PrimeHub
  • Introduction
  • Installation
  • Tiers and Licenses
  • End-to-End Tutorial
    • 1 - MLOps Introduction and Scoping the Project
    • 2 - Train and Manage the Model
    • 3 - Compare, Register and Deploy the Model
    • 4 - Build the Web Application
    • 5 - Summary
  • User Guide
    • User Portal
    • Notebook
      • Notebook Tips
      • Advanced Settings
      • PrimeHub Notebook Extension
      • Submit Notebook as Job
    • Jobs
      • Job Artifacts
      • Tutorial
        • (Part1) MNIST classifier training
        • (Part2) MNIST classifier training
        • (Advanced) Use Job Submission to Tune Hyperparameters
        • (Advanced) Model Serving by Seldon
        • Job Artifacts Simple Usecase
    • Models
      • Manage and Deploy Model
      • Model Management Configuration
    • Deployments
      • Pre-packaged servers
        • TensorFlow server
        • PyTorch server
        • SKLearn server
        • Customize Pre-packaged Server
        • Run Pre-packaged Server Locally
      • Package from Language Wrapper
        • Model Image for Python
        • Model Image for R
        • Reusable Base Image
      • Prediction APIs
      • Model URI
      • Tutorial
        • Model by Pre-packaged Server
        • Model by Pre-packaged Server (PHFS)
        • Model by Image built from Language Wrapper
    • Shared Files
    • Datasets
    • Apps
      • Label Studio
      • MATLAB
      • MLflow
      • Streamlit
      • Tutorial
        • Create Your Own App
        • Create an MLflow server
        • Label Dataset by Label Studio
        • Code Server
    • Group Admin
      • Images
      • Settings
    • Generate an PrimeHub API Token
    • Python SDK
    • SSH Server Feature
      • VSCode SSH Notebook Remotely
      • Generate SSH Key Pair
      • Permission Denied
      • Connection Refused
    • Advanced Tutorial
      • Labeling the data
      • Notebook as a Job
      • Custom build the Seldon server
      • PrimeHub SDK/CLI Tools
  • Administrator Guide
    • Admin Portal
      • Create User
      • Create Group
      • Assign Group Admin
      • Create/Plan Instance Type
      • Add InfuseAI Image
      • Add Image
      • Build Image
      • Gitsync Secret for GitHub
      • Pull Secret for GitLab
    • System Settings
    • User Management
    • Group Management
    • Instance Type Management
      • NodeSelector
      • Toleration
    • Image Management
      • Custom Image Guideline
    • Volume Management
      • Upload Server
    • Secret Management
    • App Settings
    • Notebooks Admin
    • Usage Reports
  • Reference
    • Jupyter Images
      • repo2docker image
      • RStudio image
    • InfuseAI Images List
    • Roadmap
  • Developer Guide
    • GitHub
    • Design
      • PrimeHub File System (PHFS)
      • PrimeHub Store
      • Log Persistence
      • PrimeHub Apps
      • Admission
      • Notebook with kernel process
      • JupyterHub
      • Image Builder
      • Volume Upload
      • Job Scheduler
      • Job Submission
      • Job Monitoring
      • Install Helper
      • User Portal
      • Meta Chart
      • PrimeHub Usage
      • Job Artifact
      • PrimeHub Apps
    • Concept
      • Architecture
      • Data Model
      • CRDs
      • GraphQL
      • Persistence Storages
      • Persistence
      • Resources Quota
      • Privilege
    • Configuration
      • How to configure PrimeHub
      • Multiple Jupyter Notebook Kernels
      • Configure SSH Server
      • Configure Job Submission
      • Configure Custom Image Build
      • Configure Model Deployment
      • Setup Self-Signed Certificate for PrimeHub
      • Chart Configuration
      • Configure PrimeHub Store
    • Environment Variables
Powered by GitBook
On this page
  • Introduction
  • Configure DockerHub Registry
  • Configure Google Container Registry (GCR)
  • Configure AWS Elastic Container Registry (ECR)
  1. Developer Guide
  2. Configuration

Configure Custom Image Build

PreviousConfigure Job SubmissionNextConfigure Model Deployment

Last updated 2 years ago

Introduction

PrimeHub provides the capability to build custom images. There are two features related to building image

  • __: Allows group admin to create custom image.

  • __ (EE only): Allows system admin to create custom image

Once images are built successfully, they will be pushed into specified repositories of a registry. Here we show how to configure PrimeHub using a remote registry for it.

Path
Description
Default Value

customImage.registryEndpoint

The registry the built image to push

N/A

customImage.registryUsername

Login user name for registry

N/A

customImage.registryPassword

Login password for registry

N/A

customImage.pushRepo

The image repository for the build image. The result image will be <repo>:<image name>-<tag>

N/A

customImage.pushRepoPrefix

The image prefix for the build image. The result image will be <repo prefix>/<image name>:<tag>. This field will be ignored when customImage.pushRepo is set

N/A

customImage.pushSecretName

The secret name of the registry push secret

primehub-controller-custom-image-push-secret

Configure DockerHub Registry

  1. Sign in DockerHub.

  2. Go to Account Settings/Security/Access Tokens Generate new access token and save it. (REF: ).

  3. Create a repository and note down the <namespace> and <repo name>

  4. Configuration example of DockerHub registry

    customImage:
      enabled: true
      registryEndpoint: docker.io
      registryUsername: <your_docker_hub_username>
      registryPassword: <your_access_token>
      pushRepo: docker.io/<namespace>/<repo name>

Configure Google Container Registry (GCR)

  1. The username is always _json_key. The password is the keyfile json. Please make it a one-line json string so that we can put it in the environment variable.

    cat keyfile | jq -c .
  2. Configuration example of GCR

    customImage:
      enabled: true
      registryEndpoint: https://gcr.io
      registryUsername: _json_key
      registryPassword: <gcr_service_account_json>
      pushRepo: gcr.io/<gcp_project_name>/<repo name>

Configure AWS Elastic Container Registry (ECR)

  1. Install the tool aws-ecr-credential by helm to fetch the latest access token of AWS ECR.

    helm repo add infuseai https://charts.infuseai.io
    helm repo update
    helm install aws-ecr-credential infuseai/aws-ecr-credential \
      --set-string aws.account="<aws_account_id>" \
      --set aws.region="<aws_region>" \
      --set targetNamespace=hub

    The access token of ECR will be generated into a k8s secret aws-registry under the target namespace.

    $ kubectl get secret -n hub aws-registry
    NAME           TYPE                             DATA   AGE
    aws-registry   kubernetes.io/dockerconfigjson   1      3h32m
  2. Configuration example of ECR

      customImage:
        registryEndpoint: https://8<aws_account_id>.dkr.ecr.<aws_region>.amazonaws.com
        pushRepo: <aws_account_id>.dkr.ecr.<aws_region>.amazonaws.com/<repo name>
        pushSecretName: aws-registry

Notice

Please reference this to get the username and password

Please reference this to setup IAM role policy with ECR.

AWS ECR only support push the container image to an existed repository. Please reference the to create the corresponding repository on AWS ESC before adding the custom image build.

Image > Build custom image
Admin Portal > Images
Managing access tokens
official document for GCR
official document for ECR
official document