diff --git a/deploy/standard/azd-hooks/utility/Generate-Config.ps1 b/deploy/standard/azd-hooks/utility/Generate-Config.ps1 index 3951a549d6..c9d1e99684 100644 --- a/deploy/standard/azd-hooks/utility/Generate-Config.ps1 +++ b/deploy/standard/azd-hooks/utility/Generate-Config.ps1 @@ -377,7 +377,7 @@ $vnetName = Invoke-AndRequireSuccess "Get VNet Name" { $subnetBackend = Invoke-AndRequireSuccess "Get Backend Subnet CIDR" { az network vnet subnet show ` - --name "FLLMBackend" ` + --name "aks-backend" ` --query addressPrefix ` --resource-group $resourceGroups.net ` --vnet-name $vnetName ` @@ -387,7 +387,7 @@ $tokens.privateIpIngressBackend = Get-CIDRHost -baseCidr $subnetBackend -hostNum $subnetFrontend = Invoke-AndRequireSuccess "Get Frontend Subnet CIDR" { az network vnet subnet show ` - --name "FLLMFrontend" ` + --name "aks-frontend" ` --query addressPrefix ` --resource-group $resourceGroups.net ` --vnet-name $vnetName ` diff --git a/deploy/standard/config/appconfig.template.json b/deploy/standard/config/appconfig.template.json index 9acd5dd35a..45d176e055 100644 --- a/deploy/standard/config/appconfig.template.json +++ b/deploy/standard/config/appconfig.template.json @@ -289,7 +289,7 @@ }, { "key": "FoundationaLLM:APIEndpoints:GatekeeperIntegrationAPI:Essentials:APIKey", - "value": "{\"uri\":\"{{keyvaultUri}}secrets/foundationallm-apiendpoints-gatekeeperintergrationapi-apikey\"}", + "value": "{\"uri\":\"{{keyvaultUri}}secrets/foundationallm-apiendpoints-gatekeeperintegrationapi-apikey\"}", "label": null, "content_type": "application/vnd.microsoft.appconfig.keyvaultref+json;charset=utf-8", "tags": {} @@ -457,14 +457,14 @@ }, { "key": "FoundationaLLM:APIEndpoints:StateAPI:Essentials:APIUrl", - "value": "http://state-api/state", + "value": "http://state-api", "label": null, "content_type": "", "tags": {} }, { "key": "FoundationaLLM:APIEndpoints:StateAPI:Essentials:APIKey", - "value": "{\"uri\":\"{{keyvaultUri}}secrets/foundationallm-apinedpoints-stateapi-apikey\"}", + "value": "{\"uri\":\"{{keyvaultUri}}secrets/foundationallm-apiendpoints-stateapi-apikey\"}", "label": null, "content_type": "application/vnd.microsoft.appconfig.keyvaultref+json;charset=utf-8", "tags": {} diff --git a/deploy/standard/data/resource-provider/FoundationaLLM.Agent/FoundationaLLM.template.json b/deploy/standard/data/resource-provider/FoundationaLLM.Agent/FoundationaLLM.template.json index 7f90e64779..760af4b62e 100644 --- a/deploy/standard/data/resource-provider/FoundationaLLM.Agent/FoundationaLLM.template.json +++ b/deploy/standard/data/resource-provider/FoundationaLLM.Agent/FoundationaLLM.template.json @@ -15,17 +15,8 @@ }, "orchestration_settings": { "orchestrator": "LangChain", - "agent_parameters": null, - "endpoint_configuration": { - "auth_type": "token", - "provider": "microsoft", - "endpoint": "{{openAiEndpointUri}}", - "api_version": "2024-02-01" - }, - "model_parameters": { - "temperature": 0, - "deployment_name": "completions" - } + "agent_parameters": null }, + "ai_model_object_id": "/instances/{{instanceId}}/providers/FoundationaLLM.AIModel/aiModels/DefaultCompletionAIModel", "prompt_object_id": "/instances/{{instanceId}}/providers/FoundationaLLM.Prompt/prompts/FoundationaLLM" } \ No newline at end of file diff --git a/deploy/standard/infra/app-rg.bicep b/deploy/standard/infra/app-rg.bicep index 706a737260..5e28b45075 100644 --- a/deploy/standard/infra/app-rg.bicep +++ b/deploy/standard/infra/app-rg.bicep @@ -106,9 +106,9 @@ module network 'modules/utility/virtualNetworkData.bicep' = { params: { vnetName: vnetName subnetNames: [ - 'FLLMBackend' - 'FLLMFrontend' - 'FLLMServices' + 'aks-backend' + 'aks-frontend' + 'services' ] } } @@ -141,8 +141,8 @@ module aksBackend 'modules/aks.bicep' = { opsResourceGroupName: opsResourceGroupName privateDnsZones: filter(dnsZones.outputs.ids, (zone) => contains([ 'aks' ], zone.key)) resourceSuffix: '${resourceSuffix}-backend' - subnetId: subnets.FLLMBackend.id - subnetIdPrivateEndpoint: subnets.FLLMServices.id + subnetId: subnets['aks-backend'].id + subnetIdPrivateEndpoint: subnets.services.id tags: tags } } @@ -161,8 +161,8 @@ module aksFrontend 'modules/aks.bicep' = { opsResourceGroupName: opsResourceGroupName privateDnsZones: filter(dnsZones.outputs.ids, (zone) => contains([ 'aks' ], zone.key)) resourceSuffix: '${resourceSuffix}-frontend' - subnetId: subnets.FLLMFrontend.id - subnetIdPrivateEndpoint: subnets.FLLMServices.id + subnetId: subnets['aks-frontend'].id + subnetIdPrivateEndpoint: subnets.services.id tags: tags } } diff --git a/deploy/standard/infra/auth-rg.bicep b/deploy/standard/infra/auth-rg.bicep index dd62c63421..697053c4a0 100644 --- a/deploy/standard/infra/auth-rg.bicep +++ b/deploy/standard/infra/auth-rg.bicep @@ -113,7 +113,7 @@ module authStore 'modules/storageAccount.bicep' = { logAnalyticWorkspaceId: logAnalyticsWorkspaceId privateDnsZones: filter(dnsZones.outputs.ids, (zone) => contains(['blob', 'dfs'], zone.key)) resourceSuffix: resourceToken - subnetId: '${vnetId}/subnets/FLLMAuth' + subnetId: '${vnetId}/subnets/auth' tags: tags containers: [ 'role-assignments' @@ -132,7 +132,7 @@ module authKeyvault 'modules/keyVault.bicep' = { logAnalyticWorkspaceId: logAnalyticsWorkspaceId privateDnsZones: filter(dnsZones.outputs.ids, (zone) => zone.key == 'vault') resourceSuffix: resourceSuffix - subnetId: '${vnetId}/subnets/FLLMAuth' + subnetId: '${vnetId}/subnets/auth' tags: tags } } diff --git a/deploy/standard/infra/main.bicep b/deploy/standard/infra/main.bicep index 705ba4d2d3..f88b01bbb0 100644 --- a/deploy/standard/infra/main.bicep +++ b/deploy/standard/infra/main.bicep @@ -247,7 +247,7 @@ output FLLM_MGMT_API_HOSTNAME string = managementApiHostname output FOUNDATIONALLM_VNET_NAME string = networking.outputs.vnetName output FOUNDATIONALLM_VNET_ID string = networking.outputs.vnetId -output FOUNDATIONALLM_HUB_VNET_NAME string = networking.outputs.hubVnetId +output FOUNDATIONALLM_HUB_VNET_ID string = networking.outputs.hubVnetId output SERVICE_GATEKEEPER_API_ENDPOINT_URL string = 'http://gatekeeper-api/gatekeeper/' output SERVICE_GATEKEEPER_INTEGRATION_API_ENDPOINT_URL string = 