Merge branch 'main' into helm-external-llm

Author: lvliang-intel

.github/workflows/push-release-charts.yaml

@@ -32,6 +32,13 @@ jobs:
           fi
           base_commit=$(git rev-parse HEAD~1) # push event
           merged_commit=$(git log -1 --format='%H')
+          charts_updated=()
+          build_push_chart() {
+            local chart="$1"
+            helm dependency update ${chart}
+            helm package $chart
+            helm push ${chart}-0-latest.tgz oci://ghcr.io/opea-project/chart
+          }
           # args: <parent-dir|include-string> <path-cut-depth> <exclude-pattern>
           update_charts () {
             dir="$1"
@@ -40,21 +47,36 @@ jobs:
             common_charts=$(git diff --name-only ${base_commit} ${merged_commit} | \
             grep "^$dir" | grep -vE "$exclude" | \
             cut -d'/' -f$depth | sort -u )
-            echo "Charts to be updated: $common_charts"
+            echo "" && echo "Charts to be updated: $common_charts" && echo ""
             echo "${{ secrets.ACTION_TOKEN }}" | helm registry login ghcr.io -u opea --password-stdin
-            pushd $dir
+            pushd $dir > /dev/null
             for chart in ${common_charts}; do
               if [ ! -d $chart ]; then continue; fi
               echo "Updating $chart"
-              helm dependency update ${chart}
-              helm package $chart
-              helm push ${chart}-0-latest.tgz oci://ghcr.io/opea-project/charts
+              charts_updated+=($chart)
+              build_push_chart $chart
+            done
+            popd > /dev/null
+          }
+          update_dependent_charts() {
+            local charts=`.github/workflows/scripts/get_chart_dependency.sh "${CHARTS_DIR}" ${charts_updated[@]} | sort -u`
+            echo "" && echo "Remaining dependent charts to be updated: $charts" && echo ""
+            echo "${{ secrets.ACTION_TOKEN }}" | helm registry login ghcr.io -u opea --password-stdin
+            for i in ${charts}; do
+              if [ ! -d $i ]; then continue; fi
+              local dir=$(dirname $i)
+              local chart=$(basename $i)
+              echo "Updating $chart in directory $dir"
+              pushd $dir > /dev/null
+              build_push_chart $chart
+              popd > /dev/null
             done
-            popd
           }
           # Update dependency for components first
           ${CHARTS_DIR}/update_dependency.sh
           # Update components: exclude other Helm chart docs than README.md
           update_charts "$CHARTS_DIR/common/" 3 '.*/[^R][^/]*\.md$'
           # Update Examples: exclude non-helm subdirs, files not in subdirs, other docs
           update_charts "$CHARTS_DIR" 2 "$CHARTS_DIR"'/(common/|assets/|[^/]*$|.*/[^R][^/]*\.md$)'
+          # Update dependent chart
+          update_dependent_charts

.github/workflows/scripts/get_chart_dependency.sh

@@ -0,0 +1,53 @@
+#!/bin/bash
+
+# Copyright (C) 2025 Intel Corporation
+# SPDX-License-Identifier: Apache-2.0
+
+# Function to check dependencies using helm dependency list
+check_dependencies() {
+    local chart_dir="$1"
+    local target_charts=("$@")
+
+    # Get the name of the current chart
+    local chart_name
+    chart_name=$(basename "$chart_dir")
+
+    # Skip if the current chart is one of the target charts
+    for target in "${target_charts[@]:1}"; do
+        if [[ "$chart_name" == "$target" ]]; then
+            return
+        fi
+    done
+
+    # Get the list of dependencies using helm dependency list
+    local dependencies
+    dependencies=$(helm dependency list "$chart_dir" 2>/dev/null | grep 'file://' | awk '{print $1}')
+
+    # Check if any of the dependencies match the target charts
+    for dep in $dependencies; do
+        for target in "${target_charts[@]:1}"; do
+            if [[ "$dep" == "$target" ]]; then
+                echo "$chart_dir"
+                return
+            fi
+        done
+    done
+}
+
+# Main script
+if [[ $# -lt 1 ]]; then
+    echo "Usage: $0 <chart_directory> [<chart1> <chart2> ... <chartN>]"
+    exit 1
+fi
+
+chart_directory="$1"
+shift
+target_charts=("$@")
+
+# Find all Helm charts in the specified directory
+chart_dirs=$(find "$chart_directory" -type d -exec test -e {}/Chart.yaml \; -print)
+
+# Iterate over each chart directory and check dependencies
+for chart_dir in $chart_dirs; do
+    check_dependencies "$chart_dir" "${target_charts[@]}"
+done

README.md

@@ -64,6 +64,7 @@ You can use [Terraform](https://www.terraform.io/) to create infrastructure to r
 
