docs(docker) Add ServerApps docs #3439
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -21,6 +21,12 @@ was not found, you will need to install Docker first. You can find installation | |
| you can follow the `Post-installation steps <https://docs.docker.com/engine/install/linux-postinstall/>`_ | ||
| on the official Docker website. | ||
|
|
||
| .. important:: | ||
|
|
||
| To ensure optimal performance and compatibility, the SuperLink, SuperNode and ServerApp image | ||
| must have the same version when running together. This guarantees seamless integration and | ||
| avoids potential conflicts or issues that may arise from using different versions. | ||
|
|
||
| Flower SuperLink | ||
| ---------------- | ||
|
|
||
|
|
@@ -52,7 +58,7 @@ to the Flower SuperLink. Here, we are passing the flag ``--insecure``. | |
|
|
||
| The ``--insecure`` flag enables insecure communication (using HTTP, not HTTPS) and should only be | ||
| used for testing purposes. We strongly recommend enabling | ||
| `SSL <https://flower.ai/docs/framework/how-to-run-flower-using-docker.html#enabling-ssl-for-secure-connections>`__ | ||
| when deploying to a production environment. | ||
|
|
||
| You can use ``--help`` to view all available flags that the SuperLink supports: | ||
|
|
@@ -66,14 +72,14 @@ Mounting a volume to store the state on the host system | |
|
|
||
| If you want to persist the state of the SuperLink on your host system, all you need to do is specify | ||
| a path where you want to save the file on your host system and a name for the database file. In the | ||
| example below, we tell Docker via the flag ``--volume`` to mount the user's home directory | ||
| (``~/`` on your host) into the ``/app/`` directory of the container. Furthermore, we use the | ||
| flag ``--database`` to specify the name of the database file. | ||
|
|
||
| .. code-block:: bash | ||
|
|
||
| $ docker run --rm \ | ||
| -p 9091:9091 -p 9092:9092 --volume ~/:/app/ flwr/superlink:1.8.0 \ | ||
| --insecure \ | ||
| --database state.db | ||
|
|
||
|
|
@@ -89,18 +95,18 @@ PEM-encoded certificate chain. | |
|
|
||
| .. note:: | ||
| For testing purposes, you can generate your own self-signed certificates. The | ||
| `Enable SSL connections <https://flower.ai/docs/framework/how-to-enable-ssl-connections.html#certificates>`__ | ||
| page contains a section that will guide you through the process. | ||
|
|
||
| Assuming all files we need are in the local ``certificates`` directory, we can use the flag | ||
| ``--volume`` to mount the local directory into the ``/app/`` directory of the container. This allows | ||
| the SuperLink to access the files within the container. Finally, we pass the names of the | ||
| certificates to the SuperLink with the ``--certificates`` flag. | ||
|
|
||
| .. code-block:: bash | ||
|
|
||
| $ docker run --rm \ | ||
| -p 9091:9091 -p 9092:9092 --volume ./certificates/:/app/ flwr/superlink:1.8.0 \ | ||
| --certificates ca.crt server.pem server.key | ||
|
|
||
| Flower SuperNode | ||
|
|
@@ -117,7 +123,7 @@ building your own SuperNode image. | |
| day. To ensure the versions are in sync, using the concrete tag, e.g., ``1.9.0.dev20240501`` | ||
| instead of ``nightly`` is recommended. | ||
|
|
||
| We will use the ``quickstart-pytorch`` example, which you can find in | ||
| the Flower repository, to illustrate how you can dockerize your client-app. | ||
|
|
||
| .. _SuperNode Prerequisites: | ||
|
|
@@ -126,14 +132,14 @@ Prerequisites | |
| ~~~~~~~~~~~~~ | ||
|
|
||
| Before we can start, we need to meet a few prerequisites in our local development environment. | ||
| You can skip the first part if you want to run your client-app instead of the ``quickstart-pytorch`` | ||
|
There was a problem hiding this comment. Rename client-app > ClientApp for consistency. |
||
| example. | ||
|
|
||
| #. Clone the flower repository. | ||
|
|
||
|
|
||
| .. code-block:: bash | ||
|
|
||
| $ git clone https://github.com/adap/flower.git && cd flower/examples/quickstart-pytorch | ||
|
There was a problem hiding this comment. - git clone https://github.com/adap/flower.git && cd flower/examples/quickstart-pytorch
+ git clone --depth=1 https://github.com/adap/flower.git && cd flower/examples/quickstart-pytorch |
||
|
|
||
| #. Verify the Docker daemon is running. | ||
|
|
||
|
|
@@ -152,13 +158,26 @@ Let's assume the following project layout: | |
| $ tree . | ||
| . | ||
| ├── client.py # ClientApp code | ||
