Kubernetes / OpenShift

This page contains detailed instructions for deploying Rasa X in a scalable cluster environment using OpenShift or Kubernetes (K8S).

If you get stuck, email support@rasa.com with subject “deployment help” and we’ll jump on a call with you! We’re working to make deployment easier and would love your feedback.

Rasa X is available as a Helm Chart for a quick and easy cluster setup. If you are not using Helm in your cluster, you can still use the following instructions to generate the Kubernetes or OpenShift object configurations via the Helm command-line interface, and deploy those configurations manually.

Note

The Rasa X Helm chart is open-source and available in the rasa-x-helm repository. Please create an issue in this repository if you discover bugs or have suggestions for improvements.

Requirements

Cluster Requirements

To install the Rasa X Helm chart, you need an existing Kubernetes cluster or OpenShift cluster. Setting up a Kubernetes / OpenShift cluster can be tedious, hence we recommend to get a managed cluster from a cloud provider like Google Cloud, DigitalOcean, Microsoft Azure, or Amazon EKS.

The requirements of the single pods can vary, especially those of the rasa-production and rasa-worker pods, dependent on the model size and what pipeline is used and the number of users. We recommend providing at least the following resources:

Deployment CPU Memory
rasa-x 1 1 GiB
event-service 2 1 GiB
rasa-production 2 2 GiB
rasa-worker 4 4 GiB
nginx 0.2 200 MiB
app 0.5 200 MiB
duckling 0.5 200 MiB
postgresql 1 250 MiB
rabbit 0.2 250 MiB
redis 0.2 250 MiB

We recommend a size of 10 GiB for the Rasa X volume claim and at least 30 GiB for the database volume claim.

Deployment Requirements

  1. Please check that you installed the Kubernetes or OpenShift command line interface (CLI). You can check this using the following command:

    kubectl version --short --client
    
    # The output should be similar to this
    # Client Version: v1.16.3
    
    oc version --short --client
    
    # The output should be similar to this
    # Client Version: v4.1.0+b4261e0
    

    If this command resulted in an error, please install the Kubernetes CLI or the OpenShift CLI depending on the cluster you’re using.

  2. Make sure that the Kubernetes / OpenShift CLI is correctly connected to your cluster. You can do so by using the following commands:

    kubectl version --short
    
    # The output should be similar to this
    # Client Version: v1.16.3
    # Server Version: v1.14.8-gke.12
    
    oc version --short
    
    # The output should be similar to this
    # Client Version: v4.1.0+b4261e0
    # Server Version: v1.11.0+d4cacc0
    

    If you get an error when executing the command, you are not connected to your cluster. To get the command to connect to the cluster please consult your cluster’s admin or the documentation of your cloud provider.

    If you are using K3s for an embedded Kubernetes installation, please make sure that you exported the path to the Kubernetes config:

    export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
    
  3. Please make sure you have the Helm CLI installed. To check this, run:

    helm version --short
    
    # The output should be similar to this
    # v3.0.0+ge29ce2a
    

    If this command leads to an error, please install the Helm CLI.

    In case you are using version <3 of Helm, please update to Helm version 3.

Quick Install

Note

If you’re installing Rasa Enterprise, please follow the Rasa Enterprise Installation instructions.

  1. Prepare an empty file called values.yml which will include all your custom configuration for the deployment with Helm.

  2. To configure the credentials, copy the section below into the values.yml file and replace each <safe credential> marker with a different alphanumeric string. Please use safe credentials to avoid data breaches.

    # rasax specific settings
    rasax:
        # initialUser is the user which is created upon the initial start of Rasa X
        initialUser:
            # password for the Rasa X user
            password: "<safe credential>"
        # passwordSalt Rasa X uses to salt the user passwords
        passwordSalt: "<safe credential>"
        # token Rasa X accepts as authentication token from other Rasa services
        token: "<safe credential>"
        # jwtSecret which is used to sign the jwtTokens of the users
        jwtSecret: "<safe credential>"
    # rasa: Settings common for all Rasa containers
    rasa:
        # token Rasa accepts as authentication token from other Rasa services
        token: "<safe credential>"
    # RabbitMQ specific settings
    rabbitmq:
        # rabbitmq settings of the subchart
        rabbitmq:
            # password which is used for the authentication
            password: "<safe credential>"
    # global settings of the used subcharts
    global:
        # postgresql: global settings of the postgresql subchart
        postgresql:
            # postgresqlPassword is the password which is used when the postgresqlUsername equals "postgres"
            postgresqlPassword: "<safe credential>"
        # redis: global settings of the postgresql subchart
        redis:
            # password to use in case there no external secret was provided
            password: "<safe credential>"
    
