This repository contains the Google Cloud infrastructure deployment for the llmdoc project, which implements a document question answering system using Generative AI and Elasticsearch.
Our development and deployment pipeline adheres to the following principles:
- Rapid Iteration: All dependencies are kept within the project to maximize short feedback development cycles.
- Seamless Deployment: End-to-end deployment and testing can be executed with a single command:
make all. - Configuration Management: Deployment target differences are managed through
google_project.tfvarsconfiguration files. - Version Control: Code base changes are tracked using
git branch, while deployment states are tracked withgit tag.
Our deployment stack leverages various Google Cloud services and open-source tools to create a robust and scalable infrastructure.
We use Checkov, a static code analysis tool, to scan our infrastructure as code (IaC) files for potential security misconfigurations or compliance issues.
To run the security analysis:
make checkov
We use Terraform to manage and provision our Google Cloud infrastructure. This allows for version-controlled, repeatable deployments across different environments.
To apply the Terraform configuration:
make terraform
We use HashiCorp Vault for secrets management, providing a secure and centralized solution for storing and accessing sensitive information.
To deploy Vault:
make vault
The Vault Secrets Operator is a Kubernetes operator that synchronizes secrets between Vault and Kubernetes. This allows for seamless integration of Vault's secret management capabilities with Kubernetes applications.
For more information, see the Vault Secrets Operator documentation.
The document question answering system deployment is currently in progress. This component will leverage Generative AI and Elasticsearch to provide intelligent responses to queries about document content.
Comprehensive functional testing of the deployed infrastructure and applications is currently under development. This will ensure the reliability and correctness of the entire system.