A few notes: This should be run with a user with admin privileges to GKE and to the cluster (kubectl)
I use certmanager to allow LetsEncrypt to manage the HTTPS keypair
- Make a note of when you use production and when you use staging LetsEncrypt (letsencrypt.yaml line 90)
- I use a small placeholder HTTPS service (apple service - letsencrypt.yaml line 48) as a placeholder to make cert-manager request the certificate and store it in the kubernetes secret before installing run:ai. You can remove it if not needed
- I set the webroot of the kubernetes ingress to redirect to another website (letsencrypt.yaml line 115)
Look for < > strings that should be replaced in install.sh
and letsencrypt.yaml
- install.sh: line 4 - replace region with the cluster region
- install.sh: line 32 - replace runai realm (see https://docs.run.ai/admin/runai-setup/authentication/researcher-authentication/#administration-user-interface-setup)
- install.sh: lines 10 + 26 - replace email with an email that will be registered with LetsEncrypt
- install.sh: lines 95 + 98 + 122 + 124 - replace cluster hostname with the hostname you want.
- install.sh: line 115 - replace with redirect target (or remove if you prefer to return 404 errors instead of redirecting non-existant paths)