Spaces:

ayush2917
/

support-system

Runtime error

App Files Files Community

ayush2917 commited on May 2, 2025

Commit

2f0747a

verified ·

1 Parent(s): ecd483b

Update Dockerfile

Browse files

Files changed (1) hide show

Dockerfile +68 -37

Dockerfile CHANGED Viewed

@@ -1,57 +1,88 @@
-# Use a slim Python 3.9 base image
-FROM python:3.9-slim-buster@sha256:320a7a4250aba4249f458872adecf92eea88dc6abd2d76dc5c0f01cac9b53990
-# Set environment variables
 ENV PYTHONDONTWRITEBYTECODE=1 \
     PYTHONUNBUFFERED=1 \
     HF_HOME=/app/cache \
-    HUGGINGFACE_HUB_DISABLE_XET=1 \
-    PIP_NO_CACHE_DIR=1
-# Set working directory
-WORKDIR /app
-# Create directories with correct permissions
-RUN mkdir -p /app/data /app/cache && \
-    useradd -m myuser && \
-    chown -R myuser:myuser /app && \
-    chmod -R u+rw /app/data /app/cache
-# Install system dependencies
 RUN apt-get update && apt-get install -y --no-install-recommends \
     build-essential \
-    gcc \
-    g++ \
     && rm -rf /var/lib/apt/lists/*
-# Upgrade pip to the latest version
-RUN pip install --upgrade pip
-# Copy requirements first for better caching
 COPY requirements.txt .
-# Install dependencies from requirements.txt
-RUN pip install --no-cache-dir -r requirements.txt || { echo "Failed to install requirements"; exit 1; }
-# Pre-download models
-RUN python -c "from sentence_transformers import SentenceTransformer; SentenceTransformer('all-MiniLM-L6-v2', cache_folder='/app/cache')" || { echo "Failed to pre-download SentenceTransformer model"; exit 1; }
-RUN python -c "from transformers import AutoModelForCausalLM, AutoTokenizer; AutoModelForCausalLM.from_pretrained('distilgpt2', cache_dir='/app/cache'); AutoTokenizer.from_pretrained('distilgpt2', cache_dir='/app/cache')" || { echo "Failed to pre-download transformer model"; exit 1; }
-# Verify cache contents
-RUN ls -l /app/cache && \
-    find /app/cache -type f || { echo "Cache verification failed"; exit 1; }
-# Copy all project files
-COPY . .
-# Ensure permissions after copy
-RUN chown -R myuser:myuser /app && \
-    chmod -R u+rw /app/data /app/cache
-# Set non-root user
-USER myuser
-# Expose port for Gunicorn
 EXPOSE 8000
-# Start Gunicorn with a single worker to reduce memory usage
-CMD ["gunicorn", "--bind", "0.0.0.0:8000", "--workers", "1", "--timeout", "120", "app:app"]

+# Use official Python 3.9 slim image with explicit hash for security
+FROM python:3.9-slim-buster@sha256:3207a4250aba4249f458872adecf92eea88dc6abd2d76dc5c0f01cac9b53990
+# ========== SYSTEM CONFIGURATION ==========
+# Set critical environment variables
 ENV PYTHONDONTWRITEBYTECODE=1 \
     PYTHONUNBUFFERED=1 \
+    PYTHONMALLOC=malloc \
+    TOKENIZERS_PARALLELISM=false \
     HF_HOME=/app/cache \
+    HUGGINGFACE_HUB_CACHE=/app/cache \
+    PIP_NO_CACHE_DIR=1 \
+    GUNICORN_CMD_ARGS="--timeout 300 --workers 2 --preload"
+# Create directory structure with proper permissions
+RUN mkdir -p /app/{data,cache,config} && \
+    useradd -m -u 1001 appuser && \
+    chown -R appuser:appuser /app && \
+    chmod -R 755 /app
+WORKDIR /app
+# ========== DEPENDENCY INSTALLATION ==========
+# Install system dependencies in one layer
 RUN apt-get update && apt-get install -y --no-install-recommends \
     build-essential \
+    libgomp1 \
     && rm -rf /var/lib/apt/lists/*
+# Install Python dependencies with version pinning
 COPY requirements.txt .
+RUN pip install --upgrade pip && \
+    pip install --no-cache-dir -r requirements.txt && \
+    pip cache purge
+# ========== MODEL PRELOADING ==========
+# Pre-download models with error handling
+RUN python -c "\
+try: \
+    from sentence_transformers import SentenceTransformer; \
+    SentenceTransformer('all-MiniLM-L6-v2', cache_folder='/app/cache'); \
+    from transformers import AutoModelForCausalLM, AutoTokenizer; \
+    AutoModelForCausalLM.from_pretrained('distilgpt2', cache_dir='/app/cache'); \
+    AutoTokenizer.from_pretrained('distilgpt2', cache_dir='/app/cache'); \
+except Exception as e: \
+    print(f'Model preloading failed: {str(e)}'); \
+    raise \
+"
+# Verify model cache integrity
+RUN find /app/cache -type f -exec ls -lh {} \+ && \
+    du -sh /app/cache
+# ========== APPLICATION SETUP ==========
+# Copy application files (excluding .dockerignore patterns)
+COPY --chown=appuser:appuser . .
+# Ensure proper file permissions
+RUN chmod a+x /app/entrypoint.sh && \
+    chmod -R a+r /app && \
+    find /app -type d -exec chmod a+rx {} \+
+# Switch to non-root user
+USER appuser
+# Health check (every 30s, 5s timeout, 3 retries)
+HEALTHCHECK --interval=30s --timeout=5s --retries=3 \
+    CMD curl -f http://localhost:8000/health || exit 1
+# Expose port
 EXPOSE 8000
+# ========== RUNTIME CONFIGURATION ==========
+# Entrypoint script for pre-launch checks
+COPY entrypoint.sh .
+ENTRYPOINT ["./entrypoint.sh"]
+# Start Gunicorn with optimized settings
+CMD ["gunicorn", "--bind", "0.0.0.0:8000", \
+     "--workers", "2", \
+     "--timeout", "300", \
+     "--preload", \
+     "--worker-class", "sync", \
+     "--access-logfile", "-", \
+     "--error-logfile", "-", \
+     "--log-level", "info", \
+     "app:app"]