-
Notifications
You must be signed in to change notification settings - Fork 50
/
Copy pathDockerfile.withbinding
121 lines (97 loc) · 4.41 KB
/
Dockerfile.withbinding
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
#
# This Dockerfile build nucliadb with the binding.
# It's a copy of `Dockerfile` adding the additional `python_rust` stage.
#
FROM python:3.12 AS python_rust
ARG RUST_BUILD_PROFILE=release
ENV RUSTUP_HOME=/usr/local/rustup \
CARGO_HOME=/usr/local/cargo \
PATH=/usr/local/cargo/bin:$PATH
COPY rust-toolchain.toml /tmp
WORKDIR /tmp
RUN set -eux; \
dpkgArch="$(dpkg --print-architecture)"; \
case "${dpkgArch##*-}" in \
amd64) rustArch='x86_64-unknown-linux-gnu'; rustupSha256='3dc5ef50861ee18657f9db2eeb7392f9c2a6c95c90ab41e45ab4ca71476b4338' ;; \
armhf) rustArch='armv7-unknown-linux-gnueabihf'; rustupSha256='67777ac3bc17277102f2ed73fd5f14c51f4ca5963adadf7f174adf4ebc38747b' ;; \
arm64) rustArch='aarch64-unknown-linux-gnu'; rustupSha256='32a1532f7cef072a667bac53f1a5542c99666c4071af0c9549795bbdb2069ec1' ;; \
i386) rustArch='i686-unknown-linux-gnu'; rustupSha256='e50d1deb99048bc5782a0200aa33e4eea70747d49dffdc9d06812fd22a372515' ;; \
*) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \
esac; \
rustVersion=$(awk -F '=' '/channel/ {print $2}' rust-toolchain.toml | tr -d '" '); \
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile minimal --default-toolchain ${rustVersion} --default-host ${rustArch}; \
chmod -R a+w $RUSTUP_HOME $CARGO_HOME; \
rustup --version; \
cargo --version; \
rustc --version;
# Install system dependencies
COPY scripts/install-system-deps.sh /tmp/
RUN /tmp/install-system-deps.sh && rm /tmp/install-system-deps.sh
RUN apt-get update -y && apt-get install --yes --no-install-recommends patchelf cmake && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
RUN pip install maturin
COPY . /nucliadb
WORKDIR /nucliadb
RUN set -eux; \
cd nucliadb_node_binding; \
maturin build --profile ${RUST_BUILD_PROFILE}
# Stage to extract the external requirements from the lockfile
# This is to improve caching, `pdm.lock` changes when our components
# are updated. The generated requirements.txt does not, so it is
# more cacheable.
FROM python:3.12 AS requirements
RUN pip install pdm==2.22.1
COPY pdm.lock pyproject.toml .
RUN pdm export --prod --no-hashes | grep -v ^-e | grep -v nidx_protos > requirements.lock.txt
FROM python:3.12
RUN pip install pdm==2.22.1
RUN set -eux; \
dpkgArch="$(dpkg --print-architecture)"; \
case "${dpkgArch##*-}" in \
amd64) probeArch='amd64'; probeSha256='8d104fb997c9a5146a15a9c9f1fd45afa9d2dd995e185aeb96a19263fbd55b8a' ;; \
arm64) probeArch='arm64'; probeSha256='6a74ac6eebb173987dd4a68fa99b74b2e1bdd3e0c7cf634c0d823595fbb28609' ;; \
i386) probeArch='386'; probeSha256='eaed3339e273116d2c44a271d7245da1999b28a0c0bdf1d7b3aa75917712dc1a' ;; \
*) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \
esac; \
curl -L -o /bin/grpc_health_probe https://github.com/grpc-ecosystem/grpc-health-probe/releases/download/v0.4.17/grpc_health_probe-linux-${probeArch}; \
echo "${probeSha256} /bin/grpc_health_probe" | sha256sum -c -; \
chmod +x /bin/grpc_health_probe
# Install Python dependencies
WORKDIR /usr/src/app
COPY --from=requirements requirements.lock.txt /tmp
RUN python -m venv .venv && \
.venv/bin/pip install -r /tmp/requirements.lock.txt
# Copy application
COPY VERSION pyproject.toml pdm.lock /usr/src/app
COPY nucliadb_utils /usr/src/app/nucliadb_utils
COPY nucliadb_telemetry /usr/src/app/nucliadb_telemetry
COPY nucliadb_protos /usr/src/app/nucliadb_protos
COPY nucliadb_models /usr/src/app/nucliadb_models
COPY nucliadb /usr/src/app/nucliadb
COPY nucliadb_performance /usr/src/app/nucliadb_performance
COPY nidx/nidx_protos /usr/src/app/nidx/nidx_protos
# Create a fake binding to avoid installing the real one
RUN mkdir nucliadb_node_binding && \
touch nucliadb_node_binding/pyproject.toml
# Install our packages to the virtualenv
RUN pdm sync --prod --no-editable
# make sure to install the built wheel after so it is installed no matter what
COPY --from=python_rust /nucliadb/target/wheels/ /wheels/
RUN /usr/src/app/.venv/bin/pip install /wheels/*.whl --force
RUN mkdir -p /data
ENV NUA_ZONE=europe-1
ENV NUA_API_KEY=
ENV NUCLIA_PUBLIC_URL=https://{zone}.nuclia.cloud
ENV PYTHONUNBUFFERED=1
ENV DRIVER=LOCAL
ENV HTTP_PORT=8080
ENV INGEST_GRPC_PORT=8060
ENV TRAIN_GRPC_PORT=8040
ENV LOG_OUTPUT_TYPE=stdout
# HTTP
EXPOSE 8080/tcp
# GRPC - INGEST
EXPOSE 8060/tcp
# GRPC - TRAIN
EXPOSE 8040/tcp
ENV PATH="/usr/src/app/.venv/bin:$PATH"
CMD ["nucliadb"]