Merge pull request #8605 from OpenMined/yash/backend-uv

Use `uv` in backend container

packages/grid/backend/backend.dockerfile

@@ -1,94 +1,70 @@
 ARG PYTHON_VERSION="3.12"
-ARG TZ="Etc/UTC"
-
-# change to USER="syftuser", UID=1000 and HOME="/home/$USER" for rootless
-ARG USER="root"
-ARG UID=0
-ARG USER_GRP=$USER:$USER
-ARG HOME="/root"
-ARG APPDIR="$HOME/app"
+ARG UV_VERSION="0.1.41-r0"
+ARG TORCH_VERSION="2.3.0"
 
 # ==================== [BUILD STEP] Python Dev Base ==================== #
 
-FROM cgr.dev/chainguard/wolfi-base as python_dev
+FROM cgr.dev/chainguard/wolfi-base as syft_deps
 
 ARG PYTHON_VERSION
-ARG TZ
-ARG USER
-ARG UID
+ARG UV_VERSION
+ARG TORCH_VERSION
 
 # Setup Python DEV
-RUN --mount=type=cache,target=/var/cache/apk,sharing=locked \
-    apk update && \
-    apk upgrade && \
-    apk add build-base gcc tzdata python-$PYTHON_VERSION-dev-default py$PYTHON_VERSION-pip && \
-    ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
-# uncomment for creating rootless user
-# && adduser -D -u $UID $USER
-
-# ==================== [BUILD STEP] Install Syft Dependency ==================== #
-
-FROM python_dev as syft_deps
-
-ARG APPDIR
-ARG HOME
-ARG UID
-ARG USER
-ARG USER_GRP
-
-USER $USER
-WORKDIR $APPDIR
-ENV PATH=$PATH:$HOME/.local/bin
-
-# copy skeleton to do package install
-COPY --chown=$USER_GRP \
-    syft/setup.py \
-    syft/setup.cfg \
-    syft/pyproject.toml \
-    syft/MANIFEST.in \
-    syft/
-
-COPY --chown=$USER_GRP \
-    syft/src/syft/VERSION \
-    syft/src/syft/capnp \
-    syft/src/syft/
-
-# Install all dependencies together here to avoid any version conflicts across pkgs
-RUN --mount=type=cache,id=pip-$UID,target=$HOME/.cache/pip,uid=$UID,gid=$UID,sharing=locked \
-    pip install --user --default-timeout=300 torch==2.2.1 -f https://download.pytorch.org/whl/cpu/torch_stable.html && \
-    pip install --user pip-autoremove jupyterlab -e ./syft[data_science] && \
-    pip-autoremove ansible ansible-core -y
+RUN apk update && apk upgrade && \
+    apk add build-base gcc python-$PYTHON_VERSION-dev-default uv=$UV_VERSION
+
+WORKDIR /root/app
+
+ENV UV_HTTP_TIMEOUT=600
+
+# keep static deps separate to have each layer cached independently
+# if amd64 then we need to append +cpu to the torch version
+# uv issues: https://github.com/astral-sh/uv/issues/3437 & https://github.com/astral-sh/uv/issues/2541
+RUN --mount=type=cache,target=/root/.cache,sharing=locked \
+    uv venv && \
+    ARCH=$(arch | sed s/aarch64/arm64/ | sed s/x86_64/amd64/) && \
+    if [[ "$ARCH" = "amd64" ]]; then TORCH_VERSION="$TORCH_VERSION+cpu"; fi && \
+    uv pip install torch==$TORCH_VERSION --index-url https://download.pytorch.org/whl/cpu
+
+COPY syft/setup.py syft/setup.cfg syft/pyproject.toml ./syft/
+
+COPY syft/src/syft/VERSION ./syft/src/syft/
+
+RUN --mount=type=cache,target=/root/.cache,sharing=locked \
+    # remove torch because we already have the cpu version pre-installed
+    sed --in-place /torch==/d ./syft/setup.cfg && \
+    uv pip install -e ./syft[data_science] && \
+    uv pip freeze | grep ansible | xargs uv pip uninstall
 
