-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathDockerfile
78 lines (61 loc) · 2.36 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
FROM python:3.7-slim
#############################
# INSTALL PYTHON DEPENDENCIES
#############################
# install git for pip install git+https://
RUN apt-get -o Acquire::Max-FutureTime=100000 update \
&& apt-get install -y --no-install-recommends build-essential git
# create a virtual environment
RUN python -m venv /opt/venv
ENV PATH="/opt/venv/bin:$PATH"
# copy and install python requirements + ember from github
COPY docker-requirements.txt .
RUN pip install --no-cache-dir -r docker-requirements.txt \
&& pip install --no-cache-dir git+https://github.com/elastic/ember.git
#############################
# REBASE & DEPLOY CODE
#############################
# rebase to make a smaller image
FROM python:3.7-slim
# required libgomp1 for ember
RUN apt-get -o Acquire::Max-FutureTime=100000 update \
&& apt-get -y --no-install-recommends install \
libgomp1 \
&& rm -rf /var/lib/apt/lists/*
# copy python virtual env (all dependencies) from previous image
COPY --from=0 /opt/venv /opt/venv
# copy defender code to /opt/defender/defender
COPY defender /opt/defender/defender
#############################
# SETUP ENVIRONMENT
#############################
# open port 8080
EXPOSE 8080
# add a defender user and switch user
RUN groupadd -r defender && useradd --no-log-init -r -g defender defender
USER root
# change working directory
WORKDIR /opt/defender/
# update environmental variables
ENV PATH="/opt/venv/bin:$PATH"
ENV PYTHONPATH="/opt/defender"
# one may tune model file / threshold / name via environmental variables
# ENV DF_MODEL_GZ_PATH models/NFS_V3.pkl.gz
# ENV DF_MODEL_GZ_PATH models/NFS_21_ALL_hash_50000_WITH_TEST.pkl
# ENV DF_MODEL_GZ_PATH models/NFS_21_ALL_hash_50000_WITH_MLSEC19.pkl
# ENV DF_MODEL_GZ_PATH models/NFS_21_ALL_hash_50000_WITH_MLSEC20.pkl
ENV DF_MODEL_PATH models/NES_MK1.pkl
ENV DF_MODEL_PATH_2 models/NES_MK2.pkl
#ENV DF_MODEL_THRESH 0.5
# ENV DF_MODEL_THRESH 0.46875
#ENV DF_MODEL_NAME NES_MK1
#############################
# RUN CODE
#############################
CMD ["python","-m","defender"]
## TO BUILD IMAGE:
# docker build -t ember .
## TO RUN IMAGE (ENVIRONMENTAL VARIABLES DECLARED ABOVE)
# docker run -itp 8080:8080 ember
## TO RUN IMAGE (OVERRIDE ENVIRONMENTAL VARIABLES DECLARED ABOVE)
# docker run -itp 8080:8080 --env DF_MODEL_GZ_PATH="models/ember_model.txt.gz" --env DF_MODEL_THRESH=0.8336 --env DF_MODEL_NAME=myember ember