-
Notifications
You must be signed in to change notification settings - Fork 188
/
Copy pathDockerfile
134 lines (120 loc) · 5.06 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
FROM python:3.10-slim AS wheel-builder
SHELL ["/bin/bash", "-l", "-c"]
ARG POETRY_VERSION="1.8.3"
COPY ./hack/build-wheels.sh ./hack/build-wheels.sh
COPY ./mlserver ./mlserver
COPY ./runtimes ./runtimes
COPY \
pyproject.toml \
poetry.lock \
README.md \
.
# Install Poetry, build wheels and export constraints.txt file
# NOTE: Poetry outputs extras within the constraints, which are not supported
# by pip:
# https://github.com/python-poetry/poetry-plugin-export/issues/210
RUN pip install poetry==$POETRY_VERSION && \
./hack/build-wheels.sh /opt/mlserver/dist && \
poetry export --with all-runtimes \
--without-hashes \
--format constraints.txt \
-o /opt/mlserver/dist/constraints.txt && \
sed -i 's/\[.*\]//g' /opt/mlserver/dist/constraints.txt && \
# skip constraints for alibi libraries as they are currently pointing to git and thus confusing constraints \
# remove when the alibi libraries versions are pointing to a released version
sed -i '/git+https:\/\/github.com\/SeldonIO/d' /opt/mlserver/dist/constraints.txt
FROM registry.access.redhat.com/ubi9/ubi-minimal
SHELL ["/bin/bash", "-c"]
ARG PYTHON_VERSION=3.10.12
ARG CONDA_VERSION=23.11.0
ARG MINIFORGE_VERSION=${CONDA_VERSION}-0
ARG RUNTIMES="all"
# Set a few default environment variables, including `LD_LIBRARY_PATH`
# (required to use GKE's injected CUDA libraries).
# NOTE: When updating between major Python versions make sure you update the
# `/opt/conda` path within `LD_LIBRARY_PATH`.
ENV MLSERVER_MODELS_DIR=/mnt/models \
MLSERVER_ENV_TARBALL=/mnt/models/environment.tar.gz \
MLSERVER_PATH=/opt/mlserver \
CONDA_PATH=/opt/conda \
PATH=/opt/mlserver/.local/bin:/opt/conda/bin:$PATH \
LD_LIBRARY_PATH=/usr/local/nvidia/lib64:/opt/conda/lib/python3.10/site-packages/nvidia/cuda_runtime/lib:$LD_LIBRARY_PATH \
HF_HOME=/opt/mlserver/.cache \
NUMBA_CACHE_DIR=/opt/mlserver/.cache
# Install some base dependencies required for some libraries
RUN microdnf update -y && \
microdnf install -y \
tar \
gzip \
libgomp \
mesa-libGL \
glib2-devel \
shadow-utils \
# git is used to pull alibi-detect and alibi-explain as we point now to master branches
# remove git requirements when alibi-detect and alibi-explain are released
git
# Install Conda, Python 3.10 and FFmpeg
RUN microdnf install -y wget && \
wget "https://github.com/conda-forge/miniforge/releases/download/${MINIFORGE_VERSION}/Miniforge3-${MINIFORGE_VERSION}-Linux-x86_64.sh" \
-O miniforge3.sh && \
bash "./miniforge3.sh" -b -p $CONDA_PATH && \
rm ./miniforge3.sh && \
echo $PATH && \
conda install --yes \
conda=$CONDA_VERSION \
python=$PYTHON_VERSION \
ffmpeg && \
conda clean -tipy && \
microdnf remove -y wget && \
echo "conda activate base" >> "$CONDA_PATH/etc/profile.d/conda.sh" && \
ln -s "$CONDA_PATH/etc/profile.d/conda.sh" /etc/profile.d/conda.sh && \
echo ". $CONDA_PATH/etc/profile.d/conda.sh" >> ~/.bashrc
RUN mkdir $MLSERVER_PATH
WORKDIR /opt/mlserver
# Create user and fix permissions
# NOTE: We need to make /opt/mlserver world-writable so that the image is
# compatible with random UIDs.
RUN useradd -u 1000 -s /bin/bash mlserver -d $MLSERVER_PATH && \
chown -R 1000:0 $MLSERVER_PATH && \
chmod -R 776 $MLSERVER_PATH
COPY --from=wheel-builder /opt/mlserver/dist ./dist
# NOTE: if runtime is "all" we install mlserver-<version>-py3-none-any.whl
# we have to use this syntax to return the correct file: $(ls ./dist/mlserver-*.whl)
# NOTE: Temporarily excluding mllib from the main image due to:
# CVE-2022-25168
# CVE-2022-42889
# NOTE: Removing explicitly requirements.txt file from spaCy's test
# dependencies causing false positives in Snyk.
RUN . $CONDA_PATH/etc/profile.d/conda.sh && \
pip install --upgrade pip wheel setuptools && \
if [[ $RUNTIMES == "all" ]]; then \
for _wheel in "./dist/mlserver_"*.whl; do \
if [[ ! $_wheel == *"mllib"* ]]; then \
echo "--> Installing $_wheel..."; \
pip install $_wheel --constraint ./dist/constraints.txt; \
fi \
done \
else \
for _runtime in $RUNTIMES; do \
_wheelName=$(echo $_runtime | tr '-' '_'); \
_wheel="./dist/$_wheelName-"*.whl; \
echo "--> Installing $_wheel..."; \
pip install $_wheel --constraint ./dist/constraints.txt; \
done \
fi && \
pip install $(ls "./dist/mlserver-"*.whl) --constraint ./dist/constraints.txt && \
rm -f /opt/conda/lib/python3.10/site-packages/spacy/tests/package/requirements.txt && \
rm -rf /root/.cache/pip
COPY ./licenses/license.txt .
COPY ./licenses/license.txt /licenses/
COPY \
./hack/build-env.sh \
./hack/generate_dotenv.py \
./hack/activate-env.sh \
./hack/
USER 1000
# We need to build and activate the "hot-loaded" environment before MLServer
# starts
CMD . $CONDA_PATH/etc/profile.d/conda.sh && \
source ./hack/activate-env.sh $MLSERVER_ENV_TARBALL && \
mlserver start $MLSERVER_MODELS_DIR