From 22e9fb29fc9d4694781c7708a3faf14f3c7d1e9b Mon Sep 17 00:00:00 2001 From: Dave Glover Date: Wed, 10 Jul 2024 17:25:12 +1000 Subject: [PATCH 1/2] Updated for azureaiproxy.net --- azure.yaml | 4 +- database/aoai-proxy.sql | 228 +++++++++++++++++++++------------------- database/setup.sql | 10 +- infra/db.bicep | 4 +- infra/proxy.bicep | 30 ++---- 5 files changed, 135 insertions(+), 141 deletions(-) diff --git a/azure.yaml b/azure.yaml index 1548038d..a2ee0dba 100644 --- a/azure.yaml +++ b/azure.yaml @@ -3,8 +3,8 @@ name: aoai-proxy services: proxy: - project: ./src/proxy - language: py + project: ./src/AzureAIProxy + language: csharp host: containerapp docker: path: ../Dockerfile.proxy diff --git a/database/aoai-proxy.sql b/database/aoai-proxy.sql index b85816b8..aec5f7eb 100644 --- a/database/aoai-proxy.sql +++ b/database/aoai-proxy.sql @@ -6,14 +6,23 @@ -- Dumped by pg_dump version 16.2 (Debian 16.2-1.pgdg120+2) SET statement_timeout = 0; + SET lock_timeout = 0; + SET idle_in_transaction_session_timeout = 0; + SET client_encoding = 'UTF8'; + SET standard_conforming_strings = on; -SELECT pg_catalog.set_config('search_path', '', false); + +SELECT pg_catalog.set_config ('search_path', '', false); + SET check_function_bodies = false; + SET xmloption = content; + SET client_min_messages = warning; + SET row_security = off; -- @@ -22,7 +31,6 @@ SET row_security = off; CREATE SCHEMA aoai; - ALTER SCHEMA aoai OWNER TO azure_pg_admin; -- @@ -31,19 +39,17 @@ ALTER SCHEMA aoai OWNER TO azure_pg_admin; CREATE EXTENSION IF NOT EXISTS pgcrypto WITH SCHEMA aoai; - -- -- Name: EXTENSION pgcrypto; Type: COMMENT; Schema: -; Owner: -- COMMENT ON EXTENSION pgcrypto IS 'cryptographic functions'; - -- -- Name: model_type; Type: TYPE; Schema: aoai; Owner: azure_pg_admin -- -CREATE TYPE aoai.model_type AS ENUM ( +CREATE TYPE aoai.model_type AS ENUM( 'openai-chat', 'openai-embedding', 'openai-dalle3', @@ -53,7 +59,6 @@ CREATE TYPE aoai.model_type AS ENUM ( 'azure-ai-search' ); - ALTER TYPE aoai.model_type OWNER TO azure_pg_admin; -- @@ -92,8 +97,12 @@ BEGIN END; $$; - -ALTER PROCEDURE aoai.add_attendee_metric(IN p_api_key character varying, IN p_event_id character varying, IN p_catalog_id uuid, IN p_usage jsonb) OWNER TO azure_pg_admin; +ALTER PROCEDURE aoai.add_attendee_metric ( + IN p_api_key character varying, + IN p_event_id character varying, + IN p_catalog_id uuid, + IN p_usage jsonb +) OWNER TO azure_pg_admin; -- -- Name: add_event(character varying, character varying, character varying, character varying, timestamp without time zone, timestamp without time zone, integer, character varying, character varying, character varying, integer, integer, boolean, character varying); Type: FUNCTION; Schema: aoai; Owner: azure_pg_admin @@ -174,8 +183,22 @@ BEGIN END; $$; - -ALTER FUNCTION aoai.add_event(p_owner_id character varying, p_event_code character varying, p_event_shared_code character varying, p_event_markdown character varying, p_start_timestamp timestamp without time zone, p_end_timestamp timestamp without time zone, p_time_zone_offset integer, p_time_zone_label character varying, p_organizer_name character varying, p_organizer_email character varying, p_max_token_cap integer, p_daily_request_cap integer, p_active boolean, p_event_image_url