Skip to main content
Version: 3.2.0

Gender Identification Helm Chart

Version: 1.1.0-helm Type: application AppVersion: 1.1.0

The Phonexia Gender Identification (GID) microservice is designed to estimate gender from voiceprints, which serve as representations of speakers.

Maintainers

NameEmailUrl
Phonexiasupport@phonexia.comhttps://www.phonexia.com

Requirements

Kubernetes: >= 1.18.0-0

Helm: >= 3.2.0

Values

KeyTypeDefaultDescription
affinityobject{}Affinity for pod assignment
annotationsobject{}Annotations for the pods
config.license.useSecretboolfalseRetrieve license from a secret object
config.license.valuestring"invalidLicenseKey"License key
config.listeningAddressstring"[::]"Address where the server will listen
config.logLevelstringinfoOverride log level. Supported values: error, warning, info, debug, trace
config.model.filestring""Name of a model file inside the volume, for example "xl-5.0.0.model"
config.model.volumeobject{}Volume with the Phonexia model
config.portint8080Port where the service will listen. The value must be the same as service.port
fullnameOverridestring""String to fully override the gender-identification.fullname template
image.pullPolicystring"IfNotPresent"Image pull policy
image.registrystring"registry.cloud.phonexia.com"Image registry
image.repositorystring"phonexia/dev/technologies/microservices/gender-identification"Image repository
image.tagstringappVersion specified in Chart.yamlSee gender-identification on Docker Hub for available tags
imagePullSecretslist[]Specify Docker registry secret names as an array
ingress.annotationsobject{}Additional annotations for the Ingress resource. To enable certificate autogeneration, place your cert-manager annotations here
ingress.classNamestring""Set the ingressClassName on the ingress record for k8s 1.18+
ingress.enabledboolfalseSet to true to enable ingress record generation
ingress.hosts[0]object{"host":"gender-identification.example.com","paths":[{"path":"/","pathType":"ImplementationSpecific"}]}Default host for the ingress resource
ingress.hosts[0].paths[0].pathTypestring"ImplementationSpecific"Ingress path type
ingress.tlslist[]TLS configuration for the ingress
initContainerslist[]Init containers evaluated as a template
nameOverridestring""String to partially override the gender-identification.fullname template (will maintain the release name)
nodeSelectorobject{}Node labels for pod assignment
podAnnotationsobject{}Annotations for pods
podSecurityContextobject{}Security context for pods
replicaCountint1Number of replicas to deploy
resourcesobject{}Resource limits/requests for the gender-identification container
securityContextobject{}Security context for the gender-identification container
service.clusterIPstring""Use None to create a headless service
service.portint8080Service port. The port must be the same as config.port
service.typestring"ClusterIP"Service type
serviceAccount.annotationsobject{}Annotations to add to the service account
serviceAccount.createbooltrueSpecifies whether a service account should be created
serviceAccount.namestring""The name of the service account to use. If not set and create is true, a name is generated using the fullname template
tolerationslist[]Tolerations for pod assignment

Installation

To successfully install the chart, you must obtain a license and model at first. The service cannot start without the model and/or license. Feel free to contact phonexia support to obtain a model and license for evaluation purposes.

Model

There are 2 ways how to pass a model to pods:

  • Pass the model via an initContainer
  • Pass the model via a volume

Pass the model via initContainer

With this approach, no persistent volume is needed. An initContainer is added to the pod instead. It downloads the model from a specified location to an ephemeral volume, which is shared with the main container. This happens each time the pod is re-deployed.

In the values file it looks like:

# Set config.model.volume to emptyDir
config:
model:
volume:
emptyDir: {}
file: "gid-xl-5.0.0.model"

initContainers:
- name: init-copy-model
image: alpine
command:
- sh
- -c
- |
set -e

# Install aws-cli package
apk add --no-cache aws-cli

# Create directory for models
mkdir -p /models

# Download model from s3 and store it to volume
aws s3 cp s3://some-bucket/some-path-to-model/gid-xl-5.0.0.model ${PHX_MODEL_PATH}
env:
# PHX_MODEL_PATH variable must be same as in main container
- name: "PHX_MODEL_PATH"
value: "/models/{{ .Values.config.model.file }}"
# Set AWS_* variables to make aws cli work
- name: "AWS_DEFAULT_REGION"
value: "us-east-1"
- name: "AWS_ACCESS_KEY_ID"
value: "AKAI...CN"
- name: "AWS_SECRET_ACCESS_KEY"
value: "0lW...Yw"
# Mount empty volume to initContainer
volumeMounts:
- name: '{{ include "gender-identification.fullname" . }}-models-volume'
mountPath: /models

Pass the model via volume

With this approach you need to create a persistent volume, copy the model there, and mount it to the pod.

