STAT 39000: Project 12 — Fall 2021

First thing first. Please read this fantastic article for a great introduction to containers. Afterwards, please review the content we have available here.

In this project, we have a special challenge. Brown does not have Docker installed. This is due to a variety of reasons. Brown does have a tool called Singularity installed, however, it is different enough from more common containerization tools, that it does not make sense to learn for your first "container" experience.

To solve this issue, we’ve created a virtual machine that runs Ubuntu, and has Docker pre-installed and configured for you to use. To be clear, the majority of this project will revolve around the command line from within Jupyter Lab. We will specifically state the "deliverables" which will mainly be text or images that are copied and pasted in Markdown cells.

Please login and launch a Jupyter Lab session. Create a new notebook to put your solutions, and open up a terminal window beside your notebook.

In your terminal, navigate to /depot/datamine/apps/qemu/scripts/. You should find 4 scripts. They perform the following operations, respectively.

Run the scripts in your Terminal, in order, from 1-4.

Awesome! Your terminal is now connected to an instance of Ubuntu with Docker already installed and configured for you! Now, let’s get to work.

First thing is first. Let’s test out pulling an image from the Docker Hub. wernight/funbox is a fun image to do some wacky things on a command line. Pull the image (hub.docker.com/r/wernight/funbox), and verify that the image is available on your system using docker images.

Run the following to get an ascii aquarium.

Wow! That is wild! You can run this program on any system where an OCI compliant runtime exists — very cool!

To quit the program, press kdb:[Ctrl + c].

For this question, submit a screenshot of the running asciiquarium program.

Okay, that was fun, but let’s do something a little bit more practical. Check out the ~/projects/whin directory in your VM. You should pretty quickly realize that this is our version of the WHIN API that we used earlier on in project (8).

If you recall, we had a lot of "extra" steps we had to take in order to run the API. We had to:

This is a fantastic example of when containerizing your app could be a great idea!

Let’s begin by writing our own Dockerfile.

First thing is first. We want our image to contain the correct version of Python for our app. Our app requires at least Python 3.9. Let’s see if we can find a base image that has Python 3.9 or later. Google "Python docker image" and you will find the following link: hub.docker.com/_/python

Here, we will find a wide variety of different "official" Python docker images. A great place to start. If you click on the "Tags" tab, you will be able to scroll through a wide variety of different versions of Python + operating systems. A great Linux distribution is Debian.

Okay, let’s go for the Python 3.9.9 + Bullseye (Debian) image. The tag for the image is python:3.9.9-bullseye. But wait a second. If you look at the space required for the base image — it is already up to 370 or so MB — that is quite a bit! Maybe there is a lighter weight option? If you search for "slim" you will find an image with the tag python:3.9.9-slim-bullseye that takes up only 45 MB by default — much better.

Create a file called Dockerfile in the ~/projects/whin directory. Use vim/emacs/nano to edit the file to look like this:

Now, let’s build our image.

Once created, you should be able to view your image by running the following.

Now, let’s run our image. After running docker images, if you look under the IMAGE column, you should see an id for you image — something like 3dk35bdl. To run your image, do the following.

Be sure to replace 3dk35bdl with the id of your image. Great! Your image should now be running. Find out by running the following.

Under the NAMES column, you will see the name of your running container — very cool! How does this test out anything? Don’t we want to see if we have Python 3.9 running like we want it to? Yes! Let’s get a bash shell inside our container. To do so run the following.

Replace suspicious_lumiere with the name of your container. You should now be in a bash shell. Awesome! Run the following to see what version of Python we have installed.

Awesome! So far so good! To exit the container, type and run exit. Take a screenshot of your terminal after following these steps and add it to your notebook in a markdown cell.

To clean up and stop the container, run the following.

Okay, great! We have version 0.0.1 of our whin image. Great.

Now let’s make this thing useful. Use vim/emacs/nano to edit the ~/projects/whin/Dockerfile to look like this:

Here, do your best to explain what each line of code does. Build version 0.0.2 of your image, and run it.

Okay, in theory, that last line should run our API — awesome! Let’s check the logs to see if it is working.

What you should get is a Python error! Something about NoneType. Whoops! We forgot to include the DATABASE_PATH environment variable so our API knows where our WHIN database is. That is critical to our API.

Modify our Dockerfile to include the DATABASE_PATH environment variable with a value /home/tdm-user/projects/whin/whin.db. Rebuild your image (as version 0.0.2), and run it. Check the logs again, does it appear to be working?

Okay, there is one step left. Let’s see if the API is really fully working by making a request to it. First, get a shell to the running container.

One inside the container, let’s make a request to the API that is running. Run the following:

If all is well you should get:

Awesome! You can see our API is definitely working, cool!

Okay, one final test. Let’s exit the container and make a request to the API again. After all, it wouldn’t be that useful if we had to essentially login to a container when we want to access an API running in that container, would it?

Uh oh! Although our API is running smoothly inside of the container, we have no way of accessing it outside of the container. Remember, EXPOSE only signals that we want to expose that port, it doesn’t actually do that for us. No worries, this can be easily fixed.

Where 3kdgj024jn is the id of your image. Now, let’s try and access the API again.

Voila! It works! The following is an equivalent run statement:

However, if you want to specify that the API internally is using port 21650, but we want to expose the API running inside our container to outside our container on a different port, say, port 5555, we could run the following.

Then, you could access the API by running the following:

While our request goes to port 5555, once the request hits the container, it is routed to port 21650 inside the container, which is where our API is running. This can be confusing a may take some experimentation until you are comfortable with it.