
## Gemini lab
![flow](../../images/gemini.gif)

Playground to try [Google Gemini](https://gemini.google.com/) trough Azure API Management and GenAI policies.

[View policy configuration](policy.xml)

### Prerequisites
- [Python 3.12 or later version](https://www.python.org/) installed
- [Pandas Library](https://pandas.pydata.org/) and matplotlib installed
- [VS Code](https://code.visualstudio.com/) installed with the [Jupyter notebook extension](https://marketplace.visualstudio.com/items?itemName=ms-toolsai.jupyter) enabled
- [Azure CLI](https://learn.microsoft.com/cli/azure/install-azure-cli) installed
- [An Azure Subscription](https://azure.microsoft.com/free/) with Contributor permissions
- [Access granted to Azure OpenAI](https://aka.ms/oai/access)
- [Sign in to Azure with Azure CLI](https://learn.microsoft.com/cli/azure/authenticate-azure-cli-interactively)
- [Gemini API Key from Google](https://aistudio.google.com/apikey)

<a id='0'></a>
### 0️⃣ Initialize notebook variables

- Resources will be suffixed by a unique string based on your subscription id.
- Adjust the location parameters according your preferences and on the [product availability by Azure region.](https://azure.microsoft.com/explore/global-infrastructure/products-by-region/?cdn=disable&products=cognitive-services,api-management) 
- Adjust the OpenAI model and version according the [availability by region.](https://learn.microsoft.com/azure/ai-services/openai/concepts/models) 

In [18]:
import os, sys, json
sys.path.insert(1, '../../shared')  # add the shared directory to the Python path
import utils

deployment_name = os.path.basename(os.path.dirname(globals()['__vsc_ipynb_file__']))
resource_group_name = f"lab-{deployment_name}" # change the name to match your naming style
resource_group_location = "uksouth"

apim_sku = 'Basicv2'

gemini_api_url = 'https://generativelanguage.googleapis.com/v1beta/openai/' # should end with a slash
gemini_api_key = os.getenv('GEMINI_API_KEY') # Get your API key from https://aistudio.google.com/apikey
gemini_model_name = 'gemini-2.0-flash'

curl "https://generativelanguage.googleapis.com/v1beta/openai/chat/completions" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer AIzaSyAk2ffjVYTgqMxyxqCW4TB23troaOcTXEQ" -H "hosta: apim-hp2khkhv5jaes.azure-api.net" \
-d '{
    "model": "gemini-2.0-flash",
    "messages": [
        {"role": "user", "content": "Explain to me how AI works"}
    ]
    }'

print(gemini_api_key)

utils.print_ok('Notebook initialized')

None
✅ [1;32mNotebook initialized[0m ⌚ 12:50:21.689201 


<a id='1'></a>
### 1️⃣ Verify the Azure CLI and the connected Azure subscription

The following commands ensure that you have the latest version of the Azure CLI and that the Azure CLI is connected to your Azure subscription.

In [33]:
output = utils.run("az account show", "Retrieved az account", "Failed to get the current az account")

if output.success and output.json_data:
    current_user = output.json_data['user']['name']
    tenant_id = output.json_data['tenantId']
    subscription_id = output.json_data['id']

    utils.print_info(f"Current user: {current_user}")
    utils.print_info(f"Tenant ID: {tenant_id}")
    utils.print_info(f"Subscription ID: {subscription_id}")

⚙️ [1;34mRunning: az account show [0m
✅ [1;32mRetrieved az account[0m ⌚ 11:52:32.847545 [0m:3s]
👉🏽 [1;34mCurrent user: alexviei@microsoft.com[0m
👉🏽 [1;34mTenant ID: 16b3c013-d300-468d-ac64-7eda0820b6d3[0m
👉🏽 [1;34mSubscription ID: 9d4a14de-67d7-4029-a3b4-7a7e3e6581cf[0m


<a id='2'></a>
### 2️⃣ Create deployment using 🦾 Bicep

This lab uses [Bicep](https://learn.microsoft.com/azure/azure-resource-manager/bicep/overview?tabs=bicep) to declarative define all the resources that will be deployed in the specified resource group. Change the parameters or the [main.bicep](main.bicep) directly to try different configurations. 