 # ==================== [Final] Setup Syft Server ==================== #
 
 FROM cgr.dev/chainguard/wolfi-base as backend
 
-# inherit from global
-ARG APPDIR
-ARG HOME
 ARG PYTHON_VERSION
-ARG TZ
-ARG USER
-ARG USER_GRP
-
-# Setup Python
-RUN --mount=type=cache,target=/var/cache/apk,sharing=locked \
-    apk update && \
-    apk upgrade && \
-    apk add tzdata git bash python-$PYTHON_VERSION-default py$PYTHON_VERSION-pip && \
-    ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone && \
-    # Uncomment for rootless user
-    # adduser -D -u 1000 $USER && \
-    mkdir -p /var/log/pygrid $HOME/data/creds $HOME/data/db $HOME/.cache $HOME/.local
-# chown -R $USER_GRP /var/log/pygrid $HOME/
-
-USER $USER
-WORKDIR $APPDIR
+ARG UV_VERSION
+
+RUN apk update && apk upgrade && \
+    apk add --no-cache git bash python-$PYTHON_VERSION-default py$PYTHON_VERSION-pip uv=$UV_VERSION
+
+WORKDIR /root/app/
+
+# Copy pre-built syft dependencies
+COPY --from=syft_deps /root/app/.venv .venv
+
+# copy grid
+COPY grid/backend/grid ./grid/
+
+# copy syft
+COPY syft ./syft/
 
 # Update environment variables
-ENV PATH=$PATH:$HOME/.local/bin \
-    PYTHONPATH=$APPDIR \
-    APPDIR=$APPDIR \
+ENV \
+    # "activate" venv
+    PATH="/root/app/.venv/bin/:$PATH" \
+    VIRTUAL_ENV="/root/app/.venv" \
+    # Syft
+    APPDIR="/root/app" \
     NODE_NAME="default_node_name" \
     NODE_TYPE="domain" \
     SERVICE_NAME="backend" \
@@ -102,16 +78,6 @@ ENV PATH=$PATH:$HOME/.local/bin \
     MONGO_HOST="localhost" \
     MONGO_PORT="27017" \
     MONGO_USERNAME="root" \
-    MONGO_PASSWORD="example" \
-    CREDENTIALS_PATH="$HOME/data/creds/credentials.json"
-
-# Copy pre-built jupyterlab, syft dependencies
-COPY --chown=$USER_GRP --from=syft_deps $HOME/.local $HOME/.local
-
-# copy grid
-COPY --chown=$USER_GRP grid/backend/grid ./grid/
-
-# copy syft
-COPY --chown=$USER_GRP syft/ ./syft/
+    MONGO_PASSWORD="example"
 
 CMD ["bash", "./grid/start.sh"]

packages/grid/backend/backend.dockerfile.dockerignore

@@ -0,0 +1,63 @@
+# Paths should be against the docker root context dir i.e. /packages
+
+# Syft
+**/tests/
+**/*.md
+
+# Byte-compiled / optimized / DLL files
+**/__pycache__/
+**/*.py[cod]
+**/*$py.class
+
+# Distribution / packaging
+**/.Python
+**/build/
+**/develop-eggs/
+**/dist/
+**/downloads/
+**/eggs/
+**/.eggs/
+**/lib/
+**/lib64/
+**/parts/
+**/sdist/
+**/var/
+**/wheels/
+**/share/python-wheels/
+**/*.egg-info/
+**/.installed.cfg
+**/*.egg
+**/MANIFEST
+
+# Jupyter Notebook
+**/.ipynb_checkpoints
+
+# Environments
+**/.env
+**/.venv
+**/env/
+**/venv/
+**/ENV/
+**/env.bak/
+**/venv.bak/
+
+# Unit test / coverage reports
+**/htmlcov/
+**/.tox/
+**/.nox/
+**/.coverage
+**/.coverage.*
+**/.cache
+**/nosetests.xml
+**/coverage.xml
+**/*.cover
+**/*.py,cover
+**/.hypothesis/
+**/.pytest_cache/
+**/cover/
+
+# vim
+**/*.swp
+
+# macOS
+**/.DS_Store

packages/grid/backend/grid/bootstrap.py

@@ -26,8 +26,7 @@ def get_env(key: str, default: str = "") -> str | None:
     return None
 
