yujunjun/graphrag-accelerator
1
0
Fork 0
mirror of https://github.com/Azure-Samples/graphrag-accelerator.git synced 2025-11-17 11:22:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix changes after merge with main

Browse Source
This commit is contained in:
Josh Bradley 2025-01-31 00:01:46 -05:00
parent 25be69f01b
commit 24df161210
3 changed files with 22 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
infra/core/aoai/aoai.bicep
View File

@ -22,9 +22,6 @@ param llmTpmQuota int = 10
@description('TPM quota for embedding model deployment (x1000)') @description('TPM quota for embedding model deployment (x1000)')
param embeddingTpmQuota int = 10 param embeddingTpmQuota int = 10
@description('Array of objects with fields principalId, roleDefinitionId')
param roleAssignments array = []
resource aoai 'Microsoft.CognitiveServices/accounts@2024-10-01' = { resource aoai 'Microsoft.CognitiveServices/accounts@2024-10-01' = {
name: openAiName name: openAiName
location: location location: location
@ -74,14 +71,6 @@ resource embeddingDeployment 'Microsoft.CognitiveServices/accounts/deployments@2
} }
} }
resource roleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = [
for role in roleAssignments: {
name: guid('${role.principalId}-${role.roleDefinitionId}')
scope: resourceGroup()
properties: role
}
]
output openAiEndpoint string = aoai.properties.endpoint output openAiEndpoint string = aoai.properties.endpoint
output llmModel string = llmDeployment.properties.model.name output llmModel string = llmDeployment.properties.model.name
output llmModelDeploymentName string = llmDeployment.name output llmModelDeploymentName string = llmDeployment.name

20
infra/deploy.sh
View File

@ -146,6 +146,9 @@ checkRequiredTools () {
which kubectl > /dev/null which kubectl > /dev/null
exitIfCommandFailed $? "kubectl is required, exiting..." exitIfCommandFailed $? "kubectl is required, exiting..."
which kubelogin > /dev/null
exitIfCommandFailed $? "kubelogin is required, exiting..."
which helm > /dev/null which helm > /dev/null
exitIfCommandFailed $? "helm is required, exiting..." exitIfCommandFailed $? "helm is required, exiting..."
@ -317,15 +320,12 @@ deployAzureResources () {
--no-prompt \ --no-prompt \
--resource-group $RESOURCE_GROUP \ --resource-group $RESOURCE_GROUP \
--template-file ./main.bicep \ --template-file ./main.bicep \
--parameters "resourceGroup=$RESOURCE_GROUP" \
--parameters "resourceBaseName=$RESOURCE_BASE_NAME" \ --parameters "resourceBaseName=$RESOURCE_BASE_NAME" \
--parameters "resourceGroup=$RESOURCE_GROUP" \
--parameters "resourceGroup=$RESOURCE_GROUP" \
--parameters "apimName=$APIM_NAME" \ --parameters "apimName=$APIM_NAME" \
--parameters "apimTier=$APIM_TIER" \ --parameters "apimTier=$APIM_TIER" \
--parameters "apiPublisherName=$PUBLISHER_NAME" \
--parameters "apiPublisherEmail=$PUBLISHER_EMAIL" \ --parameters "apiPublisherEmail=$PUBLISHER_EMAIL" \
--parameters "apiPublisherName=$PUBLISHER_NAME" \ --parameters "apiPublisherName=$PUBLISHER_NAME" \
--parameters "apiPublisherEmail=$PUBLISHER_EMAIL" \
--parameters "enablePrivateEndpoints=$ENABLE_PRIVATE_ENDPOINTS" \ --parameters "enablePrivateEndpoints=$ENABLE_PRIVATE_ENDPOINTS" \
--output json) --output json)
# errors in deployment may not be caught by exitIfCommandFailed function so we also check the output for errors # errors in deployment may not be caught by exitIfCommandFailed function so we also check the output for errors
@ -414,8 +414,8 @@ installGraphRAGHelmChart () {
local graphragImageName=$(sed -rn "s/([^:]+).*/\1/p" <<< "$GRAPHRAG_IMAGE") local graphragImageName=$(sed -rn "s/([^:]+).*/\1/p" <<< "$GRAPHRAG_IMAGE")
local graphragImageVersion=$(sed -rn "s/[^:]+:(.*)/\1/p" <<< "$GRAPHRAG_IMAGE") local graphragImageVersion=$(sed -rn "s/[^:]+:(.*)/\1/p" <<< "$GRAPHRAG_IMAGE")
exitIfValueEmpty "$graphragImageName" "Unable to parse graphrag image name, exiting..." exitIfValueEmpty "$graphragImageName" "Unable to parse graphrag docker image name, exiting..."
