Skip to main content

Deployment

Development

In a development environment, you can use the Solace Agent Mesh CLI to run the project as a single application. By default, environment variables are loaded from your configuration file (typically a .env file at the project root):

sam run

Production

For a production environment, use a containerized and reproducible setup. We recommend Docker or Kubernetes.

If your host system architecture is not linux/amd64, add the --platform linux/amd64 flag when you run the container.

Docker Deployment

Below is a sample Dockerfile for a Solace Agent Mesh project:

FROM solace/solace-agent-mesh:latest
WORKDIR /app

# Install Python dependencies
COPY ./requirements.txt /app/requirements.txt
RUN python3.11 -m pip install --no-cache-dir -r /app/requirements.txt

# Copy project files
COPY . /app

CMD ["run", "--system-env"]

# To run one specific component, use:
# CMD ["run", "--system-env", "configs/agents/main_orchestrator.yaml"]

And the following .dockerignore

.env
*.log
dist
.git
.vscode
.DS_Store

Kubernetes Deployment

For scalable and highly available deployments, Kubernetes is recommended. Below is a minimal Deployment configuration:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: solace-agent-mesh
  labels:
    app: solace-agent-mesh
spec:
  replicas: 1  # Adjust based on load
  selector:
    matchLabels:
      app: solace-agent-mesh
  template:
    metadata:
      labels:
        app: solace-agent-mesh
    spec:
      containers:
        - name: solace-agent-mesh
          image: your-registry/solace-agent-mesh:latest
          
          envFrom:
          - secretRef:
              name: solace-agent-mesh-secrets # Configure secrets in a Kubernetes Secret

          command: ["solace-agent-mesh", "run", "--system-env"]
          args:
            - "configs/main_orchestrator.yaml"
            - "configs/gateway/webui.yaml"
            # Add any other components you want to run here

          ports:
            - containerPort: 8000  # Adjust based on your service ports

          volumeMounts:
            - name: shared-storage
              mountPath: /tmp/solace-agent-mesh
      volumes:
        - name: shared-storage
          emptyDir: {}

Splitting and Scaling

For a robust production setup, consider splitting components into separate containers. This practice enhances scalability and ensures that if one process crashes, the rest of the system remains unaffected. Upon restarting, the failed process rejoins the system.

To adapt the setup:

  • Reuse the same Docker image.
  • Adjust the startup command to run only the necessary components.
  • Scale containers independently based on their resource needs.

Storage Considerations

warning

If using multiple containers, ensure all instances access the same storage with identical configurations.

Security Best Practices

  • Environment Variables: Store secrets in a secure vault (for example, AWS Secrets Manager, HashiCorp Vault) rather than in .env files.
  • TLS Encryption: Ensure that communication between components and with the PubSub+ event broker is encrypted using TLS.
  • Container Security: Regularly update container images and use security scanning tools (for example, Trivy, Clair).

Solace Event Broker Configuration

For production environments, it's recommended to use a cloud-managed PubSub+ event broker (or event broker service). For more information, see Solace PubSub+ Cloud.