In [34]:
# Create the resource group if doesn't exist
utils.create_resource_group(resource_group_name, resource_group_location)

# Define the Bicep parameters
bicep_parameters = {
    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "apimSku": { "value": apim_sku },
        "geminiAPIURL": { "value": gemini_api_url },
        "geminiAPIKey": { "value": gemini_api_key }
    }
}

# Write the parameters to the params.json file
with open('params.json', 'w') as bicep_parameters_file:
    bicep_parameters_file.write(json.dumps(bicep_parameters))

# Run the deployment
output = utils.run(f"az deployment group create --name {deployment_name} --resource-group {resource_group_name} --template-file main.bicep --parameters params.json",
    f"Deployment '{deployment_name}' succeeded", f"Deployment '{deployment_name}' failed")

⚙️ [1;34mRunning: az group show --name lab-gemini [0m
👉🏽 [1;34mResource group lab-gemini does not yet exist. Creating the resource group now...[0m
⚙️ [1;34mRunning: az group create --name lab-gemini --location uksouth --tags source=ai-gateway [0m
✅ [1;32mResource group 'lab-gemini' created[0m ⌚ 11:52:40.689618 [0m:4s]
⚙️ [1;34mRunning: az deployment group create --name gemini --resource-group lab-gemini --template-file main.bicep --parameters params.json [0m
✅ [1;32mDeployment 'gemini' succeeded[0m ⌚ 11:54:24.268812 [1m:43s]


<a id='3'></a>
### 3️⃣ Get the deployment outputs

Retrieve the required outputs from the Bicep deployment.

In [2]:
# Obtain all of the outputs from the deployment
output = utils.run(f"az deployment group show --name {deployment_name} -g {resource_group_name}", f"Retrieved deployment: {deployment_name}", f"Failed to retrieve deployment: {deployment_name}")

if output.success and output.json_data:
    apim_service_id = utils.get_deployment_output(output, 'apimServiceId', 'APIM Service Id')
    apim_resource_gateway_url = utils.get_deployment_output(output, 'apimResourceGatewayURL', 'APIM API Gateway URL')
    apim_subscription1_key = utils.get_deployment_output(output, 'apimSubscription1Key', 'APIM Subscription 1 Key (masked)', True)
    apim_subscription2_key = utils.get_deployment_output(output, 'apimSubscription2Key', 'APIM Subscription 2 Key (masked)', True)
    apim_subscription3_key = utils.get_deployment_output(output, 'apimSubscription3Key', 'APIM Subscription 3 Key (masked)', True)
    app_insights_name = utils.get_deployment_output(output, 'applicationInsightsName', 'Application Insights Name')

⚙️ [1;34mRunning: az deployment group show --name gemini -g lab-gemini [0m
✅ [1;32mRetrieved deployment: gemini[0m ⌚ 12:18:36.858283 [0m:4s]
👉🏽 [1;34mAPIM Service Id: /subscriptions/9d4a14de-67d7-4029-a3b4-7a7e3e6581cf/resourceGroups/lab-gemini/providers/Microsoft.ApiManagement/service/apim-hp2khkhv5jaes[0m
👉🏽 [1;34mAPIM API Gateway URL: https://apim-hp2khkhv5jaes.azure-api.net[0m
👉🏽 [1;34mAPIM Subscription 1 Key (masked): ****e91f[0m
👉🏽 [1;34mAPIM Subscription 2 Key (masked): ****8409[0m
👉🏽 [1;34mAPIM Subscription 3 Key (masked): ****7331[0m
👉🏽 [1;34mApplication Insights Name: insights-hp2khkhv5jaes[0m


<a id='openaisdk'></a>
### 🧪 Test the Gemini API using the OpenAI SDK

Gemini models are accessible using the OpenAI Python libraries. More details at https://ai.google.dev/gemini-api/docs/openai#python



