3 Configure the Private AI Services Container
This section describes how to configure the Private AI Services Container, including the scripts, directories, and prerequisites required to run it.
For service-specific configuration examples, see the following sections:
Note that the embedding service configuration tutorials are ordered from least to most complex. The simplest configurations are recommended as a starting point before trying out the more complex configurations.
For security reasons, it is strongly recommended to use TLS 1.3 with an API Key for production deployments.
The configuration tutorials use bash scripts that are described in the following table, which are included in the container image as of version 25.1.2.0.0. These scripts simplify the configuration process for both the secure and non-secure modes of running the container.
| Script Name | Purpose |
|---|---|
| quickStart.sh |
This script automates the container setup and calls the other dependent scripts. It can be modified to use the paths that are needed for the different directories. |
| secretsSetup.sh |
This script sets up secrets and certificates needed to launch the container and stores them in a user-specified folder. If the folder does not already exist, it will be created by the script. You can pass a subject distinguished name (DN) as a string and a password as a file in order to avoid user input during execution of the script. |
| configSetup.sh |
You provide directories with models, secrets, and the configuration file, and the script copies them to another user-specified folder. If the directory does not already exist, it will be created. The owner is changed to the host UID of the specified container UID in order to permit logging by the container. A folder for log files is also created. |
| containerSetup.sh |
You provide the directory with the copied files, which can be
generated by |
| util.sh |
This is a helper script with common functions that are called by the other scripts. |
To use the scripts, you must first copy them from an image. The following
commands will copy the scripts to the current directory. Note that you need to replace
<image version> with the version of the image that you are using in
each of the commands (as an explicit version number, such as 25.1.3.0.0 or
gpu-index-26.1.0.0.0, not as latest).
IMAGEID=`podman create container-registry.oracle.com/database/private-ai:<image version>`podman cp $IMAGEID:/privateai/scripts/privateai-setup-<image version>.zip .For example, the following commands can be used to copy the scripts depending on the service:
- Vector embedding
service:
IMAGEID=`podman create container-registry.oracle.com/database/private-ai:25.1.3.0.0`podman cp $IMAGEID:/privateai/scripts/privateai-setup-25.1.3.0.0.zip . - Vector index
service:
IMAGEID=`podman create container-registry.oracle.com/database/private-ai:gpu-index-26.1.0.0.0`podman cp $IMAGEID:/privateai/scripts/privateai-setup-gpu-index-26.1.0.0.0.zip .
The scripts are designed to allow the container admins to quickly and easily set up a Private AI Services Container. Before you begin, verify that you have the following software installed and have followed the installation steps at Install the Private AI Services Container:
- Oracle Linux 8.6+, 9, or 10
- OpenSSL with TLS 1.3 support
- Podman 4.9.4+
- PrivateAI image loaded on podman
Note:
The install scripts require the sudo privilege to run correctly.The included tutorials using HTTP use localhost, as both the
client and container run on the same host machine. The IP address or hostname where the
container is running can also be used if desired. When the HTTP client is running on a
different machine than the container, either the IP address or the hostname of the container
must be specified.
There are a number of APIs that you can use to get information about the container. For example, you can verify that the container is running, get a list of currently deployed models, and get information about metrics exposed by the application. For more information, see Private AI Services Container API Reference.