  3. Specify the used Rasa X and Rasa Open Source versions. We recommend using the latest Rasa X version (0.27.4) and the latest Rasa Open Source version, which you can get from the bottom left corner in the Rasa Open Source Docs.

    # rasax specific settings
    rasax:
        # Rasa X configuration you did in previous steps
        # ...
        tag: "0.27.4"
    # rasa: Settings common for all Rasa containers
    rasa:
        # Rasa Open Source configuration you did in previous steps
        # ...
        # tag refers to the Rasa image tag
        tag: "<Rasa OS version>-full"
    
  4. Optional: Configure a custom action server.

  5. We recommend installing Rasa X in a separate namespace to avoid interfering with existing cluster deployments. To create a new namespace run the following command:

    kubectl create ns <name of your namespace>
    
    oc create ns <name of your namespace>
    

    Note

    If you are following the Using Helm to Generate Object Configurations guide stop here and continue with the latter.

  6. Deploy Rasa X with the following commands:

    # Add the repository which contains the Rasa X Helm chart
    helm repo add rasa-x https://rasahq.github.io/rasa-x-helm
    
    # Deploy Rasa X
    helm install \
        --generate-name \
        --namespace <name of your namespace> \
        --values values.yml \
        rasa-x/rasa-x
    

    Note

    OpenShift only: If the deployment fails and oc get events returns 1001 is not an allowed group spec.containers[0].securityContext.securityContext.runAsUser, re-run the installation command with an added --set securityContext.fsGroup="" flag.

  7. Wait until the deployment is ready. If you want to check on its status, the following command will block until the Rasa X deployment is ready:

    kubectl --namespace <your namespace> \
        wait \
        --for=condition=available \
        --timeout=20m \
        --selector app.kubernetes.io/component=rasa-x \
        deployment
    
    oc --namespace <your namespace> \
        wait \
        --for=condition=available \
        --timeout=20m \
        --selector app.kubernetes.io/component=rasa-x \
        deployment
    

    Alternatively you can also monitor the pods directly. Note that the deployment process can involve containers restarting until everything is ready (e.g. if the database container is not ready yet).

  8. By default the Rasa X deployment is exposed via the nginx service. You can get the IP address using this command:

    kubectl --namespace <your namespace> \
        get service \
        -l app.kubernetes.io/component=nginx \
        -o jsonpath="{.items..status..loadBalancer..ingress[0].ip}"
    
    oc --namespace <your namespace> \
        get service \
        -l app.kubernetes.io/component=nginx \
        -o jsonpath="{.items..status..loadBalancer..ingress[0].ip}"
    

    You can then access the deployment on http://<ip>:8000

    Note

    Depending on the used cluster / cloud provider this might not work. Please refer to the cloud provider’s documentation / administrator what the recommended way for exposing the nginx service is. We are also happy to help you with any issues in the Rasa Forum.

Rasa Enterprise Installation

  1. Prepare an empty file called values.yml which will include all your custom configuration for the deployment with Helm.

  2. To configure the credentials, copy the section below into the values.yml file and replace each <safe credential> marker with a different alphanumeric string. Please use safe credentials to avoid data breaches. Also set the <username> for the initial admin user which is created during the first start of Rasa Enterprise.

