Jump to content

Easily deploy an Azure Open AI instance with Documents

Guest wernerrall

By Guest wernerrall
in Microsoft Support & Discussions

 Share

Recommended Posts

Guest wernerrall

Guest wernerrall

Posted
Posted

[HEADING=3]Introduction[/HEADING]

 

Deploying an Azure OpenAI instance integrated with a Search Index and a Storage Account can significantly enhance your applications' capabilities. In this guide, I will walk you through the process step-by-step.

 

 

 

[HEADING=3]Prerequisites[/HEADING]

  • An active Azure subscription
  • Azure CLI installed
  • Basic understanding of Azure services

 

 

 

[HEADING=3]Step 1: Setting Up the Azure OpenAI Instance[/HEADING]

 

Create a Resource Group. In our case I called it DeployOpenAI.

 

 

[ATTACH type=full" alt="wernerrall_0-1722520695765.png]64275[/ATTACH]

 

 

 

 

 

Next we will deploy the Open AI instance by going to All Services and Searching for Open AI

 

[ATTACH type=full" alt="wernerrall_1-1722520779511.png]64276[/ATTACH]

 

 

 

Create the Instance by placing it in your same resource Group. Accept all the defaults and press next until Resource is deployed.

 

 

 

[ATTACH type=full" alt="wernerrall_0-1722520962870.png]64277[/ATTACH]

 

 

 

[ATTACH type=full" alt="wernerrall_1-1722521203205.png]64278[/ATTACH]

 

 

 

Click "Go to resource" and Enable the System assigned Managed Identity. Copy the Object ID of the created managed identity for later use.

 

 

[ATTACH type=full" alt="6.jpg]64279[/ATTACH]

 

[HEADING=3] [/HEADING]

[HEADING=3]Step 2: Setting Up the Azure Search Index[/HEADING]

 

In All Services we are searching for AI Search

 

[ATTACH type=full" alt="wernerrall_0-1722596660628.png]64280[/ATTACH]

 

 

 

For this example we will be using the Basic pricing tier and a different region. We are using the basic pricing tier because it supports managed identities. We are using UK South region at time of posting this article because Semantic Ranker is only available in certain regions.

 

[ATTACH type=full" alt="wernerrall_11-1722598573430.png]64281[/ATTACH]

 

 

 

[ATTACH type=full" alt="wernerrall_2-1722596843213.png]64282[/ATTACH]

 

 

 

Click "Go to resource" and ensure Semantic Ranker shows "Selected Plan"

[ATTACH type=full" alt="wernerrall_6-1722597420999.png]64283[/ATTACH]

 

 

 

Enable the use of RBAC and API keys by setting the Keys to both.

[ATTACH type=full" alt="wernerrall_7-1722597558488.png]64284[/ATTACH]

 

 

Enable the System assigned Managed Identity. Copy the Object ID of the created managed identity for later use.

[ATTACH type=full" alt="wernerrall_1-1722600466197.png]64285[/ATTACH]

 

 

 

[HEADING=3]Step 3: Creating the Storage Account[/HEADING]

 

In All Services we search for Storage

 

 

 

[ATTACH type=full" alt="wernerrall_8-1722597867511.png]64286[/ATTACH]

 

 

 

We can technically create the storage account anywhere but I prefer it close to my search index so I will choose UK South as my region. I then adjust the Redundancy to LRS to save some costs. We can keep the default settings for the rest of the Storage Account and go next until my resource is created.

 

 

 

[ATTACH type=full" alt="wernerrall_9-1722598070496.png]64287[/ATTACH]

 

 

 

[ATTACH type=full" alt="wernerrall_10-1722598471457.png]64288[/ATTACH]

 

 

 

Go to Resource and click on Containers

 

 

 

[ATTACH type=full" alt="wernerrall_12-1722598665324.png]64289[/ATTACH]

 

 

 

Create a new container where we will be storing our knowledge documents or uploading our files

 

 

 

 

 

 

 

 

 

[iCODE]az ad signed-in-user show --query id -o tsv[/iCODE]

 

 

 

 

 

 

 

 

 

[ATTACH type=full" alt="wernerrall_13-1722598789048.png]64290[/ATTACH]

 

 

 

Upload a file you want the Language model to be able to interpret for you later. I will be uploading the Microsoft Azure SLA Documentation in PDF format. Supported Formats are: "Txt, .md, .html, .docx, .pptx, and .pdf"

 

 

 

