Learn how to deploy R2R into AWS

Deploying R2R on Amazon Web Services (AWS)

Amazon Web Services (AWS) provides a robust and scalable platform for deploying R2R (RAG to Riches). This guide will walk you through the process of setting up R2R on an Amazon EC2 instance, making it accessible both locally and publicly.

Overview

Deploying R2R on AWS involves the following main steps:

  1. Creating an Amazon EC2 instance
  2. Installing necessary dependencies
  3. Setting up R2R
  4. Configuring port forwarding for local access
  5. Exposing ports for public access (optional)

This guide assumes you have an AWS account and the necessary permissions to create and manage EC2 instances.

Creating an Amazon EC2 Instance

  1. Log in to the AWS Management Console.
  2. Navigate to EC2 under “Compute” services.
  3. Click “Launch Instance”.
  4. Choose an Amazon Machine Image (AMI):
    • Select “Ubuntu Server 22.04 LTS (HVM), SSD Volume Type”
  5. Choose an Instance Type:
    • For a small-mid sized organization (< 5000 users), select t3.xlarge (4 vCPU, 16 GiB Memory) or higher
  6. Configure Instance Details:
    • Leave default settings or adjust as needed
  7. Add Storage:
    • Set the root volume to at least 500 GiB
  8. Add Tags (optional):
    • Add any tags for easier resource management
  9. Configure Security Group:
    • Create a new security group
    • Add rules to allow inbound traffic on ports 22 (SSH) and 7272 (R2R API)
  10. Review and Launch:
    • Review your settings and click “Launch”
    • Choose or create a key pair for SSH access

Installing Dependencies

SSH into your newly created EC2 instance:

$ssh -i /path/to/your-key.pem ubuntu@your-instance-public-dns

Now, run the following commands to install the necessary R2R dependencies:

$# Update package list and install Python and pip
>sudo apt update
>sudo apt install python3-pip
>
># Install R2R
>pip install r2r
>
># Add R2R to PATH
>echo 'export PATH=$PATH:$HOME/.local/bin' >> ~/.bashrc
>source ~/.bashrc
>
># Install Docker
>sudo apt-get update
>sudo apt-get install ca-certificates curl gnupg
>sudo install -m 0755 -d /etc/apt/keyrings
>curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
>sudo chmod a+r /etc/apt/keyrings/docker.gpg
>
>echo \
> "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
> $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
> sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
>
>sudo apt-get update
>sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
>
># Add your user to the Docker group
>sudo usermod -aG docker $USER
>newgrp docker
>
># Verify Docker installation
>docker run hello-world

Setting up R2R

  1. Serve your R2R backend:
$# Set required remote providers
>export OPENAI_API_KEY=sk-...
>
># Optional - pass in a custom configuration here
>r2r serve --docker --full
  1. Double check the health of the system:
$r2r health
  1. Test ingesting and searching a sample document from a remote environment:
$# From your local machine
>r2r --base-url=http://<your-instance-public-ip>:7272 ingest-sample-file
>sleep 10
>r2r --base-url=http://<your-instance-public-ip>:7272 search --query='Who was aristotle?'

Replace <your-instance-public-ip> with your EC2 instance’s public IP address.

Configuring Port Forwarding for Local Access

To access R2R from your local machine, use SSH port forwarding:

$ssh -i /path/to/your-key.pem -L 7273:localhost:7273 -L 7274:localhost:7274 ubuntu@your-instance-public-dns

Exposing Ports for Public Access (Optional)

To make R2R publicly accessible:

  1. In the AWS Management Console, go to EC2 > Security Groups.

  2. Select the security group associated with your EC2 instance.

  3. Click “Edit inbound rules”.

  4. Add a new rule:

    • Type: Custom TCP
    • Port range: 7272
    • Source: Anywhere (0.0.0.0/0)
    • Description: Allow R2R API
  5. Click “Save rules”.

  6. Ensure R2R is configured to listen on all interfaces (0.0.0.0).

After starting your R2R application, users can access it at:

http://<your-instance-public-ip>:7272

Security Considerations

  • Use HTTPS (port 443) with a valid SSL certificate for production.
  • Restrict source IP addresses in the security group rule if possible.
  • Regularly update and patch your system and applications.
  • Use AWS VPC for network isolation.
  • Enable and configure AWS CloudTrail for auditing.
  • Use AWS IAM roles for secure access management.
  • Consider using AWS Certificate Manager for SSL/TLS certificates.
  • Monitor incoming traffic using AWS CloudWatch.
  • Remove or disable the security group rule when not needed for testing.

Conclusion

You have now successfully deployed R2R on Amazon Web Services. The application should be accessible locally through SSH tunneling and optionally publicly through direct access to the EC2 instance. Remember to configure authentication and implement proper security measures before exposing your R2R instance to the public internet.

For more information on configuring and using R2R, refer to the configuration documentation.