Use a custom image to deploy a model service - Platform For AI

Elastic Algorithm Service (EAS) allows you to deploy model services by using custom images. You can build a Docker image that contains the entire runtime environment of your service and mount your model or code to the service instances during runtime. For more information about how to mount the model or code, see Mount storage to services. This topic describes how to deploy a model service by using a custom image.

Background information

A model service often contains complex business logic and the implementation of custom inference requires a complex development environment. For example, you may run the yum install/apt-get install command to install multiple dependencies in the system path. To accommodate this complexity, EAS allows you to use custom images to deploy model services.

This topic describes how to use custom images to deploy model services in the PAI console or through the EASCMD client. For more information about how to use the EASCMD client, see Download the EASCMD client and complete identity authentication.

If you use custom images to deploy model services, the EAS engine is injected to service instances as a sidecar container during runtime to collect traffic or system monitoring data and add authentication information to service requests. You can send API requests over HTTP, WebSocket, or gRPC (HTTP/2) to call a model service.

Note

To send requests over gRPC, set the metadata.enable_grpc parameter to true when you deploy a model service.

Prepare a custom image

Note

If you have an available image that supports access over HTTP, WebSocket, and gRPC, skip this step and proceed to deploy the model service.

Develop an image service

You can develop an image service by using multiple methods. For example, you can use Flask to start a web server for service access. The following sample code shows a simple service whose code file is app.py.

from flask import Flask

app = Flask(__name__)

@app.route('/hello/model')
def hello_world():
    return 'Hello World'


if __name__ == '__main__':
    app.run(host='0.0.0.0', port=8000)

Build an image

Note

If you use Data Science Workshop (DSW) for development, click Create Image in the Actions column of the desired DSW instance. Then, the system builds a Docker image and saves it to Alibaba Cloud Container Registry. During model service deployment, you can click Custom Image and select the image from the drop-down list.

The following section describes how to install Docker to build an image on your on-premises machine. You can also use Alibaba Cloud Container Registry to build an image. For more information about how to create a container image, see What is Container Registry?

Write a Dockerfile.

A Dockerfile is a text document that contains the instructions and descriptions required to build an image. You need to create a Dockerfile at the same level as the app.py file. The Dockerfile has the following directory structure:

flask_app
  ├── app.py
  └── Dockerfile

In the following Dockerfile, the app.py model service file is packaged in the image that you want to build. You can also save the model service file in Object Storage Service (OSS), File Storage NAS (NAS), or a Git repository and mount the model service file to service instances during the runtime. For more information, see Mount storage to services.

# Specify the desired image.
FROM alibaba-cloud-linux-3-registry.cn-hangzhou.cr.aliyuncs.com/alinux3/python
# Run the following commands in the container:
RUN yum -y install python3-pip
RUN pip3 install flask 
# Create a folder named app.
RUN mkdir -p /app
# Go to the app directory.
RUN cd /app
# Copy the app.py file in the current directory of the Linux system to the /app directory of the container. 
COPY app.py /app/
# Expose port 8000.
EXPOSE 8000
# Set the app folder as a working directory.
WORKDIR /app

# Run the following command when the container is started:
CMD ["flask", "run", "--host", "0.0.0.0"]

Build an image on your on-premises machine. In the CLI, go to the flask_app directory and run the following command to build a Docker image named flask-app:
```
docker build -t flask-app . 
```

Push an image to an image repository

EAS pulls the image from an image repository for deployment. The following section describes how to push an image that you built on your on-premises machine to an image repository:

Run the docker images command to obtain the ID of the image that you built.
Select an image repository. In this example, the Container Registry image repository is used. The repository address is crpi-***.cn-hangzhou.personal.cr.aliyuncs.com/***/***. Different image repositories have different requirements for network configurations during deployment in EAS. For more information, see Select an image repository.

Run the following commands to push the image to the Container Registry image repository:

docker login --username=<Username>  crpi-***.cn-hangzhou.personal.cr.aliyuncs.com
docker tag <Image ID> crpi-***.cn-hangzhou.personal.cr.aliyuncs.com/***/***:flask-app
docker push crpi-***.cn-hangzhou.personal.cr.aliyuncs.com/***/***:flask-app

The image address is crpi-***.cn-hangzhou.personal.cr.aliyuncs.com/***/***:flask-app.

Select an image repository

EAS requires different network configurations for different image repositories.

Container Registry repository:
- Container Registry Personal Edition: provides a unified internal endpoint for each region. If the model service that you want to deploy resides in the region in which a Container Registry Personal Edition image resides, you can use the internal endpoint of the image to deploy the model service. Otherwise, you must use the public endpoint of the image to deploy the model service.
- Container Registry Enterprise Edition: A Container Registry Enterprise Edition image can be accessed only within your virtual private cloud (VPC). To allow EAS to pull the image, you must connect EAS to the corresponding VPC. For more information, see Configure VPC.
Self-built image repository:
- If you use Harbor to create a self-managed image repository in a VPC, the image repository is accessible only within your VPC. Similar to using a Container Registry Enterprise Edition image, you must connect EAS to your VPC. For more information, see Configure VPC.

Important

By default, EAS is not accessible over the Internet. If you want EAS to pull an image from an image repository over the Internet, you must enable Internet access for EAS. For more information, see Configure Internet access.

