apiVersion: blueprints.cloud.google.com/v1alpha1 kind: BlueprintMetadata metadata: name: ai-on-gke annotations: config.kubernetes.io/local-config: "true" spec: info: title: Ray on GKE source: repo: https://github.com/GoogleCloudPlatform/ai-on-gke sourceType: git dir: /applications/ray actuationTool: flavor: Terraform description: {} content: {} interfaces: variables: - name: additional_labels description: Additional labels to add to Kubernetes resources. varType: string defaultValue: "created-by=gke-ai-quick-start-solutions,ai.gke.io=ray" - name: acknowledge varType: bool required: true - name: iap_consent_info description: Configure the <a href="https://developers.google.com/workspace/guides/configure-oauth-consent#configure_oauth_consent"><i>OAuth Consent Screen</i></a> for your project. Ensure <b>User type</b> is set to <i>Internal</i>. Note that by default, only users within your organization can be allowlisted. To add external users, change the <b>User type</b> to <i>External</i> after the application is deployed. varType: bool defaultValue: false - name: autopilot_cluster varType: bool defaultValue: true - name: cluster_name varType: string defaultValue: "ai-on-gke" - name: cluster_location varType: string required: true defaultValue: "us-east4" - name: cluster_membership_id description: "require to use connectgateway for private clusters, default: cluster_name" varType: string defaultValue: "" - name: create_brand description: Create Brand OAuth Screen varType: bool defaultValue: false - name: create_cluster varType: bool defaultValue: true - name: create_gcs_bucket description: Enable flag to create gcs_bucket varType: bool defaultValue: false - name: create_network description: Create the VPC specified by network_name/subnetwork_name varType: bool defaultValue: true - name: create_ray_cluster varType: bool defaultValue: true - name: create_service_account description: Creates a google IAM service account & k8s service account & configures workload identity varType: bool defaultValue: true - name: disable_ray_cluster_network_policy description: Disables Kubernetes Network Policy for Ray Clusters for this demo. Defaulting to 'true' aka disabled pending fixes to the kuberay-monitoring module. This should be defaulted to false. varType: bool defaultValue: false - name: disable_resource_quotas description: Set to true to remove resource quotas from your Ray clusters. Not recommended varType: bool defaultValue: false - name: enable_gpu varType: bool defaultValue: false - name: enable_grafana_on_ray_dashboard description: Add option to enable or disable grafana for the ray dashboard. Enabling requires anonymous access. varType: bool defaultValue: false - name: enable_tpu varType: bool defaultValue: false - name: gcs_bucket varType: string required: true - name: goog_cm_deployment_name varType: string defaultValue: "" - name: kuberay_network_policy_allow_cidr description: List of CIDRs that are allowed to access this Ray cluster's job submission and dashboard port. varType: string defaultValue: "" - name: kubernetes_namespace description: Kubernetes namespace where resources are deployed varType: string defaultValue: ai-on-gke - name: network_name description: Network name of VPC varType: string defaultValue: net - name: private_cluster varType: bool defaultValue: false - name: project_id description: GCP project id varType: string required: true - name: ray_cluster_name varType: string defaultValue: ray-cluster - name: ray_dashboard_add_auth description: Enable iap authentication on frontend varType: bool defaultValue: false - name: ray_dashboard_client_id description: Client ID used for enabling IAP varType: string defaultValue: "" - name: ray_dashboard_client_secret description: Client secret used for enabling IAP varType: string defaultValue: "" - name: ray_dashboard_domain description: Domain used for application and SSL certificate. varType: string defaultValue: "<your Ray dashboard domain here>" - name: ray_dashboard_k8s_backend_config_name description: Name of the Backend Config on GCP varType: string defaultValue: ray-dashboard-iap-config - name: ray_dashboard_k8s_backend_service_port description: Name of the K8s Backend Service Port varType: number defaultValue: 8265 - name: ray_dashboard_k8s_iap_secret_name varType: string defaultValue: ray-dashboard-secret - name: ray_dashboard_k8s_ingress_name varType: string defaultValue: ray-dashboard-ingress - name: ray_dashboard_k8s_managed_cert_name description: Name for frontend managed certificate varType: string defaultValue: ray-dashboard-managed-cert - name: ray_dashboard_members_allowlist description: "For example - user:example@google.com,serviceAccount:serviceAccount@google.com,group:group@google.com,domain:google.com" varType: string defaultValue: "user:<your-email-here>" - name: ray_version varType: string defaultValue: v2.9.3 - name: subnetwork_cidr varType: string defaultValue: 10.128.0.0/20 - name: support_email description: Email for users to contact with questions about their consent varType: string defaultValue: "" - name: workload_identity_service_account description: Google Cloud IAM service account for authenticating with GCP services for GCS varType: string defaultValue: ray-sa outputs: - name: ray_cluster_uri - name: kubernetes_namespace description: Kubernetes namespace - name: gke_cluster_name description: GKE cluster name where the chat interface, JupyterHub and Ray cluster are running - name: gke_cluster_location description: GKE cluster location - name: project_id description: GCP project - name: ray_dashboard_ip_address description: Ray Dashboard global IP address - name: ray_dashboard_uri description: Ray Dashboard Endpoint to access user interface. In case of private IP, consider port-forwarding.