Deploying Workbench

Let's Deploy Workbench in your GCP Project.

Major Steps

• Create a new GCP project and associate it with your GCP billing account

• Download GCP Marketplace license

• Create the deployment machine

• Get the deployment files from the github repo

• Configure the Workbench deployment

• Install the Workbench

Create a new GCP project

• Go to the Google cloud console (cloud.google.com) and create a new GCP project.

• Make sure that the new project is associated with your billing account and it is not under evaluation. You will need to set it as a paid account

• When you are inside the project then make sure you have at least one VPC network. If you see that a default network is created by the Google cloud then you are all set. Otherwise create a network and name it as a default.

Download marketplace license

• Follow the steps provided in this online documentation link - https://trillo.gitbook.io/deploying-trillo-workbench-in-google-cloud

• Rename the downloaded file as license.yaml (For enterprise license, please get in touch with us at support@trillo.io)

Create deployer machine

You will need the deployed machine to deploy the workbench in your project. You can install one workbench application in a GCP project. On the GCP console, Start a new Cloud Shell and run the following command. Please wait until this command is fully executed.

gsutil cp gs://trillo-public/wkbench/deployer-create.sh . && chmod +x ./deployer-create.sh && ./deployer-create.sh

The cloud shell will appear upright underneath the GCP console as shown below.

At the end of this command, a virtual machine will be created that has a name similar to trillo-deployer-<project-id>

Locate the deployer machine ad click the SSH button to get inside the deployer machine as shown below.

Once you are inside the machine, click on the UPLOAD FILE button to upload the license file into your home directly inside the machine.

Get the Deployment Files from the Github

Run this following command to get the deployment file from the public repository. Being a public repository, no special access is needed to download these files.

git clone https://github.com/opentrillo/google-gke-deployer ./trillo

Once it is download it then the home folder will be ~/google-gke-deployer/deployment

Configure the Workbench deployment

The deployment configuration is provided in the shell script env_global.sh

• You must provide the name of the server including the domain (eg: wb.domain)

• Once the installation is complete then update the DNS A records for the two names (eg: wb.domain and api.wb.domain)

• Change the region and zones if needed. Everything will be created in the specific zone and the region afterwards.

• If a default Google cloud project is created, there is no need to change the network and subnetwork configurations.

• The rest of it can be left as is for the successful installation of the workbench.

