ClearML/clearml-docs
1
0
Fork 0
mirror of https://github.com/clearml/clearml-docs synced 2025-04-25 08:51:01 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Edits

Browse Source
This commit is contained in:
revital 2025-03-20 09:15:50 +02:00
parent e17f1986ee
commit b0d9a1357a
2 changed files with 47 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docs/deploying_clearml/enterprise_deploy/appgw.md
View File

@ -35,9 +35,10 @@ If your ClearML Deployment does not have the App Gateway Router properly install
#### Installation
The App Gateway Router supports two deployment options:
The App Gateway Router supports the following deployment options:
* [Docker Compose](appgw_install_compose.md)
* [Docker Compose for hosted servers](appgw_install_compose_hosted.md)
* [Kubernetes](appgw_install_k8s.md)
The deployment configuration specifies the external and internal address and port mappings for routing requests.

92
docs/deploying_clearml/enterprise_deploy/appgw_install_compose_hosted.md
View File

@ -3,14 +3,14 @@ title: Docker-Compose - Hosted Server
---
:::important Enterprise Feature
The Application Gateway is available under the ClearML Enterprise plan.
The AI Application Gateway is available under the ClearML Enterprise plan.
:::
The AI Application Gateway enables external access to ClearML tasks, and applications running on workload nodes that
The AI Application Gateway enables external access to ClearML tasks, and applications running on workload nodes that
require HTTP or TCP access. The gateway is configured with an endpoint or external address, making these services
accessible from the user's machine, outside the workload nodes network.
This guide details the installation of the ClearML AI Application Gateway for ClearML users who use ClearMLs SaaS control
This guide details the installation of the App Gateway Router for ClearML users who use ClearML's SaaS control
plane while hosting their own workload nodes.
## Requirements
@ -104,12 +104,15 @@ TCP_PORT_START=
TCP_PORT_END=
```
Edit it according to the following guidelines:
**Configuration Options:**
* `ROUTER_NAME`: Unique name for this router.
* `ROUTER_NAME`: In the case of [multiple routers on the same tenant](#multiple-router-in-the-same-tenant), each router
needs to have a unique name.
* `CLEARML_API_ACCESS_KEY, CLEARML_API_SECRET_KEY:` API credentials for Admin user or Service Account with admin privileges
created in the ClearML web UI. Make sure to label these credentials clearly, so that they will not be revoked by mistake.
* `ROUTER_URL`: The URL for this router. This URL will be shown in the UI of any application for users to access (e.g. hosted Jupyter or LLM UI).
* `ROUTER_URL`: External address to access the router. This can be the IP address or DNS of the node where the router
is running, or the address of a load balancer if the router operates behind a proxy/load balancer. This URL is used
to access AI workload applications (e.g. remote IDE, model deployment, etc.), so it must be reachable and resolvable for them.
* `TCP_ROUTER_ADDRESS`: Router external address, can be an IP or the host machine or a load balancer hostname, depends on network configuration.
* `TCP_PORT_START`: Start port for the TCP Tasks, chosen by the customer. Ensure that ports are open and can be allocated on the host.
* `TCP_PORT_END`: End port for the TCP Tasks, chosen by the customer. Ensure that ports are open and can be allocated on the host.
@ -122,47 +125,42 @@ Run the following command to start the router:
sudo docker compose --env-file runtime.env up -d
```
### Advanced
### Advanced Configuration
#### Running without Certificates
#### Using Open HTTP
When running on `docker-compose` with an HTTP interface and without certificates, set the following entry in the `runtime.env`:
```
AUTH_SECURE_ENABLED=false
```
#### Install Multiple Routers for the Same Tenant
To deploy multiple routers within the same tenant, you must configure each router to handle specific workloads.
Using this setting, each router will only route tasks that originated from its assigned queues. This
is important in case you have multiple networks with different agents. For example:
* Tasks started by Agent A can only be reached by Router A (within the same network), but cannot be reached by Router B
* Agent B will handle a separate set of tasks which can only be reached by Router B
The assumption in this case is that Agent A and Agent B will service different queues, and routers must be configured to
route tasks based on these queue definitions.
Each router in the same tenant must have:
* A unique `ROUTER_NAME`
* Distinct set of queues listed in `LISTEN_QUEUE_NAME`. It supports wildcards.
For example:
* **Router-A** `runtime.env`
```
ROUTER_NAME=router-a
LISTEN_QUEUE_NAME=queue1,queue2
```
* **Router-B** `runtime.env`
```
ROUTER_NAME=router-b
LISTEN_QUEUE_NAME=queue3,queue4
````
Ensure that `LISTEN_QUEUE_NAME` is included in the [`docker-compose` environment variables](#docker-compose-file) for each router
instance.
To deploy the App Gateway Router on open HTTP (without a certificate), set the `AUTH_SECURE_ENABLED` entry
to `false` in the `runtime.env` file.
#### Multiple Router in the Same Tenant
If you have workloads running in separate networks that cannot communicate with each other, you need to deploy multiple
routers, one for each isolated environment. Each router will only process tasks from designated queues, ensuring that
tasks are correctly routed to agents within the same network.
For example:
* If Agent A and Agent B are in separate networks, each must have its own router to receive tasks.
* Router A will handle tasks from Agent As queues. Router B will handle tasks from Agent Bs queues.
To achieve this, each router must be configured with:
* A unique `ROUTER_NAME`
* A distinct set of queues defined in `LISTEN_QUEUE_NAME`.
##### Example Configuration
Each router's `runtime.env` file should include:
* Router A:
```
ROUTER_NAME=router-a
LISTEN_QUEUE_NAME=queue1,queue2
```
* Router B:
```
ROUTER_NAME=router-b
LISTEN_QUEUE_NAME=queue3,queue4
```
Make sure `LISTEN_QUEUE_NAME` is set in the [`docker-compose` environment variables](#docker-compose-file) for each router instance.