Skip to content

Commit fbefc5f

Browse files
agreaves-msagreaves-ms
committed
feat(docs): update README to include VPN Gateway deployment instructions
- add optional VPN Gateway step in deployment order - clarify VPN Gateway purpose and requirements - update cleanup section for VPN Gateway removal 🔒 - Generated by Copilot
1 parent 80ef4a6 commit fbefc5f

File tree

1 file changed

+23
-3
lines changed

1 file changed

+23
-3
lines changed

deploy/README.md

Lines changed: 23 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ Infrastructure deployment and cluster configuration for the robotics reference a
88
|:----:|--------|-------------|------|
99
| 1 | [000-prerequisites](000-prerequisites/) | Azure CLI login, subscription setup | 2 min |
1010
| 2 | [001-iac](001-iac/) | Terraform: AKS, ML workspace, storage, PostgreSQL, Redis | 30-40 min |
11+
| 2b | [001-iac/vpn](001-iac/vpn/) | Optional: VPN Gateway for private endpoint access | 20-30 min |
1112
| 3 | [002-setup](002-setup/) | Cluster config: GPU Operator, OSMO, AzureML extension | 30 min |
1213

1314
## 🚀 Quick Path
@@ -25,7 +26,14 @@ cp terraform.tfvars.example terraform.tfvars
2526
# Edit terraform.tfvars with your values
2627
terraform init && terraform apply
2728

28-
# 4. Configure cluster
29+
# 4. Deploy VPN Gateway (optional, for private endpoint access)
30+
cd vpn
31+
cp terraform.tfvars.example terraform.tfvars
32+
# Edit terraform.tfvars - must match parent deployment values
33+
terraform init && terraform apply
34+
cd ..
35+
36+
# 5. Configure cluster
2937
cd ../002-setup
3038
./01-deploy-robotics-charts.sh
3139
./02-deploy-azureml-extension.sh
@@ -35,12 +43,23 @@ For OSMO deployment, see [002-setup/README.md](002-setup/README.md) for authenti
3543

3644
## 📦 What Gets Deployed
3745

46+
### Core Infrastructure (001-iac)
47+
3848
- **AKS Cluster**: System and GPU (Spot) node pools with OIDC enabled
3949
- **Azure ML Workspace**: Attached to AKS for training job submission
4050
- **Storage Account**: Training checkpoints and datasets
4151
- **PostgreSQL + Redis**: OSMO workflow state and caching
4252
- **Container Registry**: Private image storage
43-
- **Optional**: VPN Gateway for private endpoint access
53+
54+
### VPN Gateway (001-iac/vpn)
55+
56+
Point-to-Site VPN enabling secure remote access to private endpoints. Required for:
57+
58+
- Accessing OSMO UI via private DNS
59+
- Connecting to private PostgreSQL and Redis from local machine
60+
- Debugging workloads over private network
61+
62+
See [001-iac/vpn/README.md](001-iac/vpn/README.md) for client setup and AAD authentication.
4463

4564
See the [root README](../README.md) for architecture details.
4665

@@ -51,7 +70,8 @@ Remove deployed components in reverse order. Cluster components must be removed
5170
| Step | Folder | Description | Time |
5271
|:----:|--------|-------------|------|
5372
| 1 | [002-setup/cleanup](002-setup/cleanup/) | Uninstall Helm charts, extensions, namespaces | 10-15 min |
54-
| 2 | [001-iac](001-iac/) | Terraform destroy or resource group deletion | 20-30 min |
73+
| 2 | [001-iac/vpn](001-iac/vpn/) | Destroy VPN Gateway (if deployed) | 10-15 min |
74+
| 3 | [001-iac](001-iac/) | Terraform destroy or resource group deletion | 20-30 min |
5575

5676
### Partial Cleanup (Cluster Components Only)
5777

0 commit comments

Comments
 (0)