exitIfValueEmpty "$graphragImageVersion" "Unable to parse graphrag image version, exiting..." exitIfValueEmpty "$graphragImageVersion" "Unable to parse graphrag docker image version, exiting..."
local graphragApiBase=$(jq -r .azure_aoai_endpoint.value <<< $AZURE_OUTPUTS) local graphragApiBase=$(jq -r .azure_aoai_endpoint.value <<< $AZURE_OUTPUTS)
exitIfValueEmpty "$graphragApiBase" "Unable to parse AOAI endpoint from deployment outputs, exiting..." exitIfValueEmpty "$graphragApiBase" "Unable to parse AOAI endpoint from deployment outputs, exiting..."
@ -444,8 +444,8 @@ installGraphRAGHelmChart () {
--set "master.image.repository=$containerRegistryName/$graphragImageName" \ --set "master.image.repository=$containerRegistryName/$graphragImageName" \
--set "master.image.tag=$graphragImageVersion" \ --set "master.image.tag=$graphragImageVersion" \
--set "ingress.host=$graphragHostname" \ --set "ingress.host=$graphragHostname" \
--set "graphragConfig.APPLICATIONINSIGHTS_CONNECTION_STRING=$appInsightsConnectionString" \
--set "graphragConfig.AI_SEARCH_URL=https://$aiSearchName.$AISEARCH_ENDPOINT_SUFFIX" \ --set "graphragConfig.AI_SEARCH_URL=https://$aiSearchName.$AISEARCH_ENDPOINT_SUFFIX" \
--set "graphragConfig.APPLICATIONINSIGHTS_CONNECTION_STRING=$appInsightsConnectionString" \
--set "graphragConfig.COSMOS_URI_ENDPOINT=$cosmosEndpoint" \ --set "graphragConfig.COSMOS_URI_ENDPOINT=$cosmosEndpoint" \
--set "graphragConfig.GRAPHRAG_API_BASE=$graphragApiBase" \ --set "graphragConfig.GRAPHRAG_API_BASE=$graphragApiBase" \
--set "graphragConfig.GRAPHRAG_API_VERSION=$graphragApiVersion" \ --set "graphragConfig.GRAPHRAG_API_VERSION=$graphragApiVersion" \
@ -453,13 +453,7 @@ installGraphRAGHelmChart () {
--set "graphragConfig.GRAPHRAG_LLM_DEPLOYMENT_NAME=$graphragLlmModelDeployment" \ --set "graphragConfig.GRAPHRAG_LLM_DEPLOYMENT_NAME=$graphragLlmModelDeployment" \
--set "graphragConfig.GRAPHRAG_EMBEDDING_MODEL=$graphragEmbeddingModel" \ --set "graphragConfig.GRAPHRAG_EMBEDDING_MODEL=$graphragEmbeddingModel" \
--set "graphragConfig.GRAPHRAG_EMBEDDING_DEPLOYMENT_NAME=$graphragEmbeddingModelDeployment" \ --set "graphragConfig.GRAPHRAG_EMBEDDING_DEPLOYMENT_NAME=$graphragEmbeddingModelDeployment" \
--set "graphragConfig.GRAPHRAG_API_BASE=$GRAPHRAG_API_BASE" \
--set "graphragConfig.GRAPHRAG_API_VERSION=$GRAPHRAG_API_VERSION" \
--set "graphragConfig.COGNITIVE_SERVICES_AUDIENCE=$COGNITIVE_SERVICES_AUDIENCE" \ --set "graphragConfig.COGNITIVE_SERVICES_AUDIENCE=$COGNITIVE_SERVICES_AUDIENCE" \
--set "graphragConfig.GRAPHRAG_LLM_MODEL=$GRAPHRAG_LLM_MODEL" \
