|
1 | | -# 1. PLATFORM PINNING: Essential for CUDA wheels. |
2 | | -# PyTorch with CUDA does not have wheels for ARM64 (Apple Silicon). |
3 | | -# We force linux/amd64 so Docker pulls the compatible x86 binary. |
| 1 | +# 1. PLATFORM PINNING |
4 | 2 | FROM --platform=linux/amd64 python:3.11-slim |
5 | 3 |
|
6 | 4 | # 2. ENVIRONMENT VARIABLES |
7 | | -# Keeps Python from buffering stdout/stderr (logs appear immediately) |
8 | | -# and prevents python from writing .pyc files. |
9 | 5 | ENV PYTHONDONTWRITEBYTECODE=1 \ |
10 | 6 | PYTHONUNBUFFERED=1 \ |
11 | | - PIP_NO_CACHE_DIR=1 |
| 7 | + PIP_NO_CACHE_DIR=1 \ |
| 8 | + TORCH_CUDA_ARCH_LIST="7.0;7.5;8.0;8.6;8.9;9.0" |
12 | 9 |
|
13 | 10 | WORKDIR /app |
14 | 11 |
|
15 | 12 | # 3. SYSTEM DEPENDENCIES |
16 | | -# Install basic build tools and libraries often required by vision/audio packages |
17 | 13 | RUN apt-get update && apt-get install -y --no-install-recommends \ |
18 | 14 | build-essential \ |
19 | 15 | git \ |
20 | 16 | libgl1 \ |
21 | 17 | libglib2.0-0 \ |
| 18 | + # wget/curl often useful in notebooks |
| 19 | + wget \ |
| 20 | + curl \ |
22 | 21 | && rm -rf /var/lib/apt/lists/* |
23 | 22 |
|
24 | 23 | # 4. INSTALL PYTORCH (Heavy Layer) |
25 | | -# We do this BEFORE copying requirements.txt or app code. |
26 | | -# This ensures Docker caches this heavy layer (2GB+) and doesn't re-download |
27 | | -# it unless you specifically change the Torch version. |
28 | 24 | RUN pip install --upgrade pip setuptools wheel && \ |
29 | 25 | pip install \ |
30 | 26 | torch==2.7.0 \ |
31 | 27 | torchvision==0.22.0 \ |
32 | 28 | torchaudio==2.7.0 \ |
33 | 29 | --index-url https://download.pytorch.org/whl/cu126 |
34 | 30 |
|
35 | | -# 5. INSTALL OTHER REQUIREMENTS |
36 | | -COPY requirements.txt . |
37 | | -RUN pip install -r requirements.txt |
| 31 | +# 5. CLONE SAM 3 & INSTALL JUPYTER |
| 32 | +# We install sam3 AND jupyterlab here |
| 33 | +RUN git clone https://github.com/facebookresearch/sam3.git && \ |
| 34 | + cd sam3 && \ |
| 35 | + pip install -e . && \ |
| 36 | + pip install jupyterlab matplotlib ipywidgets |
38 | 37 |
|
39 | | -# 6. SECURITY: CREATE NON-ROOT USER |
40 | | -# Running as root is a security risk. Create a user 'appuser'. |
| 38 | +# 6. SECURITY: NON-ROOT USER |
41 | 39 | RUN addgroup --system --gid 1001 appgroup && \ |
42 | 40 | adduser --system --uid 1001 --gid 1001 appuser |
43 | 41 |
|
44 | | -# 7. COPY APP CODE |
45 | | -COPY . . |
46 | | - |
47 | | -# Change ownership of the app directory to the non-root user |
| 42 | +# Grant ownership so Jupyter can write notebooks to /app |
48 | 43 | RUN chown -R appuser:appgroup /app |
49 | 44 |
|
50 | 45 | # Switch to non-root user |
51 | 46 | USER appuser |
52 | 47 |
|
| 48 | +# 7. CONFIGURATION |
| 49 | +# Expose the standard Jupyter port |
| 50 | +EXPOSE 8888 |
| 51 | + |
53 | 52 | # 8. ENTRYPOINT |
54 | | -# Update 'main.py' to your actual entry script |
55 | | -CMD ["python", "main.py"] |
| 53 | +# --ip=0.0.0.0: Allows connections from outside the container |
| 54 | +# --no-browser: Prevents it from trying to open a browser inside the container |
| 55 | +# --NotebookApp.token='': (Optional) Disables password for easier local dev |
| 56 | +CMD ["jupyter", "lab", "--ip=0.0.0.0", "--port=8888", "--no-browser", "--NotebookApp.token=''"] |
0 commit comments