Variable Name	Value	Comment	Required
APPSERVER_UI_NAME	workbench.$APPSERVER_NAME	Set app server UI name to server name
APPSERVER_NAME		Set the app server name with the domain (eg: server.domain)	yes
PROJECT_ID	$(gcloud config list --format 'value(core.project)')	Dynamically retrieves project ID using gcloud
SERVICE_ACCOUNT_ID	trillort-sa	Specify service account ID
SA_EMAIL	$SERVICE_ACCOUNT_ID@$PROJECT_ID.iam.gserviceaccount.com	Construct service account email
REGION	us-central1	Set default region
ZONE	us-central1-c	Set primary zone
ZONE2	us-central1-b	Set secondary zone
NETWORK_SHORT	default	Use default network name
SUBNETWORK_SHORT	default	Use default subnetwork name
OTHER_NETWORK_PROJECT	$PROJECT_ID	Use current project for network
NETWORK	projects/$OTHER_NETWORK_PROJECT/global/networks/$NETWORK_SHORT	Full network path
SUBNETWORK	projects/$OTHER_NETWORK_PROJECT/regions/$REGION/subnetworks/$SUBNETWORK_SHORT	Full subnetwork path
TRILLO_UI_DEPLOY	yes	Enable Trillo UI deployment
TRILLO_UI_REPLICAS	1	Use one replica for Trillo UI
BUCKET_NAME	trillo-$PROJECT_ID	Set bucket name with project ID
BUCKET_REGION	$REGION	Set bucket region to default
CREATE_SFTP_EDGE	no	Disable SFTP edge node by default
EDGE_IMAGE	trillo-sftp-edge-04	Edge image name (if enabled)
EDGE_INSTANCE	trillo-gcs-edge	Edge instance name (if enabled)
EDGE_INSTANCE_2	trillo-gcs-edge-2	Second edge instance name (if enabled)
CREATE_MYSQL	yes	Enable MySQL database
MYSQL_INSTANCE_NAME	trillo-mysql8	Set MySQL instance name
CLOUD_NAT_ROUTER	default-cloud-nat-router	Cloud NAT router name
CLOUD_NAT_ROUTER_CONFIG	default-cloud-nat-config	Cloud NAT router config name
CREATE_CLUSTER	yes	Enable GKE cluster creation
CLUSTER	trillo-gke	Set GKE cluster name
CLUSTER_NAMESPACE	trillo	Set GKE cluster namespace
TRILLO_APPS_INSTALL_SOURCE	trillo	Use Trillo marketplace for app installation
MAIL_ENABLED	yes	Enable email notifications
FROM_ADDRESS	no-reply@$APPSERVER_NAME	Set email notification sender address
TRILLO_PACKAGED_ORG_NAME	cloud	Set packaged application organization name
DEFAULT_APP	main	Set default packaged application
SFTP_MACHINE_TYPE	n1-standard-2	Set SFTP machine type
DB_MACHINE_TYPE	db-n1-standard-2	Set database machine type
GKE_MACHINE_TYPE	n2-standard-4	Set GKE machine type
GKE_NODES_PER_ZONE	1	Set GKE nodes per zone
DEPLOYMENTIP	$(curl ifconfig.me)	Dynamically retrieve deployment IP
TRILLO_REPO_LOCATION	project-trillort	Set Trillo repository location
TRILLO_UI_VERSION	5.0.610	Set Trillo UI version
TRILLO_APP_VERSION	5.0.610	Set Trillo app version
TRILLO_UI_IMAGE	gcr.io/$TRILLO_REPO_LOCATION/trillo-apps/saas/v1	Set Trillo UI image path
TRILLO_RT_CONTAINER_REPOSITORY	gcr.io/$TRILLO_REPO_LOCATION/trillo-rt	Set Trillo runtime container repository
TRILLO_DS_CONTAINER_REPOSITORY	gcr.io/$TRILLO_REPO_LOCATION/trillo-rt/trillo-data-service	Set Trillo data service container repository
SERVICE_ENVIRONMENT	prod	Set application service environment to production

Install the Workbench

• Make sure you are ssh-ed into the deployer machine

• Copy the license file from the home folder of the deployer machine to the deployment folder as follows

cd ~/google-gke-deployer/deployment

cp ~/license.yaml ./4-gke

• cd to the deployment folder (as above) and run the script ./runall.sh

• The installation will start the scripts and run for more than 15 mins. It will provision the followings

  • GCP Services

  • Reserve IP addresses for the Workbench frontend and backend servers.

  • Create the bucket for file storage.

  • Provision MYSQL 8 server for data storage

  • Provision Redis for caching

  • Optionally provision nodes for secure file transfer.

  • Finally, install all microservices in the kubernetes cluster. It will provision the external load balancer for the frontend and backend servers with managed secure certificates.

• Once the installation is complete then the scripts and the configuration results are all copied to the newly provisioned cloud storage bucket. The configuration results include the default admin credentials.

• The load balancer will take around another 15+ minutes to stabilize but notice that it will not be able to retrieve valid security certificates until unless the DNS records are updated. Therefore proceed to update your DNS A records by looking at the IP address reserved for the Workbench frontend and backend servers. IP addresses are derived from the following page.

• Keep checking the URL (eg. wb.domain) inside the browser till the main login screen is observed. You can jump through the main URL and the login screen from the Google cloud console as below.

• This is how the login screen looks like. The default admin credentials are provided on the last screen once the installation is complete.

• Once you're inside the workbench then create a new user from the following screen. Notice that the admin account is not meant to operate the workbench. The newly created users will be able to operate all functions of the workbench.

Additional notes

• The terraform development is in progress and will soon be available as an alternate method.

• The installation of Workbench will provide:

  • File manager

  • Data browser

• Before using the Document Manager, the DocAI Warehouse must be initialized using the Google Cloud Console.

• The DocAI Warehouse initialization demonstration is provided in the following videos:

  • https://drive.google.com/file/d/1tB3m-Ox5VKZhiN0_QPaJeN4koGe9ViZm

  • https://drive.google.com/file/d/17j0usIDC6MdS5YM-y-PiTOxxCJqNSAjw