-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathDockerfile_singleuser
More file actions
262 lines (214 loc) · 10.8 KB
/
Dockerfile_singleuser
File metadata and controls
262 lines (214 loc) · 10.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
FROM jupyterhub/singleuser:5.4
ARG HTTP_PROXY
ARG HTTPS_PROXY
ARG NO_PROXY
ARG http_proxy
ARG https_proxy
ARG no_proxy
# set to "true" for the GPU build
ARG GPU_BUILD=false
ENV HTTP_PROXY=$HTTP_PROXY
ENV HTTPS_PROXY=$HTTPS_PROXY
ENV NO_PROXY=$NO_PROXY
ENV http_proxy=$HTTP_PROXY
ENV https_proxy=$HTTPS_PROXY
ENV no_proxy=$NO_PROXY
ENV DEBIAN_FRONTEND=noninteractive
ENV DEBIAN_PRIORITY=critical
ARG CPU_ARCHITECTURE
ENV CPU_ARCHITECTURE=${CPU_ARCHITECTURE}
ENV NVIDIA_DRIVER_VERSION=510
# nvidia-container-runtime
ENV NVIDIA_VISIBLE_DEVICES=all
ENV NVIDIA_DRIVER_CAPABILITIES=compute,utility
# prefer prebuilt wheels, never build from sdist for known heavy libs
ENV PIP_PREFER_BINARY=1
ENV PIP_DISABLE_PIP_VERSION_CHECK=1
ENV PIP_NO_CACHE_DIR=1
# allow python to write byte code
ENV PYTHONDONTWRITEBYTECODE=0
USER root
RUN apt-get update && apt-get upgrade -y && \
apt-get install -y software-properties-common
# add extra repos
RUN apt-add-repository multiverse && \
apt-add-repository universe && \
add-apt-repository ppa:graphics-drivers/ppa && \
add-apt-repository ppa:deadsnakes/ppa && \
apt-get update && apt-get upgrade -y && \
apt-get --force-yes -o Dpkg::Options::="--force-confold" --force-yes -o Dpkg::Options::="--force-confdef" -fuy full-upgrade && \
apt-get autoremove -y && \
apt-get clean -y && \
apt-get install -y \
wget \
curl \
ca-certificates \
apt-transport-https
# Microsoft repos
RUN wget -q -O- https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor -o /etc/apt/trusted.gpg.d/packages.microsoft.gpg
RUN echo "deb [arch=amd64,armhf,arm64] https://packages.microsoft.com/ubuntu/22.04/prod jammy main" | tee -a /etc/apt/sources.list
# Add latest ubuntu repos to sources.list
# add arch
RUN if [ "${CPU_ARCHITECTURE}" = "amd64" ]; then \
echo "deb http://archive.ubuntu.com/ubuntu/ jammy main restricted universe multiverse" | tee -a /etc/apt/sources.list ; \
echo "deb-src http://archive.ubuntu.com/ubuntu/ jammy main restricted universe multiverse" | tee -a /etc/apt/sources.list ; \
echo "deb http://archive.ubuntu.com/ubuntu/ jammy-security main restricted universe multiverse" | tee -a /etc/apt/sources.list ; \
echo "deb-src http://archive.ubuntu.com/ubuntu/ jammy-security main restricted universe multiverse" | tee -a /etc/apt/sources.list ; \
echo "deb http://archive.ubuntu.com/ubuntu/ jammy-backports main restricted universe multiverse" | tee -a /etc/apt/sources.list ; \
echo "deb-src http://archive.ubuntu.com/ubuntu/ jammy-backports main restricted universe multiverse" | tee -a /etc/apt/sources.list ; \
echo "deb http://archive.canonical.com/ubuntu/ jammy partner" | tee -a /etc/apt/sources.list ; \
echo "deb-src http://archive.canonical.com/ubuntu/ jammy partner" | tee -a /etc/apt/sources.list ; \
elif [ "${CPU_ARCHITECTURE}" = "arm64" ]; then \
echo "deb [arch=arm64] http://archive.canonical.com/ubuntu/ jammy partner" | tee -a /etc/apt/sources.list ; \
echo "deb-src [arch=arm64] http://archive.canonical.com/ubuntu/ jammy partner" | tee -a /etc/apt/sources.list ; \
echo "deb [arch=arm64] http://ports.ubuntu.com/ubuntu-ports jammy main restricted universe multiverse" | tee -a /etc/apt/sources.list ; \
echo "deb [arch=arm64] http://ports.ubuntu.com/ubuntu-ports jammy-updates main restricted universe multiverse" | tee -a /etc/apt/sources.list ; \
