Skip to main content
Prisme.ai can be effectively deployed on AWS, leveraging managed services to ensure scalability, high availability, and operational simplicity. This guide provides step-by-step instructions and best practices to deploy Prisme.ai on AWS infrastructure.

Prerequisites

Before you begin deploying Prisme.ai on AWS, ensure you have the following:
  • AWS Account with sufficient permissions to create and manage cloud resources.
  • AWS CLI installed and configured on your local machine.
  • Basic familiarity with Kubernetes and AWS services (EKS, RDS, S3, Elasticache).

AWS Resources Setup

Deploy Prisme.ai using the following recommended AWS-managed resources:
  • Service: Amazon Elastic Kubernetes Service (EKS)
  • Recommended Configuration:
    • 3-5 nodes, each with at least 4 vCPUs and 16GB RAM
    • Autoscaling enabled for peak load management
  • Best Practices:
    • Use managed node groups for automated scaling and updates
    • Ensure that your EKS cluster spans at least two availability zones for high availability
  • Deployment: 
    eksctl create cluster --name=prisme-ai-cluster \
  --version=1.28 \
  --nodegroup-name=standard-workers \
  --nodes=3 \
  --nodes-min=3 \
  --nodes-max=5 \
  --node-type=t3.xlarge \
  --region=eu-west-1
  • Service: Amazon RDS for MongoDB-compatible (DocumentDB) or PostgreSQL or self-managed MongoDB via EC2/EKS
  • Recommended Configuration:
    • 3-node cluster for high availability
    • Instance type: db.m5.large minimum
  • Best Practices:
    • Enable automated backups and Multi-AZ deployments
    • Secure access via VPC security groups
  • Note: DocumentDB is AWS’s fully-managed MongoDB-compatible service. If your workload strictly requires MongoDB features unsupported by DocumentDB, deploy MongoDB manually or use AWS Marketplace AMIs.
  • Service: Amazon OpenSearch Service
  • Recommended Configuration:
    • 3 nodes, instance type: m6g.large.search
    • Dedicated master nodes for stability
  • Best Practices:
    • Enable encryption at rest and node-to-node encryption
    • Regularly snapshot your data to Amazon S3
  • Service: Amazon ElastiCache for Redis
  • Recommended Configuration:
    • 3-node Redis Cluster (cache.m6g.large recommended)
    • Multi-AZ for failover
  • Best Practices:
    • Regular maintenance windows for upgrades
    • Use Redis with JSON and Search modules if required by your deployment (via Redis Stack on EKS if needed)
  • Service: Amazon S3
  • Configuration:
    • Create buckets for model storage, user uploads, and public assets
    • Use AWS CloudFront CDN for public assets
  • Best Practices:
    • Enforce bucket versioning and lifecycle policies
    • Apply least-privilege bucket policies
  • Service: Amazon Elastic File System (EFS)
  • Recommended Configuration:
    • Use for shared file storage in Kubernetes workloads (e.g., PVCs)
    • Performance mode: General Purpose
  • Best Practices:
    • Regular backups via AWS Backup
    • Security groups limiting access to your Kubernetes cluster nodes only

Step-by-Step Deployment Guide

1

Set up EKS Cluster

Set up a Kubernetes cluster using the EKS CLI or AWS Management Console:
eksctl create cluster --name=prisme-ai --region=eu-west-1
2

Deploy Managed Databases

Provision databases and storage:
  • RDS (DocumentDB or self-managed MongoDB/PostgreSQL)
  • OpenSearch Cluster
  • Redis via ElastiCache
  • S3 buckets and EFS volumes
3

Configure DNS and Networking

Configure your Route 53 domains for the following:
  • API: api.yourdomain.com
  • Console: studio.yourdomain.com
  • Pages: *.pages.yourdomain.com
4

Deploy Prisme.ai via Helm

Use Helm to deploy Prisme.ai into your Kubernetes cluster:
helm repo add prismeai https://helm.prisme.ai/charts
helm install prisme-core prismeai/prismeai-core --namespace prisme -f values.yaml
Ensure your values.yaml is correctly updated with your AWS resources’ endpoints and credentials.
5

Configure Ingress and TLS

Use AWS Load Balancer Controller and ACM for SSL/TLS certificates to secure your deployment and route external traffic:
kubectl apply -f ingress.yaml
6

Test and Validate

Perform initial health checks:
kubectl get pods -n prisme
kubectl logs <pod-name> -n prisme

Security Best Practices

IAM Role Management

  • Use IAM roles for service accounts (IRSA) for secure, fine-grained Kubernetes-to-AWS permissions.
  • Regularly audit roles and permissions.

Network Isolation

  • Deploy within private subnets and secure via VPC and security groups.
  • Use NAT gateways for controlled internet access from private networks.

Secrets Management

  • Leverage AWS Secrets Manager or HashiCorp Vault for managing sensitive configuration.
  • Regular rotation of database passwords and API keys.

Monitoring and Auditing

  • Enable AWS CloudTrail, Amazon CloudWatch, and Prometheus/Grafana for comprehensive monitoring.
  • Set up alerts for unusual activities or resource consumption.

Next Steps

Kubernetes with Helm

Deploy Prisme.ai with Helm on Kubernetes

Products Configuration

Configure Prisme.ai AI products

Operations

Learn how to manage operations efficiently