基於Docker+Jupyter+Python的科學計算環境

時間 2019-11-07

標籤基於 docker+jupyter+python docker jupyter python 科學計算環境欄目 Docker 简体版

原文原文鏈接

原文地址：https://github.com/jupyter/docker-stacks/tree/master/scipy-notebookhtml

Jupyter Notebook Scientific Python Stack

基於Docker+Jupyter+Python的科學計算環境，提供快速部署的一站式科學計算Docker容器環境，能夠快速開始數據分析。python

打包內容

Jupyter Notebook 4.2.x
Conda Python 3.x and Python 2.7.x environments
pandas, matplotlib, scipy, seaborn, scikit-learn, scikit-image, sympy, cython, patsy, statsmodel, cloudpickle, dill, numba, bokeh pre-installed
Unprivileged user jovyan (uid=1000, configurable, see options) in group users (gid=100) with ownership over /home/jovyan and /opt/conda
tini as the container entrypoint and start-notebook.sh as the default command
A start-singleuser.sh script useful for running a single-user instance of the Notebook server, as required by JupyterHub
A start.sh script useful for running alternative commands in the container (e.g. ipython, jupyter kernelgateway, jupyter lab)
Options for HTTPS, password auth, and passwordless sudo

基本用法

The following command starts a container with the Notebook server listening for HTTP connections on port 8888 without authentication configured.git

docker run -d -p 8888:8888 jupyter/scipy-notebook

Notebook選項

The Docker container executes a start-notebook.sh script script by default. The start-notebook.sh script handles the NB_UID and GRANT_SUDO features documented in the next section, and then executes the jupyter notebook.github

You can pass Jupyter command line options through the start-notebook.sh script when launching the container. For example, to secure the Notebook server with a password hashed using IPython.lib.passwd(), run the following:docker

docker run -d -p 8888:8888 jupyter/scipy-notebook start-notebook.sh --NotebookApp.password='sha1:74ba40f8a388:c913541b7ee99d15d5ed31d4226bf7838f83a50e'

For example, to set the base URL of the notebook server, run the following:shell

docker run -d -p 8888:8888 jupyter/scipy-notebook start-notebook.sh --NotebookApp.base_url=/some/path

You can sidestep the start-notebook.sh script and run your own commands in the container. See the Alternative Commands section later in this document for more information.app

Docker選項

You may customize the execution of the Docker container and the Notebook server it contains with the following optional arguments.less

-e PASSWORD="YOURPASS" - Configures Jupyter Notebook to require the given plain-text password. Should be combined with USE_HTTPS on untrusted networks. Note that this option is not as secure as passing a pre-hashed password on the command line as shown above.
-e USE_HTTPS=yes - Configures Jupyter Notebook to accept encrypted HTTPS connections. If a pem file containing a SSL certificate and key is not provided (see below), the container will generate a self-signed certificate for you.
-e NB_UID=1000 - Specify the uid of the jovyan user. Useful to mount host volumes with specific file ownership. For this option to take effect, you must run the container with --user root. (The start-notebook.sh script will su jovyan after adjusting the user id.)
-e GRANT_SUDO=yes - Gives the jovyan user passwordless sudo capability. Useful for installing OS packages. For this option to take effect, you must run the container with --user root. (The start-notebook.sh script will su jovyan after adding jovyan to sudoers.) You should only enable sudo if you trust the user or if the container is running on an isolated host.
-v /some/host/folder/for/work:/home/jovyan/work - Host mounts the default working directory on the host to preserve work even when the container is destroyed and recreated (e.g., during an upgrade).
-v /some/host/folder/for/server.pem:/home/jovyan/.local/share/jupyter/notebook.pem - Mounts a SSL certificate plus key for USE_HTTPS. Useful if you have a real certificate for the domain under which you are running the Notebook server.

SSL 證書

The notebook server configuration in this Docker image expects the notebook.pem file mentioned above to contain a base64 encoded SSL key and at least one base64 encoded SSL certificate. The file may contain additional certificates (e.g., intermediate and root certificates).dom

If you have your key and certificate(s) as separate files, you must concatenate them together into the single expected PEM file. Alternatively, you can build your own configuration and Docker image in which you pass the key and certificate separately.ide

For additional information about using SSL, see the following:

The docker-stacks/examples for information about how to use Let's Encrypt certificates when you run these stacks on a publicly visible domain.
The jupyter_notebook_config.py file for how this Docker image generates a self-signed certificate.
The Jupyter Notebook documentation for best practices about running a public notebook server in general, most of which are encoded in this image.

Conda 包管理

The default Python 3.x Conda environment resides in /opt/conda. A second Python 2.x Conda environment exists in /opt/conda/envs/python2. You can switch to the python2 environment in a shell by entering the following:

source activate python2

You can return to the default environment with this command:

source deactivate

The commands jupyter, ipython, python, pip, easy_install, and conda (among others) are available in both environments. For convenience, you can install packages into either environment regardless of what environment is currently active using commands like the following:

# install a package into the python2 environment
pip2 install some-package
conda install -n python2 some-package

# install a package into the default (python 3.x) environment
pip3 install some-package
conda install -n python3 some-package

可選的啓動命令

start-singleuser.sh

JupyterHub requires a single-user instance of the Jupyter Notebook server per user. To use this stack with JupyterHub and DockerSpawner, you must specify the container image name and override the default container run command in your jupyterhub_config.py:

# Spawn user containers from this image
c.DockerSpawner.container_image = 'jupyter/scipy-notebook'

# Have the Spawner override the Docker run command
c.DockerSpawner.extra_create_kwargs.update({
    'command': '/usr/local/bin/start-singleuser.sh'
})

start.sh

The start.sh script supports the same features as the default start-notebook.sh script (e.g., GRANT_SUDO), but allows you to specify an arbitrary command to execute. For example, to run the text-based ipython console in a container, do the following:

docker run -it --rm jupyter/scipy-notebook start.sh ipython

This script is particularly useful when you derive a new Dockerfile from this image and install additional Jupyter applications with subcommands like jupyter console, jupyter kernelgateway, and jupyter lab.

其它

You can bypass the provided scripts and specify your an arbitrary start command. If you do, keep in mind that certain features documented above will not function (e.g., GRANT_SUDO).