Deploying R2R on Azure

Azure provides a robust and scalable platform for deploying R2R (Reason to Retrieve). This guide will walk you through the process of setting up R2R on an Azure Virtual Machine, making it accessible both locally and publicly.

Overview

Deploying R2R on Azure involves the following main steps:

1. Creating an Azure Virtual Machine
2. Installing necessary dependencies
3. Setting up R2R
4. Configuring port forwarding for local access
5. Exposing ports for public access (optional)

This guide assumes you have an Azure account and the necessary permissions to create and manage Virtual Machines.

Creating an Azure Virtual Machine

1. Log in to the Azure Portal.
2. Click on “Create a resource” and search for “Virtual Machine”.
3. Choose Ubuntu Server 22.04 LTS - x64 Gen2 as the operating system.
4. Select a VM size with at least 16GB of RAM, 4-8 vCPU cores, and 500GB of disk for a small-mid sized organization (< 5000 users). The D4s_v3 series is a good starting point.
5. Configure networking settings to allow inbound traffic on ports 22 (SSH), and optionally 7272 (R2R API) and 7273 (R2R Dashboard).
6. Review and create the VM.

Exposing Ports for Public Access (Optional)

To make R2R publicly accessible:

1. Log in to the Azure Portal.

2. Navigate to your VM > Networking > Network Security Group.

3. Add new inbound security rules:

   • Destination port ranges: 7272
     • Protocol: TCP
     • Action: Allow
     • Priority: 1000 (or lower than conflicting rules)
     • Name: Allow_7272
   • Destination port ranges: 7273
     • Protocol: TCP
     • Action: Allow
     • Priority: 1001
     • Name: Allow_7273

4. Ensure R2R is configured to listen on all interfaces (0.0.0.0).

After starting your R2R application, users can access:

• The API at http://YOUR_VM_ADDRESS:7272
• The dashboard at http://YOUR_VM_ADDRESS:7273

Installing Dependencies

SSH into your newly created VM with a command like ssh -i my_pem.pem azureuser@YOUR_VM_ADDRESS:

Now, run the following commands to install the necessary R2R dependencies:

1
# Update package list
2
sudo apt update
3
4
# Install Git
5
sudo apt install git -y
6
7
# Install Docker
8
sudo apt-get update
9
sudo apt-get install ca-certificates curl -y
10
sudo install -m 0755 -d /etc/apt/keyrings
11
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
12
sudo chmod a+r /etc/apt/keyrings/docker.asc
13
14
echo \
15
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
16
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
17
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
18
sudo apt-get update
19
20
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
21
22
# Add your user to the Docker group
23
sudo usermod -aG docker $USER
24
newgrp docker
25
26
# Verify Docker installation
27
docker run hello-world

Setting up R2R

1. Clone the R2R repository:

1
git clone https://github.com/SciPhi-AI/R2R.git
2
cd R2R/docker

2. Set up environment variables:

1
cd env
2
# Edit r2r-full.env with your preferred text editor
3
nano r2r-full.env

Add the necessary environment variables:

# Choose configuration
R2R_CONFIG_NAME=full
# Add your API key(s)
OPENAI_API_KEY=sk-...
# Optional - Add agent tool API keys if needed
# SERPER_API_KEY=your_serper_api_key_here
# FIRECRAWL_API_KEY=your_firecrawl_api_key_here

3. Start the R2R services:

1
cd ..
2
docker compose -f compose.full.yaml --profile postgres up -d

4. Verify the health of the system:

1
# Wait for services to start
2
sleep 30
3
4
# Check health
5
curl http://localhost:7272/v3/health

Should return something like:

1
{"results":{"response":"ok"}}

5. Test ingesting and searching a sample document from a remote environment:

1
# From your local machine
2
curl -X POST "http://YOUR_VM_ADDRESS:7272/v3/documents/create-sample"
3
sleep 10
4
curl -X POST "http://YOUR_VM_ADDRESS:7272/v3/search" \
5
  -H "Content-Type: application/json" \
6
  -d '{"query": "Who was aristotle?"}'

Replace YOUR_VM_ADDRESS with your Azure VM’s public IP address.

Configuring Port Forwarding for Local Access

To access R2R from your local machine, use SSH port forwarding:

1
ssh -i my_pem.pem -L 7272:localhost:7272 -L 7273:localhost:7273 azureuser@YOUR_VM_ADDRESS

This will allow you to access:

• The API at http://localhost:7272
• The dashboard at http://localhost:7273

Note that when using the R2R dashboard, you may still need to use the remote VM address as requests are made from the client-side.

Troubleshooting

If you encounter issues:

1. Check Docker container status:

docker ps
docker logs <container_id>

2. Verify environment variables are correctly set in r2r-full.env.

3. Ensure ports are correctly exposed in your network security group.

4. Check disk space and system resources:

df -h
free -m

5. If services fail to start, try restarting Docker:

sudo systemctl restart docker

Security Considerations

• Use HTTPS (port 443) with a valid SSL certificate for production.
• Restrict source IP addresses in the security rule if possible.
• Regularly update and patch your system and applications.
• Use Azure Security Center for monitoring security posture.
• Consider using Azure Private Link for secure private connections.
• Enable Just-in-Time VM access to restrict inbound traffic.
• Deploy Azure Firewall for enhanced network security.
• Configure Azure Sentinel for security information and event management.
• Remove or disable the security rules when not needed for testing.

Conclusion

You have now successfully deployed R2R on Azure. The application should be accessible locally through SSH tunneling and optionally publicly through direct access to the Azure VM.

For more information on configuring and using R2R, refer to the configuration documentation or join our Discord community for assistance.