59 lines
1.6 KiB
Text
59 lines
1.6 KiB
Text
# Fast Secure ML Runner
|
|
# Optimized for data scientists with maximum speed
|
|
|
|
FROM continuumio/miniconda3:latest
|
|
|
|
# Install mamba for lightning-fast package resolution
|
|
RUN conda install -n base -c conda-forge mamba -y && \
|
|
conda clean -afy
|
|
|
|
# Security: Create non-root user
|
|
RUN groupadd -r mlrunner && useradd -r -g mlrunner mlrunner
|
|
|
|
# Create secure workspace
|
|
WORKDIR /workspace
|
|
RUN chown mlrunner:mlrunner /workspace
|
|
|
|
# Create conda environment with mamba (much faster than pip)
|
|
RUN mamba create -n ml_env python=3.10 -y && \
|
|
chown -R mlrunner:mlrunner /opt/conda/envs/ml_env
|
|
|
|
# Pre-install ML packages with mamba (super fast!)
|
|
RUN mamba install -n ml_env \
|
|
pytorch>=1.9.0 \
|
|
torchvision>=0.10.0 \
|
|
numpy>=1.21.0 \
|
|
pandas>=1.3.0 \
|
|
scikit-learn>=1.0.0 \
|
|
xgboost>=1.5.0 \
|
|
matplotlib>=3.5.0 \
|
|
seaborn>=0.11.0 \
|
|
jupyter>=1.0.0 \
|
|
-c pytorch -c conda-forge -y && \
|
|
conda clean -afy
|
|
|
|
# Poetry (for pyproject.toml + poetry.lock projects)
|
|
RUN mamba install -n ml_env poetry -c conda-forge -y && \
|
|
conda clean -afy
|
|
|
|
# Copy security wrapper
|
|
COPY secure_runner.py /usr/local/bin/secure_runner.py
|
|
COPY security_policy.json /etc/ml_runner/security_policy.json
|
|
|
|
# Set permissions
|
|
RUN chmod +x /usr/local/bin/secure_runner.py && \
|
|
chown mlrunner:mlrunner /usr/local/bin/secure_runner.py
|
|
|
|
# Switch to non-root user
|
|
USER mlrunner
|
|
|
|
# Set conda environment
|
|
SHELL ["/bin/bash", "-c"]
|
|
ENTRYPOINT ["conda", "run", "-n", "ml_env", "python", "/usr/local/bin/secure_runner.py"]
|
|
|
|
# Labels
|
|
LABEL package_manager="mamba" \
|
|
speed="optimized" \
|
|
ml_frameworks="pytorch,sklearn,xgboost" \
|
|
security="enabled"
|
|
|