使用AWS CodeBuild在Amazon SageMaker Studio中构建Docker图像
sagemaker-studio-image-build的Python项目详细描述
SageMaker Docker构建
这是一个CLI,用于使用AWS CodeBuild在SageMaker Studio中构建Docker映像。在
用法
导航到包含Dockerfile的目录,只需执行以下操作:
sm-docker build .
支持docker build
支持的任何其他参数
默认情况下,图像将被推送到带有标记latest
的存储库sagemakerstudio
,并使用Studio应用程序的执行角色和默认的SageMaker Python SDK S3 bucket
可以使用相关的CLI选项覆盖这些选项。在
sm-docker build . --repository mynewrepo:1.0 --role MyRoleName
CLI将负责打包当前目录并上传到S3,创建一个CodeBuild项目,使用S3构件开始构建,跟踪构建日志,并将构建的映像上载到ECR。在
安装
使用pip安装CLI。在
pip install sagemaker-studio-image-build
确保执行角色具有CodeBuild的信任策略。在
{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":["codebuild.amazonaws.com"]},"Action":"sts:AssumeRole"}]}
执行角色需要以下权限才能在CodeBuild中执行构建并将映像推送到ECR
{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["codebuild:DeleteProject","codebuild:CreateProject","codebuild:BatchGetBuilds","codebuild:StartBuild"],"Resource":"arn:aws:codebuild:*:*:project/sagemaker-studio*"},{"Effect":"Allow","Action":"logs:CreateLogStream","Resource":"arn:aws:logs:*:*:log-group:/aws/codebuild/sagemaker-studio*"},{"Effect":"Allow","Action":["logs:GetLogEvents","logs:PutLogEvents"],"Resource":"arn:aws:logs:*:*:log-group:/aws/codebuild/sagemaker-studio*:log-stream:*"},{"Effect":"Allow","Action":"logs:CreateLogGroup","Resource":"*"},{"Effect":"Allow","Action":["ecr:CreateRepository","ecr:BatchGetImage","ecr:CompleteLayerUpload","ecr:DescribeImages","ecr:DescribeRepositories","ecr:UploadLayerPart","ecr:ListImages","ecr:InitiateLayerUpload","ecr:BatchCheckLayerAvailability","ecr:PutImage"],"Resource":"arn:aws:ecr:*:*:repository/sagemaker-studio*"},{"Effect":"Allow","Action":"ecr:GetAuthorizationToken","Resource":"*"},{"Effect":"Allow","Action":["s3:GetObject","s3:DeleteObject","s3:PutObject"],"Resource":"arn:aws:s3:::sagemaker-*/*"},{"Effect":"Allow","Action":["s3:CreateBucket"],"Resource":"arn:aws:s3:::sagemaker*"},{"Effect":"Allow","Action":["iam:GetRole","iam:ListRoles"],"Resource":"*"},{"Effect":"Allow","Action":"iam:PassRole","Resource":"arn:aws:iam::*:role/*","Condition":{"StringLikeIfExists":{"iam:PassedToService":"codebuild.amazonaws.com"}}}]}
开发
签出存储库。在
make install
本地测试
要在本地构建,请使用examples目录中的示例dockerfile之一
ROLE_NAME=<<A role in your account to use in the CodeBuild build job>>(cd examples/basic_build && sm-docker build . --role ${ROLE_NAME})
(cd examples/build_with_args && sm-docker build . --role ${ROLE_NAME} --file Dockerfile.args --build-arg BASE_IMAGE=python:3.8 )
在SageMaker Studio上进行测试
要构建在SageMaker Studio上使用的二进制文件,请指定一个S3路径并使用s3bundle目标。在
exportDEV_S3_PATH_PREFIX=s3://path/to/location black . make -k s3bundle
从SageMaker工作室的“系统终端”
exportDEV_S3_PATH_PREFIX=s3://path/to/location aws s3 sync ${DEV_S3_PATH_PREFIX}/sagemaker-docker-build/dist . pip install sagemaker_studio_image_build-x.y.z.tar.gz
安全
有关详细信息,请参见CONTRIBUTING。在
许可证
这个库是根据MIT-0许可证授权的。请参见许可证文件。在
- 项目
标签: