Substra Logo
stable

Substrafl documentation

  • Overview
  • SubstraFL examples
  • API reference

Substra documentation

  • User guide
  • Substra examples
  • API reference

Contributing to Substra

  • Contributing Guide
  • Code of Conduct
  • Components
  • Test locally - dev setup

Deploying Substra

  • Overview
  • How-To
    • How to deploy Substra Backend
    • How to link multiple Substra backends
      • Prerequisites
      • Updating your Helm values
      • Deploy the updated chart
      • Validate that organizations are connected
    • How to set up mTLS
    • How to deploy the Orchestrator
  • Upgrade notes

Additional Information

  • Community
  • Release notes
  • FAQ
  • Glossary
Substra

How to link multiple Substra backends¶

This guide shows you how to enable communication between two Substra backends to allow them to exchange Algorithms and Models. This can be achieved either at deployment time or when the backend is already deployed.

Prerequisites¶

You will need Helm.

Updating your Helm values¶

This guide assume that you have two organization in your network, one named MyOrg1 and the other MyOrg2. The process would be the same if you have more organizations as we have to pair them. For example with three orgs you would repeat it for (org1, org2), (org1, org3) and (org2, org3).

In this setup we want MyOrg1 to exchange assets with MyOrg2. We will assume that you have two values files with the configuration for your existing deployment, one for each organization named: backend-1-values.yaml, backend-2-values.yaml.

Configure matching values for your 2 Organizations:

  1. Create an account for MyOrg2 on MyOrg1. In the backend-1-values.yaml file, add the following content:

    addAccountOperator:
  incomingOrganizations:
    - name: ORG2NAME
      secret: SECRET_ORG1_ORG2
      channel: CHANNEL
    Replace ORG2NAME by the name of the organization as defined with the value organizationName in the second organization values file. In our example it would be MyOrg2.
    Replace SECRET_ORG1_ORG2 with the password that MyOrg2 will need to use to download assets from MyOrg1.
    Replace CHANNEL with the name of a Channel MyOrg1 and MyOrg2 are part of. This needs to be one of the channels defined in the Backend channel configuration.

  2. Create an account for MyOrg1 on MyOrg2. In the backend-2-values.yaml file add the following content:

    addAccountOperator:
  incomingOrganizations:
    - name: ORG1NAME
      secret: SECRET_ORG2_ORG1
      channel: CHANNEL
    Replace ORG1NAME by the name of the organization as defined with the value organizationName in the first organization values file. In our example it would be MyOrg1.
    Replace SECRET_ORG2_ORG1 with the password that MyOrg1 will need to use to download assets from MyOrg2.
    Replace CHANNEL with the name of a Channel MyOrg1 and MyOrg2 are part of. This needs to be one of the channels defined in the Backend channel configuration.

  3. Configure MyOrg1 to use the right password when connecting to MyOrg2. In the backend-1-values.yaml file add the following content under the addAccountOperator key:

    outgoingOrganizations:
  - name: ORG2NAME
    secret: SECRET_ORG2_ORG1
    Replace ORG2NAME with the name of the organization. In our example it would be MyOrg2.
    Replace SECRET_ORG2_ORG1 with the password defined for MyOrg1 in backend-2-values.yaml.

  4. Configure MyOrg2 to use the right password when connecting to MyOrg1. In the backend-2-values.yaml file add the following content under the addAccountOperator key:

    outgoingOrganizations:
  - name: ORG1NAME
    secret: SECRET_ORG1_ORG2
    Replace ORG1NAME with the name of the organization. In our example it would be MyOrg1.
    Replace SECRET_ORG1_ORG2 with the password defined for MyOrg2 in backend-1-values.yaml.

In the end your configuration files should have a section looking like this:

addAccountOperator:
  users: [...]
  incomingOrganizations:
    - name: ORG2NAME
      secret: SECRET_ORG1_ORG2
      channel: CHANNEL
  outgoingOrganizations:
    - name: ORG2NAME
      secret: SECRET_ORG2_ORG1

For the backend-1-values.yaml file.

addAccountOperator:
  users: [...]
  incomingOrganizations:
    - name: ORG1NAME
      secret: SECRET_ORG2_ORG1
      channel: CHANNEL
  outgoingOrganizations:
    - name: ORG1NAME
      secret: SECRET_ORG1_ORG2

For the backend-2-values.yaml file.

Deploy the updated chart¶

Now that you have updated your values you can either continue your deployment or update a deployed app. u To update a deployed Substra application run:

helm upgrade RELEASE-NAME substra/substra-backend --version VERSION --values VALUES-FILE
Replace RELEASE-NAME with the name of your Substra backend release. You can retrieve it with helm list.
Replace VERSION with the version of the Substra backend helm chart you want to deploy.
Replace VALUES-FILE with the values file. In our example, backend-1-values.yaml for the first backend and backend-2-values.yaml for the second one.

This will update the kubernetes resources to reflect your changes.

Validate that organizations are connected¶

We provide a small utility on the Substra backend server to test which organizations are accessible from the current organization. To use this utility follow these steps:

  1. Connect to the Substra backend pod:

    kubectl exec -it $(kubectl get pod -l "app.kubernetes.io/name=substra-backend-server" -o name) -- /bin/bash

    This will open a shell on the backend server pod.

  2. List all organizations defined in the outgoing list and their status:

    ./manage.py get_outgoing_organization

    The output should look like this:

    | org_id |       org_address       | http_status |
| MyOrg2 | http://api.org-2.com:80 |     200     |

    If there is an error while trying to connect to the node it will appear in the http_status column.

Next Previous

© Copyright 2023, OWKIN. Revision c863bae0.

Read the Docs v: stable
Versions
latest
stable
0.24.0
0.23.1
0.23.0
0.23.0-rc0
0.22.0
0.22.0-rc8
0.22.0-rc7
0.22.0-rc6
0.22.0-rc5
0.22.0-rc4
0.22.0-rc3
0.22.0-rc2
0.22.0-rc1
0.21.0
hosted_notebook
Downloads
On Read the Docs
Project Home
Builds