 
-DEFAULT_CREDENTIALS_PATH = os.path.expandvars("$HOME/data/creds/credentials.json")
-CREDENTIALS_PATH = str(get_env("CREDENTIALS_PATH", DEFAULT_CREDENTIALS_PATH))
+CREDENTIALS_PATH = str(get_env("CREDENTIALS_PATH", "credentials.json"))
 NODE_PRIVATE_KEY = "NODE_PRIVATE_KEY"
 NODE_UID = "NODE_UID"
 

packages/grid/backend/grid/images/worker_cpu.dockerfile

@@ -18,13 +18,12 @@ ARG PIP_PACKAGES="pip --dry-run"
 ARG CUSTOM_CMD='echo "No custom commands passed"'
 
 # Worker specific environment variables go here
-ENV SYFT_WORKER="true"
-ENV SYFT_VERSION_TAG=${SYFT_VERSION_TAG}
+ENV SYFT_WORKER="true" \
+    SYFT_VERSION_TAG=${SYFT_VERSION_TAG} \
+    UV_HTTP_TIMEOUT=600
 
-# Commenting this until we support built using python docker sdk or find any other alternative.
-# RUN --mount=type=cache,target=/var/cache/apk,sharing=locked \
-#     --mount=type=cache,target=$HOME/.cache/pip,sharing=locked \
-RUN apk update && \
-    apk add ${SYSTEM_PACKAGES} && \
-    pip install --user ${PIP_PACKAGES} && \
+RUN apk update && apk upgrade && \
+    apk add --no-cache ${SYSTEM_PACKAGES} && \
+    # if uv is present then run uv pip install else simple pip install
+    if [ -x "$(command -v uv)" ]; then uv pip install --no-cache ${PIP_PACKAGES}; else pip install --user ${PIP_PACKAGES}; fi && \
     bash -c "$CUSTOM_CMD"

packages/grid/backend/grid/start.sh

@@ -1,24 +1,17 @@
 #! /usr/bin/env bash
 set -e
 
-echo "Running start.sh with RELEASE=${RELEASE} and $(id)"
-export GEVENT_MONKEYPATCH="False"
+echo "Running Syft with RELEASE=${RELEASE} and $(id)"
 
 APP_MODULE=grid.main:app
 LOG_LEVEL=${LOG_LEVEL:-info}
 HOST=${HOST:-0.0.0.0}
 PORT=${PORT:-80}
 NODE_TYPE=${NODE_TYPE:-domain}
 APPDIR=${APPDIR:-$HOME/app}
-
 RELOAD=""
 DEBUG_CMD=""
 
-# For debugging permissions
-ls -lisa $HOME/data
-ls -lisa $APPDIR/syft/
-ls -lisa $APPDIR/grid/
-
 if [[ ${DEV_MODE} == "True" ]];
 then
     echo "DEV_MODE Enabled"
@@ -28,15 +21,15 @@ fi
 # only set by kubernetes to avoid conflict with docker tests
 if [[ ${DEBUGGER_ENABLED} == "True" ]];
 then
-    pip install --user debugpy
+    uv pip install debugpy
     DEBUG_CMD="python -m debugpy --listen 0.0.0.0:5678 -m"
 fi
 
-set +e
+export CREDENTIALS_PATH=${CREDENTIALS_PATH:-$HOME/data/creds/credentials.json}
 export NODE_PRIVATE_KEY=$(python $APPDIR/grid/bootstrap.py --private_key)
 export NODE_UID=$(python $APPDIR/grid/bootstrap.py --uid)
 export NODE_TYPE=$NODE_TYPE
-set -e
+export GEVENT_MONKEYPATCH="False"
 
 echo "NODE_UID=$NODE_UID"
 echo "NODE_TYPE=$NODE_TYPE"

packages/grid/frontend/frontend.dockerfile.dockerignore

@@ -0,0 +1,15 @@
+# Paths should be relative to the context dir of this image i.e. /packages/grid/frontend/
+
+# Frontend
+**/*.md
+
+# Dependency directories
+**/node_modules
+**/.svelte-kit
+**/.pnpm-store
+
+# vim
+**/*.swp
+
+# macOS
+**/.DS_Store