'http://gatekeeper-integration-api/gatekeeperintegration' diff --git a/deploy/standard/infra/modules/vnet-peering.bicep b/deploy/standard/infra/modules/vnet-peering.bicep index e645596272..2b761b831d 100644 --- a/deploy/standard/infra/modules/vnet-peering.bicep +++ b/deploy/standard/infra/modules/vnet-peering.bicep @@ -10,7 +10,7 @@ resource main 'Microsoft.Network/virtualNetworks@2024-01-01' existing = { } resource destinationToSourcePeering 'Microsoft.Network/virtualNetworks/virtualNetworkPeerings@2024-01-01' = { - name: 'hub-to-vnet' + name: vnetName parent: main properties: { allowVirtualNetworkAccess: allowVirtualNetworkAccess diff --git a/deploy/standard/infra/networking-rg.bicep b/deploy/standard/infra/networking-rg.bicep index c1e6448135..0b7483403b 100644 --- a/deploy/standard/infra/networking-rg.bicep +++ b/deploy/standard/infra/networking-rg.bicep @@ -1,5 +1,5 @@ // Inputs -param cidrVnet string = '10.220.128.0/21' +param cidrVnet string = '10.220.128.0/20' param environmentName string param hubResourceGroup string param hubSubscriptionId string = subscription().subscriptionId @@ -36,20 +36,21 @@ var privateDnsZone = { vault: 'privatelink.vaultcore.azure.net' } -var cidrFllmAuth = cidrSubnet(cidrVnet, 26, 17) // 10.220.132.64/26 -var cidrFllmBackend = cidrSubnet(cidrVnet, 24, 1) // 10.220.129.0/24 -var cidrFllmFrontend = cidrSubnet(cidrVnet, 24, 2) // 10.220.130.0/24 -var cidrFllmOpenAi = cidrSubnet(cidrVnet, 26, 12) // 10.220.131.0/26 -var cidrFllmOps = cidrSubnet(cidrVnet, 26, 15) // 10.220.131.192/26 -var cidrFllmVec = cidrSubnet(cidrVnet, 26, 16) // 10.220.132.0/26 -var cidrNetSvc = cidrSubnet(cidrVnet, 24, 6) // 10.220.134.0/24 +var opsSubnetCidr = cidrSubnet(cidrVnet, 26, 0) // 10.220.128.0/26 +var servicesSubnetCidr = cidrSubnet(cidrVnet, 26, 1) // 10.220.128.64/26 +var authSubnetCidr = cidrSubnet(cidrVnet, 26, 2) // 10.220.128.128/26 +var openAiSubnetCidr = cidrSubnet(cidrVnet, 26, 3) // 10.220.128.192/26 +var storageSubnetCidr = cidrSubnet(cidrVnet, 26, 4) // 10.220.129.0/26 +var vectorizationSubnetCidr = cidrSubnet(cidrVnet, 26, 5) // 10.220.129.64/26 +var backendAksSubnetCidr = cidrSubnet(cidrVnet, 22, 1) // 10.220.132.0/22 +var frontendAksSubnetCidr = cidrSubnet(cidrVnet, 22, 2) // 10.220.140.0/22 // TODO: Use Namer FUnction from main.bicep var name = networkName == '' ? 'vnet-${environmentName}-${location}-net' : networkName var subnets = [ { - name: 'FLLMBackend' - addressPrefix: cidrFllmBackend + name: 'aks-backend' + addressPrefix: backendAksSubnetCidr inbound: [ { access: 'Allow' @@ -70,8 +71,8 @@ var subnets = [ ] } { - name: 'FLLMFrontEnd' - addressPrefix: cidrFllmFrontend + name: 'aks-frontend' + addressPrefix: frontendAksSubnetCidr inbound: [ { access: 'Allow' @@ -92,34 +93,8 @@ var subnets = [ ] } { - name: 'FLLMNetSvc' - addressPrefix: cidrNetSvc - rules: { - inbound: [ - { - access: 'Allow' - destinationAddressPrefix: 'VirtualNetwork' - destinationPortRange: '*' - name: 'allow-vpn' - priority: 256 - protocol: '*' - sourcePortRange: '*' - sourceAddressPrefixes: [allowedExternalCidr] - } - ] - } - delegations: [ - { - name: 'Microsoft.Network/dnsResolvers' - properties: { - serviceName: 'Microsoft.Network/dnsResolvers' - } - } - ] - } - { - name: 'FLLMOpenAI' - addressPrefix: cidrFllmOpenAi + name: 'openai' + addressPrefix: openAiSubnetCidr rules: { inbound: [ { @@ -151,7 +126,7 @@ var subnets = [ protocol: '*' sourcePortRange: '*' sourceAddressPrefixes: [ - cidrFllmBackend + backendAksSubnetCidr ] } { @@ -236,8 +211,8 @@ var subnets = [ ] } { - name: 'FLLMServices' - addressPrefix: cidrSubnet(cidrVnet, 26, 13) + name: 'services' + addressPrefix: servicesSubnetCidr rules: { inbound: [ { @@ -248,7 +223,7 @@ var subnets = [ priority: 256 protocol: '*' sourcePortRange: '*' - sourceAddressPrefixes: [cidrFllmBackend] + sourceAddressPrefixes: [backendAksSubnetCidr] } { access: 'Allow' @@ -280,8 +255,8 @@ var subnets = [ ] } { - name: 'FLLMStorage' - addressPrefix: cidrSubnet(cidrVnet, 26, 14) + name: 'storage' + addressPrefix: storageSubnetCidr rules: { inbound: [ { @@ -292,7 +267,7 @@ var subnets = [ priority: 128 protocol: '*' sourcePortRange: '*' - sourceAddressPrefixes: [cidrFllmOps] + sourceAddressPrefixes: [opsSubnetCidr] } { access: 'Allow' @@ -312,7 +287,7 @@ var subnets = [ name: 'allow-aks-inbound' priority: 256 protocol: '*' - sourceAddressPrefixes: [cidrFllmBackend] + sourceAddressPrefixes: [backendAksSubnetCidr] sourcePortRange: '*' } { @@ -347,8 +322,8 @@ var subnets = [ ] } { - name: 'ops' // TODO: PLEs. Maybe put these in FLLMServices? - addressPrefix: cidrFllmOps + name: 'ops' // TODO: PLEs. Maybe put these in services? + addressPrefix: opsSubnetCidr rules: { inbound: [ { @@ -359,7 +334,7 @@ var subnets = [ priority: 128 protocol: '*' sourcePortRange: '*' - sourceAddressPrefixes: [cidrFllmOps] + sourceAddressPrefixes: [opsSubnetCidr] } { access: 'Allow' @@ -380,8 +355,8 @@ var subnets = [ protocol: '*' sourcePortRange: '*' sourceAddressPrefixes: [ - cidrFllmFrontend - cidrFllmBackend + frontendAksSubnetCidr + backendAksSubnetCidr ] } { @@ -404,8 +379,8 @@ var subnets = [ ] } { - name: 'Vectorization' - addressPrefix: cidrFllmVec + name: 'vectorization' + addressPrefix: vectorizationSubnetCidr rules: { inbound: [ { @@ -425,7 +400,7 @@ var subnets = [ name: 'allow-aks-inbound' priority: 256 protocol: '*' - sourceAddressPrefixes: [cidrFllmBackend] + sourceAddressPrefixes: [backendAksSubnetCidr] sourcePortRange: '*' } { @@ -461,8 +436,8 @@ var subnets = [ ] } { - name: 'FLLMAuth' - addressPrefix: cidrFllmAuth + name: 'auth' + addressPrefix: authSubnetCidr rules: { inbound: [ { @@ -473,7 +448,7 @@ var subnets = [ priority: 128 protocol: '*' sourcePortRange: '*' - sourceAddressPrefixes: [cidrFllmOps] + sourceAddressPrefixes: [opsSubnetCidr] } { access: 'Allow' @@ -493,7 +468,7 @@ var subnets = [ name: 'allow-aks-inbound' priority: 256 protocol: '*' - sourceAddressPrefixes: [cidrFllmBackend] + sourceAddressPrefixes: [backendAksSubnetCidr] sourcePortRange: '*' } { diff --git a/deploy/standard/infra/openai-rg.bicep b/deploy/standard/infra/openai-rg.bicep index 4b659ef31e..05e71f2e88 