Environment Variables And Prerequisites Setup#

Caution

While this document provides an overview of certain Cloud Service Provider (CSP) procedures, it is strongly advised to consult the official, publicly accessible CSP documentation for the most up-to-date and comprehensive instructions. CSPs frequently update their services and interfaces, making it crucial to rely on their current guidelines to ensure accuracy and optimal implementation.

Using lookup Function In Config Template#

The config template yml file contains several inputs about the infrastructure and application’s needs. For ease of use, some of these are wired to lookup environment variables. For example {{ lookup(‘env’, ‘NGC_CLI_API_KEY’) }} is expanding it to the NGC_CLI_API_KEY environment variable. What this means is, we can set an environment variable for NGC_CLI_API_KEY with its value and Deployment Script can access it automatically.

Environment Variable Definitions#

By default the sample environment variable files examples folder provides look like below. Based on need you can make more environment variables and use lookup function in config-template yaml file.

cat my-config.env
export OPENAI_API_KEY="<replace-with-actual-value>"
export NGC_CLI_API_KEY="<replace-with-actual-value>"
export NVIDIA_API_KEY="<replace-with-actual-value>"
export CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE="<replace-with-absolute-path-where-service-account-key-json-file-stored>"

Below table explains the purpose of each environment variable used in the examples folder.

Azure Environment Variables#

Environment Variable

Definition

OPENAI_API_KEY

Key to access OpenAI’s models through the API

NGC_CLI_API_KEY

Key to access NGC resources thru command line. Such as Helm charts, Models, Container images etc.,

NVIDIA_API_KEY

Key to access NGC resources thru command line. Such as Helm charts, Models, Container images etc. This one is specifically used to access Nvidia NIMs.

CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE

JSON file containing credentials that allow applications to authenticate as the GCP service account.

Caution

If you modify your <my-env-file.env> file or start a new shell, you will have to run source <my-env-file.env> again before running ./envbuild.sh

Setting up GCP Pre-requisites#

Login to the GCP Console#

  • Log into GCP Console as a user with admin access.

  • Click on Navigation Menu in the left top corner to get to the page listing all products/services.

  • For all subsequent steps, navigate back to this page to find and create a new resource.

IAM & Admin Setup#

Service Account#

  • Select the IAM & Admin from the left navigation menu.

  • Select the Service Accounts.

  • Click on the Create Service Account button at the top of the Service Accounts page to create a new service account.

  • In the wizard:

  • Go to section Service account details:

    • Service account name: Provide an appropriate name. (eg: <my-org>-tokkio-automation)

    • Service account ID: It will auto populated using the service account name.

    • Service account description: Provide an appropriate description for service account.

    • Click on Create and Continue button

  • Go to section Grant this service account access to project *. Select an Owner role and click on Continue.

  • Grant users access to this service account section is optional.

  • Click on DONE.

  • You will be automatically taken to the Service accounts pages. If not:

    • Select the IAM & Admin from the left navigation menu.

    • Select the Service Accounts from the left menu.

  • On the Service accounts page, it will show all the service accounts available in this project.

  • Identify the service account created using Email or Name field.

  • Click on created Service accounts from the list and it will open a page showing all details about Service Account.

  • Click on the KEYS option available on the page.

  • Click on ADD KEY and select Create new key option and select JSON as Key type.

  • The key file will be automatically downloaded to your local machine. This Key file contains the private key needed to authenticate as the service account with GCP.

Deployment State Storage#

From the Navigation Menu page:

  • Select the Cloud Storage from the category (on the left).

  • Click on the +Create button to create a new storage account.

  • In the wizard:

    • In the Name your bucket section:

      • Provide a globally unique name for the bucket. (We are creating this bucket to store deployment state.)

      • Optionally add Labels.

    • In the Choose where to store your data section: - Select location type as region. - Select the appropriate region from the drop-down list.

    • Leave all other sections as is.

    • Click CREATE.

Base Domain#

From the Search box:

  • Search the Cloud DNS and select Cloud DNS product from the drop-down list.

  • Click on the +CREATE ZONE button to create a new domain.

  • In the wizard:

    • Select Zone Type as Public.

    • Enter the Zone name.

    • Provide the DNS name.

    • Optionally add description.

    • Leave all other sections as is.

    • Click CREATE.

On this page