In [46]:
import json, requests, time

#apim_resource_gateway_url = 'https://apim-l3wc6jeetjtdi.azure-api.net'
#apim_subscription1_key = '53ab6a8734e34870a0dd62201c2e4347'

runs = 1
sleep_time_ms = 100
url = f"{apim_resource_gateway_url}/openai/chat/completions"

messages = {"model": gemini_model_name, "messages": [
    {"role": "system", "content": "You are a sarcastic, unhelpful assistant."},
    {"role": "user", "content": "Can you tell me the time, please?"}
]}
api_runs = []

# Initialize a session for connection pooling and set any default headers
session = requests.Session()
session.headers.update({
    'api-key': apim_subscription1_key
})

try:
    for i in range(runs):
        print(f"▶️ Run {i+1}/{runs}:")

        start_time = time.time()
        response = session.post(url, json = messages)
        response_time = time.time() - start_time
        print(f"⌚ {response_time:.2f} seconds")

        utils.print_response_code(response)
        print(f"Response headers: {json.dumps(dict(response.headers), indent = 4)}")

        if "x-ms-region" in response.headers:
            print(f"x-ms-region: \x1b[1;32m{response.headers.get("x-ms-region")}\x1b[0m") # this header is useful to determine the region of the backend that served the request
            api_runs.append((response_time, response.headers.get("x-ms-region")))

        if (response.status_code == 200):
            data = json.loads(response.text)
            print(f"Token usage: {json.dumps(dict(data.get("usage")), indent = 4)}\n")
            print(f"💬 {data.get("choices")[0].get("message").get("content")}\n")
        else:
            print(f"{response.text}\n")

        time.sleep(sleep_time_ms/1000)
finally:
    # Close the session to release the connection
    session.close()


▶️ Run 1/1:
⌚ 0.23 seconds
Response status: [1;31m401 - Access Denied[0m
Response headers: {
    "Content-Length": "152",
    "Content-Type": "application/json",
    "Date": "Fri, 07 Feb 2025 12:07:57 GMT",
    "WWW-Authenticate": "AzureApiManagementKey realm=\"https://apim-hp2khkhv5jaes.azure-api.net/openai\",name=\"api-key\",type=\"header\""
}
{ "statusCode": 401, "message": "Access denied due to missing subscription key. Make sure to include subscription key when making requests to an API." }



In [None]:
from openai import OpenAI
print(apim_subscription1_key)
client = OpenAI(
    api_key=apim_subscription1_key,
    base_url=f"{apim_resource_gateway_url}/openai/chat"
)

response = client.chat.completions.create(
    model=gemini_model_name,
    n=1,
    messages = [
                {"role": "system", "content": "You are a sarcastic, unhelpful assistant."},
                {"role": "user", "content": "Can you tell me the time, please?"}
            ]
)

print(response.choices[0].message)

8111c72ab7714f52a060d5c8aa85e91f


BadRequestError: Error code: 400 - [{'error': {'code': 400, 'message': 'Request contains an invalid argument.', 'status': 'INVALID_ARGUMENT'}}]

<a id='kql'></a>
### 🔍 Analyze Application Insights custom metrics with a KQL query

With this query you can get the custom metrics that were emitted by Azure APIM. Note that it may take a few minutes for data to become available.

In [None]:
import pandas as pd

query = "\"" + "customMetrics \
| where name == 'Total Tokens' \
| extend parsedCustomDimensions = parse_json(customDimensions) \
| extend apimSubscription = tostring(parsedCustomDimensions.['Subscription ID']) \
| project timestamp, value, apimSubscription \
| order by timestamp asc" + "\""

output = utils.run(f"az monitor app-insights query --app {app_insights_name} -g {resource_group_name} --analytics-query {query}",
    f"App Insights query succeeded", f"App Insights query  failed")

table = output.json_data['tables'][0]
df = pd.DataFrame(table.get("rows"), columns = [col.get("name") for col in table.get('columns')])
df['timestamp'] = pd.to_datetime(df['timestamp']).dt.strftime('%H:%M')

df


<a id='clean'></a>
### 🗑️ Clean up resources

When you're finished with the lab, you should remove all your deployed resources from Azure to avoid extra charges and keep your Azure subscription uncluttered.
Use the [clean-up-resources notebook](clean-up-resources.ipynb) for that.