Skip to main content

Deployment

Development

In a development environment, you can use the Solace Agent Mesh CLI to run the project as a single application. By default, environment variables are loaded from your configuration file (typically a .env file at the project root):

sam run

Production

For a production environment, use a containerized and reproducible setup. We recommend Docker or Kubernetes.

If your host system architecture is not linux/amd64, add the --platform linux/amd64 flag when you run the container.

Docker Deployment

Below is a sample Dockerfile for a Solace Agent Mesh project:

FROM solace/solace-agent-mesh:latest
WORKDIR /app

# Install Python dependencies
COPY ./requirements.txt /app/requirements.txt
RUN python3.11 -m pip install --no-cache-dir -r /app/requirements.txt

# Copy project files
COPY . /app

CMD ["run", "--system-env"]

# To run one specific component, use:
# CMD ["run", "--system-env", "configs/agents/main_orchestrator.yaml"]

And the following .dockerignore

.env
*.log
dist
.git
.vscode
.DS_Store

Kubernetes Deployment

For scalable and highly available deployments, Kubernetes is recommended. Below is a minimal Deployment configuration:

apiVersion: apps/v1
kind: Deployment
metadata:
name: solace-agent-mesh
labels:
app: solace-agent-mesh
spec:
replicas: 1 # Adjust based on load
selector:
matchLabels:
app: solace-agent-mesh
template:
metadata:
labels:
app: solace-agent-mesh
spec:
containers:
- name: solace-agent-mesh
image: your-registry/solace-agent-mesh:latest

envFrom:
- secretRef:
name: solace-agent-mesh-secrets # Configure secrets in a Kubernetes Secret

command: ["solace-agent-mesh", "run", "--system-env"]
args:
- "configs/main_orchestrator.yaml"
- "configs/gateway/webui.yaml"
# Add any other components you want to run here

ports:
- containerPort: 8000 # Adjust based on your service ports

volumeMounts:
- name: shared-storage
mountPath: /tmp/solace-agent-mesh
volumes:
- name: shared-storage
emptyDir: {}

Splitting and Scaling

For a robust production setup, consider splitting components into separate containers. This practice enhances scalability and ensures that if one process crashes, the rest of the system remains unaffected. Upon restarting, the failed process rejoins the system.

To adapt the setup:

  • Reuse the same Docker image.
  • Adjust the startup command to run only the necessary components.
  • Scale containers independently based on their resource needs.

Storage Considerations

warning

If using multiple containers, ensure all instances access the same storage with identical configurations.

Security Best Practices

  • Environment Variables: Store secrets in a secure vault (for example, AWS Secrets Manager, HashiCorp Vault) rather than in .env files.
  • TLS Encryption: Ensure that communication between components and with the PubSub+ event broker is encrypted using TLS.
  • Container Security: Regularly update container images and use security scanning tools (for example, Trivy, Clair).

Solace Event Broker Configuration

For production environments, it's recommended to use a cloud-managed PubSub+ event broker (or event broker service). For more information, see Solace PubSub+ Cloud.