Enterprise Deployment Guide for Azure

Azure Enterprise Deployment Guide for RagaAI Prism

Deploying RagaAI Prism on your Azure infrastructure ensures that your data remains secure and within your control. Follow these steps to set up RagaAI Prism in your Azure account.

Provision Base Infrastructure

To get started quickly, you can use the Terraform Templates and scripts provided by the Raga team:

Pre-Requirements

  • Set Up Azure User: The user running the installation should have Contributor and User Access Administrator roles. Alternatively, create a dedicated custom role with specific permissions.

  • Resource Provider Quotas: Ensure that you have sufficient quota for the Standard_D8a_v4 VMs, each with minimum 24 available vCPUs, in your target region for AKS Node Pools.

  • Ensure that your system supports Bash commands

  • The following CLI tools should be installed:

Azure Login using CLI

Option A: Using az login
az login

This will open a browser window for authentication.

Option B: Using Service Principal
export AZURE_CLIENT_ID=your-client-id
export AZURE_CLIENT_SECRET=your-client-secret
export AZURE_TENANT_ID=your-tenant-id
export AZURE_SUBSCRIPTION_ID=your-subscription-id

Validate Azure CLI Login:

az account show

Execute the following command to Provision the Environment:

Extract the TAR file provided by the RagaAI team:

tar -zxvf raga-prism-terraform-azure-<version>.tar

Create Azure Storage Account and Blob Container :

az storage account create \
  --name <storage-account-name> \
  --resource-group <resource-group-name> \
  --location <region> \
  --sku Standard_LRS

az storage container create \
  --name <container-name> \
  --account-name <storage-account-name>

Replace placeholders:

  • region: Azure deployment region

  • resource-group-name: Azure Resource Group name

  • storage-account-name: Azure Storage Account name

  • container-name: Blob container name (e.g., tfstate)

Update Terraform Variables

Update the terraform.tfvars with the required values:

  • customer_name: This will be the prefix for all Azure resources

  • region: Deployment region

  • vnet_cidr: Your preferred CIDR range

  • resource_group_name: Azure resource group name

Terraform Initialization

Execute the following command for terraform init:

  terraform init \
    -backend-config="resource_group_name=<resource-group-name>" \
    -backend-config="storage_account_name=<storage-account-name>" \
    -backend-config="container_name=<container-name>" \
    -backend-config="key=tf/raga/terraform.tfstate" \
    -backend-config="region=<region>" \
    -var-file=terraform.tfvars

Terraform Apply

Execute the following command for provision the infra with terraform:

terraform apply -var-file=terraform.tfvars -auto-approve

Terraform Output

Get the required details to install Raga Prism in the next step:

terraform output infrastructure_summary

List of Azure Resources Provisioned by RagaAI Terraform Infrastructure

Note: You can also set up your cloud environment using the following requirements as an Alternative to the RagaAI Terraform templates

Storage Account

Create Storage Account with Blob Container and configure CORS with the following settings:

  • Allowed Methods: GET, PUT

  • Allowed Origins: * (all origins)

  • Allowed Headers: * (all headers)

  • Exposed Headers: none

  • Max Age: 3000 seconds

AKS Cluster
  • Kubernetes v1.24+ (Recommend containerd runtime)

  • Ensure sufficient quota for compute resources

  • Node Pool Configuration: Minimum of 3 nodes, with each node having the following specifications

    • Memory: 32GB

    • vCPU: 8

    • Disk: 64GB

    • Architecture: x86_64

  • Cluster Add-ons

    • Azure Disk CSI Driver

  • Cluster Autoscaler

    • Enable cluster autoscaler for node pools

Azure Database for MySQL
  • SKU: General Purpose

  • Compute: 2 vCore

  • Memory: 8 GiB RAM

  • Storage: 50 GB

  • Version: MySQL 8.0

Virtual Machine
  • Create a VM in a public subnet to act as a bastion/jump box

    • Size: Standard_B1s (1 vCPU and 1 GB Memory)

    • OS Disk: 8 GB

  • Network Security Group for bastion host

    • Inbound Rules:

      • Allow SSH (port 22)

    • Outbound Rules:

      • Allow all outbound within VNet

  • Network Security Group for internal load balancer

    • Inbound Rules:

      • Allow HTTP (port 80) from VNet

      • Allow HTTPS (port 443) from VNet

    • Outbound Rules:

      • Allow all outbound within VNet

Virtual Network
  • Virtual Network with address space

  • 2 Public and 2 private subnets

  • Route table for private subnets

  • NAT Gateway for private subnet outbound

Install Raga Prism

Install Raga Prism:

  • SSH into the bastion VM and run the installation command

  • Configure kubectl to interact with your AKS cluster

  • Copy the TAR file provided by the RagaAI team into he instance & extract the file

  • Update the .env file with the values that you get when you execute the terraform output command

Execute the following command to deploy Prism::

python3 azure-prism.py

Run the Database Migration

helm install db-migration db-migration -n raga --set release-tag=<release-tag>

Install Raga Services

helm install raga raga -n raga \
  --set ReleaseTag=<release-tag>,AzureStorageContainer=<azure-storage-container-name>,AzureStorageConnectionstring=<azure-storage-connectionstring>

Access Raga Prism

Access Prism UI with the private load balancer IP/DNS

  • Portal: http://<Load_Balancer_IP>

  • API: http://<Load_Balancer_IP>/api


For any issues during the deployment process or additional assistance, please contact our support team at [email protected].

Last updated

Was this helpful?