Skip to main content
This page applies only to Azure AKS deployments. For Virtual Machine deployments, see the Installation guide.

Overview

This guide walks you through creating the required Azure infrastructure for ABBYY Vantage using Azure CLI and ARM templates. The infrastructure is created from within the Vantage installer container.

Prerequisites

Before starting, ensure you have:
  • An Azure subscription with permissions to create and manage resources
  • Docker installed on your local machine
  • Internet access to download container images
  • For Highly Available configuration: Redis cluster deployed on VMs (see System Requirements)
You can begin downloading container images while creating the infrastructure, as this is a lengthy operation.

Infrastructure Components

The following Azure resources will be created: 
Azure Subscription
└── Resource Group
    ├── AKS Cluster
    │   ├── Services Node Pool (Standard_D8as_v5)
    │   └── Workers Node Pool (Standard_D16as_v5)
    ├── Storage Accounts (5)
    │   ├── Skills (Premium/Hot)
    │   ├── Processing (Standard/Hot)
    │   ├── Temporary (Standard/Hot)
    │   ├── Shared Folders (Premium FileStorage)
    │   └── Archive (Standard/Cool)
    ├── Azure SQL Server
    │   └── Elastic Pool Database
    └── Public IP Address

Step 1: Download the Installer Image

First, download the Vantage installer image and push it to your container registry. 
# Login to Vantage Docker registry
docker login abyvtgonprm27.azurecr.io -u <username> -p <password>

# Pull the installer image
docker pull abyvtgonprm27.azurecr.io/vantage-azure:2.7.1

# Tag for your registry
docker tag abyvtgonprm27.azurecr.io/vantage-azure:2.7.1 \
  registry.yourdomain.tld/vantage/vantage-azure:2.7.1

# Push to your registry
docker push registry.yourdomain.tld/vantage/vantage-azure:2.7.1
Replace <username> and <password> with the credentials provided during procurement.

Step 2: Run the Installer Container

Start the installer container. All subsequent commands in this guide are run from within this container. 
docker run -it registry.yourdomain.tld/vantage/vantage-azure:2.7.1

Step 3: Authenticate to Azure

Inside the container, log in to your Azure account: 
# Login to Azure (opens browser for authentication)
az login

# Set the subscription
az account set --subscription <subscription_id>
Replace <subscription_id> with your Azure subscription ID.

Step 4: Create Resource Group

Create a resource group in your desired Azure region: 
az group create --location <location> --resource-group <resource_group_name>
Example: 
az group create --location eastus --resource-group vantage-prod-rg
Common Azure regions: eastus, eastus2, westus2, westeurope, northeurope

Step 5: Create AKS Cluster

Preview the Deployment

First, check what resources will be created: 
az deployment group what-if --name aks-cluster \
  --resource-group <resource_group_name> \
  --template-file files/infrastructure/azure/arms/Cluster.Manual.json \
  --parameters kubernetesClusterName=<cluster_name>
Cluster names must not be longer than 15 characters.

Create the Cluster

az deployment group create --name aks-cluster \
  --resource-group <resource_group_name> \
  --template-file files/infrastructure/azure/arms/Cluster.Manual.json \
  --parameters kubernetesClusterName=<cluster_name> \
  --parameters enableFIPS=false
This command creates a cluster in the Without high availability configuration capable of processing 50,000 pages per 8 hours. For other configurations, modify the node pool settings using the Performance Guide after cluster creation.
For FIPS-compliant deployments, set enableFIPS=true. See FIPS Compliance for additional configuration.

Step 6: Create Storage Accounts

Preview the Deployment

az deployment group what-if --name storage \
  --resource-group <resource_group_name> \
  --template-file files/infrastructure/azure/arms/StorageAccounts.Template.json

Create Storage Accounts

az deployment group create --name storage \
  --resource-group <resource_group_name> \
  --template-file files/infrastructure/azure/arms/StorageAccounts.Template.json \
  --parameters kubernetesClusterName=<cluster_name> \
  --parameters enableFIPS=false

Retrieve Storage Account Keys

Get the access keys and secret keys to populate the s3storage section in env_specific.yml: 
az deployment group show --name storage \
  --resource-group <resource_group_name> \
  --query properties.outputs -o yaml
Save the output - you will need these values for the env_specific.yml configuration file.

