metadata.yaml

apiVersion: blueprints.cloud.google.com/v1alpha1
kind: BlueprintMetadata
metadata:
  name: ai-on-gke
  annotations:
    config.kubernetes.io/local-config: "true"
spec:
  info:
    title: RAG-on-GKE Application
    source:
      repo: https://github.com/GoogleCloudPlatform/ai-on-gke
      sourceType: git
      dir: /applications/rag
    actuationTool:
      flavor: Terraform
    description: {}
  content: {}
  interfaces:
    variables:
      - name: acknowledge
        varType: bool
        required: true
      - name: additional_labels
        description: Additional labels to add to Kubernetes resources.
        varType: string
        defaultValue: "created-by=gke-ai-quick-start-solutions,ai.gke.io=rag"
      - name: autopilot_cluster
        varType: bool
        defaultValue: true
      - name: iap_consent_info
        description: Configure the <a href="https://developers.google.com/workspace/guides/configure-oauth-consent#configure_oauth_consent"><i>OAuth Consent Screen</i></a> for your project. Ensure <b>User type</b> is set to <i>Internal</i>. Note that by default, only users within your organization can be allowlisted. To add external users, change the <b>User type</b> to <i>External</i> after the application is deployed.
        varType: bool
        defaultValue: false
      - name: cluster_name
        varType: string
        defaultValue: "ai-on-gke"
      - name: cluster_location
        varType: string
        required: true
      - name: cluster_membership_id
        description: "require to use connectgateway for private clusters, default: cluster_name"
        varType: string
        defaultValue: ""
      - name: create_brand
        description: Create Brand OAuth Screen
        varType: bool
        defaultValue: false
      - name: create_cluster
        varType: bool
        defaultValue: true
      - name: create_gcs_bucket
        description: Enable flag to create gcs_bucket
        varType: bool
        defaultValue: false
      - name: create_network
        description: Create the VPC specified by network_name/subnetwork_name
        varType: bool
        defaultValue: true
      - name: create_rag_service_account
        description: Creates a google IAM service account & k8s service account & configures workload identity
        varType: bool
        defaultValue: true
      - name: create_ray_service_account
        description: Creates a google IAM service account & k8s service account & configures workload identity
        varType: bool
        defaultValue: true
      - name: dataset_embeddings_table_name
        description: Name of the table that stores vector embeddings for input dataset
        varType: string
        defaultValue: netflix_reviews_db
      - name: disable_ray_cluster_network_policy
        description: Disables Kubernetes Network Policy for Ray Clusters for this demo. Defaulting to 'true' aka disabled pending fixes to the kuberay-monitoring module. This should be defaulted to false.
        varType: bool
        defaultValue: true
      - name: enable_grafana_on_ray_dashboard
        description: Add option to enable or disable grafana for the ray dashboard. Enabling requires anonymous access.
        varType: bool
        defaultValue: false
      - name: frontend_add_auth
        description: Allows you to host your chat application at a custom domain and grant IAM access to users/groups.
        varType: bool
        defaultValue: false
      - name: frontend_client_id
        description: Client ID used for enabling IAP. If empty client credentials will be autogenerated.
        varType: string
        defaultValue: ""
      - name: frontend_client_secret
        description: Client secret used for enabling IAP. If empty client credentials will be autogenerated.
        varType: string
        defaultValue: ""
      - name: frontend_domain
        description: A domain to host your chat application.
        varType: string
        defaultValue: "<your chat app domain here>"
      - name: frontend_k8s_backend_config_name
        description: Name of the Kubernetes Backend Config
        varType: string
        defaultValue: frontend-iap-config
      - name: frontend_k8s_backend_service_name
        description: Name of the Backend Service
        varType: string
        defaultValue: rag-frontend
      - name: frontend_k8s_backend_service_port
        description: Name of the Backend Service Port
        varType: number
        defaultValue: 8080
      - name: frontend_k8s_iap_secret_name
        description: Name for frontend iap secret
        varType: string
        defaultValue: frontend-iap-secret
      - name: frontend_k8s_ingress_name
        varType: string
        defaultValue: frontend-ingress
      - name: frontend_k8s_managed_cert_name
        description: Name for frontend managed certificate
        varType: string
        defaultValue: frontend-managed-cert
      - name: frontend_members_allowlist
        description: "For example - user:example@google.com,serviceAccount:serviceAccount@google.com,group:group@google.com,domain:google.com"
        varType: string
        defaultValue: "user:<your-email-here>"
      - name: gcs_bucket
        description: Create or choose a bucket to store the dataset.
        varType: string
        required: true
      - name: cloudsql_instance
        description: Cloud SQL <a href="https://github.com/pgvector/pgvector">pgvector</a> instance name to store generated vector embeddings for the dataset.
        varType: string
        defaultValue: pgvector-instance
      - name: cloudsql_instance_region
        description: GCP region for CloudSQL instance
        varType: string
        defaultValue: ""
      - name: goog_cm_deployment_name
        varType: string
        defaultValue: ""
      - name: jupyter_add_auth
        description: Allows you to host JupyterHub at a custom domain and grant IAM access to users/groups.