--set "graphragConfig.GRAPHRAG_LLM_DEPLOYMENT_NAME=$GRAPHRAG_LLM_DEPLOYMENT_NAME" \
--set "graphragConfig.GRAPHRAG_EMBEDDING_MODEL=$GRAPHRAG_EMBEDDING_MODEL" \
--set "graphragConfig.GRAPHRAG_EMBEDDING_DEPLOYMENT_NAME=$GRAPHRAG_EMBEDDING_DEPLOYMENT_NAME" \
--set "graphragConfig.STORAGE_ACCOUNT_BLOB_URL=$storageAccountBlobUrl" --set "graphragConfig.STORAGE_ACCOUNT_BLOB_URL=$storageAccountBlobUrl"
local helmResult=$? local helmResult=$?

95
infra/main.bicep
View File

@ -22,13 +22,6 @@ Managed Identity
@description('Name of the resource group that GraphRAG will be deployed in.') @description('Name of the resource group that GraphRAG will be deployed in.')
param resourceGroup string param resourceGroup string
@description('Unique name to append to each resource')
param resourceBaseName string = ''
var resourceBaseNameFinal = !empty(resourceBaseName)
? resourceBaseName
: toLower(uniqueString('${subscription().id}/resourceGroups/${resourceGroup}'))
param resourceGroup string
@description('Unique name to append to each resource') @description('Unique name to append to each resource')
param resourceBaseName string = '' param resourceBaseName string = ''
var resourceBaseNameFinal = !empty(resourceBaseName) var resourceBaseNameFinal = !empty(resourceBaseName)
@ -36,19 +29,16 @@ var resourceBaseNameFinal = !empty(resourceBaseName)
: toLower(uniqueString('${subscription().id}/resourceGroups/${resourceGroup}')) : toLower(uniqueString('${subscription().id}/resourceGroups/${resourceGroup}'))
@description('Cloud region for all resources') @description('Cloud region for all resources')
param location string = az.az.resourceGroup().location param location string = az.resourceGroup().location
@minLength(1) @minLength(1)
@description('Name of the publisher of the API Management instance.') @description('Name of the publisher of the API Management instance.')
param apiPublisherName string = 'Microsoft' param apiPublisherName string = 'Microsoft'
param apiPublisherName string = 'Microsoft'
@minLength(1) @minLength(1)
@description('Email address of the publisher of the API Management instance.') @description('Email address of the publisher of the API Management instance.')
param apiPublisherEmail string = 'publisher@microsoft.com' param apiPublisherEmail string = 'publisher@microsoft.com'
param apiPublisherEmail string = 'publisher@microsoft.com'
@description('The AKS namespace to install GraphRAG in.')
@description('The AKS namespace to install GraphRAG in.') @description('The AKS namespace to install GraphRAG in.')