    # rasax specific settings
    rasax:
        # initialUser is the user which is created upon the initial start of Rasa Enterprise
        initialUser:
            # username specifies a name of this user
            username: "<username>"
            # password for the Rasa Enterprise user
            password: "<safe credential>"
        # passwordSalt Rasa X uses to salt the user passwords
        passwordSalt: "<safe credential>"
        # token Rasa X accepts as authentication token from other Rasa services
        token: "<safe credential>"
        # jwtSecret which is used to sign the jwtTokens of the users
        jwtSecret: "<safe credential>"
    # rasa: Settings common for all Rasa containers
    rasa:
        # token Rasa accepts as authentication token from other Rasa services
        token: "<safe credential>"
    # RabbitMQ specific settings
    rabbitmq:
        # rabbitmq settings of the subchart
        rabbitmq:
            # password which is used for the authentication
            password: "<safe credential>"
    # global settings of the used subcharts
    global:
        # postgresql: global settings of the postgresql subchart
        postgresql:
            # postgresqlPassword is the password which is used when the postgresqlUsername equals "postgres"
            postgresqlPassword: "<safe credential>"
        # redis: global settings of the postgresql subchart
        redis:
            # password to use in case there no external secret was provided
            password: "<safe credential>"
    
  3. Specify the used Rasa Enterprise and Rasa Open Source versions. We recommend using the latest Rasa Enterprise version (0.27.4) and the latest Rasa Open Source version, which you can get from the bottom left corner in the Rasa Open Source Docs.

    # rasax specific settings
    rasax:
        # Rasa X configuration you did in previous steps
        # ...
        tag: "0.27.4"
    # rasa: Settings common for all Rasa containers
        # Rasa Open Source configuration you did in previous steps
        # ...
        rasa:
            tag: "<Rasa Open Source version>-full"
    
  4. Configure the Rasa Enterprise image in the values.yml file. Please note that the image name might be different if you are using an internal registry:

    # rasax specific settings
    rasax:
        # Other 'rasax' configuration
        # name of the Rasa Enterprise image to use
        name: "gcr.io/rasa-platform/rasa-x-ee"
    
  5. If you are pulling the Rasa Enterprise image from the official Rasa registry, you have to add a secret with the pull secret for the registry. If you are using another private registry please follow this guide.

    To add the secret for the Rasa registry, please extract the json in the docker_registry_license from your Rasa Enterprise license (rasa-x-ee-license.yml) and put it in a file called gcr-auth.json. The file content should look similar to this:

    {
      "type": "service_account",
      "project_id": "rasa-platform",
      "private_key_id": "sdferw234qadst423qafdgxhw",
      "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvfwrt423qwadsfghtzw0BAQEFAASCBKgwggSkAgEAAoIBAQCgt338FkWbW13dghtzew4easdf5wAi15jrA9t4uOk8dghrtze4weasfgdhtAFZNfrLgvr2\nPBTu1lAJDLo136ZGTdMKi+/TuRqrIMg/sr8q0Ungish8v6t5Jb4gsjBi9StytCT4\nhWXDL3qeadfsgeDOudl6c3iMzylBws+VffrFfaZWjDpGtxmlYwIUa2e\noNSe7BYLnY9tDrX3zrP/wu/6FPbbGkBjguDG1l3Kx7l1wmiPtK5lIhjt+k7Oyx/u\nd6+gvfs+7RX9wUxnZT/tLggybYdsr8BA1Pqr0hDmhdDl7tjXVTmGLG+1/+lXVGFc\nqKEg+uLXAgMBAAECggEAESzwRK0Cp62LgBjInk+jvTmMI4lYP/XTnfk0TNwyiLxd\nT7mkw/TzkSVRifZ37lBQ6BS6BiqBJherh1N4xI+DF9HUN/wHR93QTyu7p8umlcxC\nlPV0KE4b5ZMfWvRG4y236cRGly9urcBNGoFzFHl8pd2iS5DMqZOYpSXY+qvkXTKE\nUOm5mVSs4S4Qa9cHL+jWXCvY0789fG1GrT+L3Fn+StKacgQuBnN1krYFYBSjCAh8\nsnSdjkvGguw/6OApPHd8HqkHtjU0PD67uU5QIm5N1bmz9KT4s9Pm+WbCinEstIiN\nIfln5ikmHcMAiIS0gzSnZavsY21PsDHBkD8SUO7CTQKBgQDgMPhx0TsB/oVH/SnU\nt3oTME+tfAKI69tozX02jHj6DY/vDpI1hXNmb4oMOos5+3ulborHqnso9za1RgV7\nm2N04QQVfzYEuZzJzXL11SHvBYVjHkXYy6HR5GhnPmwA+CzrDNy2/oYxlaqH7TBA\nR+f7IHToIPKGCVrhCJztlAgzIwKBgQC3hQNclIQ5Iw0gm9Rr8zAP/YoRJdiUSYtv\nNBmav+dTTSkPh51Bomj/J4Rrg8OLvHG5U79pmzbQdIFGYGKlR0l4/QepKpbaGm7x\nM/gRp/GXu9sN8LgI+h+FskCYi4cuqDjQ9L2S0gwMre4witmeVSIiBxLWxS7mvkZX\nWRW58ml2vQKBgBozPuW2SQobn6HhIUFdy+NwMu+YXYd44ORnl2mHkx/N8/NBJa8h\nkHH5OQ3izaCSFkooGAnrj4cjFP6sVzmx2DaxkVOd0UdOFdezreqy5MtVPthtkkYa\nzieEZPsj3WVjm4RAtY6hQjeLQSmve4MXpDHCAkeaih1F/Jvt8MEHGso3AoGBAJez\nTioTYpFQliNkbN2nMw2kyaKPJE6/1JDiAmBXTcMgP1blBWsh86UnZ2DwlI5IAcHu\npoWHlnIOPGaOejyhhuyKTPDbkcNMonSkPuVpbF2/Hb6SQ664A6KizJ7Mh7xbtkuU\nY7igBPHePMzHmkg1m3eBXWNHsBNxKfg+XaVN6zwJAoGBAN6VhGMmyDcn0GqkkP6d\nrSsQ0Ig7L4PnU633oYWoGWa8q/XYiFbcACMFynMbrmHG+/0c3Iwt32bi3th60Cwb\nT66yqmv4MaT72+EfQHxiLxnUxhqSpBXM0eoXbyvDg97Zp/slsYvGGLjONmmretlE\nsjAsuAH4Iz1XdfdenzGnyBZH\n-----END PRIVATE KEY-----\n",
      "client_email": "company@rasa-platform.iam.gserviceaccount.com",
      "client_id": "114123456713428149",
      "auth_uri": "https://accounts.google.com/o/oauth2/auth",
      "token_uri": "https://accounts.google.com/o/oauth2/token",
      "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
      "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/company%40rasa-platform.iam.gserviceaccount.com"
    }
    