| └── <other files> | ||
|
|
||
| First, we need to create a ``requirements.txt`` file in the directory where the ``ClientApp`` code | ||
| is located. In the file, we list all the dependencies that the ClientApp requires. | ||
|
|
||
| .. code-block:: | ||
|
|
||
| flwr-datasets[vision]>=0.0.2,<1.0.0 | ||
| torch==2.1.1 | ||
| torchvision==0.16.1 | ||
| tqdm==4.66.3 | ||
|
|
||
| .. important:: | ||
|
|
||
| Note that `flwr <https://pypi.org/project/flwr/>`__ is already installed in the ``flwr/supernode`` | ||
| base image, so you only need to include other package dependencies in your requirements.txt, | ||
| such as torch, tensorflow, etc. | ||
|
There was a problem hiding this comment. ... in your |
||
|
|
||
| Next, we create a Dockerfile. If you use the ``quickstart-pytorch`` example, create a new | ||
| file called ``Dockerfile.supernode`` in ``examples/quickstart-pytorch``. | ||
|
|
||
| The ``Dockerfile.supernode`` contains the instructions that assemble the SuperNode image. | ||
|
|
||
|
|
@@ -167,34 +186,20 @@ The ``Dockerfile.supernode`` contains the instructions that assemble the SuperNo | |
| FROM flwr/supernode:nightly | ||
|
|
||
| WORKDIR /app | ||
|
|
||
| COPY requirements.txt . | ||
| RUN python -m pip install -U --no-cache-dir -r requirements.txt && pyenv rehash | ||
|
|
||
| COPY client.py ./ | ||
| ENTRYPOINT ["flower-client-app", "client:app"] | ||
|
|
||
| In the first two lines, we instruct Docker to use the SuperNode image tagged ``nightly`` as a base | ||
| image and set our working directory to ``/app``. The following instructions will now be | ||
| executed in the ``/app`` directory. Next, we install the ClientApp dependencies by copying the | ||
| ``requirements.txt`` file into the image and run ``pip install``. In the last two lines, | ||
| we copy the ClientApp code into the image and set the entry point to ``flower-client-app`` with | ||
|
There was a problem hiding this comment. we copy the |
||
| the argument ``client:app``. The argument is the object reference of the ClientApp | ||
| (``<module>:<attribute>``) that will be run inside the ClientApp. | ||
|
|
||
| Building the SuperNode Docker image | ||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
|
@@ -226,55 +231,55 @@ Let's break down each part of this command: | |
| * ``docker run``: This is the command to run a new Docker container. | ||
| * ``--rm``: This option specifies that the container should be automatically removed when it stops. | ||
| * ``flwr_supernode:0.0.1``: The name the tag of the Docker image to use. | ||
| * ``--insecure``: This option enables insecure communication. | ||
|
|
||
| .. attention:: | ||
|
|
||
| The ``--insecure`` flag enables insecure communication (using HTTP, not HTTPS) and should only be | ||
| used for testing purposes. We strongly recommend enabling | ||
| `SSL <https://flower.ai/docs/framework/how-to-run-flower-using-docker.html#enabling-ssl-for-secure-connections>`__ | ||
| when deploying to a production environment. | ||
|
|
||
| * | ``--server 192.168.1.100:9092``: This option specifies the address of the SuperLinks Fleet | ||
| | API to connect to. Remember to update it with your SuperLink IP. | ||
|
|
||
| .. note:: | ||
|
|
||
| To test running Flower locally, you can create a | ||
| `bridge network <https://docs.docker.com/network/network-tutorial-standalone/#use-user-defined-bridge-networks>`__, | ||
| use the ``--network`` argument and pass the name of the Docker network to run your SuperNodes. | ||
|
|
||
| Any argument that comes after the tag is passed to the Flower SuperNode binary. | ||
| To see all available flags that the SuperNode supports, run: | ||
|
|
||
| .. code-block:: bash | ||
|
|
||
| $ docker run --rm flwr/supernode:nightly --help | ||
|
|
||
| Enabling SSL for secure connections | ||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
|
||
| To enable SSL, we will need to mount a PEM-encoded root certificate into your SuperNode container. | ||
|
|
||
| Assuming the certificate already exists locally, we can use the flag ``--volume`` to mount the local | ||
| certificate into the container's ``/app/`` directory. This allows the SuperNode to access the | ||
| certificate within the container. Use the ``--certificates`` flag when starting the container. | ||
|
|
||
| .. code-block:: bash | ||
|
|
||
| $ docker run --rm --volume ./ca.crt:/app/ca.crt flwr_supernode:0.0.1 client:app \ | ||
| --server 192.168.1.100:9092 \ | ||