        varType: bool
        defaultValue: false
      - name: jupyter_client_id
        description: Client ID used for enabling IAP. If empty client credentials will be autogenerated.
        varType: string
        defaultValue: ""
      - name: jupyter_client_secret
        description: Client secret used for enabling IAP. If empty client credentials will be autogenerated.
        varType: string
        defaultValue: ""
      - name: jupyter_domain
        description: A domain to host your JupyterHub application.
        varType: string
        defaultValue: "<your JupyterHub domain here>"
      - name: jupyter_k8s_backend_config_name
        description: Name of the Kubernetes Backend Config
        varType: string
        defaultValue: jupyter-iap-config
      - name: jupyter_k8s_backend_service_name
        description: Name of the Backend Service
        varType: string
        defaultValue: proxy-public
      - name: jupyter_k8s_backend_service_port
        description: Name of the Backend Service Port
        varType: number
        defaultValue: 80
      - name: jupyter_k8s_iap_secret_name
        description: Name for jupyter iap secret
        varType: string
        defaultValue: jupyter-iap-secret
      - name: jupyter_k8s_ingress_name
        varType: string
        defaultValue: jupyter-ingress
      - name: jupyter_k8s_managed_cert_name
        description: Name for frontend managed certificate
        varType: string
        defaultValue: jupyter-managed-cert
      - name: jupyter_members_allowlist
        description: "For example - user:example@google.com,serviceAccount:serviceAccount@google.com,group:group@google.com,domain:google.com"
        varType: string
        defaultValue: "user:<your-email-here>"
      - name: jupyter_service_account
        description: Google Cloud IAM service account for authenticating with GCP services
        varType: string
        defaultValue: jupyter-sa
      - name: kubernetes_namespace
        description: Kubernetes namespace where resources are deployed
        varType: string
        defaultValue: ai-on-gke
      - name: network_name
        description: Network name of VPC
        varType: string
        defaultValue: net
      - name: private_cluster
        varType: bool
        defaultValue: false
      - name: project_id
        description: GCP project id
        varType: string
        required: true
      - name: rag_service_account
        description: Google Cloud IAM service account for authenticating with GCP services
        varType: string
        defaultValue: rag-sa
      - name: ray_dashboard_add_auth
        description: Allows you to host the Ray dashboard at a custom domain and grant IAM access to users/groups.
        varType: bool
        defaultValue: false
      - name: ray_dashboard_client_id
        description: Client ID used for enabling IAP
        varType: string
        defaultValue: ""
      - name: ray_dashboard_client_secret
        description: Client secret used for enabling IAP
        varType: string
        defaultValue: ""
      - name: ray_dashboard_domain
        description: A domain to host your Ray dashboard.
        varType: string
        defaultValue: "<your Ray Dashboard domain here>"
      - name: ray_dashboard_k8s_backend_config_name
        description: Name of the Backend Config on GCP
        varType: string
        defaultValue: ray-dashboard-iap-config
      - name: ray_dashboard_k8s_backend_service_port
        description: Name of the K8s Backend Service Port
        varType: number
        defaultValue: 8265
      - name: ray_dashboard_k8s_iap_secret_name
        varType: string
        defaultValue: ray-dashboard-secret
      - name: ray_dashboard_k8s_ingress_name
        varType: string
        defaultValue: ray-dashboard-ingress
      - name: ray_dashboard_k8s_managed_cert_name
        description: Name for frontend managed certificate
        varType: string
        defaultValue: ray-dashboard-managed-cert
      - name: ray_dashboard_members_allowlist
        description: "For example - user:example@google.com,serviceAccount:serviceAccount@google.com,group:group@google.com,domain:google.com"
        varType: string
        defaultValue: "user:<your-email-here>"
      - name: ray_service_account
        description: Google Cloud IAM service account for authenticating with GCP services
        varType: string
        defaultValue: ray-sa
      - name: subnetwork_cidr
        varType: string
        defaultValue: 10.128.0.0/20
      - name: support_email
        description: Email for users to contact with questions about their consent
        varType: string
        defaultValue: ""
    outputs:
      - name: frontend_ip_address
        description: Frontend global IP address
      - name: frontend_uri
        description: RAG Frontend Endpoint to access user interface. In case of private IP, consider port-forwarding.
      - name: gcp_network
        description: Provisioned GCP Network Name
      - name: jupyterhub_ip_address
        description: JupyterHub global IP address
      - name: jupyterhub_password
        description: JupyterHub password is only required for standard authentication. Ignore, in case of IAP authentication
      - name: jupyterhub_uri
        description: JupyterHub Endpoint to access user interface. In case of private IP, consider port-forwarding.
      - name: jupyterhub_user
        description: JupyterHub user is only required for standard authentication. Ignore, in case of IAP authentication
      - name: kubernetes_namespace
        description: Kubernetes namespace
      - name: gke_cluster_name
        description: GKE cluster name where the chat interface, JupyterHub and Ray cluster are running
      - name: gke_cluster_location
        description: GKE cluster location
      - name: project_id
        description: GCP project
      - name: ray_dashboard_ip_address
        description: Ray Dashboard global IP address
      - name: ray_dashboard_uri
        description: Ray Dashboard Endpoint to access user interface. In case of private IP, consider port-forwarding.