    Then create the secret by running the following command:

    kubectl --namespace <your namespace> \
        create secret docker-registry gcr-pull-secret \
        --docker-server=gcr.io \
        --docker-username=_json_key \
        --docker-password="$(cat gcr-auth.json)"
    
    oc --namespace <your namespace> \
        create secret docker-registry gcr-pull-secret \
        --docker-server=gcr.io \
        --docker-username=_json_key \
        --docker-password="$(cat gcr-auth.json)"
    

    This will create a secret in your cluster containing the necessary credentials to pull the images. To make the Helm chart use this cluster, add the following to your values.yml:

    images:
        imagePullSecrets:
        - name: gcr-pull-secret
    
  6. Optional: Configure a custom action server.

  7. We recommend installing Rasa Enterprise in a separate namespace to avoid interfering with existing cluster deployments. To create a new namespace run the following command:

    kubectl create ns <name of your namespace>
    
    oc create ns <name of your namespace>
    

    Note

    If you are following the Using Helm to Generate Object Configurations guide stop here and continue with the latter.

  8. Deploy Rasa Enterprise with the following commands:

    # Add the repository which contains the Rasa Enterprise Helm chart
    helm repo add rasa-x https://rasahq.github.io/rasa-x-helm
    
    # Deploy Rasa Enterprise
    helm install \
        --generate-name \
        --namespace <name of your namespace> \
        --values values.yml \
        rasa-x/rasa-x
    

    Note

    OpenShift only: If the deployment fails and oc get events returns 1001 is not an allowed group spec.containers[0].securityContext.securityContext.runAsUser, re-run the installation command with an added --set securityContext.fsGroup="" flag.

  9. Wait until the deployment is ready. If you want to check on its status, the following command will block until the Rasa Enterprise deployment is ready:

    kubectl --namespace <your namespace> \
        wait \
        --for=condition=available \
        --timeout=20m \
        --selector app.kubernetes.io/component=rasa-x \
        deployment
    
    oc --namespace <your namespace> \
        wait \
        --for=condition=available \
        --timeout=20m \
        --selector app.kubernetes.io/component=rasa-x \
        deployment
    

    Alternatively you can also monitor the pods directly. Note that the deployment process can involve containers restarting until everything is ready (e.g. if the database container is not ready yet).