| --certificates ca.crt | ||
|
|
||
| Flower ServerApp | ||
| ---------------- | ||
|
|
||
| The procedure for building and running a ServerApp image is almost identical to the SuperNode image. | ||
|
|
||
| Similar to the SuperNode image, the ServerApp Docker image comes with a pre-installed version of | ||
| Flower and serves as a base for building your own ServerApp image. | ||
|
|
||
| We will use the same ``quickstart-pytorch`` example as we do in the Flower SuperNode section. | ||
| If you have not already done so, please follow the `SuperNode Prerequisites`_ before proceeding. | ||
|
|
||
|
|
||
|
|
@@ -288,13 +293,11 @@ Let's assume the following project layout: | |
| $ tree . | ||
| . | ||
| ├── server.py # ServerApp code | ||
| └── <other files> | ||
|
|
||
| First, we need to create a Dockerfile in the directory where the ``ServerApp`` code is located. | ||
| If you use the ``quickstart-pytorch`` example, create a new file called ``Dockerfile.serverapp`` in | ||
| ``examples/quickstart-pytorch``. | ||
|
|
||
| The ``Dockerfile.serverapp`` contains the instructions that assemble the ServerApp image. | ||
|
|
||
|
|
@@ -303,36 +306,16 @@ The ``Dockerfile.serverapp`` contains the instructions that assemble the ServerA | |
| FROM flwr/serverapp:1.8.0 | ||
chongshenng marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| WORKDIR /app | ||
|
|
||
| COPY server.py ./ | ||
| ENTRYPOINT ["flower-server-app", "server:app"] | ||
chongshenng marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| In the first two lines, we instruct Docker to use the ServerApp image tagged ``1.8.0`` as a base | ||
chongshenng marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| image and set our working directory to ``/app``. The following instructions will now be | ||
| executed in the ``/app`` directory. In the last two lines, we copy the ServerApp code into the | ||
|
There was a problem hiding this comment. ..., we copy the There was a problem hiding this comment. Should we call it There was a problem hiding this comment. You're right @Robert-Steiner! Let's stick to
|
||
| image and set the entry point to ``flower-server-app`` with the argument ``server:app``. | ||
| The argument is the object reference of the ServerApp (``<module>:<attribute>``) that will be run | ||
| inside the ServerApp container. | ||
|
|
||
| Building the ServerApp Docker image | ||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
|
@@ -370,33 +353,36 @@ Let's break down each part of this command: | |
|
|
||
| The ``--insecure`` flag enables insecure communication (using HTTP, not HTTPS) and should only be | ||
| used for testing purposes. We strongly recommend enabling | ||
| `SSL <https://flower.ai/docs/framework/how-to-run-flower-using-docker.html#enabling-ssl-for-secure-connections>`__ | ||
| when deploying to a production environment. | ||
|
|
||
| * | ``--server 192.168.1.100:9091``: This option specifies the address of the SuperLinks Driver | ||
| | API to connect to. Remember to update it with your SuperLink IP. | ||
|
|
||
| .. note:: | ||
| To test running Flower locally, you can create a | ||
| `bridge network <https://docs.docker.com/network/network-tutorial-standalone/#use-user-defined-bridge-networks>`__, | ||
| use the ``--network`` argument and pass the name of the Docker network to run your ServerApps. | ||
|
|
||
| Any argument that comes after the tag is passed to the Flower ServerApp binary. | ||
| To see all available flags that the ServerApp supports, run: | ||
|
|
||
| .. code-block:: bash | ||
|
|
||
| $ docker run --rm flwr/serverapp:1.8.0 --help | ||
|
|
||
| Enabling SSL for secure connections | ||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
|
||
| To enable SSL, we will need to mount a PEM-encoded root certificate into your ServerApp container. | ||
|
|
||
| Assuming the certificate already exists locally, we can use the flag ``--volume`` to mount the local | ||
| certificate into the container's ``/app/`` directory. This allows the ServerApp to access the | ||
| certificate within the container. Use the ``--certificates`` flag when starting the container. | ||
|
|
||
| .. code-block:: bash | ||
|
|
||
| $ docker run --rm --volume ./ca.crt:/app/ca.crt flwr_serverapp:0.0.1 client:app \ | ||
| --server 192.168.1.100:9091 \ | ||
| --certificates ca.crt | ||
|
|
||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rename client-app > ClientApp for consistency.