character varying) OWNER TO azure_pg_admin; +ALTER FUNCTION aoai.add_event ( + p_owner_id character varying, + p_event_code character varying, + p_event_shared_code character varying, + p_event_markdown character varying, + p_start_timestamp timestamp without time zone, + p_end_timestamp timestamp without time zone, + p_time_zone_offset integer, + p_time_zone_label character varying, + p_organizer_name character varying, + p_organizer_email character varying, + p_max_token_cap integer, + p_daily_request_cap integer, + p_active boolean, + p_event_image_url character varying +) OWNER TO azure_pg_admin; -- -- Name: add_event_attendee(character varying, character varying); Type: FUNCTION; Schema: aoai; Owner: azure_pg_admin @@ -200,8 +223,10 @@ BEGIN END; $$; - -ALTER FUNCTION aoai.add_event_attendee(p_user_id character varying, p_event_id character varying) OWNER TO azure_pg_admin; +ALTER FUNCTION aoai.add_event_attendee ( + p_user_id character varying, + p_event_id character varying +) OWNER TO azure_pg_admin; -- -- Name: get_attendee_authorized(character varying); Type: FUNCTION; Schema: aoai; Owner: azure_pg_admin @@ -314,8 +339,7 @@ BEGIN END; $_$; - -ALTER FUNCTION aoai.get_attendee_authorized(p_api_key character varying) OWNER TO azure_pg_admin; +ALTER FUNCTION aoai.get_attendee_authorized (p_api_key character varying) OWNER TO azure_pg_admin; -- -- Name: get_event_registration_by_event_id(character varying); Type: FUNCTION; Schema: aoai; Owner: azure_pg_admin @@ -342,8 +366,7 @@ BEGIN END; $$; - -ALTER FUNCTION aoai.get_event_registration_by_event_id(p_event_id character varying) OWNER TO azure_pg_admin; +ALTER FUNCTION aoai.get_event_registration_by_event_id (p_event_id character varying) OWNER TO azure_pg_admin; -- -- Name: get_models_by_deployment_name(character varying, character varying, character varying); Type: FUNCTION; Schema: aoai; Owner: azure_pg_admin @@ -372,39 +395,11 @@ BEGIN END; $$; - -ALTER FUNCTION aoai.get_models_by_deployment_name(p_event_id character varying, p_deployment_id character varying, p_postgres_encryption_key character varying) OWNER TO azure_pg_admin; - --- --- Name: get_models_by_event(character varying); Type: FUNCTION; Schema: aoai; Owner: azure_pg_admin --- - -CREATE FUNCTION aoai.get_models_by_event(p_event_id character varying) RETURNS TABLE(deployment_name character varying, endpoint_url character varying, endpoint_key character varying, model_type aoai.model_type, catalog_id uuid, location character varying) - LANGUAGE plpgsql - AS $$ -BEGIN - RETURN QUERY - SELECT - OC.deployment_name, - ''::character varying AS endpoint_url, -- blank to maintain compatibility with the Deployment structure in the proxy - ''::character varying AS endpoint_key, -- blank to maintain compatibility with the Deployment structure in the proxy - OC.model_type, - OC.catalog_id, - OC.location - FROM - aoai.event_catalog_map EC - INNER JOIN - aoai.owner_catalog OC ON EC.catalog_id = OC.catalog_id - WHERE - EC.event_id = p_event_id AND - OC.active = true - ORDER BY OC.deployment_name; - -END; -$$; - - -ALTER FUNCTION aoai.get_models_by_event(p_event_id character varying) OWNER TO azure_pg_admin; +ALTER FUNCTION aoai.get_models_by_deployment_name ( + p_event_id character varying, + p_deployment_id