Create connector is failing with 502 and permission error for openai embedding

jigar.parekh · March 14, 2024, 11:45am

I am following below blueprint for creating openai embedding connector with opensearch 2.11

opensearch-project/ml-commons/blob/2.x/docs/remote_inference_blueprints/openai_connector_embedding_blueprint.md

# OpenAI connector blueprint example for embedding model

## 1. Create connector for OpenAI embedding model:

Refer to OpenAI [official doc](https://platform.openai.com/docs/guides/embeddings).

If you are using self-managed Opensearch, you should supply OpenAI API key:

```json
POST /_plugins/_ml/connectors/_create
{
  "name": "<YOUR CONNECTOR NAME>",
  "description": "<YOUR CONNECTOR DESCRIPTION>",
  "version": "<YOUR CONNECTOR VERSION>",
  "protocol": "http",
  "parameters": {
    "model": "text-embedding-ada-002"
  },
  "credential": {
    "openAI_key": "<PLEASE ADD YOUR OPENAI API KEY HERE>"

This file has been truncated. show original

when I execute below request it error out with “Request failed to get to the server (status code: 502)”

POST /_plugins/_ml/connectors/_create
{
  "name": "text-embedding-3-small",
  "description": "text-embedding-3-small",
  "version": "1",
  "protocol": "https",
  "parameters": {
    "model": "text-embedding-3-small",
    "endpoint": "api.openai.com"
  },
  "credential": {
    "openAI_key": "api-key"
  },
  "actions": [
    {
      "action_type": "predict",
      "method": "POST",
      "url": "${parameters.endpoint}/v1/embeddings",
      "headers": {
        "Authorization": "Bearer ${credential.openAI_key}"
      },
      "request_body": "{ \"input\": ${parameters.input}, \"model\": \"${parameters.model}\" }",
      "pre_process_function": "connector.pre_process.openai.embedding",
      "post_process_function": "connector.post_process.openai.embedding"
    }
  ]
}

jigar.parekh · March 14, 2024, 1:04pm

It seems that in case of AWS Opensearch Service we have to provide role and secretto api-key

Now payload has been changed to

{
  "name": "text-embedding-3-small",
  "description": "text-embedding-3-small",
  "version": "1",
  "protocol": "https",
  "parameters": {
    "model": "text-embedding-3-small"
  },
  "credential": {
    "secretArn": "arn:aws:secretsmanager:ap-northeast-1:xxxx:secret:openapikey-bRLaNi",
    "roleArn": "arn:aws:iam::xxxx:role/opensearch-secretmanager-role"
  },
  "actions": [
    {
      "action_type": "predict",
      "method": "POST",
      "url": "https://api.openai.com/v1/embeddings",
      "headers": {
        "Authorization": "Bearer ${credential.secretArn.key}"
      },
      "request_body": "{ \"input\": ${parameters.input}, \"model\": \"${parameters.model}\" }",
      "pre_process_function": "connector.pre_process.openai.embedding",
      "post_process_function": "connector.post_process.openai.embedding"
    }
  ]
}

But now it is erroring out with

no permissions for [cluster:admin/opensearch/ml/create_connector] and User [name=arn:aws:iam::xxxx:user/opensearch-user, backend_roles=, requestedTenant=null]

Topic		Replies	Views
Error when uploading model: unable to find valid certification path to requested target Machine Learning troubleshoot	2	361	October 21, 2023
Error launching IntegrationTests for custom plugin OpenSearch troubleshoot	3	224	March 24, 2023
Error connecting to Opensearch service in AWS OpenSearch troubleshoot , configure	2	1392	October 27, 2023
Failing to read from opensearch-keystore OpenSearch	0	159	November 22, 2023
Trying to create a Opensearch Public Cluster using 3 Public IP Addresses is Failing Community troubleshoot , install	10	581	September 26, 2023

Create connector is failing with 502 and permission error for openai embedding

Related Topics