![ga4](https://www.google-analytics.com/collect?v=2&tid=G-6VDTYWLKX6&cid=1&en=page_view&sid=1&dl=statmike%2Fvertex-ai-mlops%2F00+-+Setup&dt=00+-+Environment+Setup.ipynb)

# 00 - Environment Setup

This is the notebook that sets up the GCP project for the other notebooks in this repository.  Based on the [readme.md](../readme.md), you already have this repository of notebooks pulled as a local resource in your Vertex AI Workbench based notebook instance.

**Video Walkthrough of this notebook:**

Includes conversational walkthrough and more explanatory information than the notebook:
<p align="center" width="100%" width="100%"><center><a href="https://youtu.be/pnQ5Rv4ZQfo" target="_blank" rel="noopener noreferrer"><img src="../architectures/thumbnails/playbutton/00.png" width="40%"></a></center></p>

**Conceptual Flow & Workflow**

<p align="center">
  <img alt="Conceptual Flow" src="../architectures/slides/00_arch.png" width="45%">
&nbsp; &nbsp; &nbsp; &nbsp;
  <img alt="Workflow" src="../architectures/slides/00_console.png" width="45%">
</p>

---
## Setup

inputs:

In [1]:
project = !gcloud config get-value project
PROJECT_ID = project[0]
PROJECT_ID

'onboarding-host-5c79d5c5a45a40'

In [2]:
REGION = 'us-west1'

packages:

In [3]:
from google.cloud import storage
from google.cloud import bigquery

import pandas as pd
from sklearn import datasets

clients:

In [4]:
gcs = storage.Client(project = PROJECT_ID)
bq = bigquery.Client(project = PROJECT_ID)

parameters:

In [5]:
BUCKET = PROJECT_ID

---
## Create Storage Bucket
Check to see if bucket already exist and create if missing:
- [GCS Python Client](https://cloud.google.com/python/docs/reference/storage/latest/google.cloud.storage.client.Client)

In [6]:
if not gcs.lookup_bucket(BUCKET):
    bucketDef = gcs.bucket(BUCKET)
    bucket = gcs.create_bucket(bucketDef, project=PROJECT_ID, location=REGION)
    print(f'Created Bucket: {gcs.lookup_bucket(BUCKET).name}')
else:
    bucketDef = gcs.bucket(BUCKET)
    print(f'Bucket already exist: {bucketDef.name}')

Created Bucket: onboarding-host-5c79d5c5a45a40


In [7]:
print(f'Review the storage bucket in the console here:\nhttps://console.cloud.google.com/storage/browser/{PROJECT_ID};tab=objects&project={PROJECT_ID}')

Review the storage bucket in the console here:
https://console.cloud.google.com/storage/browser/onboarding-host-5c79d5c5a45a40;tab=objects&project=onboarding-host-5c79d5c5a45a40


---
<a id = 'permissions'></a>
## Service Account & Permissions

This notebook instance is running as a service account in GCP.  This service account will also be used to run other services in Vertex AI like training jobs and pipelines.  The service account will need permission to interact with object in Cloud Storage which requires the role ([roles/storage.objectAdmin](https://cloud.google.com/storage/docs/access-control/iam-roles)).  

Get the current service account:

In [8]:
SERVICE_ACCOUNT = !gcloud config list --format='value(core.account)' 
SERVICE_ACCOUNT = SERVICE_ACCOUNT[0]
SERVICE_ACCOUNT

'718174744561-compute@developer.gserviceaccount.com'

Enable the Cloud Resource Manager API:

In [9]:
!gcloud services enable cloudresourcemanager.googleapis.com

List the service accounts current roles:

In [10]:
!gcloud projects get-iam-policy $PROJECT_ID --filter="bindings.members:$SERVICE_ACCOUNT" --format='table(bindings.role)' --flatten="bindings[].members"

ROLE
roles/editor


If the resulting list is missing `roles/storage.objectAdmin` or another role that contains this permission, like the basic role `roles/owner`, then it will need to be added for the service account. Use these instructions to complete this:

