Install workflow components
Create namespace for workflow components
kubectl create ns aizen
If you have Docker credential information, first create kubernetes secret for accessing Aizen images
kubectl create secret docker-registry aizenrepo-creds
--docker-username=aizencorp
--docker-password=<YOUR DOCKER CREDENTIALS>
-n aizen
Important
Decide the basic authentication type that you would like to use for accessing Aizen Gui
There are 4 different authentication type that can be specified
ldap (default) - LDAP and Active directory
auth0 - OAuth based authentication like Github,Google, GitLab and so on
keycloak - An open source for identity and access management (Single Sign On)
azure - Microsoft Entra ID based authentication
For Azure deployments for non local STORAGE_TYPE, then please include additional properties as shown here. Default is local
global.storage_type=$STORAGE_TYPE,\
global.s3.azure.enabled=true,\
global.s3.azure.values.storage_account_name=$STORAGE_ACCOUNT_NAME,\
global.s3.azure.values.storage_access_key=$CLOUD_ACCESSKEY_ID,\
global.s3.azure.values.storage_connection_string=$CLOUD_SECRET_KEY
Deploy workflow components
NAMESPACE=aizen
INFRA_NAMESPACE=aizen-infra
HELMCHART_LOCATION=aizen-workflow-helmcharts-1.0.0
STORAGE_CLASS=
INGRESS_HOST=
BUCKET_NAME=
CLUSTER_NAME=
CLOUD_ENDPOINT_URL=
CLOUD_ACCESSKEY_ID=
CLOUD_SECRET_KEY=
CLOUD_PROVIDER_REGION=
#S3 compatible minio,aws or azure
CLOUD_PROVIDER_TYPE=
#Needed for Azure
#STORAGE_ACCOUNT_NAME=
STORAGE_TYPE=local
VAULT_AUTH_TYPE=azure
NODESELECTOR_LABEL_NAME=agentpool
NODESELECTOR_LABEL_VALUE=system
#Options are: ldap,keycloak,azure,auth0
AUTH_TYPE=ldap
SECURE_HTTPS=false
INGRESS_ENABLED=false
GATEWAY_ENABLED=true
OPENAI_API_KEY=
ANTHROPIC_API_KEY=
#Needed only for cloudian
CLOUD_ENDPOINT_IP=
#Needed for gui if using secure communication
AIZENGUI_FRONTEND_HOST=
#IMAGE
IMAGE_REPO=aizencorp
IMAGE_REPO_SECRET=
IMAGE_TAG=1.0.0
#PVC
STORAGE_PERSISTENCE_SIZE=50Gi
if [[ "$VAULT_AUTH_TYPE" = "azure" ]]; then
AZUREAPP_VAULT_NAME=aizenai-vault
AZUREAPP_CLIENT_ID=yyuytut
AZUREAPP_TENANT_ID=d565hfghfh
AZUREAPP_CLIENT_SECRET=jhkj
fi
if [[ "$AUTH_TYPE" = "ldap" ]]; then
LDAP_SERVER_HOST="ldap://aizen-openldap-service.aizen-infra.svc.cluster.local:1389"
LDAP_BIND_DN="uid={username}\,ou=users\,dc=aizencorp\,dc=local\,dc=com|uid={username}\,ou=people\,dc=aizencorp\,dc=local\,dc=com"
LDAP_USER_DN="ou=users\,dc=aizencorp\,dc=local\,dc=com"
LDAP_ADMIN_DN="cn=admin\,dc=aizencorp\,dc=local\,dc=com"
LDAP_ADMIN_DNPWD="admin"
LDAP_GROUP_DN="ou=groups\,dc=aizencorp\,dc=local\,dc=com"
LDAP_ALLOWED_GROUPS="cn=dbgrp\,ou=groups\,dc=aizencorp\,dc=local\,dc=com"
LDAP_SEARCH_FILTER="(uid={username})"
AIZEN_ADMIN_USER="aizenadmin"
elif [[ "$AUTH_TYPE" = "oauth" ]]; then
AUTH0_DOMAIN=""
AUTH0_AUDIENCE=""
AUTH0_CLIENT_ID="test"
AUTH0_CLIENT_SECRET="test"
JWT_SECRET=$AUTH0_CLIENT_SECRET
AIZEN_ADMIN_USER="aizenadmin"
AUTH0_CALLBACK_URL="1.2.3.4/ns/console/hub/oauth_callback"
elif [[ "$AUTH_TYPE" = "keycloak" ]]; then
KEYCLOAK_URL=http://1.2.3.4:8080