character varying, + p_postgres_encryption_key character varying +) OWNER TO azure_pg_admin; SET default_tablespace = ''; @@ -421,7 +416,6 @@ CREATE TABLE aoai.event_attendee ( api_key character varying(36) NOT NULL ); - ALTER TABLE aoai.event_attendee OWNER TO azure_pg_admin; -- @@ -435,7 +429,6 @@ CREATE TABLE aoai.event_attendee_request ( token_count integer NOT NULL ); - ALTER TABLE aoai.event_attendee_request OWNER TO azure_pg_admin; -- @@ -456,7 +449,6 @@ CREATE VIEW aoai.active_attendee_growth_view AS GROUP BY event_id, date_stamp ORDER BY date_stamp; - ALTER VIEW aoai.active_attendee_growth_view OWNER TO azure_pg_admin; -- @@ -464,7 +456,7 @@ ALTER VIEW aoai.active_attendee_growth_view OWNER TO azure_pg_admin; -- CREATE TABLE aoai.event ( - event_id character varying(50) DEFAULT gen_random_uuid() NOT NULL, + event_id character varying(50) DEFAULT gen_random_uuid () NOT NULL, owner_id character varying(128) NOT NULL, event_code character varying(64) NOT NULL, event_markdown character varying(8192) NOT NULL, @@ -481,7 +473,6 @@ CREATE TABLE aoai.event ( event_shared_code character varying(64) ); - ALTER TABLE aoai.event OWNER TO azure_pg_admin; -- @@ -493,7 +484,6 @@ CREATE TABLE aoai.event_catalog_map ( catalog_id uuid NOT NULL ); - ALTER TABLE aoai.event_catalog_map OWNER TO azure_pg_admin; -- @@ -509,7 +499,6 @@ CREATE TABLE aoai.metric ( usage jsonb NOT NULL ); - ALTER TABLE aoai.metric OWNER TO azure_pg_admin; -- @@ -526,7 +515,6 @@ CREATE VIEW aoai.metric_view AS ((usage ->> 'total_tokens'::text))::integer AS total_tokens FROM aoai.metric; - ALTER VIEW aoai.metric_view OWNER TO azure_pg_admin; -- @@ -539,7 +527,6 @@ CREATE TABLE aoai.owner ( email character varying(128) NOT NULL ); - ALTER TABLE aoai.owner OWNER TO azure_pg_admin; -- @@ -558,7 +545,6 @@ CREATE TABLE aoai.owner_catalog ( endpoint_key_encrypted bytea ); - ALTER TABLE aoai.owner_catalog OWNER TO azure_pg_admin; -- @@ -571,7 +557,6 @@ CREATE TABLE aoai.owner_event_map ( creator boolean NOT NULL ); - ALTER TABLE aoai.owner_event_map OWNER TO azure_pg_admin; -- @@ -579,56 +564,49 @@ ALTER TABLE aoai.owner_event_map OWNER TO azure_pg_admin; -- ALTER TABLE ONLY aoai.event - ADD CONSTRAINT event_pkey PRIMARY KEY (event_id); - +ADD CONSTRAINT event_pkey PRIMARY KEY (event_id); -- -- Name: event_attendee eventattendee_pkey; Type: CONSTRAINT; Schema: aoai; Owner: azure_pg_admin -- ALTER TABLE ONLY aoai.event_attendee - ADD CONSTRAINT eventattendee_pkey PRIMARY KEY (user_id, event_id); - +ADD CONSTRAINT eventattendee_pkey PRIMARY KEY (user_id, event_id); -- -- Name: event_attendee_request eventattendeerequest_pkey; Type: CONSTRAINT; Schema: aoai; Owner: azure_pg_admin -- ALTER TABLE ONLY aoai.event_attendee_request - ADD CONSTRAINT eventattendeerequest_pkey PRIMARY KEY (api_key, date_stamp); - +ADD CONSTRAINT eventattendeerequest_pkey PRIMARY KEY (api_key, date_stamp); -- -- Name: event_catalog_map eventcatalogmap_pkey; Type: CONSTRAINT; Schema: aoai; Owner: azure_pg_admin -- ALTER TABLE ONLY aoai.event_catalog_map - ADD CONSTRAINT eventcatalogmap_pkey PRIMARY KEY (event_id, catalog_id); - +ADD CONSTRAINT eventcatalogmap_pkey PRIMARY KEY (event_id, catalog_id); -- -- Name: owner owner_pkey; Type: CONSTRAINT; Schema: aoai; Owner: azure_pg_admin -- ALTER