The following example shows how to do this in EKS with EBS-based dynamic provisioning.

  1. Create persistentVolumeClaim
# filename: gender-identification.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: gender-identification
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: ebs-sc

and apply it

kubectl apply -f gender-identification.yaml
  1. Create a job that downloads the model to a persistent volume:
# filename: job.yaml
apiVersion: batch/v1
kind: Job
metadata:
name: gender-identification-download-model
spec:
template:
spec:
containers:
- name: download-model
image: alpine
command:
- sh
- -c
- |
set -e

# Install aws-cli package
apk add --no-cache aws-cli

# Create directory for models
mkdir -p /models

# Download model from s3 and store it to volume
aws s3 cp s3://some-bucket/some-path-to-model/gid-xl-5.0.0.model ${PHX_MODEL_PATH}
env:
# PHX_MODEL_PATH variable must be same as .Values.config.model.file in values files
- name: "PHX_MODEL_PATH"
value: "/models/gid-xl-5.0.0.model"
# Set AWS_* variables to make aws cli work
- name: "AWS_DEFAULT_REGION"
value: "us-east-1"
- name: "AWS_ACCESS_KEY_ID"
value: "AKAI...CN"
- name: "AWS_SECRET_ACCESS_KEY"
value: "0lW...Yw"
volumeMounts:
- name: persistent-storage
mountPath: /models
volumes:
- name: persistent-storage
persistentVolumeClaim:
claimName: gender-identification
restartPolicy: Never
backoffLimit: 3

Apply it and wait until the job is finished:

kubectl apply -f job.yaml
  1. Configure values file to use existing PVC:
config:
model:
# Volume with Phonexia model
volume:
persistentVolumeClaim:
claimName: gender-identification

# Name of a model file inside the volume, for example "xl-5.0.0.model"
file: "gid-xl-5.0.0.model"

License

There are 2 ways to pass the license key to the chart:

  • Pass the license key directly into the values files
  • Pass the license key via Kubernetes secret

Pass the license key directly into values files

Use config.license.value to set license key in values file:

config:
license:
useSecret: false
value: "<license_key>"

Replace <license_key> with the actual license key, which is a long string, something like eyJ...ifQ==.

Pass the license key via Kubernetes secret

Create kubernetes secret at first:

kubectl --namespace <my-namespace> create secret generic <my-secret> --from-literal=license=<license_key>

where <my-namespace> is the namespace where you plan to install the chart, my-secret is name of the secret to be created and <license_key> is the actual license key.

In the end it should look like:

kubectl --namespace my-namespace create secret generic my-secret --from-literal=license=eyJ...ifQ==

Reference the secret in the values file:

config:
license:
useSecret: true
secret: "my-secret"
key: "license"

Installing the Chart

When you have configured the model and license, you can proceed with the installation itself. To install the chart with the release name my-release:

helm install my-release oci://registry-1.docker.io/phonexia/gender-identification

This command deploys gender-identification on the Kubernetes cluster in the default configuration.

Use --version parameter to install a specific version:

helm install my-release oci://registry-1.docker.io/phonexia/gender-identification --version 1.0.0-helm

Exposing the service

To expose the service outside of the Kubernetes cluster follow Using a Service to Expose Your App.

Ingress

Gender identification service is using GRPC protocol, which can be exposed by some ingress controllers. For example, the nginx-ingress controller supports this. To expose gender-identification service via ingress, use the following configuration:

ingress:
# Deploy ingress object
enabled: true
# Ingress class name
className: "nginx"
annotations:
# Force redirect to SSL
nginx.ingress.kubernetes.io/ssl-redirect: "true"

# Tell nginx that backend service use GRPC
nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
hosts:
# Hostnames
- host: gender-identification.example.com
paths:
- path: /
pathType: ImplementationSpecific
# Use tls
tls:
# Secret containing TLS certificate
- secretName: gender-identification-tls
# TLS hostnames
hosts:
- gender-identification.example.com

Use grpcurl to check if everything works as expected. Output of the following command:

$ grpcurl --insecure gender-identification.example.com:443 grpc.health.v1.Health/Check

should be:

{
"status": "SERVING"
}

Uninstalling the Chart

To uninstall/delete the my-release release:

helm delete my-release

The command removes all the Kubernetes components associated with the chart and deletes the release.