  10. By default the Rasa Enterprise deployment is exposed via the nginx service. You can get the IP address using this command:

    kubectl --namespace <your namespace> \
        get service \
        -l app.kubernetes.io/component=nginx \
        -o jsonpath="{.items..status..loadBalancer..ingress[0].ip}"
    
    oc --namespace <your namespace> \
        get service \
        -l app.kubernetes.io/component=nginx \
        -o jsonpath="{.items..status..loadBalancer..ingress[0].ip}"
    

    You can then access the deployment on http://<ip>:8000

    Note

    Depending on the used cluster / cloud provider this might not work. Please refer to the cloud provider’s documentation / administrator what the recommended way for exposing the nginx service is or reach out to your Customer Success Engineer.

Advanced Configuration

Adding a Custom Action Server

  1. To use a custom action server you need to build a Docker image for your action server. Please see Building an Action Server Image for more information on how to build an image and deploy it to a registry.

  2. Add the image and tag you want to use to the values.yml. If your image is stored in a private registry, please refer to this guide in order to see how to add image pull secrets to your deployment.

    # app (custom action server) specific settings
    app:
        # name of the custom action server image to use
        name: "<name of your action server image>"
        # tag refers to the custom action server image tag
        tag: "<tag of your image>"
    

Configure Rasa Open Source Channels

To configure the messaging and voice channels which the Rasa container should use, put the content of your credentials.yml in the values.yml as done in this example:

# rasa: Settings common for all Rasa containers
rasa:
  # additionalChannelCredentials which should be used by Rasa to connect to various
  # input channels
  additionalChannelCredentials: |
    socketio:
      user_message_evt: user_uttered
      bot_message_evt: bot_uttered
      session_persistence: true/false

Adding Image Pull Secrets for Private Registries

  1. Create a secret for your private registry. You can do so by following the Kubernetes or OpenShift guide.

  2. Add the name of the created secret to your values.yml file.

    # images: Settings for the images
    images:
      # imagePullSecrets which are required to pull images for private registries
      imagePullSecrets:
      - name: <name of your pull secret>
    

Create / Update Rasa X Users

  1. Get the name of the Rasa X pod:

    kubectl --namespace <your namespace> \
        get pod -l app.kubernetes.io/component=rasa-x
    
    # The output should be similar to this
    NAME                           READY   STATUS    RESTARTS   AGE
    rasa-rasa-x-6dcf57bb45-jnt4f   1/1     Running   2          17h
    
    oc --namespace <your namespace> \
        get pod -l app.kubernetes.io/component=rasa-x
    
    # The output should be similar to this
    NAME                           READY   STATUS    RESTARTS   AGE
    rasa-rasa-x-6dcf57bb45-jnt4f   1/1     Running   2          17h
    

    rasa-rasa-x-6dcf57bb45-jnt4f is in our case the name of the Rasa X container.

  2. Connect to the shell of this pod:

    kubectl --namespace <your namespace> \
        exec -it <name of the Rasa X pod> bash
    
    oc --namespace <your namespace> \
        exec -it <name of the Rasa X pod> bash
    
  3. Rasa Enterprise only: Run the following command to create a new user. Please see here which roles are available by default.

    python scripts/manage_users.py create <username> <password> <role>
    
  4. To update the password of an existing user (the username for the single Rasa X user is me and the role is admin) run the following command:

    python scripts/manage_users.py create --update <username> <password> <role>
    

Debug Mode

Sometimes it’s helpful to have more log messages in the Rasa pods. To activate the debug mode for all Rasa Open Source and Rasa X related pods, use the following configuration in your values.yml:

debugMode: "true"

Specifying Volume Sizes

Rasa X requires two volume claims: one for Rasa X, and one for the database. You can define the claim sizes by setting the size of these services in your override file:

rasax:
  persistence:
    size: "10Gi"
postgresql:
  persistence:
    size: "100Gi"

Using an External Secret

By default, the Helm chart will use the passwords specified in the values.yml and expose them within the cluster as a secret.

