This is the multi-page printable view of this section. Click here to print.
The Protegrity Agent can be installed using helm chart. The helm chart deploys the following components.
| Component | Description |
|---|---|
| Protegrity Agent Service | Main application service |
| PostgreSQL Database | Persistent database for conversation storage |
| UI | Web interface for Protegrity Agent |
To install the Protegrity Agent run the following command.
The my-values.yaml file must provide the OPENAI keys.
For OpenAI LLM endpoint, provide the following details. This is essential for the Agent to work. The my-values.yaml file should appear as mentioned below.
proagentService:
secrets:
# Main Endpoint
OPENAI_API_ENDPOINT: ""
OPENAI_API_KEY: ""
OPENAI_API_VERSION: ""
OPENAI_LLM_MODEL: ""
# Embeddings
OPENAI_EMBEDDINGS_API_ENDPOINT: ""
OPENAI_EMBEDDINGS_API_KEY: ""
OPENAI_EMBEDDINGS_API_VERSION: ""
OPENAI_EMBEDDING_MODEL: ""
For more information on additional configurations, refer to Configuring Protegrity Agent.
These values can be provided during installation with -f
my-values.yaml.
Important: The current version of Protegrity Agent requires GPT 5.2 main endpoints and GPT 4o embeddings endpoint.
To install the Protegrity Agent, run the following command.
helm upgrade --install protegrity-agent \
oci://<container_registry_path>:9443/protegrity-agent/1.0/helm/protegrity-agent \
--set karpenterResources.nodeClass.amiId="<ami-id>" \
--version 1.0.0 \
--namespace pty-protegrity-agent \
--create-namespace \
-f my-values.yaml
Ensure that
The following table provides the list of AMI IDs
| Region | AMI ID |
|---|---|
| ap-south-1 | ami-07959c05dcdb79a72 |
| eu-north-1 | ami-0268b0bfff0f25d31 |
| eu-west-3 | ami-0ea9454aef60045a2 |
| eu-west-2 | ami-0d5eee57a6a1398a3 |
| eu-west-1 | ami-00a8d14029b60a028 |
| ap-northeast-3 | ami-0e495c3ffd416c65e |
| ap-northeast-2 | ami-0fc18a24aec719c1c |
| ap-northeast-1 | ami-00ec85b83bf713aac |
| ca-central-1 | ami-03891f0d8b41eb296 |
| sa-east-1 | ami-0a30f044a5781b4e0 |
| ap-southeast-1 | ami-0ae51324bf2e89725 |
| ap-southeast-2 | ami-0ef7e8095b163dc42 |
| eu-central-1 | ami-00e36131a0343c374 |
| us-east-1 | ami-07e4e828a19159636 |
| us-east-2 | ami-0e486911b2d0a5f7e |
| us-west-1 | ami-01183e1261529749e |
| us-west-2 | ami-04f850c412625dfe6 |
To verify whether the Protegrity Agent is successfully installed, run the following command:
kubectl get pods -n pty-protegrity-agent
The output should be similar to the following:
NAME READY STATUS RESTARTS AGE
database-statefulset-0 1/1 Running 0 3m6s
protegrity-agent-db-backup-init-r1-n5bwl 1/1 Running 0 3m6s
protegrity-agent-deployment-7488c88f6d-rgclq 1/1 Running 0 3m6s
protegrity-agent-ui-deployment-c8f848d57-mrm4r 1/1 Running 0 3m6s
To use Protegrity Agent, a user must have certain roles. Run the following commands to create administrator role and user:
# Get Token
export GW_HOST="$(kubectl get gateway pty-main -n api-gateway -o jsonpath='{.status.addresses[0].value}')"
echo $GW_HOST
TOKEN=$(curl -k -s "https://$GW_HOST/pty/v1/auth/login/token" \
-X POST \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d "loginname=admin" \
-d "password=Admin123!" \
-D - -o /dev/null 2>&1 \
| grep -i 'pty_access_jwt_token:' \
| sed 's/pty_access_jwt_token: //' \
| tr -d '\r') && echo "${TOKEN:0:10}"
# Create Admin Role
curl -sk -X POST "https://$GW_HOST/pty/v1/auth/roles" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "agent_admin",
"description": "Administrator role",
"permissions": [
"proagent_conversations_permission",
"proagent_doc_permission",
"proagent_health_permission",
"proagent_liveness_permission",
"proagent_log_permission",
"proagent_readiness_permission",
"proagent_responses_permission",
"proagent_ui_permission",
"proagent_version_permission",
"workbench_certificate_export",
"workbench_package_export_dynamic",
"workbench_package_export_encrypted",
"workbench_policy_manage",
"workbench_policy_view",
"insight_admin",
"insight_viewer",
"can_create_token"
]
}'
# Create Admin User
curl -sk -X POST "https://$GW_HOST/pty/v1/auth/users" \
-H "Accept: application/json" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{
"username": "agent_admin",
"email": "agent_admin@example.com",
"firstName": "Agent",
"lastName": "Admin",
"enabled": true,
"password": "Admin123!",
"roles": [
"agent_admin"
]
}'
For more information about managing Protegrity Agent different roles and users, including their creation, refer to Working with Roles.