Update AI Conductor
Updated 2024.10.02
Topics
자세한 단계
{변수}의 자세한 설명은 Terminology 페이지를 참고하세요
# env for update variables
export AIC_RELEASE_VERSION=
export AIC_BACKEND_IMAGE_TAG=
export AIC_FRONTEND_IMAGE_TAG=
# env for fixed variables
export AWS_ACCOUNT_ID=
export AWS_DEFAULT_REGION=
export AWS_DEFAULT_REGION_ALIAS=
export DOMAIN_NAME=
export INFRA_NAME=
export DEPLOY_ENV=
export REDIS_HOST=
export REDIS_PORT=
export AIC_BACKEND_IMAGE_URL=${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/ecr-repo-${AWS_DEFAULT_REGION_ALIAS}-${INFRA_NAME}-${DEPLOY_ENV}/ai-advisor/ai-conductor/aic-webserver
export AIC_FRONTEND_IMAGE_URL=${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/ecr-repo-${AWS_DEFAULT_REGION_ALIAS}-${INFRA_NAME}-${DEPLOY_ENV}/ai-advisor/ai-conductor/aic-frontend
export AWS_SECRETS_MANAGER_RDS=/parameter/${AWS_DEFAULT_REGION}/${INFRA_NAME}/${DEPLOY_ENV}/rds
export AIC_ECR_BASE_PATH=${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/ecr-repo-${AWS_DEFAULT_REGION_ALIAS}-${INFRA_NAME}-${DEPLOY_ENV}/
export DASHBOARD_PREFIX=https://aicond-mon.${DOMAIN_NAME}.com/d/
# env for update version
export AIC_BACKEND_URL=aicond-${DOMAIN_NAME}/api/v1/docs
export AIC_ADMIN_USER=admin
export AIC_ADMIN_PASSWD=
1. AI Conductor 업데이트
AI Conductor 초기 배포의 자세한 설명은 AI Conductor 배포하기 페이지를 참고하세요
[OPTION] AI Conductor DB 업데이트
AI Conductor DB 업데이트가 필요한 경우 아래와 같은 순서로 업데이트를 진행 합니다.
-
ai-conductor-{AIC_RELEASE_VERSION}.sql 파일을 개발자로부터 전달 받습니다.
-
AI Conductor Table을 업데이트 합니다.
mysql -h ${DB_HOST} -P ${DB_PORT} -u ${DB_ADMIN_USERNAME} -p < ai-conductor-${AIC_RELEASE_VERSION}.sql
# insert : ${DB_ADMIN_PASSWORD} -
AI Conductor Table 업데이트를 확인 합니다.
- ai-conductor-{AIC_RELEASE_VERSION}.sql 과 AI Conductor Table의 alembic_version이 일치하는지 확인합니다.
-
아래 명령어로 AI Conductor Deployment를 clone 합니다.
git clone https://github.com/mellerikat/AI-Conductor.git -
AI Conductor Backend를 업데이트 합니다.
- AI Conductor Backend 설정을 업데이트합니다.
- NOTE : 기존 설정된 경우 무시합니다.
# path : ${TOP}/AI-Conductor/backend
# redis 를 설정 합니다.
sed -i "s|host=.*|host=${REDIS_HOST}|g" params/redis.env
sed -i "s|port=.*|port=${REDIS_PORT}|g" params/redis.env
# Secrets Manager의 RDS를 설정합니다.
yq e -i '.spec.parameters.objects |= sub("/parameter.*rds",env(AWS_SECRETS_MANAGER_RDS))' base/secret-provider-class.yaml
# Environment 설정합니다.
yq e -i '.spec.template.spec.containers[].env += {"name" : "AIC_ECR_BASE_PATH"}' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1] += {"value" : env(AIC_ECR_BASE_PATH)}' base/deployment/ai-conductor-backend.yaml
# 모니터링 Dashboard의 prefix를 설정 합니다.
yq e -i '.spec.template.spec.containers[].env += [{"name" : "DASHBOARD_PREFIX"}]' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1] += {"value" : env(DASHBOARD_PREFIX)}' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1].value |= . style="double"' base/deployment/ai-conductor-backend.yaml-
AI Conductor Backend LDAP 설정을 업데이트합니다. (LDAP 사용 시 설정 필요)
- NOTE : 기존 설정된 경우 무시합니다.
[Expand AI Conductor LDAP 설정]
# path : ${TOP}/AI-Conductor/backend
# LDAP Secret 설정 합니다.
yq e -i '. += {"secretGenerator"}' kustomization.yaml
yq e -i '.secretGenerator += [{"name":"ldap-secret"}]' kustomization.yaml
yq e -i '.secretGenerator[-1] += {"namespace":"ai-conductor"}' kustomization.yaml
yq e -i '.secretGenerator[-1].options += {"disablenamesuffixhash":true}' kustomization.yaml
yq e -i '.secretGenerator[-1].files += ["./params/lge_root_ca.crt"]' kustomization.yaml
# LDAP Secret 사용 설정 합니다.
yq e -i '.spec.template.spec.volumes += [{"name" : "aic-volume"}]' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.volumes[-1].secret += {"secretName" : "ldap-secret"}' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].volumeMounts += [{"name" : "aic-volume"}]' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].volumeMounts[-1] += {"readOnly":true}' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].volumeMounts[-1] += {"mountPath":"/etc/aic"}' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].volumeMounts[-1].mountPath |= . style="double"' base/deployment/ai-conductor-backend.yaml
# LDAP 설정 합니다.
yq -i '(.spec.template.spec.containers[] | select(.env[] | select(.name == "LDAP_ENABLED")).env[] | select(.name == "LDAP_ENABLED")).value = "true"' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env += [{"name" : "LDAP_HOST_NAME"}]' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1] += {"value" : "ldaps://lgesaapds01.lge.net"}' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1].value |= . style="double"' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env += [{"name" : "LDAP_HOST_PORT"}]' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1] += {"value" : "636"}' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1].value |= . style="double"' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env += [{"name" : "LDAP_BASE_DN"}]' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1] += {"value" : "OU=LGE Users,dc=LGE,dc=NET"}' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1].value |= . style="double"' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env += [{"name" : "LDAP_SEARCH_DN"}]' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1] += {"value" : "dc=lge,dc=net"}' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1].value |= . style="double"' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env += [{"name" : "LDAP_BIND_ID"}]' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1] += {"value" : "{login_id}@lge.net"}' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1].value |= . style="double"' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env += [{"name" : "LDAP_QUERY"}]' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1] += {"value" : "(cn={login_id})"}' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1].value |= . style="double"' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env += [{"name" : "LDAPS_CA_CERT"}]' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1] += {"value" : "/etc/aic/lge_root_ca.crt"}' base/deployment/ai-conductor-backend.yaml
yq e -i '.spec.template.spec.containers[].env[-1].value |= . style="double"' base/deployment/ai-conductor-backend.yaml- 인프라 담당자로부터 lge_root_ca.crt 전달 받아 {TOP}/AI-Conductor/backend/params/lge_root_ca.crt 위치에 저장합니다.
-
AI Conductor Backend 이미지를 업데이트합니다.
# path : ${TOP}/AI-Conductor/backend
cd AI-Conductor/backend
# AI Conductor Backend 업데이트 이미지 설정
yq e -i '.images[].newName = env(AIC_BACKEND_IMAGE_URL)' kustomization.yaml
yq e -i '.images[].newTag = env(AIC_BACKEND_IMAGE_TAG)' kustomization.yaml
# AI Conductor Backend 업데이트
kubectl apply -k . - AI Conductor Backend 설정을 업데이트합니다.
-
AI Conductor Frontend를 업데이트 합니다.
- NOTE : Backend 업데이트 후 Frontend 업데이트합니다.
# path : ${TOP}/AI-Conductor/frontend
# AI Conductor Frontend 업데이트 이미지 설정
yq e -i '.images[].newName = env(AIC_FRONTEND_IMAGE_URL)' kustomization.yaml
yq e -i '.images[].newTag = env(AIC_FRONTEND_IMAGE_TAG)' kustomization.yaml
# AI Conductor Frontend 업데이트
kubectl apply -k . -
AI Conductor 업데이트 확인을 합니다.
-
AI Conductor 이미지가 정상적으로 업데이트 되었는지 확인합니다.
[Expand AI Conductor 업데이트 확인]
업데이트가 완료되면 아래와 같이 pod의 STATUS 가 'Running' 상태입니다.
kubectl get pod -n ai-conductor
# 출력
NAME READY STATUS RESTARTS AGE
ai-conductor-web-749bcd95d5-jjg9d 1/1 Running 0 15s
ai-conductor-web-749bcd95d5-r7jk5 1/1 Running 0 15s
frontend-server-6b6994d545-5x4cc 1/1 Running 0 1m2s
frontend-server-6b6994d545-cgq8s 1/1 Running 0 1m2s -
AI Conductor 이미지가 {AIC_BACKEND_IMAGE_TAG} 와 {AIC_FRONTEND_IMAGE_TAG} 로 업데이트 되었는지 확인합니다.
[Expand AI Conductor 이미지 업데이트 확인]
{AIC_BACKEND_IMAGE_TAG} 와 {AIC_FRONTEND_IMAGE_TAG} 업데이트 이미지를 확인합니다.
kubectl describe pod -n ai-conductor ai-conductor-web-749bcd95d5-7f9qc
# 출력
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 29m default-scheduler Successfully assigned ai-conductor/ai-conductor-web-58497c76d6-77mg9 to ip-10-0-128-222.ap-northeast-2.compute.internal
Normal Pulling 29m kubelet Pulling image "339713051385.dkr.ecr.ap-northeast-2.amazonaws.com/ecr-repo-an2-meerkat-dev/ai-advisor/ai-conductor/aic-webserver:${AIC_BACKEND_IMAGE_TAG}"
kubectl describe pod -n ai-conductor frontend-server-6b6994d545-5x4cc
# 출력
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 29m default-scheduler Successfully assigned ai-conductor/frontend-server-6b6994d545-5x4cc to ip-10-0-128-222.ap-northeast-2.compute.internal
Normal Pulling 29m kubelet Pulling image "339713051385.dkr.ecr.ap-northeast-2.amazonaws.com/ecr-repo-an2-meerkat-dev/ai-advisor/ai-conductor/aic-frontend:${AIC_FRONTEND_IMAGE_TAG}"
-
2. AI Conductor 버전 업데이트
- {AIC_BACKEND_URL} 접속
- POST/api/v1/auth/login 에서 admin 으로 로그인
- login_id : {AIC_ADMIN_USER}
- login_pw : {AIC_ADMIN_PASSWD}
- POST/api/v1/versions 으로 버전 업데이트
- ver_str : {AIC_RELEASE_VERSION}
- frontend_hash : {AIC_FRONTEND_TAG}
- backend_hash : {AIC_BCAKEND_TAG}
- description : 원하는 문장 (사용자에게 노출되지 않음)