Support for Proxy variables during docker build[IMP]
chezhia opened this issue · 3 comments
Is your enhancement request related to a problem? Please describe.
The docker build process during packaging an app works under the assumption that there is unrestricted access to the internet, which is often not the case for hospital environments.
Enhancement needed
monai-deploy package command should be able to take custom inputs for environment variables (say, Proxy settings for internet access) and automatically set them at the start of the dockerfile.
Describe the solution you'd like
Additional optional arguments for package command to set ENV variables during docker build.
Describe alternatives you've considered
Cloning and modifying the template.py file and building a local version of the sdk worked, but is not a clean solution.
Additional context
We operate in an air-gapped environment and need flexibility in setting the environment variables.
Thanks @chezhia for the issue.
Is it possible to share exactly what you had to change in the Dockerfile template to make it work?
Generally we rely on the host env to have set up the internet connections, as other applications may also require such. As far as Docker client is concerned, there is support for proxy configurations. Wonder if you have considered and tried this route, and if not, please give it a try.
I added the following lines to COMMON_FOOTPRINT in the templates.py file under packager. But your suggestion to use docker's proxy configurations seems to do the same. I will try it. Thanks!
COMMON_FOOTPRINT = """
USER root
ENV http_proxy= <http_proxy> \
https_proxy= <https_proxy>\
no_proxy= <no_proxy_settings> \
NO_PROXY=<no_proxy_settings>
Thanks @chezhia.
The proxy settings can be taken cared of by the Docker client proxy configuration settings.
If the host is locked down so much that a user cannot even tweak the Docker configuration files, then passing the proxy settings on the docker build command will be the next option. This has to be done in the Packager implementation where the command is dynamically generated. The file in the App SDK distribution has to be changed, before the enhancement feature is implemented.
Setting the ENV in the Dockerfile during build will cause the env vars embedded in the built image, and potentially not-working if the packaged app needs internet access and the image is run in other environment; though the MAP examples we have now don't need internet connection to run.
Also, starting with App SDK v0.6, the packager is shared/from Holoscan SDK, which uses the buildx for multiple platform support. BuildX had an issue of ignoring the proxy settings, but has addressed issue in newer release. So, using the Docker config file is still the preferred approach.