100644 --- a/deploy/standard/infra/openai-rg.bicep +++ b/deploy/standard/infra/openai-rg.bicep @@ -61,7 +61,7 @@ module contentSafety 'modules/contentSaftey.bicep' = { opsResourceGroupName: opsResourceGroupName privateDnsZones: filter(dnsZones.outputs.ids, (zone) => zone.key == 'cognitiveservices') resourceSuffix: resourceSuffix - subnetId: '${vnetId}/subnets/FLLMOpenAI' + subnetId: '${vnetId}/subnets/openai' tags: tags } } @@ -76,7 +76,7 @@ module openai './modules/openai.bicep' = if (deployOpenAi) { logAnalyticWorkspaceId: logAnalyticsWorkspaceId privateDnsZones: filter(dnsZones.outputs.ids, (zone) => zone.key == 'openai') resourceSuffix: resourceSuffix - subnetId: '${vnetId}/subnets/FLLMOpenAI' + subnetId: '${vnetId}/subnets/openai' tags: tags } } diff --git a/deploy/standard/infra/storage-rg.bicep b/deploy/standard/infra/storage-rg.bicep index 5b059b36ad..9898d6eddb 100644 --- a/deploy/standard/infra/storage-rg.bicep +++ b/deploy/standard/infra/storage-rg.bicep @@ -57,7 +57,7 @@ module cosmosdb 'modules/cosmosdb.bicep' = { logAnalyticWorkspaceId: logAnalyticsWorkspaceId privateDnsZones: filter(dnsZones.outputs.ids, (zone) => zone.key == 'cosmosdb') resourceSuffix: resourceSuffix - subnetId: '${vnetId}/subnets/FLLMStorage' + subnetId: '${vnetId}/subnets/storage' tags: tags } } @@ -73,7 +73,7 @@ module storage 'modules/storageAccount.bicep' = { logAnalyticWorkspaceId: logAnalyticsWorkspaceId privateDnsZones: dnsZones.outputs.idsStorage resourceSuffix: resourceSuffix - subnetId: '${vnetId}/subnets/FLLMStorage' + subnetId: '${vnetId}/subnets/storage' tags: tags containers: [ 'resource-provider' diff --git a/deploy/standard/infra/vec-rg.bicep b/deploy/standard/infra/vec-rg.bicep index 56c5fea0d2..de70c4d15c 100644 --- a/deploy/standard/infra/vec-rg.bicep +++ b/deploy/standard/infra/vec-rg.bicep @@ -56,7 +56,7 @@ module search 'modules/search.bicep' = { logAnalyticsWorkspaceId: logAnalyticsWorkspaceId resourceSuffix: resourceSuffix tags: tags - subnetId: '${vnetId}/subnets/Vectorization' + subnetId: '${vnetId}/subnets/vectorization' privateDnsZones: filter(dnsZones.outputs.ids, (zone) => zone.key == 'search') } } diff --git a/deploy/standard/scripts/deploy/Generate-Config.ps1 b/deploy/standard/scripts/deploy/Generate-Config.ps1 index 87a0e75d21..0c66d7ff43 100644 --- a/deploy/standard/scripts/deploy/Generate-Config.ps1 +++ b/deploy/standard/scripts/deploy/Generate-Config.ps1 @@ -397,7 +397,7 @@ $vnetName = Invoke-AndRequireSuccess "Get VNet Name" { $subnetBackend = Invoke-AndRequireSuccess "Get Backend Subnet CIDR" { az network vnet subnet show ` - --name "FLLMBackend" ` + --name "aks-backend" ` --query addressPrefix ` --resource-group $resourceGroups.net ` --vnet-name $vnetName ` @@ -407,7 +407,7 @@ $tokens.privateIpIngressBackend = Get-CIDRHost -baseCidr $subnetBackend -hostNum $subnetFrontend = Invoke-AndRequireSuccess "Get Frontend Subnet CIDR" { az network vnet subnet show ` - --name "FLLMFrontend" ` + --name "aks-frontend" ` --query addressPrefix ` --resource-group $resourceGroups.net ` --vnet-name $vnetName `