param aksNamespace string = 'graphrag' param aksNamespace string = 'graphrag'
@ -97,40 +87,18 @@ var appUrl = 'http://${appHostname}'
@description('Role definitions for various roles that will be assigned at deployment time. Learn more: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles') @description('Role definitions for various roles that will be assigned at deployment time. Learn more: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles')
var roles = { var roles = {
privateDnsZoneContributor: resourceId(
'Microsoft.Authorization/roleDefinitions',
'b12aa53e-6015-4669-85d0-8515ebb3ae7f' // Private DNS Zone Contributor Role
)
networkContributor: resourceId(
'Microsoft.Authorization/roleDefinitions',
'b24988ac-6180-42a0-ab88-20f7382dd24c' // AI Search Contributor Role
)
acrPull: resourceId( acrPull: resourceId(
'Microsoft.Authorization/roleDefinitions', 'Microsoft.Authorization/roleDefinitions',
'8ebe5a00-799e-43f5-93ac-243d3dce84a7' // AI Search Index Data Contributor Role
'7f951dda-4ed3-4680-a7ca-43fe172d538d' // ACR Pull Role '7f951dda-4ed3-4680-a7ca-43fe172d538d' // ACR Pull Role
) )
aiSearchIndexDataReader: resourceId(
'Microsoft.Authorization/roleDefinitions',
'1407120a-92aa-4202-b7e9-c0e197c71c8f' // AI Search Index Data Reader Role
)
privateDnsZoneContributor: resourceId(
'Microsoft.Authorization/roleDefinitions',
'b12aa53e-6015-4669-85d0-8515ebb3ae7f' // Private DNS Zone Contributor Role
)
networkContributor: resourceId( networkContributor: resourceId(
'Microsoft.Authorization/roleDefinitions', 'Microsoft.Authorization/roleDefinitions',
'4d97b98b-1d4f-4787-a291-c67834d212e7' // Network Contributor Role '4d97b98b-1d4f-4787-a291-c67834d212e7' // Network Contributor Role
) )
cognitiveServicesOpenaiContributor: resourceId( privateDnsZoneContributor: resourceId(
'Microsoft.Authorization/roleDefinitions', 'Microsoft.Authorization/roleDefinitions',
'a001fd3d-188f-4b5d-821b-7da978bf7442' // Cognitive Services OpenAI Contributor 'b12aa53e-6015-4669-85d0-8515ebb3ae7f' // Private DNS Zone Contributor Role
) )
acrPull: resourceId(
'Microsoft.Authorization/roleDefinitions',
'7f951dda-4ed3-4680-a7ca-43fe172d538d' // ACR Pull Role
)
}
} }
// apply RBAC role assignments to the AKS workload identity // apply RBAC role assignments to the AKS workload identity
@ -168,7 +136,7 @@ module aksRBAC 'core/rbac/aks-rbac.bicep' = {
} }
module log 'core/log-analytics/log.bicep' = { module log 'core/log-analytics/log.bicep' = {
name: 'log-analytics-deployment-deployment' name: 'log-analytics-deployment'
params: { params: {
name: '${abbrs.operationalInsightsWorkspaces}${resourceBaseNameFinal}' name: '${abbrs.operationalInsightsWorkspaces}${resourceBaseNameFinal}'
location: location location: location
@ -206,49 +174,14 @@ module aoai 'core/aoai/aoai.bicep' = {
embeddingModelName: embeddingModelName embeddingModelName: embeddingModelName
embeddingModelVersion: embeddingModelVersion embeddingModelVersion: embeddingModelVersion
embeddingTpmQuota: embeddingModelQuota embeddingTpmQuota: embeddingModelQuota
roleAssignments: [
{
principalId: workloadIdentity.outputs.principalId
principalType: 'ServicePrincipal'
roleDefinitionId: roles.cognitiveServicesOpenaiContributor
}
]
}
}
module aoai 'core/aoai/aoai.bicep' = {
name: 'aoai-deployment'
params: {
openAiName: '${abbrs.cognitiveServicesAccounts}${resourceBaseNameFinal}'
location: location
llmModelName: llmModelName
llmModelVersion: llmModelVersion
llmTpmQuota: llmModelQuota
embeddingModelName: embeddingModelName
embeddingModelVersion: embeddingModelVersion
embeddingTpmQuota: embeddingModelQuota
roleAssignments: [
{
principalId: workloadIdentity.outputs.principalId
principalType: 'ServicePrincipal'
roleDefinitionId: roles.cognitiveServicesOpenaiContributor
}
]
} }
} }
