build: Dockerfile and docker-compose to launch notebook with pygenn resolves genn-team/genn#546 #548
Conversation
Run GeNN models from a docker image that launches a jupyter notebook
Stevinson
changed the title
build_steps/Dockerfile
Outdated
|
|
||
| COPY . ${HOME} | ||
|
|
||
| RUN adduser --disabled-password --gecos "" $USERNAME |
There was a problem hiding this comment.
Why not just use root as containers are kinda throwaway? My knowledge of docker is pretty crap so I could very well be missing something...
There was a problem hiding this comment.
It’s something I was taught was best practice so have got into the habit of doing. I believe this is because:
- Certain execution environments block containers running as root
- Force container immutability
- Limits the processes that can be executed and who can execute them
There was a problem hiding this comment.
Ahh, that is really good to know, thanks
There was a problem hiding this comment.
Running the container as root (from the host) could be bad, sure, but I can't see any issue being root inside the container. Do you have an example of root inside containers being blocked by providers? The mutability argument, I'm not sure how relevant that is, since all state is lost once the container is killed anyway. As for limiting processes, sure, it stops the user running e.g. apt inside the container as interactive, but is that a good thing?
There was a problem hiding this comment.
Btw, I don't mean to be pedantic. I'm no expert, and I'm very interested to hear yours and others' reasons for and against!
There was a problem hiding this comment.
Ahh.... I see the issue with containers starting as root now.....
I just pwnt my box with a container that begins as root! :)
| @@ -0,0 +1,28 @@ | |||
| version: "3.4" | |||
There was a problem hiding this comment.
I don't quite see why docker compose is required....I thought it was intended to combine together multiple containers whereas, couldn't what you do here be achieved with a single docker run incantation?
Also, more fundamentally, the way I imagine the GeNN docker image being used is that it would be hosted on Dockerhub (probably produced by CI when we make releases/merge master) so users wouldn't have to checkout our git repro and hence wouldn't have access to the docker compose script outside of the container.
Again, I may be missing things....
There was a problem hiding this comment.
Agreed, it facilitates having multiple containers interacting together. I only used it as I find it helpful to set up port bindings, volumes, health checks, etc in a configurable way that is easy to use (and was used only to launch jupyter).
However, if it is not going to be useful for extendability then maybe, as you say, a command such as docker run -p 127.0.0.1:8888:8888/tcp -v '$(CURDIR)'/pygenn/notebooks:/root/pygenn/notebooks pygenn jupyter notebook --ip 0.0.0.0 --no-browser is better suited. I have added this to the makefile (as make docker-jupyter) and can delete the docker-compose.yml?
There was a problem hiding this comment.
Just for saving such brutally long command lines, docker compose seems like a good idea (especially as it's optional).
There was a problem hiding this comment.
I am going to fiddle a bit more (hence the change of target) but, unless my colleague @jamesturner246 has any further concerns, I'm happy to accept this (and will add the relevant hacktoberfest label). Thank you again for your help with this!
There was a problem hiding this comment.
It looks good. A couple of points that might be worth implementing - maybe @neworderofjamie also has preferences on them. Thanks!
| @@ -69,3 +69,11 @@ clean: | |||
| @# Delete libGeNN | |||
| @rm -f $(LIBGENN) | |||
| @rm -f $(BACKEND_LIBS) | |||
|
|
|||
There was a problem hiding this comment.
It might be cool and convenient to have a makefile rule to setup an interactive pygenn container with -it, and bind host pwd to some directory (e.g. 'workspace') in the working directory of the container. Just for people who don't want to use jupyter.
| @@ -13,3 +13,8 @@ PyGeNN wraps the C++ GeNN API using SWIG, allowing GeNN to be used either direct | |||
| - Navigate to the GeNN directory and build GeNN as a dll using ``msbuild genn.sln /t:Build /p:Configuration=Release_DLL`` (if you don't have CUDA installed, building the CUDA backend will fail but it should still build the CPU backend). | |||
| - Copy the newly built DLLs into pygenn using ``copy /Y lib\genn*Release_DLL.* pygenn\genn_wrapper`` | |||
| - Build the Python extension with setup tools using ``python setup.py develop`` command | |||
|
|
|||
There was a problem hiding this comment.
Should probably add pygenn/README.md documentation for the docker-jupyter option, plus for the interactive container rule mentioned above, if implemented.
Run pyGeNN models from a docker image.
docker-composeis used to launch a jupyter notebook with files from the local filesystem.