Allow external access to Containers
Introduction¶
Researchers working with containers. many times need to access the container from remote. Some examples:
- Using a Jupyter notebook that runs within the container
- Using PyCharm to run python commands remotely.
- Using TensorBoard to view machine learning visualizations
This requires exposing container ports. When using docker, the way Researchers expose ports is by declaring them when starting the container. Run:AI has similar syntax.
Run:AI is based on Kubernetes. Kubernetes offers an abstraction of the container's location. This complicates the exposure of ports. Kubernetes offers a number of alternative ways to go about it:
| Method | Description | Prerequisites |
|---|---|---|
| Port Forwarding | Simple port forwarding allows access to the container via localhost | None |
| NodePort | Exposes the service on each Node’s IP at a static port (the NodePort). You’ll be able to contact the NodePort service from outside the cluster by requesting <NODE-IP>:<NODE-PORT> regardless of which node the container actually resides in. | None |
| LoadBalancer | Exposes the service externally using a cloud provider’s load balancer. | Only available with cloud providers |
| Ingress | Allows access to Kubernetes services from outside the Kubernetes cluster. You configure access by creating a collection of rules that define which inbound connections reach which services. | Requires an Ingress controller to be installed. See below |
See https://kubernetes.io/docs/concepts/services-networking/service for further details on these four options.
Ingress¶
Ingress allows access to Kubernetes services from outside the Kubernetes cluster. You configure access by creating a collection of rules that define which inbound connections reach which services. More information about ingress can be found here.
Setup¶
To submit jobs via ingress, You must install an Ingress controller in your Kubernetes cluster. The prevalent Ingress controller is ingress-nginx.
Usage¶
The Researcher uses the Run:AI CLI to set the method type and the ports when submitting the Workload. Example:
runai submit test-ingress -i jupyter/base-notebook -g 1 --interactive \
--service-type=ingress --port 8888:8888 --command \
-- start-notebook.sh --NotebookApp.base_url=test-ingress
Then run:
runai list jobs
You will see the service URL with which to access the Jupyter notebook
The URL will be composed of the ingress end-point, the Job name and the port (e.g. https://10.255.174.13/test-ingress-8888.
See Also¶
- To learn how to use port forwarding see Quickstart document: Launch an Interactive Build Workload with Connected Ports.
- See CLI command runai submit.