TABLE ONLY aoai.owner - ADD CONSTRAINT owner_pkey PRIMARY KEY (owner_id); - +ADD CONSTRAINT owner_pkey PRIMARY KEY (owner_id); -- -- Name: owner_catalog ownercatalog_pkey; Type: CONSTRAINT; Schema: aoai; Owner: azure_pg_admin -- ALTER TABLE ONLY aoai.owner_catalog - ADD CONSTRAINT ownercatalog_pkey PRIMARY KEY (catalog_id); - +ADD CONSTRAINT ownercatalog_pkey PRIMARY KEY (catalog_id); -- -- Name: owner_event_map ownereventmap_pkey; Type: CONSTRAINT; Schema: aoai; Owner: azure_pg_admin -- ALTER TABLE ONLY aoai.owner_event_map - ADD CONSTRAINT ownereventmap_pkey PRIMARY KEY (owner_id, event_id); - +ADD CONSTRAINT ownereventmap_pkey PRIMARY KEY (owner_id, event_id); -- -- Name: api_key_unique_index; Type: INDEX; Schema: aoai; Owner: azure_pg_admin @@ -636,77 +614,67 @@ ALTER TABLE ONLY aoai.owner_event_map CREATE UNIQUE INDEX api_key_unique_index ON aoai.event_attendee USING btree (api_key); - -- -- Name: event_id_index; Type: INDEX; Schema: aoai; Owner: azure_pg_admin -- CREATE INDEX event_id_index ON aoai.metric USING btree (event_id); - -- -- Name: event_attendee fk_eventattendee_event; Type: FK CONSTRAINT; Schema: aoai; Owner: azure_pg_admin -- ALTER TABLE ONLY aoai.event_attendee - ADD CONSTRAINT fk_eventattendee_event FOREIGN KEY (event_id) REFERENCES aoai.event(event_id) ON DELETE CASCADE; - +ADD CONSTRAINT fk_eventattendee_event FOREIGN KEY (event_id) REFERENCES aoai.event (event_id) ON DELETE CASCADE; -- -- Name: event_attendee_request fk_eventattendeerequest_eventattendee; Type: FK CONSTRAINT; Schema: aoai; Owner: azure_pg_admin -- ALTER TABLE ONLY aoai.event_attendee_request - ADD CONSTRAINT fk_eventattendeerequest_eventattendee FOREIGN KEY (api_key) REFERENCES aoai.event_attendee(api_key) ON DELETE CASCADE; - +ADD CONSTRAINT fk_eventattendeerequest_eventattendee FOREIGN KEY (api_key) REFERENCES aoai.event_attendee (api_key) ON DELETE CASCADE; -- -- Name: event_catalog_map fk_eventcatalogmap_event; Type: FK CONSTRAINT; Schema: aoai; Owner: azure_pg_admin -- ALTER TABLE ONLY aoai.event_catalog_map - ADD CONSTRAINT fk_eventcatalogmap_event FOREIGN KEY (event_id) REFERENCES aoai.event(event_id) ON DELETE CASCADE; - +ADD CONSTRAINT fk_eventcatalogmap_event FOREIGN KEY (event_id) REFERENCES aoai.event (event_id) ON DELETE CASCADE; -- -- Name: event_catalog_map fk_eventcatalogmap_ownercatalog; Type: FK CONSTRAINT; Schema: aoai; Owner: azure_pg_admin -- ALTER TABLE ONLY aoai.event_catalog_map - ADD CONSTRAINT fk_eventcatalogmap_ownercatalog FOREIGN KEY (catalog_id) REFERENCES aoai.owner_catalog(catalog_id) ON DELETE CASCADE; - +ADD CONSTRAINT fk_eventcatalogmap_ownercatalog FOREIGN KEY (catalog_id) REFERENCES aoai.owner_catalog (catalog_id) ON DELETE CASCADE; -- -- Name: owner_catalog fk_groupmodels_group; Type: FK CONSTRAINT; Schema: aoai; Owner: azure_pg_admin -- ALTER TABLE ONLY aoai.owner_catalog - ADD CONSTRAINT fk_groupmodels_group FOREIGN KEY (owner_id) REFERENCES aoai.owner(owner_id) ON DELETE CASCADE; - +ADD CONSTRAINT fk_groupmodels_group FOREIGN KEY (owner_id) REFERENCES aoai.owner (owner_id) ON DELETE CASCADE; -- -- Name: metric fk_metric; Type: FK CONSTRAINT; Schema: aoai; Owner: azure_pg_admin -- ALTER TABLE ONLY aoai.metric - ADD CONSTRAINT fk_metric FOREIGN KEY (event_id) REFERENCES aoai.event(event_id) ON