AI-Service
Imprint
Imprint
  • AI Service

AI Service

This service integrates 3rd party AI Services in App Suite UI, currently ChatGPT from OpenAI.

Architecture

The service offers the API for different AI actions and a micro frontend, actually the App Suite UI sources in form of an UI plugin which is created at build time. The UI Middleware loads the plugin code from the service for App Suite UI. There is no dedicated UI source container needed. Also frontend translations, end-to-end tests and unit tests are located here.

Configuration

As the AI Service delivers the frontend code for App Suite UI, it needs to be configured on the UI Middleware to get the code. Add the AI Service url to the list of baseUrls of the UI Middleware configuration. See the Config map section for details.

Example config map

baseUrls:
  - http://your-core-ui-source-pod/
  - http://your-ai-service-pod/
  - http://some-other-ui-pod/

Details can be found here: Helmchart config

Capability

Important: Starting with the AI-Service 2.0 and Core UI 8.28 the capability was renamed.

Capability: ai-service (was open-ai)

Feature toggle

Important: Starting with the AI-Service 2.0 and Core UI 8.28 the feature toggle was renamed.

Feature toggle:: ai (was open-ai)

Requirements

A running switchboard is needed to run the AI Service, otherwise the plugin won't even start

How to enable for users

AI integration is disabled for all users by default. To enable the feature for users, add the following:

  1. Add capability ai-service which indicates a running AI-Service in your deployment
  2. Enable the feature toggle for users with core ui setting io.ox/core//features/ai to true

Upsell configuration (for Ai Service 2.x)

AI integration supports the core upsell functionality and uses the core configuration for this. To enable upsell for the AI features set the following configuration

io.ox/core//upsell/activated = true
io.ox/core//upsell/enabled/ai-service = true
io.ox/core//features/ai = true

Remove the capability ai-service for all users that should see the upsell triggers. When enabled, all AI buttons and dropdowns are shown in the UI but will trigger an upsell event on the ox object.

Deployment Guide

Introduction

All configuration values can be found in values.yaml.

Note: You need to add the shared secret for JWT verification and this must match the secret configured for switchboard.

Accounting / Plans

Various commercial models within the AI service by restricting user access to paid APIs can be implemented. For instance, a "free" model might allow 10 requests per day or month, while a paid model allows 1000 requests per month. The user and brand limits can be configured via config map on the helm chart. A plan is an object with its key as the id for the plan and has the following properties:

  • name: The name of the plan
  • plan: The type of the plan (free, paid)
  • strategy: The strategy for the plan (duration, monthly)
  • duration: The duration of the plan (only for duration strategy, format is 30d for 30 days)
  • limit: The limit of requests per user and brand
  • enabled: The plan is enabled or not
example for plans:
plans:
  - premium:
      name: "Premium Plan"
      plan: "paid"
      strategy: "monthly"
      limit: 100
      enabled: true
  - trial:
      name: "Trial Plan"
      plan: "free"
      strategy: "duration"
      duration: "30d"
      limit: 100
      enabled: true
  - specialTrial:
      name: "Special Trial Plan"
      plan: "free"
      strategy: "monthly"
      limit: 5
      enabled: true

AI Service Database Configuration Documentation

This documentation provides a clear guide for configuring the AI service with an existing database, detailing the necessary steps and minimal grants required for the database user.

Steps to Configure the AI Service
  1. Enable Database Configuration: Add the following configuration to enable the database for the AI service:

     database:
       enabled: true
    
  2. Prepare the Database: The service expects an existing database to connect to and run initial migrations. Follow the steps below to set up the database correctly.

Database Schema Setup

To ensure the AI service operates correctly, you need to create the necessary tables and procedures in your database. Although the actual migration script will be executed automatically, it is essential to ensure that the database user has the appropriate permissions.

Minimal Required Grants

The minimal grants needed for the database user are:

GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, TRIGGER ON `your_database_name`.* TO 'your_db_user'@'%';

Replace your_database_name with the name of your database and your_db_user with the name of your database user.

Example Configuration

Here's an example of how to grant the necessary permissions:

CREATE USER 'ai_service_user'@'%' IDENTIFIED BY 'secure_password';

GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, TRIGGER ON `ai_service_db`.* TO 'ai_service_user'@'%';

FLUSH PRIVILEGES;

In this example:

  • ai_service_user is the database user for the AI service.
  • secure_password is the password for the database user.
  • ai_service_db is the database name for the AI service.

Helm Configuration

ParameterDescriptionDefault
image.repositoryThe image to be used for the deploymentregistry.open-xchange.com/core/ai-service
image.pullPolicyThe imagePullPolicy for the deploymentIfNotPresent
image.tagThe image tag, defaults to app version""
hostnamehostname for the ai-service deployment""
originsAllowed origins for CORS*
logLevelspecify log level for service"info"
logJsonlog in JSON formatfalse
exposeApiDocsExpose API documentation via Swagger UI at /api-docsfalse
ingress.enabledGenerate ingress resourcefalse
ingress.annotationsMap of key-value pairs that will be added as annotations to the ingress resource{}
overrides.nameName of the chart"ai-service"
overrides.fullnameFull name of the chart installation"RELEASE-NAME-ai-service"
jwtSecret.enabledEnable the secret for JWTtrue
jwt.sharedSecretShared secret for JWT verification. This must match the secret configured for switchboard""
jwks.domainDomain of JWKS issuer like example.com leave empty if you want to use sharedSecret""
openaiSecret.enabledEnable the secret for openaitrue
openaiAPIKeyOpenAI API Key""
azureSecret.enabledEnable the secret for Azurefalse
azureAPIUrlOpenAI Azure API Url (Internal use only)""
azureAPIKeyOpenAI Azure API Key (Internal use only)""
database.enabledUse Database (mandatory for usage tracking and rate limiting)false
database.hostSQL server hostnameRELEASE-NAME-ai-service-sql
database.nameDatabase nameRELEASE-NAME-ai-service
database.connectionsNumber of concurrent connections to the DB server"10"
database.userDB User with access rights to sqlDB""
database.passwordDB Password of swDBUser""
database.rootPasswordDatabase root password to perform admin tasks""
database.rollbackWARNING: This will roll back the migrations this version has rolled outfalse
cron.cleanupDbDatabase cleanup interval (Cron notation)0 0 * * * *
azureAPIVersionOpenAI Azure API Key (Internal use only)""
openaiBaseUrlUrl of the OpenAI service (internal use only)""
usageTracking.enabledEnable usage tracking for requests per user and brandfalse
plansList of plans with limits for users and brandssee example above