Authenticate access to an image repository

If you use a Container Registry image repository under the same account for model service deployment, you do not need to enter the username and password. EAS allows you to pull an image across services without using a password.
If your self-built image repository requires a username and a password as access credentials, you must configure the dockerAuth parameter when you deploy a model service. For more information, see Deploy a model service.

Deploy a model service

Obtain the required information to deploy a model service by using a custom image:

The address of the image repository. Example: crpi-***-vpc.cn-hangzhou.personal.cr.aliyuncs.com/***:flask-app.
The command to start a container based on the image. Example: python3 app.py.
The port number of the container that the service listens on. Example: 8000.
Note
The port number is optional. For example, if you want the service to accept requests from message queues within the container instead of the EAS gateway, you do not need to specify the port number.

Use the PAI console

The following table describes the key parameters.

Parameter	Description
Deployment Method	Select Image-based Deployment.
Image Configuration	Select Image Address and enter the image address `crpi-*-vpc.cn-hangzhou.personal.cr.aliyuncs.com/*:flask-app`. In the example, a Container Registry image repository is used. You do not need to enter the username and password.
Command	`python3 app.py`
Port Number	8000

Use the EASCMD client

The following sample code provides an example of a JSON configuration file:

{
    "metadata": {
        "name": "flask_app_test",
        "instance": 1
    },
    "cloud": {
        "computing": {
            "instances": [
                {
                    "type": "ecs.c8y.large"
                }
            ]
        }
    },
    "containers": [
        {
            "image": "crpi-***-vpc.cn-hangzhou.personal.cr.aliyuncs.com/***:flask-app",
            "script": "python3 app.py",
            "port": 8000
        }
    ]
}

The following table describes the key parameters for model service deployment by using a custom image. For information about other parameters, see Parameters of model services.

Parameter		Required	Description
containers	image	Yes	The address of the image that you want to use to deploy a model service.
	command	Specify one of the two parameters.	The command to run when you start a container. Use this parameter to specify simple commands, such as commands that do not contain /bin/sh. If you want to run complex commands such as cd xxx && python app.py, configure the script parameter.
	script		The script to run when you start a container. Use this parameter to specify complex commands. Separate multiple lines with \n or semicolons (;).
	port	No	The port number of the container that the service listens on. Important Do not specify port 8080 and port 9090 because the EAS engine listens on these ports. If you configure the command parameter, set this parameter to the port in the xxx.py file that you specified in the command parameter.
dockerAuth		No	The authentication information for the Docker registry. This parameter is required if the image resides in a private image repository. Valid values: `username:password` in the Base64-encoded format. For example, if the value of `username:password` is `abcd:abcde12345`, you can run the `echo -n "abcd:abcde12345" \| base64` command to Base64-encode the "abcd:abcde12345" string. Then, you can specify the output `YWJjZDphYmNkZTEy****` as the value of the dockerAuth parameter.

Run the following command to deploy the model service on the EASCMD client:

eascmd create image.json

In the preceding command, image.json specifies the name of the configuration file that you created in the preceding step.

If the command runs as expected, the command output contains the endpoint and token of the service, as shown in the following example.

[RequestId]: BFFFE5F5-1F07-437E-B59A-AF1F2B66****
+-------------------+-----------------------------------------------------------------------------------+
| Internet Endpoint | http://182848887922***.cn-shanghai.pai-eas.aliyuncs.com/api/predict/image_test    |
| Intranet Endpoint | http://182848887922***.vpc.cn-shanghai.pai-eas.aliyuncs.com/api/predict/image_test|
|             Token | NjA4MzQxOWQ0MTY2M2Y4OGY0NjgwODkwZTZmYWJmZWU1ZmY0Njhk****                          |
+-------------------+-----------------------------------------------------------------------------------+
[OK] Service is now creating
[OK] Waiting [Total: 2, Pending: 2, Running: 0]
[OK] Running [Total: 2, Pending: 0, Running: 2]
[OK] Service is running

If you need to modify service configurations, run the modify command, as shown in the following example.
For more information about the modify command, see Modify service configurations.
```
eascmd modify registry_test -s image.json
```
In the preceding command, registry_test specifies the name of the service and image.json specifies the name of the configuration file that you created in the preceding step.

Call a model service

After you deploy a model service, you can obtain the endpoint of the service on the model service details page in the PAI console or by running the eascmd desc command on the EASCMD client.

The web service is accessible at the endpoint /hello/model. To send a synchronous request to the web service, you must append /hello/model to the endpoint of the model service.

For example, the endpoint of the model service in EAS is http://182848887922***.cn-shanghai.pai-eas.aliyuncs.com/api/predict/image_test.

Then, requests to the web service must be sent to the following endpoint:

http://182848887922***.cn-shanghai.pai-eas.aliyuncs.com/api/predict/image_test/hello/model.

For more information about how to call a model service, see Call a service over a public endpoint.

Appendix: Sample service configurations

Use the gRPC protocol

{
  "name": "image_test",
  "containers": [
    {
      "image": "registry-vpc.cn-shanghai.aliyuncs.com/xxx/yyy:zzz",
      "command": "python app.py",
      "port": 8000
    }
  ],
  "metadata": {
    "instance": 1,
    "enable_grpc": true
  }
}

References

The health check feature is supported when you deploy model services by using custom images. For more information, see Configure the health check feature.
For information about how deployment works in EAS, see Service deployment.
After you deploy a model service, you can use the auto scaling feature to handle workload fluctuations in your business. For more information, see Auto scaling.