KEYCLOAK_CLIENT_ID=aizengui
KEYCLOAK_REALM=aizenrealm
AIZEN_ADMIN_USER="aizenadmin"
elif [[ "$AUTH_TYPE" = "azure" ]]; then
AZUREAPP_CLIENT_ID=yyyyy
AZUREAPP_TENANT_ID=xxxxx
AIZEN_ADMIN_USER="aizenadmin"
fi
kubectl get ns ${NAMESPACE} >/dev/null 2>&1 || kubectl create ns ${NAMESPACE}
#You don't need to change anything below this line
helm -n $NAMESPACE install workflow $HELMCHART_LOCATION/aizen \
--set core.enabled=true,\
core.storage.volume_size=$STORAGE_PERSISTENCE_SIZE,\
global.clustername=$CLUSTER_NAME,\
global.s3.secrets.enabled=true,\
global.s3.endpoint_url=$CLOUD_ENDPOINT_URL,\
global.s3.endpoint_ip=$CLOUD_ENDPOINT_IP,\
global.s3.secrets.values.s3_access_key=$CLOUD_ACCESSKEY_ID,\
global.s3.secrets.values.s3_secret_key=$CLOUD_SECRET_KEY,\
global.customer_bucket_name=$BUCKET_NAME,\
global.storage_class=$STORAGE_CLASS,\
global.secure_https=$SECURE_HTTPS,\
global.cloud_provider_type=$CLOUD_PROVIDER_TYPE,\
global.cloud_provider_region=$CLOUD_PROVIDER_REGION,\
global.image_registry=$IMAGE_REPO,\
global.image_secret=$IMAGE_REPO_SECRET,\
global.image_tag=$IMAGE_TAG,\
global.ingress.host=$INGRESS_HOST,\
global.aizengui.admin_user=$AIZEN_ADMIN_USER,\
global.aizengui.auth_mode=$AUTH_TYPE,\
global.aizengui.ldap.server_host=$LDAP_SERVER_HOST,\
global.aizengui.ldap.admin_dn=$LDAP_ADMIN_DN,\
global.aizengui.ldap.user_search_base=$LDAP_USER_DN,\
global.aizengui.ldap.user_search_filter=$LDAP_SEARCH_FILTER,\
global.aizengui.ldap.secrets.ldap_admin_password=$LDAP_ADMIN_DNPWD,\
global.secure_https=$SECUTE_HTTPS,\
global.aizengui.secrets.anthropic_api_key=$ANTHROPIC_API_KEY,\
global.aizengui.secrets.openapi_api_key=$OPENAI_API_KEY,\
*******#Below properties are required if SECURE_HTTPS is enabled*******
global.frontend_host=$AIZENGUI_FRONTEND_HOST,\
*******#Below properties are required for Azure*******
global.storage_type=$STORAGE_TYPE,\
global.aizengui.azure.tenant_id=$AZUREAPP_TENANT_ID,\
global.aizengui.azure.client_id=$AZUREAPP_CLIENT_ID,\
global.vault.auth_type=$VAULT_AUTH_TYPE,\
global.vault.azure.keyvault_name=$AZUREAPP_VAULT_NAME,\
global.vault.azure.client_id=$AZUREAPP_CLIENT_ID,\
global.vault.azure.tenant_id=$AZUREAPP_TENANT_ID,\
global.vault.azure.secrets.client_secret=$AZUREAPP_CLIENT_SECRET
******#Below properties are required for Keycloak*******
global.aizengui.keycloak.url=$KEYCLOAK_URL,\
global.aizengui.keycloak.realm=$KEYCLOAK_REALM,\
global.aizengui.keycloak.client_id=$KEYCLOAK_CLIENT_ID,\
*******#Below properties are required for Auth0*******
global.aizengui.auth0.domain=$AUTH0_DOMAIN,\
global.aizengui.auth0.audience=$AUTH0_AUDIENCE,\
global.aizengui.auth0.secrets.auth0_client_id=$AUTH0_CLIENT_ID,\
global.aizengui.auth0.secrets.auth0_client_secret=$AUTH0_CLIENT_SECRET,\
global.aizengui.secrets.jwt_secret=$JWT_SECRET,\
Check deployment status for workflow components
Check the status of all worfklow components
kubectl -n aizen get pods
For any reason if any of the core components are not in Running state please check troubleshooting section