Solved: Re: Unable to connect to Qdrant vector DB hosted o...

pulkitmehtawork · 06-20-2024 04:15 AM

We have deployed Qdrant Vector DB on GKE using below resource but we are unable to connect to GKE from local . We are only able to connect from notebook on cluster pod .

https://cloud.google.com/kubernetes-engine/docs/tutorials/deploy-qdrant#create-cluster

bkauf

If you are looking to expose this database via a public IP you will need to first change the qdrant service to type Loadbalancer which will create a public IP you can access the database from. Then you will need to get the API key to authenticate to that IP address. You can follow the steps below to do this from the cloud shell in your cloud console. These steps assume you deployed the database in the "qdrant" namespace. Please be aware of the security concerns when exposing public IP addresses of services. A better approach might be to re-deploy the GKE cluster as VPC native which would let you access the database internally in a colab notebook without having to expose a public IP. I will update the guide to show this method. The steps below will walk you though how to expose the database as a PUBLIC endpoint and get the API key so you can login from a server outside of the VPC. It is recommended to place a firewall rule in your VPC to only allow traffic from your server with this approach.

Using cloud shell:

Login to the cluster

gcloud container clusters get-credentials [cluster name] --region [region] --project [project id]

To expose the qdrant-database service as a public endpoint you will need to edit the service:

kubectl edit svc/qdrant-database -n qdrant

Change the type field from "ClusterIP" to "LoadBalancer" and save with using the commands :wq!

type: LoadBalancer

Verify the pending state of this service turns into an IP address after a few minutes with the following command, record the IP as this will be the public IP of the database

$kubectl get svc -n qdrant

Next you will need to get the API key for the database which is stored as a base 64 encoded secret in the same qdrant namespace called “qdrant-database-apikey”. You can use the following command to get the api-key

kubectl get secret qdrant-database-apikey -n qdrant -o yaml

Copy the encoded api-key string and place it in the following command to get the decoded API key

echo [encoded api key] | base64 --decode

You will now have the API key and the public IP address of the database you can use when you initiate the qdrant client

qdrant = QdrantClient( url="http://x.x.x.x", api_key="yyyyyy")

After you have verified the connection from your system it is recommend to place a firewall rule in your VPC that blocks external traffic other than the endpoints that will need to reach this database.

View solution in original post

bkauf

If you are looking to expose this database via a public IP you will need to first change the qdrant service to type Loadbalancer which will create a public IP you can access the database from. Then you will need to get the API key to authenticate to that IP address. You can follow the steps below to do this from the cloud shell in your cloud console. These steps assume you deployed the database in the "qdrant" namespace. Please be aware of the security concerns when exposing public IP addresses of services. A better approach might be to re-deploy the GKE cluster as VPC native which would let you access the database internally in a colab notebook without having to expose a public IP. I will update the guide to show this method. The steps below will walk you though how to expose the database as a PUBLIC endpoint and get the API key so you can login from a server outside of the VPC. It is recommended to place a firewall rule in your VPC to only allow traffic from your server with this approach.