Red Hat OpenShift provides a robust Kubernetes-based platform ideal for enterprises deploying Prisme.ai. This guide covers key considerations, deployment steps, and best practices specifically tailored for OpenShift environments.

OpenShift Prerequisites

Before starting deployment, ensure:
  • You have a running OpenShift cluster (version 4.12+).
  • The OpenShift CLI (oc) is installed and configured.
  • Administrator-level privileges for creating namespaces and resources.
Deploy Prisme.ai utilizing OpenShift native resources and external services:

OpenShift Deployment Steps

1

Create Project and Quotas

Create a dedicated project namespace and apply resource quotas:
oc new-project prisme-ai
oc apply -f resource-quota.yaml
2

Set up Operators and Databases

Install required Operators (Elasticsearch, Redis):
  • Navigate to OperatorHub in OpenShift Console, install Elasticsearch and Redis Operators.
  • Deploy MongoDB via StatefulSets or external services.
3

Deploy Object Storage Integration

Configure access to your chosen object storage (MinIO, AWS S3) using secrets and config maps:
oc create secret generic s3-credentials \
  --from-literal=accesskey='your-access-key' \
  --from-literal=secretkey='your-secret-key'
4

Configure Routes and DNS

Set up OpenShift Routes for external access:
  • API: api.yourdomain.com
  • Console: studio.yourdomain.com
  • Pages: wildcard route *.pages.yourdomain.com
5

Deploy Prisme.ai via Helm

Use Helm 3 to deploy Prisme.ai:
helm repo add prismeai https://helm.prisme.ai/charts
helm install prisme-core prismeai/prismeai-core \
  --namespace prisme-ai -f values.yaml
Ensure values.yaml reflects your environment settings.
6

Ingress & SSL with OpenShift Routes

Configure TLS certificates and termination via OpenShift routes:
oc create route edge prisme-api --service=api-service --hostname=api.yourdomain.com

Security Best Practices

RBAC & Project Isolation

  • Utilize OpenShift’s built-in RBAC to enforce role-based permissions.
  • Ensure clear separation between different Prisme.ai environments.

Network Policies

  • Implement strict network policies for inter-service communication.
  • Utilize OpenShift SDN for advanced network security.

Secrets Management

  • Securely manage sensitive configurations using OpenShift Secrets.
  • Regularly rotate and audit secrets usage.

Integrated Monitoring

  • Leverage OpenShift’s integrated Prometheus and Grafana for proactive monitoring.
  • Configure alerts and dashboards tailored to Prisme.ai workloads.

Next Steps

Helm Deployment

Deploy Prisme.ai using Helm

Products Configuration

Configure your Prisme.ai AI products

Operations Management

Learn about scaling operations efficiently