echo "deb [arch=arm64] http://ports.ubuntu.com/ubuntu-ports jammy-backports main restricted universe multiverse" | tee -a /etc/apt/sources.list ; \
echo "deb [arch=arm64] http://ports.ubuntu.com/ubuntu-ports jammy-security main restricted universe multiverse" | tee -a /etc/apt/sources.list ; \
echo "deb-src [arch=arm64] http://ports.ubuntu.com/ubuntu-ports jammy-security main restricted universe multiverse" | tee -a /etc/apt/sources.list ; \
echo "deb-src [arch=arm64] http://ports.ubuntu.com/ubuntu-ports jammy-updates main restricted universe multiverse" | tee -a /etc/apt/sources.list ; \
echo "deb-src [arch=arm64] http://ports.ubuntu.com/ubuntu-ports jammy-backports main restricted universe multiverse" | tee -a /etc/apt/sources.list ; \
echo "deb-src [arch=arm64] http://ports.ubuntu.com/ubuntu-ports jammy main restricted universe multiverse" | tee -a /etc/apt/sources.list ; \
else \
echo "No valid CPU_ARCHITECTURE specified"; \
fi
# run updates
RUN apt-get update && apt-get upgrade -y && dpkg --configure -a && \
apt-get --force-yes -o Dpkg::Options::="--force-confold" --force-yes -o Dpkg::Options::="--force-confdef" -fuy full-upgrade && \
apt-get autoremove -y && \
apt-get clean -y && \
apt-get install -y --no-install-recommends \
gnupg \
ssl-cert \
libevent-dev \
libsqlite3-dev \
libxml2-dev \
libbz2-dev \
libxslt1-dev \
zlib1g-dev \
libssl-dev \
gnupg-agent \
dirmngr \
apt-utils \
fonts-dejavu \
nano \
iputils-ping \
cmake \
make \
build-essential \
unixodbc \
unixodbc-dev \
r-cran-rodbc \
gfortran \
gcc \
g++ \
git \
ssh \
jq \
htop \
libglx-mesa0 libegl1 libxrandr2 libxss1 \
libxcursor1 libxcomposite1 libasound2-dev libxi6 libxtst6 \
r-base \
libopenblas-dev
# remove newer python version, freeze other versions for max compatibility before updates
# RUN apt --fix-missing purge $(dpkg -l | grep 'python3\.1[01]' | awk '{print $2}')
################################################################################################################################################################
# GPU requirements section
# ===== GPU-only system bits (optional) =====
# Keep this lightweight; most CUDA libs come from host via NVIDIA Container Runtime.
# If you need CuDNN or CUDA user-space libs inside the container, add them here.
# This block only runs for amd64 when GPU_BUILD=true.
RUN if [ "$GPU_BUILD" = "true" ] && [ "$CPU_ARCHITECTURE" = "amd64" ]; then \
install -d -m 0755 /etc/apt/keyrings; \
curl -fsSL https://nvidia.github.io/libnvidia-container/gpgkey \
| gpg --dearmor -o /etc/apt/keyrings/nvidia-container-toolkit.gpg; \
curl -fsSL https://nvidia.github.io/libnvidia-container/stable/deb/nvidia-container-toolkit.list \
| sed 's#deb https://#deb [signed-by=/etc/apt/keyrings/nvidia-container-toolkit.gpg] https://#' \
| tee /etc/apt/sources.list.d/nvidia-container-toolkit.list > /dev/null; \
apt-get update; \
# OPTIONAL: only if your code needs OpenCL userspace
apt-get install -y --no-install-recommends \
ocl-icd-libopencl1 ocl-icd-dev opencl-headers libtiff-dev; \
rm -rf /var/lib/apt/lists/*; \
else \
echo "CPU build or non-amd64: skipping NVIDIA repo setup"; \
fi
# Not necessary, will corrupt nvidia-doker on install, use with care
# RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends apnvidia-driver-$NVIDIA_DRIVER_VERSION pocl-opencl-icd intel-opencl-icd \
# mesa-opencl-icd nvidia-opencl-dev libpocl-dev beignet-opencl-icd libnvidia-egl-wayland-dev nvidia-cuda-dev nvidia-cuda-toolkit nvidia-headless-$NVIDIA_DRIVER_VERSION
RUN apt --fix-broken install
# Install Python 3.11 system-wide
RUN apt-get update && apt-get install -y python3.11-full python3.11-dev python3.11-venv python3-pip \