[ATTACH type=full" alt="wernerrall_3-1722601190977.png]64291[/ATTACH]

 

 

 

[HEADING=3]Step 4: Granting Permissions[/HEADING]

 

The permissions can sometimes be confusing, especially if you don't normally work in Azure. Copy the script from my GitHub Repository --> RallTheory/OpenAIBYODPermissions/OpenAIStudioPermissionsRequired.sh at main · WernerRall147/RallTheory (github.com)

 

 

 

 

 

 

 

# Variables
resourceGroup="#TODO"
userObjectId="#TODO"
managedIdentityObjectId1="#TODO"
managedIdentityObjectId2="#TODO"
subscriptionId="#TODO"

# Assign Cognitive Services OpenAI Contributor
az role assignment create --assignee $userObjectId --role "Cognitive Services OpenAI Contributor" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup
az role assignment create --assignee $managedIdentityObjectId1 --role "Cognitive Services OpenAI Contributor" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup
az role assignment create --assignee $managedIdentityObjectId2 --role "Cognitive Services OpenAI Contributor" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup

# Assign Cognitive Services Contributor
az role assignment create --assignee $userObjectId --role "Cognitive Services Contributor" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup
az role assignment create --assignee $managedIdentityObjectId1 --role "Cognitive Services Contributor" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup
az role assignment create --assignee $managedIdentityObjectId2 --role "Cognitive Services Contributor" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup

# Assign Search Index Data Reader
az role assignment create --assignee $userObjectId --role "Search Index Data Reader" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup
az role assignment create --assignee $managedIdentityObjectId1 --role "Search Index Data Reader" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup
az role assignment create --assignee $managedIdentityObjectId2 --role "Search Index Data Reader" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup

# Assign Storage Blob Data Contributor
az role assignment create --assignee $userObjectId --role "Storage Blob Data Contributor" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup
az role assignment create --assignee $managedIdentityObjectId1 --role "Storage Blob Data Contributor" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup
az role assignment create --assignee $managedIdentityObjectId2 --role "Storage Blob Data Contributor" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup

# Assign Search Service Contributor
az role assignment create --assignee $userObjectId --role "Search Service Contributor" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup
az role assignment create --assignee $managedIdentityObjectId1 --role "Search Service Contributor" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup
az role assignment create --assignee $managedIdentityObjectId2 --role "Search Service Contributor" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup

 

 

 

 

 

 

 

 

 

Only replace the Variables Section with the #TODO labels. The 2 Managed Identity Objects we copied from earlier steps. To get your own user Object Id you can run the below script by launching the Azure Cloud Shell.

 

 

 

[ATTACH type=full" alt="wernerrall_0-1722599423381.png]64292[/ATTACH]

 

 

 

 

 

 

 

[iCODE]az ad signed-in-user show --query id -o tsv[/iCODE]

 

 

 

 

 

 

 

 

 

Our variables should now look something like this (I have hidden some of the characters)

 

 

 

 

 

 

 

 

 

# Variables
resourceGroup="DeployOpenAI"
userObjectId="6167fxxxxxxxxxxxxxxxxxx"
managedIdentityObjectId1="f24cbcxxxxxxxxxxxxxxxxxxx"
managedIdentityObjectId2="542bxxxxxxxxxxxxxxxxxxxxxx"
subscriptionId="2910xxxxxxxxxxxxxxxxxxxxxxxxx"

 

 

 

 

 

 

 

 

 

Now we are ready to apply the permissions. Copy the entire script including the variables section and paste it as is in the Azure Cloud Shell. Then press Enter. Your output should look similar to below.

 

 

 

[ATTACH type=full" alt="wernerrall_2-1722600829768.png]64293[/ATTACH]

 

 

 

If all permissions applied successfully, we should have no problem in the Open AI Studio.

 

 

 

[HEADING=3]Step 5: Open AI Studio Deployment[/HEADING]

 

Head over to our Open AI deployment and click "Go to Azure OpenAI Studio"

 

 

 

[ATTACH type=full" alt="wernerrall_5-1722776864361.png]64294[/ATTACH]

 

 

 

On the landing page click on Deployments and Deploy Model

 

 

 

[ATTACH type=full" alt="wernerrall_6-1722601456854.png]64295[/ATTACH]

 

 

 

We will be deploying 2 models. The Base "text-embedding-ada-002" and the "gpt-4o" models. Let's start with text-embedding-ada-002.