You can also provide your own secrets instead of having the Helm chart generate them for you. This section shows you how to create an external secret using the example of the secret which is used for the Rasa components (this does not include components like the database). To see the required structure for secrets used by the subcharts, please follow the documentation of the subcharts. You can find the necessary links in the values.yml of the Rasa X Helm chart.

  1. Specify the name of your secret in the values.yml:

    rasaSecret: "<name of your secret>"
    
  2. Create a yaml file <secret-filename>.yml which contains the following entries (make sure to replace the <your value> entries):

    apiVersion: "v1"
    kind: "Secret"
    metadata:
      name: "<name of your secret>"
    type: "Opaque"
    data:
      initialPassword: {{ .Values.rasax.initialUser.password | b64enc | quote }}
      rasaToken: {{ <your value> | b64enc | quote }}
      rasaXToken: {{ <your value>| b64enc | quote }}
      passwordSalt: {{ <your value> | b64enc | quote }}
      jwtSecret: {{<your value> | b64enc | quote }}
    
  3. Create the secret on the cluster by runing this command:

    kubectl --namespace <your namespace> \
        apply -f <secret-filename>.yml
    
    oc --namespace <your namespace> \
        apply -f <secret-filename>.yml
    
  4. Then deploy the Rasa X chart. The components will then use the provided external secrets.

Using HTTPS

We recommend that you enable HTTPS on your server by adding SSL certificates (for example using Let’s encrypt).

The recommended way of doing it is to enable SSL on either the ingress controller or the load balancer serving the ingress. Please refer to the documentation of your cloud provider / ingress controller.

You can also configure the Nginx reverse proxy in the chart to use SSL. To do so, you need a PEM-encoded private key file (privkey.pem) and a PEM-encoded certificate chain file (fullchain.pem). Provide their content in a secret, which looks like the following:

apiVersion: "v1"
kind: "Secret"
metadata:
  name: <your secret name>
type: "Opaque"
stringData:
  privkey.pem: <content of the private key file>
  fullchain.pem: <content of the certificate chain file>

Then specify the name of this secret in your override file:

nginx:
  certificateSecret: "<your secret name>"

This will automatically be mounted in the correct place within the Nginx pod.

Configuring the Subcharts

Rasa X builds on existing charts for postgresql, rabbitmq, and redis. To see all configuration values please check the READMEs of the subcharts. The Rasa X chart contains a link to the used chart versions and their READMEs in its values file.

If you don’t want to use the subcharts and decide to provide your own deployments, you can disable the subchart usage through the Rasa X values file. E.g. to skip installing the postgresql subchart specify this in your override file:

postgresql:
  install: false

Additionally you have to provide the connection details of your external instances and the required credentials. For postgresql this would e.g. be:

postgresql:
  install: false
  existingHost: "<host of your postgress instance>"
  existingSecretKey: "<key to get the password from the secret>"

global:
  postgresql:
    existingSecret: "<name of the secret which contains the database password>"
    servicePort: <port which should be used to connect>
    postgresqlDatabase: "<name of the database which should be used>"
    postgresqlUsername: "<username which should be used to connect>"

Upgrading the Deployment

If you want to upgrade the Rasa X chart to a newer version or change values for an already installed Rasa X deployment, please follow these steps.

  1. Update the Rasa X / Rasa Enterprise and Rasa Open Source versions in your values.yml file. You can get the latest Rasa Open Source version from the bottom left corner in the Rasa Open Source Docs.

    # rasax specific settings
    rasax:
        # Rasa X configuration you did in previous steps
        # ...
        tag: "<Rasa X version>"
    # rasa: Settings common for all Rasa containers
    rasa:
        # Rasa Open Source configuration you did in previous steps
        # ...
        # tag refers to the Rasa image tag
        tag: "<Rasa OS version>-full"
    
  2. Optional: If you want to modify any further parameters of an existing deployment, do so by setting the values in your values.yml.

