A simple terraform + packer configuration to deploy Label Studio to a single machine with a custom subdomain.
- Google Cloud CLI.
- Application Default Credentials.
- A domain name where you have configured its name servers to a Cloud DNS zone.
terraform
andpacker
.make
(probably comes with your distro).- Any public ssh key in
~/.ssh
that matchesid_*.pub
(and its private counterpart). - [optional] docker + docker compose if you want to try locally.
First you need to define some configurations. You need to set a username and password for the default account in Label Studio, and provide your project in GCP and a Cloud DNS zone to create the final subdomain. These configurations are written in HCL, and so strings should be quoted.
# image/packer.auto.pkrvars.hcl
label_studio_username = <your username> # must be an email like [email protected]
label_studio_password = <your password>
# infra/terraform.tfvars
project = <you gcp project>
dns_zone = <cloud dns zone from point 3. in requirements>
subdomain = <the name you chose for the subdomain> # optional, defaults to "labelstudio"
For convenience, you can see your default project with gcloud config get-value project
and your dns zones with gcloud dns managed-zones list
.
Next, run the following
$ make init
$ make
Done! This has created a machine image and deployed it to a compute engine instance. The url of the instace is
$ echo https://$(terraform -chdir=infra output -raw label_studio_domain)
where you can login using the username and password that you configured in
image/packer.auto.pkrvars.hcl
.
For simple management you can ssh to it via the command
$ ssh $(terraform -chdir=infra output -raw ssh_connect)
Run
$ make clean
This will destroy the cloud infrastructure (only what was created, you dns zone is left intact), and remove the images created, so that they don't incur in storage charges.
This project uses Let's Encrypt for SSL
certificates. Each time a new machine image is created by Packer a new
certificate is requested, and so you must be wary of the rate
limits of let's encrypt. In
practice, this means you shouldn't run make
more than 50 times a week using
the same Cloud DNS zone and subdomain.
To simplifly turning off and back on the deployed machine (without running
make
and building a new image each time) i've provided two simple commands
make terminated
and make running
which should be equivalent to
terminating and turning back on the compute instance via de GCP Console.