In [11]:
print(f'Go To IAM in the Google Cloud Console:\nhttps://console.cloud.google.com/iam-admin/iam?orgonly=true&project={PROJECT_ID}&supportedpurview=organizationId')

Go To IAM in the Google Cloud Console:
https://console.cloud.google.com/iam-admin/iam?orgonly=true&project=onboarding-host-5c79d5c5a45a40&supportedpurview=organizationId


From the console link above, or by going to https:/console.cloud.google.com and navigating to "IAM & Admin > IAM":
- Locate the row for the service account listed above: `<project number>-compute@developer.gserviceaccount.com`
- Under the `inheritance` column click the pencil icon to edit roles
- In the fly over menu, under `Assign roles` select `Add Another Role`
- Click the `Select a role` box and type `Storage Object Admin`, then select `Storage Object Admin`
- Click Save
- Rerun the list of services below and verify the role has been added:

In [12]:
!gcloud projects get-iam-policy $PROJECT_ID --filter="bindings.members:$SERVICE_ACCOUNT" --format='table(bindings.role)' --flatten="bindings[].members"

ROLE
roles/editor


---
## Install KFP
If you get an error after a step, rerun it.  The dependecies sometimes resolve.
- [Install the Kubeflow Pipelines SDK](https://www.kubeflow.org/docs/components/pipelines/v1/sdk/install-sdk/)

In [19]:
!pip3 install kfp --upgrade --user

[0mCollecting kfp
  Using cached kfp-1.8.21-py3-none-any.whl
Collecting requests-toolbelt<1,>=0.8.0 (from kfp)
  Using cached requests_toolbelt-0.10.1-py2.py3-none-any.whl (54 kB)
Collecting kfp-server-api<2.0.0,>=1.1.2 (from kfp)
  Using cached kfp_server_api-1.8.5-py3-none-any.whl
[0mInstalling collected packages: requests-toolbelt, kfp-server-api, kfp
[0mSuccessfully installed kfp-1.8.21 kfp-server-api-1.8.5 requests-toolbelt-0.10.1


In [21]:
!pip3 install google-cloud-pipeline-components --upgrade --user

[0mCollecting google-cloud-pipeline-components
  Using cached google_cloud_pipeline_components-1.0.43-py3-none-any.whl (1.0 MB)
Collecting grpcio-status<=1.47.0 (from google-cloud-pipeline-components)
  Using cached grpcio_status-1.47.0-py3-none-any.whl (10.0 kB)
Collecting google-cloud-storage<3,>=2.2.1 (from google-cloud-pipeline-components)
  Using cached google_cloud_storage-2.9.0-py2.py3-none-any.whl (113 kB)
Collecting google-cloud-notebooks>=0.4.0 (from google-cloud-pipeline-components)
  Using cached google_cloud_notebooks-1.7.0-py2.py3-none-any.whl (199 kB)
Collecting google-cloud-core<3.0dev,>=2.3.0 (from google-cloud-storage<3,>=2.2.1->google-cloud-pipeline-components)
  Using cached google_cloud_core-2.3.2-py2.py3-none-any.whl (29 kB)
INFO: pip is looking at multiple versions of google-cloud-bigquery to determine which version is compatible with other requirements. This could take a while.
Collecting google-cloud-bigquery<4.0.0dev,>=1.15.0 (from google-cloud-aiplatform<2,>

---
## Update AIPlatform Package:

The `google-cloud-aiplatform` package updates frequently.  Update it for latest functionality.

- [aiplatform Python Client](https://cloud.google.com/python/docs/reference/aiplatform/latest/google.cloud.aiplatform)
- [GitHub Repo for api-common-protos](https://github.com/googleapis/api-common-protos)

For a better understanding of the Vertex AI APIs client, version, and layers please review the tip here [aiplatform_notes.md](../Tips/aiplatform_notes.md).

In [22]:
!pip3 install googleapis-common-protos --upgrade --user

[0m

In [23]:
!pip3 install google-cloud-aiplatform --upgrade --user

[0m

In [24]:
from google.cloud import aiplatform
aiplatform.__version__

'1.25.0'