 - [AWS/EKS: Create managed Kubernetes cluster on AWS for OPEA](cloud-service-provider/aws/eks/terraform/README.md)
 - [Azure/AKS: Create managed Kubernetes cluster on Azure for OPEA](cloud-service-provider/azure/aks/terraform/README.md)
+- [GCP/GKE: Create managed Kubernetes cluster on GCP for OPEA](cloud-service-provider/gcp/gke/terraform/README.md)
 
 ## Additional Content
 

cloud-service-provider/aws/eks/terraform/main.tf

@@ -3,7 +3,19 @@ provider "aws" {
 }
 
 provider "kubernetes" {
-  config_path = "~/.kube/config"
+    host                   = data.aws_eks_cluster.this.endpoint
+    cluster_ca_certificate = base64decode(data.aws_eks_cluster.this.certificate_authority[0].data)
+    token                  = data.aws_eks_cluster_auth.this.token
+}
+
+data "aws_eks_cluster" "this" {
+  name = module.eks.cluster_name
+  depends_on = [module.eks]
+}
+
+data "aws_eks_cluster_auth" "this" {
+  name = module.eks.cluster_name
+  depends_on = [module.eks]
 }
 
 data "aws_availability_zones" "available" {

cloud-service-provider/gcp/gke/terraform/.gitignore

@@ -0,0 +1,16 @@
+**/bin/
+*.out
+*.swp
+**/Chart.lock
+**/charts/*.tgz
+
+bazel-*
+compile_commands.json
+.gitconfig
+terraform.tfstate
+terraform.tfstate.backup
+.terraform
+.terraform.lock.hcl
+.terraform/*
+.gitignore
+opea-chatqna.plan

cloud-service-provider/gcp/gke/terraform/README.md

@@ -0,0 +1,126 @@
+# OPEA applications GCP GKE deployment guide
+
+This guide shows how to deploy OPEA applications on Google Cloud Platform (GCP) Google Kubernetes Engine (GKE) using Terraform.
+
+## Prerequisites
+
+- Access to GCP GKE
+- [Terraform](https://developer.hashicorp.com/terraform/tutorials/gcp-get-started/install-cli), [GCP CLI](https://cloud.google.com/sdk/docs/install-sdk) and [Helm](https://helm.sh/docs/helm/helm_install/),[kubectl](https://kubernetes.io/docs/tasks/tools/) installed on your local machine.
+
+## Setup
+
+The setup uses Terraform to create GKE cluster with the following properties:
+
+- 1-node GKE cluster with 100 GB disk and `n4-standard-8` preemptible SPOT instance (8 vCPU and 32 GB memory)
+- Cluster autoscaling up to 5 nodes
+
+Pre GKE Cluster setup
+
+- After you've installed the gcloud SDK, initialize it by running the following command.
+
+```bash
+gcloud init
+```
+
+- This will authorize the SDK to access GCP using your user account credentials and add the SDK to your PATH. This steps requires you to login and select the project you want to work in. Finally, add your account to the Application Default Credentials (ADC). This will allow Terraform to access these credentials to provision resources on GCloud.
+
+```bash
+gcloud auth application-default login
+```
+
+In here, you will find four files used to provision a VPC, subnets and a GKE cluster.
+
+- vpc.tf provisions a VPC and subnet. A new VPC is created for this tutorial so it doesn't impact your existing cloud environment and resources. This file outputs region.
+
+- main.tf provisions a GKE cluster and a separately managed node pool (recommended). Separately managed node pools allows you to customize your Kubernetes cluster profile — this is useful if some Pods require more resources than others. You can learn more here. The number of nodes in the node pool is defined also defined here.
+
+- opea-chatqna.tfvars is a template for the project_id, cluster_name and region variables.
+
+- versions.tf sets the Terraform version to at least 0.14.
+
+## Update your opea-chatqna.tfvars file
+
+Replace the values in your opea-chatqna.tfvars file with your project_id, cluster_name and region. Terraform will use these values to target your project when provisioning your resources. Your opea-chatqna.tfvars file should look like the following.
+
+```bash
+ # opea-chatqna.tfvars
+  project_id = "REPLACE_ME"
+  region     = "us-central1"
+```
+
+You can find the project your gcloud is configured to with this command.
+
+```bash
+ gcloud config get-value project
+```
+
+The region has been defaulted to us-central1; you can find a full list of gcloud regions - https://cloud.google.com/compute/docs/regions-zones
+
+Initialize the Terraform environment.
+
+```bash
+terraform init
+```
+
+## GKE cluster
+
+By default, 1-node cluster is created which is suitable for running the OPEA application. See `main.tf` upto max_node_count = 5, if you want to tune the cluster properties, e.g., number of nodes, instance types or disk size.
+
+## Persistent Volume Claim
+
+OPEA needs a volume where to store the model. For that we need to create Kubernetes Persistent Volume Claim (PVC). OPEA requires `ReadWriteOnce` option since multiple pods needs access to the storage and they can be on different nodes. On GKE, We are installing Storage Class that support n4-standard-8 which is hyper-balanced . Thus, each OPEA application below uses the file `eks-fs-pvc.yaml` to create Storage Class and PVC in its namespace.
+
+## OPEA Applications
+
+### ChatQnA
+
+Use the commands below to create GKE cluster.
+
+```bash
+terraform plan --var-file opea-chatqna.tfvars -out opea-chatqna.plan
+terraform apply "opea-chatqna.plan"
+```
+
+Once the cluster is ready, update kubectl config
+
+```bash
+gcloud container clusters get-credentials "cluster_name"-gke --region us-central1 --project "project_id"
+```
+
+Now you should have access to the cluster via the `kubectl` command.
+
+Deploy ChatQnA Application with Helm
+
+```bash
+helm install -n chatqna --create-namespace chatqna oci://ghcr.io/opea-project/charts/chatqna --set service.type=LoadBalancer --set global.modelUsePVC=model-volume --set global.HUGGINGFACEHUB_API_TOKEN=${HFTOKEN}
+```
+
+Create the Storage Class and PVC as mentioned [above](#-persistent-volume-claim)
+
+```bash
+kubectl apply -f gke-fs-pvc.yaml -n chatqna
+```
+
+After a while, the OPEA application should be running. You can check the status via `kubectl`.
+
+```bash
+kubectl get pod -n chatqna
+```
+
+You can now start using the OPEA application.
+
+```bash
+OPEA_SERVICE=$(kubectl get svc -n chatqna chatqna -ojsonpath='{.status.loadBalancer.ingress[0].hostname}')
+curl http://${OPEA_SERVICE}:8888/v1/chatqna \
+    -H "Content-Type: application/json" \
+    -d '{"messages": "What is the revenue of Nike in 2023?"}'
+```
+
+Cleanup
+
+Delete the cluster via the following command.
+
+```bash
+helm uninstall -n chatqna chatqna
+terraform destroy -var-file opea-chatqna.tfvars
+```