DELETE CASCADE; - +ADD CONSTRAINT fk_metric FOREIGN KEY (event_id) REFERENCES aoai.event (event_id) ON DELETE CASCADE; -- -- Name: owner_event_map fk_ownereventmap_event; Type: FK CONSTRAINT; Schema: aoai; Owner: azure_pg_admin -- ALTER TABLE ONLY aoai.owner_event_map - ADD CONSTRAINT fk_ownereventmap_event FOREIGN KEY (event_id) REFERENCES aoai.event(event_id) ON DELETE CASCADE; - +ADD CONSTRAINT fk_ownereventmap_event FOREIGN KEY (event_id) REFERENCES aoai.event (event_id) ON DELETE CASCADE; -- -- Name: owner_event_map fk_ownereventmap_owner; Type: FK CONSTRAINT; Schema: aoai; Owner: azure_pg_admin -- ALTER TABLE ONLY aoai.owner_event_map - ADD CONSTRAINT fk_ownereventmap_owner FOREIGN KEY (owner_id) REFERENCES aoai.owner(owner_id) ON DELETE CASCADE; - +ADD CONSTRAINT fk_ownereventmap_owner FOREIGN KEY (owner_id) REFERENCES aoai.owner (owner_id) ON DELETE CASCADE; -- -- Name: SCHEMA aoai; Type: ACL; Schema: -; Owner: azure_pg_admin @@ -714,72 +682,110 @@ ALTER TABLE ONLY aoai.owner_event_map GRANT USAGE ON SCHEMA aoai TO "aoai_proxy_app"; - -- -- Name: TYPE model_type; Type: ACL; Schema: aoai; Owner: azure_pg_admin -- GRANT ALL ON TYPE aoai.model_type TO "aoai_proxy_app"; - -- -- Name: TABLE event_attendee; Type: ACL; Schema: aoai; Owner: azure_pg_admin -- -GRANT SELECT,INSERT,DELETE,UPDATE ON TABLE aoai.event_attendee TO "aoai_proxy_app"; - +GRANT +SELECT, +INSERT +, + DELETE, +UPDATE ON +TABLE aoai.event_attendee TO "aoai_proxy_app"; -- -- Name: TABLE event_attendee_request; Type: ACL; Schema: aoai; Owner: azure_pg_admin -- -GRANT SELECT,INSERT,DELETE,UPDATE ON TABLE aoai.event_attendee_request TO "aoai_proxy_app"; - +GRANT +SELECT, +INSERT +, + DELETE, +UPDATE ON +TABLE aoai.event_attendee_request TO "aoai_proxy_app"; -- -- Name: TABLE event; Type: ACL; Schema: aoai; Owner: azure_pg_admin -- -GRANT SELECT,INSERT,DELETE,UPDATE ON TABLE aoai.event TO "aoai_proxy_app"; - +GRANT +SELECT, +INSERT +, + DELETE, +UPDATE ON +TABLE aoai.event TO "aoai_proxy_app"; -- -- Name: TABLE event_catalog_map; Type: ACL; Schema: aoai; Owner: azure_pg_admin -- -GRANT SELECT,INSERT,DELETE,UPDATE ON TABLE aoai.event_catalog_map TO "aoai_proxy_app"; - +GRANT +SELECT, +INSERT +, + DELETE, +UPDATE ON +TABLE aoai.event_catalog_map TO "aoai_proxy_app"; -- -- Name: TABLE metric; Type: ACL; Schema: aoai; Owner: azure_pg_admin -- -GRANT SELECT,INSERT,DELETE,UPDATE ON TABLE aoai.metric TO "aoai_proxy_app"; - +GRANT +SELECT, +INSERT +, + DELETE, +UPDATE ON +TABLE aoai.metric TO "aoai_proxy_app"; -- -- Name: TABLE owner; Type: ACL; Schema: aoai; Owner: azure_pg_admin -- -GRANT SELECT,INSERT,DELETE,UPDATE ON TABLE aoai.owner TO "aoai_proxy_app"; - +GRANT +SELECT, +INSERT +, + DELETE, +UPDATE ON +TABLE aoai.owner TO "aoai_proxy_app"; -- -- Name: TABLE owner_catalog; Type: ACL; Schema: aoai; Owner: azure_pg_admin -- -GRANT SELECT,INSERT,DELETE,UPDATE ON TABLE aoai.owner_catalog TO "aoai_proxy_app"; - +GRANT +SELECT, +INSERT +, + DELETE, +UPDATE ON +TABLE aoai.owner_catalog TO "aoai_proxy_app"; -- -- Name: TABLE owner_event_map; Type: ACL; Schema: aoai; Owner: azure_pg_admin -- -GRANT SELECT,INSERT,DELETE,UPDATE ON TABLE aoai.owner_event_map TO "aoai_proxy_app"; - +GRANT +SELECT, +INSERT +, + DELETE, +UPDATE ON +TABLE aoai.owner_event_map TO "aoai_proxy_app"; -- -- PostgreSQL database dump complete -- -DROP SCHEMA IF EXISTS PUBLIC CASCADE ; +DROP SCHEMA IF EXISTS PUBLIC CASCADE; diff --git a/database/setup.sql b/database/setup.sql index 87e79ee1..c53e6915 100644 --- a/database/setup.sql +++ b/database/setup.sql @@ -2,13 +2,17 @@ -- This script creates the aoai-proxy db and sets up the roles and permissions for the application CREATE DATABASE "aoai-proxy" WITH OWNER azure_pg_admin; -CREATE ROLE aoai_proxy_app WITH NOLOGIN NOSUPERUSER INHERIT NOCREATEDB NOCREATEROLE NOREPLICATION NOBYPASSRLS; -CREATE ROLE aoai_proxy_reporting WITH NOLOGIN NOSUPERUSER INHERIT NOCREATEDB NOCREATEROLE NOREPLICATION NOBYPASSRLS; + +CREATE ROLE aoai_proxy_app +WITH + NOLOGIN NOSUPERUSER INHERIT NOCREATEDB NOCREATEROLE NOREPLICATION NOBYPASSRLS; GRANT aoai_proxy_app TO :"PG_USER"; -GRANT aoai_proxy_reporting TO :"PG_USER"; select * from pgaadauth_create_principal(:'ADMIN_SYSTEM_ASSIGNED_IDENTITY', false, false); + select * from pgaadauth_create_principal(:'PROXY_SYSTEM_ASSIGNED_IDENTITY', false, false); + GRANT aoai_proxy_app TO :"PROXY_SYSTEM_ASSIGNED_IDENTITY"; + GRANT aoai_proxy_app TO :"ADMIN_SYSTEM_ASSIGNED_IDENTITY"; diff --git a/infra/db.bicep b/infra/db.bicep index 9dfa8396..01d4354e 100644 --- a/infra/db.bicep +++ b/infra/db.bicep @@ -26,8 +26,8 @@ module postgresServer 'core/database/postgresql/flexibleserver.bicep' = { location: location tags: tags sku: { - name: 'Standard_D2ds_v5' - tier: 'GeneralPurpose' + name: 'Standard_B2s' + tier: 'Burstable' } storage: { iops: 120 diff --git a/infra/proxy.bicep b/infra/proxy.bicep index f9092444..2e3080ad 100644 --- a/infra/proxy.bicep +++ b/infra/proxy.bicep @@ -30,26 +30,18 @@ module app 'core/host/container-app-upsert.bicep' = { exists: exists containerAppsEnvironmentName: containerAppsEnvironmentName containerRegistryName: containerRegistryName - targetPort: 3100 + targetPort: 8080 containerCpuCoreCount: '0.75' containerMemory: '1.5Gi' - containerMaxReplicas: 2 + containerMaxReplicas: 1 secrets: [ { name: 'postgres-encryption-key' value: postgresEncryptionKey } { - name: 'postgres-user' - value: name - } - { - name: 'postgres-database' - value: postgresDatabase - } - { - name: 'postgres-server' - value: postgresServer + name: 'postgres-connection-string' + value: 'Server=${postgresServer};Port=5432;User Id=${name};Database=${postgresDatabase};Ssl Mode=Require;' } { name: 'app-insights-connection-string' @@ -58,20 +50,12 @@ module app 'core/host/container-app-upsert.bicep' = { ] env: [ { - name: 'POSTGRES_ENCRYPTION_KEY' + name: 'PostgresEncryptionKey' secretRef: 'postgres-encryption-key' } { - name: 'POSTGRES_USER' - secretRef: 'postgres-user' - } - { - name: 'POSTGRES_DATABASE' - secretRef: 'postgres-database' - } - { - name: 'POSTGRES_SERVER' - secretRef: 'postgres-server' + name: 'ConnectionStrings__AoaiProxyContext' + secretRef: 'postgres-connection-string' } { name: 'APPLICATIONINSIGHTS_CONNECTION_STRING' From 5192e7b2da906cf7a5fdc159cfd2c2117b0cd459 Mon Sep 17 00:00:00 2001 From: Dave Glover Date: Thu, 11 Jul 2024 05:15:34 +0000 Subject: [PATCH 2/2] bicep updates for max pool size --- infra/admin.bicep | 3 ++- infra/db.bicep | 2 +- infra/main.bicep | 6 ++++++ infra/proxy.bicep | 3 ++- 4 files changed, 11 insertions(+), 3 