  3. Get the release name which Helm used during the installation. If are unsure which release name was used, use the following command to find out the release name:

    helm list --namespace <your namespace>
    
  4. Upgrade the deployment

    helm repo update
    helm upgrade \
        --values values.yml \
        --namespace <your namespace> \
        --reuse-values \
        <your release name> rasa-x/rasa-x
    

Accessing Secrets

This section describes how to retrieve secrets from your running deployment. You have the option to retrieve the following secrets:

description default secret name
PostgreSQL database password postgresql
Redis lock store password redis
RabbitMQ event broker password rabbit

Run the following command, replacing <secret name> with one of the values in the table, and <your namespace> and <your release name> with your namespace and the name of your release:

secret=<secret name>
namespace=<your namespace>
release_name=<your release name>
kubectl --namespace ${namespace} \
    get secret ${release_name}-${secret} -o yaml | \
    awk -F ': ' '/password/{print $2}' | base64 -d
secret=<secret name>
namespace=<your namespace>
release_name=<your release name>
oc --namespace ${namespace} \
    get secret ${release_name}-${secret} -o yaml | \
    awk -F ': ' '/password/{print $2}' | base64 -d

Note

If you’re not sure what namespace or release name your deployment runs under, you can use the following commands to find out. To list the available namespaces, run:

kubectl get namespaces

And to list the releases under a particular namespace namespace, run:

helm list --namespace <your namespace>

Accessing Logs

This section describes how to get logs from the running containers.

  1. Get the name of the pod which you want to get the logs of.

    kubectl --namespace <your namespace> \
        get pods
    
    # The output should be similar to this
    # NAME                                   READY   STATUS    RESTARTS   AGE
    # rasa-app-58d476497-ktkqn               1/1     Running   0          45m
    # rasa-duckling-7696b7f474-km6dx         1/1     Running   0          45m
    # rasa-event-service-7657b6b489-96drn    1/1     Running   1          45m
    # rasa-nginx-64b6b464f6-p9bmb            1/1     Running   0          45m
    # rasa-postgresql-0                      1/1     Running   0          45m
    # rasa-rabbit-0                          1/1     Running   0          45m
    # rasa-rasa-production-c86fbf7f7-q9pp5   1/1     Running   0          45m
    # rasa-rasa-worker-5d49485976-6z2kj      1/1     Running   0          45m
    # rasa-rasa-x-5788cddbb7-5zf86           1/1     Running   0          45m
    # rasa-redis-master-0                    1/1     Running   0          45m
    
    oc --namespace <your namespace> \
        get pods
    
    # The output should be similar to this
    # NAME                                   READY   STATUS    RESTARTS   AGE
    # rasa-app-58d476497-ktkqn               1/1     Running   0          45m
    # rasa-duckling-7696b7f474-km6dx         1/1     Running   0          45m
    # rasa-event-service-7657b6b489-96drn    1/1     Running   1          45m
    # rasa-nginx-64b6b464f6-p9bmb            1/1     Running   0          45m
    # rasa-postgresql-0                      1/1     Running   0          45m
    # rasa-rabbit-0                          1/1     Running   0          45m
    # rasa-rasa-production-c86fbf7f7-q9pp5   1/1     Running   0          45m
    # rasa-rasa-worker-5d49485976-6z2kj      1/1     Running   0          45m
    # rasa-rasa-x-5788cddbb7-5zf86           1/1     Running   0          45m
    # rasa-redis-master-0                    1/1     Running   0          45m
    

    rasa-rasa-x-5788cddbb7-5zf86 is for example the name of the Rasa X container.

  2. To get the logs of the container run:

    kubectl --namespace <your namespace> \
        logs <name of the pod>
    
    oc --namespace <your namespace> \
        logs <name of the pod>
    

Using Helm to Generate Object Configurations

If you don’t want or cannot use Helm to deploy Rasa X in your cluster, you can still use Helm to generate the Kubernetes / OpenShift resource files.

  1. Follow the Quick Install until the deployment part.

  2. Run the following command to generate the Kubernetes / OpenShift resource files and write them in a file rasa-x-deployment.yml:

    helm repo update
    helm template \
        --values values.yml \
        --generate-name \
        rasa-x/rasa-x > rasa-x-deployment.yml
    
    docker run alpine/helm template \
        --generate-name \
        --repo https://rasahq.github.io/rasa-x-helm rasa-x \
    > rasa-x-deployment.yml
    
  3. You can then deploy these manually by running:

    kubectl --namespace <your namespace> \
        create -f rasa-x-deployment.yml
    
    oc --namespace <your namespace> \
        create -f rasa-x-deployment.yml