0'
}
resource OpenAI 'Microsoft.CognitiveServices/accounts@2023-05-01' = {
name: name
location: location
tags: tags
kind: kind
properties: {
customSubDomainName: customSubDomainName
publicNetworkAccess: publicNetworkAccess
networkAcls: {
defaultAction: 'Allow'
virtualNetworkRules: []
ipRules: []
}
}
sku: sku
}
@batchSize(1)
resource deployment 'Microsoft.CognitiveServices/accounts/deployments@2023-05-01' = [for deployment in deployments: {
parent: OpenAI
name: deployment.name
properties: {
model: deployment.model
}
sku: contains(deployment, 'sku') ? deployment.sku : {
name: 'Standard'
capacity: deployment.capacity
}
}]
output OpenAIEndpoint string = OpenAI.properties.endpoint
output OpenAIId string = OpenAI.id
output OpenAIName string = OpenAI.name

2
Scenarios/AKS-OpenAI-CogServe-Redis-Embeddings/kubernetes/patches/env-configmap.yaml
Просмотреть файл

@ -20,7 +20,7 @@ data:
OPENAI_EMBEDDINGS_ENGINE: text-embedding-ada-002
OPENAI_EMBEDDINGS_ENGINE_DOC: text-embedding-ada-002
OPENAI_EMBEDDINGS_ENGINE_QUERY: text-embedding-ada-002
OPENAI_ENGINE: gpt-deployment
OPENAI_ENGINE: gpt-35-turbo
OPENAI_MAX_TOKENS: "-1"
OPENAI_TEMPERATURE: "0.7"
QUEUE_NAME: doc-processing

26
Scenarios/AKS-OpenAI-CogServe-Redis-Embeddings/kubernetes/patches/replacements.yaml
Просмотреть файл

@ -64,8 +64,29 @@
name: env
fieldPaths:
- data.OPENAI_API_BASE
## REPLACE OPENAI ConfigMap
- source:
kind: ConfigMap
fieldPath: data.OPENAI_ENGINE
name: kvmap
targets:
- select:
kind: ConfigMap
name: env
fieldPaths:
- data.OPENAI_ENGINE
## REPLACE OPENAI ConfigMap
- source:
kind: ConfigMap
fieldPath: data.OPENAI_EMBEDDINGS_ENGINE
name: kvmap
targets:
- select:
kind: ConfigMap
name: env
fieldPaths:
- data.OPENAI_EMBEDDINGS_ENGINE
## REPLACE BLOB ConfigMap
- source:
kind: ConfigMap
fieldPath: data.BLOB_ACCOUNT_NAME
@ -76,7 +97,8 @@
name: env
fieldPaths:
- data.BLOB_ACCOUNT_NAME
## REPLACE OPENAI ConfigMap
## REPLACE FR ConfigMap
- source:
kind: ConfigMap
fieldPath: data.FORM_RECOGNIZER_ENDPOINT

Двоичные данные
media/openaiadddocs.png Normal file
Просмотреть файл

Двоичный файл не отображается.
Режим "рядом"

После

Ширина:  |  Высота:  |  Размер: 138 KiB

Двоичные данные
media/openaichat.png Normal file
Просмотреть файл

Двоичный файл не отображается.
Режим "рядом"

После

Ширина:  |  Высота:  |  Размер: 144 KiB