deletions(-) diff --git a/infra/admin.bicep b/infra/admin.bicep index 477d4c29..6ca00263 100644 --- a/infra/admin.bicep +++ b/infra/admin.bicep @@ -10,6 +10,7 @@ param serviceName string = 'admin' param exists bool param postgresDatabase string param postgresServer string +param proxyAdminPostgresMaxPoolSize int @secure() param postgresEncryptionKey string param clientId string @@ -53,7 +54,7 @@ module app 'core/host/container-app-upsert.bicep' = { } { name: 'postgres-connection-string' - value: 'Server=${postgresServer};Port=5432;User Id=${name};Database=${postgresDatabase};Ssl Mode=Require;' + value: 'Server=${postgresServer};Port=5432;User Id=${name};Database=${postgresDatabase};Ssl Mode=Require;Maximum Pool Size=${proxyAdminPostgresMaxPoolSize};Application Name=aiproxy;' } ] env: [ diff --git a/infra/db.bicep b/infra/db.bicep index 01d4354e..c5a70e97 100644 --- a/infra/db.bicep +++ b/infra/db.bicep @@ -26,7 +26,7 @@ module postgresServer 'core/database/postgresql/flexibleserver.bicep' = { location: location tags: tags sku: { - name: 'Standard_B2s' + name: 'Standard_B1ms' tier: 'Burstable' } storage: { diff --git a/infra/main.bicep b/infra/main.bicep index 2beb608d..a52558dd 100644 --- a/infra/main.bicep +++ b/infra/main.bicep @@ -49,6 +49,10 @@ var postgresDatabaseName = 'aoai-proxy' var postgresEntraAdministratorObjectId = principalId var postgresEntraAdministratorType = empty(runningOnGh) ? 'User' : 'ServicePrincipal' var postgresEntraAdministratorName = principalName +// the maximum number of connections for Postgres Standard_B1ms Burstable is 35 +// https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-limits#maximum-connections +var proxyPostgresMaxPoolSize = 33 +var proxyAdminPostgresMaxPoolSize = 2 resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { name: '${name}-rg' @@ -85,6 +89,7 @@ module admin 'admin.bicep' = { postgresServer: postgresServer.outputs.DOMAIN_NAME postgresDatabase: postgresDatabaseName postgresEncryptionKey: postgresEncryptionKey + proxyAdminPostgresMaxPoolSize: proxyAdminPostgresMaxPoolSize tenantId: authTenantId clientId: authClientId playgroundUrl: playground.outputs.SERVICE_WEB_URI @@ -107,6 +112,7 @@ module proxy 'proxy.bicep' = { postgresServer: postgresServer.outputs.DOMAIN_NAME postgresDatabase: postgresDatabaseName postgresEncryptionKey: postgresEncryptionKey + proxyPostgresMaxPoolSize: proxyPostgresMaxPoolSize appInsightsConnectionString: monitoring.outputs.applicationInsightsConnectionString } } diff --git a/infra/proxy.bicep b/infra/proxy.bicep index 2e3080ad..dcafa81e 100644 --- a/infra/proxy.bicep +++ b/infra/proxy.bicep @@ -10,6 +10,7 @@ param serviceName string = 'proxy' param exists bool param postgresDatabase string param postgresServer string +param proxyPostgresMaxPoolSize int @secure() param postgresEncryptionKey string @secure() @@ -41,7 +42,7 @@ module app 'core/host/container-app-upsert.bicep' = { } { name: 'postgres-connection-string' - value: 'Server=${postgresServer};Port=5432;User Id=${name};Database=${postgresDatabase};Ssl Mode=Require;' + value: 'Server=${postgresServer};Port=5432;User Id=${name};Database=${postgresDatabase};Ssl Mode=Require;Maximum Pool Size=${proxyPostgresMaxPoolSize};Application Name=aiproxy;' } { name: 'app-insights-connection-string'