module acr 'core/acr/acr.bicep' = { module acr 'core/acr/acr.bicep' = {
name: 'acr' name: 'acr-deployment'
params: { params: {
registryName: !empty(acrName) ? acrName : '${abbrs.containerRegistryRegistries}${resourceBaseNameFinal}' registryName: !empty(acrName) ? acrName : '${abbrs.containerRegistryRegistries}${resourceBaseNameFinal}'
location: location location: location
roleAssignments: [
{
principalId: aks.outputs.kubeletPrincipalId
principalType: 'ServicePrincipal'
roleDefinitionId: roles.acrPull
}
]
} }
} }
@ -259,7 +192,7 @@ module aks 'core/aks/aks.bicep' = {
location: location location: location
graphragVMSize: 'standard_d8s_v5' // 8 vcpu, 32 GB memory graphragVMSize: 'standard_d8s_v5' // 8 vcpu, 32 GB memory
graphragIndexingVMSize: 'standard_e8s_v5' // 8 vcpus, 64 GB memory graphragIndexingVMSize: 'standard_e8s_v5' // 8 vcpus, 64 GB memory
clusterAdmins: !empty(deployerPrincipalId) ? ['${deployerPrincipalId}'] : null clusterAdmins: null
logAnalyticsWorkspaceId: log.outputs.id logAnalyticsWorkspaceId: log.outputs.id
subnetId: vnet.outputs.aksSubnetId subnetId: vnet.outputs.aksSubnetId
privateDnsZoneName: privateDnsZone.outputs.name privateDnsZoneName: privateDnsZone.outputs.name
@ -452,24 +385,26 @@ output azure_aoai_embedding_model string = aoai.outputs.textEmbeddingModel
output azure_aoai_embedding_model_deployment_name string = aoai.outputs.textEmbeddingModelDeploymentName output azure_aoai_embedding_model_deployment_name string = aoai.outputs.textEmbeddingModelDeploymentName
output azure_aoai_embedding_model_api_version string = aoai.outputs.textEmbeddingModelApiVersion output azure_aoai_embedding_model_api_version string = aoai.outputs.textEmbeddingModelApiVersion
output azure_apim_name string = apim.outputs.name
output azure_apim_gateway_url string = apim.outputs.apimGatewayUrl output azure_apim_gateway_url string = apim.outputs.apimGatewayUrl
output azure_apim_name string = apim.outputs.name
output azure_app_hostname string = appHostname output azure_app_hostname string = appHostname
output azure_app_url string = appUrl output azure_app_url string = appUrl
output azure_app_insights_connection_string string = apim.outputs.appInsightsConnectionString output azure_app_insights_connection_string string = appInsights.outputs.connectionString
output azure_cosmosdb_endpoint string = cosmosdb.outputs.endpoint output azure_cosmosdb_endpoint string = cosmosdb.outputs.endpoint
output azure_cosmosdb_name string = cosmosdb.outputs.name output azure_cosmosdb_name string = cosmosdb.outputs.name
output azure_cosmosdb_id string = cosmosdb.outputs.id output azure_cosmosdb_id string = cosmosdb.outputs.id
output azure_dns_zone_name string = privateDnsZone.outputs.name output azure_dns_zone_name string = privateDnsZone.outputs.name
output azure_app_hostname string = appHostname
output azure_app_url string = appUrl
output azure_workload_identity_client_id string = workloadIdentity.outputs.clientId
output azure_workload_identity_principal_id string = workloadIdentity.outputs.principalId
output azure_workload_identity_name string = workloadIdentity.outputs.name
output azure_private_dns_zones array = enablePrivateEndpoints output azure_private_dns_zones array = enablePrivateEndpoints
? union(privatelinkPrivateDns.outputs.privateDnsZones, [privateDnsZone.outputs.name]) ? union(privatelinkPrivateDns.outputs.privateDnsZones, [privateDnsZone.outputs.name])
: [] : []
output azure_storage_account string = storage.outputs.name
output azure_storage_account_blob_url string = storage.outputs.primaryEndpoints.blob
output azure_workload_identity_client_id string = workloadIdentity.outputs.clientId
output azure_workload_identity_principal_id string = workloadIdentity.outputs.principalId
output azure_workload_identity_name string = workloadIdentity.outputs.name