Hugging Face's logo

Spaces:
expressapi
/
chroma
Running

App Files Community
chroma / examples /deployments /aws-terraform /README.md
badalsahani's picture
badalsahani
feat: chroma initial deploy
287a0bc
preview code
|
raw
history blame contribute delete
4.58 kB

AWS EC2 Basic Deployment

This is an example deployment to AWS EC2 Compute using terraform.

This deployment will do the following:

  • Create a security group with required ports open (22 and 8000)
  • Create EC2 instance with Ubuntu 22 and deploy Chroma using docker compose
  • Create a data volume for Chroma data
  • Mount the data volume to the EC2 instance
  • Format the data volume with ext4
  • Start Chroma

Requirements

Deployment with terraform

This deployment uses Ubuntu 22 as foundation, but you'd like to use a different AMI (non-Debian based image) you may have to adjust the startup script.

To find AWS EC2 AMIs you can use:

# 099720109477 is Canonical
aws ec2 describe-images \
    --owners 099720109477 \
    --filters 'Name=name,Values=ubuntu/images/*/ubuntu-jammy*' \
    --query 'sort_by(Images,&CreationDate)[-1].ImageId'

2. Init your terraform state 

terraform init

3. Deploy your application

Generate SSH key to use with your chroma instance (so you can login to the EC2):

Note: This is optional. You can use your own existing SSH key if you prefer.

ssh-keygen -t RSA -b 4096 -C "Chroma AWS Key" -N "" -f ./chroma-aws && chmod 400 ./chroma-aws

Set up your Terraform variables and deploy your instance:

#AWS access key
export TF_VAR_AWS_ACCESS_KEY=<AWS_ACCESS_KEY>
#AWS secret access key
export TF_VAR_AWS_SECRET_ACCESS_KEY=<AWS_SECRET_ACCESS_KEY>
#path to the public key you generated above (or can be different if you want to use your own key)
export TF_ssh_public_key="./chroma-aws.pub"
#path to the private key you generated above (or can be different if you want to use your own key) - used for formatting the Chroma data volume
export TF_ssh_private_key="./chroma-aws"
#set the chroma release to deploy
export TF_VAR_chroma_release=0.4.12
# AWS region to deploy the chroma instance to
export TF_VAR_region="us-west-1"
#enable public access to the chroma instance on port 8000
export TF_VAR_public_access="true"
#enable basic auth for the chroma instance
export TF_VAR_enable_auth="true"
#The auth type to use for the chroma instance (token or basic)
export TF_VAR_auth_type="token"
#optional - if you want to restore from a snapshot
export TF_VAR_chroma_data_restore_from_snapshot_id=""
#optional - if you want to snapshot the data volume before destroying the instance
export TF_VAR_chroma_data_volume_snapshot_before_destroy="true"
terraform apply -auto-approve

Note: Basic Auth is supported by Chroma v0.4.7+

4. Check your public IP and that Chroma is running

Get the public IP of your instance

terraform output instance_public_ip

Check that chroma is running (It should take up several minutes for the instance to be ready)

export instance_public_ip=$(terraform output instance_public_ip | sed 's/"//g')
curl -v http://$instance_public_ip:8000/api/v1/heartbeat

4.1 Checking Auth

Token

When token auth is enabled you can check the get the credentials from Terraform state by running:

terraform output chroma_auth_token

You should see something of the form:

PVcQ4qUUnmahXwUgAf3UuYZoMlos6MnF

You can then export these credentials:

export CHROMA_AUTH=$(terraform output chroma_auth_token | sed 's/"//g')

Using the credentials:

curl -v http://$instance_public_ip:8000/api/v1/collections -H "Authorization: Bearer ${CHROMA_AUTH}"
Basic

When basic auth is enabled you can check the get the credentials from Terraform state by running:

terraform output chroma_auth_basic

You should see something of the form:

chroma:VuA8I}QyNrm0@QLq

You can then export these credentials:

export CHROMA_AUTH=$(terraform output chroma_auth_basic | sed 's/"//g')

Using the credentials:

curl -v http://$instance_public_ip:8000/api/v1/collections -u "${CHROMA_AUTH}"

Note: Without -u you should be getting 401 Unauthorized response

4.2 Connect (ssh) to your instance

To SSH to your instance:

ssh -i ./chroma-aws ubuntu@$instance_public_ip

5. Destroy your Chroma instance

You will need to change prevent_destroy to false in the aws_ebs_volume in chroma.tf.

terraform destroy -auto-approve

Extras

You can visualize your infrastructure with:

terraform graph | dot -Tsvg > graph.svg

Note: You will need graphviz installed for this to work