cloud-service-provider/gcp/gke/terraform/gke-fs-pvc.yaml

@@ -0,0 +1,29 @@
+# Copyright (C) 2025 Intel Corporation
+# SPDX-License-Identifier: Apache-2.0
+
+---
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: balanced-storage
+provisioner: pd.csi.storage.gke.io
+volumeBindingMode: WaitForFirstConsumer
+allowVolumeExpansion: true
+parameters:
+  type: hyperdisk-balanced
+  provisioned-throughput-on-create: "250Mi"
+  provisioned-iops-on-create: "7000"
+---
+
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: model-volume
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: balanced-storage
+  resources:
+    requests:
+      storage: 50Gi
+---

cloud-service-provider/gcp/gke/terraform/main.tf

@@ -0,0 +1,58 @@
+# GKE cluster
+data "google_container_engine_versions" "gke_version" {
+  location       = var.region
+  version_prefix = "1.30."
+}
+
+resource "google_container_cluster" "primary" {
+  name     = "${var.cluster_name}-gke"
+  location = var.region
+
+  # We can't create a cluster with no node pool defined, but we want to only use
+  # separately managed node pools. So we create the smallest possible default
+  # node pool and immediately delete it.
+  remove_default_node_pool = true
+  initial_node_count       = var.initial_node_count
+  node_locations           = var.node_locations
+
+  network    = google_compute_network.vpc.name
+  subnetwork = google_compute_subnetwork.subnet.name
+}
+
+# Separately Managed Node Pool
+resource "google_container_node_pool" "primary_nodes" {
+  name     = google_container_cluster.primary.name
+  location = var.region
+  cluster  = google_container_cluster.primary.name
+
+  version        = data.google_container_engine_versions.gke_version.release_channel_default_version["STABLE"]
+  node_count     = var.gke_num_nodes
+  node_locations = var.node_locations
+  autoscaling {
+    max_node_count = var.max_node_count
+    min_node_count = var.min_node_count
+  }
+
+
+  node_config {
+    disk_size_gb = var.disk_size_gb
+    disk_type    = "hyperdisk-balanced"
+    oauth_scopes = [
+      "https://www.googleapis.com/auth/logging.write",
+      "https://www.googleapis.com/auth/monitoring",
+    ]
+
+    labels = {
+      env = var.cluster_name
+    }
+
+    preemptible  = true
+    image_type   = var.image_type
+    machine_type = var.machine_type
+    tags         = ["gke-node", "${var.cluster_name}-gke"]
+    metadata = {
+      disable-legacy-endpoints = "true"
+    }
+  }
+}
+

cloud-service-provider/gcp/gke/terraform/opea-chatqna.tfvars

@@ -0,0 +1,12 @@
+#This value required as part of Google Project id.
+project_id = "arun-poc"
+# Kubernetes cluster Name
+cluster_name       = "opea-cluster"
+region             = "us-central1"
+initial_node_count = 1
+max_node_count     = 5
+min_node_count     = 1
+node_locations     = ["us-central1-a"]
+disk_size_gb       = 100
+image_type         = "COS_CONTAINERD"
+machine_type       = "n4-standard-8"