&& update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.11 2 \
&& update-alternatives --install /usr/bin/pip pip /usr/bin/pip3 2
# install remaining packages
RUN apt-get update && apt-get upgrade -y
RUN apt-get -y --no-install-recommends install unixodbc unixodbc-dev odbcinst
RUN ACCEPT_EULA=Y apt-get install -y msodbcsql18
RUN ACCEPT_EULA=Y apt-get install -y mssql-tools18
RUN echo 'export PATH="$PATH:/opt/mssql-tools18/bin"' >> ~/.bashrc
# deps for psycopg2
RUN apt-get install -y --no-install-recommends postgresql-server-dev-all
# clean up apt
RUN apt-get clean autoclean && apt-get autoremove --purge -y
######################################## Python / PIP SECTION ########################################
RUN conda update conda
# Create a Python 3.11 env and make it the default for builds & kernels
RUN conda create -y -n py311 python=3.11 ipykernel && conda clean --all -f -y
ENV CONDA_DEFAULT_ENV=py311
ENV PATH=/opt/conda/envs/py311/bin:$PATH
RUN conda install --quiet --yes \
ipykernel \
pip
RUN conda clean --all -f -y
RUN fix-permissions $CONDA_DIR && fix-permissions /home/$NB_USER
# bust cache
ENV UV_VERSION=latest
# install rust, medcat requirement, install UV
ENV HOME=/root
ENV PATH="/root/.cargo/bin:${PATH}"
RUN curl -sSf https://sh.rustup.rs -o /tmp/rustup-init.sh \
&& chmod +x /tmp/rustup-init.sh \
&& /tmp/rustup-init.sh -y \
&& rm /tmp/rustup-init.sh
RUN curl -Ls https://astral.sh/uv/install.sh -o /tmp/install_uv.sh \
&& bash /tmp/install_uv.sh
RUN UV_PATH=$(find / -name uv -type f | head -n1) && \
ln -s "$UV_PATH" /usr/local/bin/uv
# update pip and install basic utilities
RUN uv pip install --upgrade --system pip setuptools wheel
# install the rest of the packages including medcat
COPY ./requirements.txt /srv/jupyterhub/
# https://download.pytorch.org/whl/cpu is out of date on packages, using alternative URL for CPU
RUN if [ "$GPU_BUILD" = "true" ] && [ "$CPU_ARCHITECTURE" = "amd64" ]; then \
uv pip install --system --no-cache-dir -r /srv/jupyterhub/requirements.txt && \
uv run python -m medcat download-scripts /srv/jupyterhub/medcat-scripts ; \
else \
uv pip install --system --no-cache-dir -r /srv/jupyterhub/requirements.txt --index-url https://pypi.org/simple && \
uv run python -m medcat download-scripts /srv/jupyterhub/medcat-scripts ; \
fi
RUN uv pip install --no-cache-dir --system -r /srv/jupyterhub/medcat-scripts/requirements.txt
# Copy medcat-scripts to default location (for Docker usage)
# Keep original at /srv/jupyterhub/medcat-scripts for K8s usage
RUN cp -r /srv/jupyterhub/medcat-scripts /home/jovyan/work/medcat-scripts
#######################################################################################################
# install R and other dependencies
COPY ./scripts/r_kernel_install.sh /srv/jupyterhub/
RUN Rscript /srv/jupyterhub/r_kernel_install.sh
# create jupyterhub shared folder
RUN mkdir -p /home/jovyan/scratch
RUN chmod -R 777 /home/jovyan/scratch
RUN chmod g+s /home/jovyan/scratch
RUN chmod 0777 /home/jovyan/scratch
# copy scripts and config files
COPY config/jupyter_notebook_config.py /home/jovyan/.jupyter/
# copy notebooks
COPY notebooks /home/jovyan/work/
# Kubernetes does not automatically copy the contents of /home/joyvan before mounting. Therefore also copying notebooks to /srv/jupyterhub for usage by k8s
COPY notebooks /srv/jupyterhub/notebooks/
WORKDIR /home/jovyan
USER jovyan
RUN echo "cd /home/jovyan/work" >> /home/jovyan/.bashrc
# Configure container startup
ENTRYPOINT ["tini", "-g", "--"]
CMD ["start-singleuser.py"]