 

 

 

[ATTACH type=full" alt="image.png]64296[/ATTACH]

 

 

 

 

 

[ATTACH type=full" alt="wernerrall_15-1722602842388.png]64297[/ATTACH]

 

 

 

Next we deploy the GPT-4o model

 

 

 

[ATTACH type=full" alt="wernerrall_9-1722601834303.png]64298[/ATTACH]

 

 

 

[ATTACH type=full" alt="wernerrall_10-1722601889392.png]64299[/ATTACH]

 

 

 

You should now see both your deployments

 

 

 

[ATTACH type=full" alt="wernerrall_18-1722602973734.png]64300[/ATTACH]

 

 

 

Now we need to load our data from the Storage Account into the AI Search Index. In Chat, we can click "Add your data".

 

 

 

[ATTACH type=full" alt="wernerrall_14-1722602497433.png]64301[/ATTACH]

 

 

 

[ATTACH type=full" alt="wernerrall_19-1722603046983.png]64302[/ATTACH]

 

 

 

We will use Hybrid + semantic search

 

 

 

[ATTACH type=full" alt="wernerrall_20-1722603087865.png]64303[/ATTACH]

 

 

 

Click next on System Assigned Managed Identity. If our permissions applied correctly, we shouldn't get any errors here and we can continue to Save and Close.

 

 

 

[ATTACH type=full" alt="wernerrall_21-1722603138779.png]64304[/ATTACH]

 

 

 

[ATTACH type=full" alt="wernerrall_22-1722603199130.png]64305[/ATTACH]

 

 

 

You will see your data getting processed and Indexed.

 

 

 

[ATTACH type=full" alt="wernerrall_0-1722603321334.png]64306[/ATTACH]

 

 

 

And lastly, we need to create a deployment to a Web App so we can interact with all of these pieces. Let's go to Chat and click "Deploy to a web app"

 

 

 

[ATTACH type=full" alt="wernerrall_1-1722603377394.png]64307[/ATTACH]

 

 

 

We can fill in all the details here. If this is the second or third time I am deploying I can also choose "Update an Existing Web App"

 

 

 

[ATTACH type=full" alt="wernerrall_2-1722603468790.png]64308[/ATTACH]

 

 

 

To see if my app is deploying, I can go back to the Azure Portal and take a look in the Resource Group under Deployments

 

 

 

[ATTACH type=full" alt="wernerrall_3-1722603560137.png]64309[/ATTACH]

 

 

 

Once my website is ready I can simply go to Web Apps or find my new Web App in the Resource Group.

 

 

 

[ATTACH type=full" alt="wernerrall_4-1722776850654.png]64310[/ATTACH][ATTACH type=full" alt="wernerrall_0-1722604005450.png]64311[/ATTACH]

 

 

 

 

 

Now we can finally enjoy our newly deployed Large Language Model.

 

 

 

[ATTACH type=full" alt="wernerrall_0-1722776508865.png]64312[/ATTACH]

 

 

 

[ATTACH type=full" alt="wernerrall_1-1722776560091.png]64313[/ATTACH]

 

 

 

[ATTACH type=full" alt="wernerrall_2-1722776589889.png]64314[/ATTACH]

 

 

 

You might get this from time to time

 

 

 

[ATTACH type=full" alt="wernerrall_3-1722776692664.png]64315[/ATTACH]

 

 

 

To fix this we can either:

 

1. Increase our models Rate Limits or request more Quota, this may require a redeploy to your existing web app. If we still encounter the error, we can deploy other models with more quota available out-of-the-box or we can request quota for our required model from Azure Support.

 

 

 

2. Decrease the size of our documents by converting them to easier formats like ".txt" or "md". Converting file formats like PDF to TXT can significantly help reduce token usage when working with Azure OpenAI or any other text-based AI model.

 

 

 

In this blog I chose to deploy gpt-4 as a different model to try assist in solving our problem

 

 

 

[ATTACH type=full" alt="image.png]64316[/ATTACH]

 

[ATTACH type=full" alt="image.png]64317[/ATTACH]

 

 

 

After adding some quota and redeploying the app with gpt-4 we are now getting better responses.

 

I hope this has been a helpful walkthrough!

 

 

 

Disclaimer

 

The sample scripts are not supported under any Microsoft standard support program or service. The sample scripts or Power BI Dashboards are provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts or Power BI Dashboards be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages. This blog post was written with the help of generative AI.

 

Continue reading...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...