Step 7: Create Azure SQL Server

Preview the Deployment

az deployment group what-if --name dbservers \
  --resource-group <resource_group_name> \
  --template-file files/infrastructure/azure/arms/Databases/DB.Server.Template.json \
  --parameters serverBaseName=<cluster_name> \
  --parameters dbAdminLogin=<db_username> \
  --parameters dbAdminPassword=<db_password>

Create SQL Server

az deployment group create --name dbservers \
  --resource-group <resource_group_name> \
  --template-file files/infrastructure/azure/arms/Databases/DB.Server.Template.json \
  --parameters serverBaseName=<cluster_name> \
  --parameters dbAdminLogin=<db_username> \
  --parameters dbAdminPassword=<db_password>
The dbAdminLogin and dbAdminPassword parameters are the credentials used to access the databases. Save these for the env_specific.yml configuration.

Step 8: Create Azure SQL Database

Preview the Deployment

az deployment group what-if --name databases \
  --resource-group <resource_group_name> \
  --template-file files/infrastructure/azure/arms/Databases/SQL.Databases.Template.json \
  --parameters serverBaseName=<cluster_name>

Create Database

az deployment group create --name databases \
  --resource-group <resource_group_name> \
  --template-file files/infrastructure/azure/arms/Databases/SQL.Databases.Template.json \
  --parameters serverBaseName=<cluster_name>

Step 9: Get Node Resource Group

Retrieve the node resource group name for the AKS cluster: 
az aks show --name <cluster_name> -g <resource_group_name> \
  --query nodeResourceGroup -o tsv
Save this value - you will place the Public IP address in this resource group.

Step 10: Configure Public IP Address

  1. Create an Azure Public IP (Standard Static IPv4) in the node resource group from Step 9, or move an existing Public IP to that resource group.
  2. Note the IP address for the env_specific.yml configuration: 
    loadbalancer:
  external_ip: <your_public_ip_address>
  3. Create a DNS A record pointing your domain to this IP address.

Step 11: Install GPU Driver (Optional)

If you plan to deploy GPU workers for training skills with Deep Learning: 
ansible-playbook -i inventories/azure -v \
  playbooks/infrastructure/azure/02_install_gpu_driver.yml
For GPU deployment requirements, see System Requirements.

Summary of Created Resources

After completing these steps, you will have:
ResourcePurpose
Resource GroupContainer for all Vantage resources
AKS ClusterKubernetes cluster for running Vantage
Services Node PoolRuns Vantage platform services
Workers Node PoolRuns document processing workers
Skills Storage AccountStores skill definitions and configurations
Processing Storage AccountStores documents during processing
Temporary Storage AccountTemporary transaction storage
Shared Folders Storage AccountImport/export shared folder access
Archive Storage AccountLong-term document archive
Azure SQL ServerDatabase server
Azure SQL DatabaseVantage operational database
Public IP AddressExternal access to Vantage

Next Steps

After creating the infrastructure:
  1. Configure env_specific.yml - Populate with the values from this guide. See Installation for the full configuration format.
  2. Download container images - Sync Vantage images to your container registry.
  3. Run the installation - Complete the installation using the playbooks.
Continue to Installation for the complete installation process.

Troubleshooting

Deployment Fails with Permission Error

Ensure your Azure account has the following permissions:
  • Contributor access to the subscription or resource group
  • Ability to create AKS clusters, storage accounts, and SQL databases

Cluster Name Too Long

Cluster names must be 15 characters or fewer. Use a shorter name.

Storage Account Name Already Exists

Azure Storage Account names must be globally unique. The ARM template generates names based on your cluster name. If there’s a conflict, try a different cluster name.

Cannot Connect to SQL Database

Ensure the Azure SQL Database firewall rules allow connections from the AKS cluster’s outbound IP addresses. You may need to add a virtual network rule or allow Azure services.