## Presentation Instructions
- Navigate: ↑ ← ↓ →
- Open presenter's view with notes (presenter's version only): S
- Enter/exit bird's-eye view: ESC

## Plan
::: {.incremental}  
- What containerization is
- Why care
- How to get started  
:::  

## What?

Container 
:   
> a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another. 

TLDR: a container is software virtualization with all necessary batteries included and redundant stuff excluded, s.t. it's lightweight and can run anywhere 

## What?

Docker
:   
> a (popular) freemium containerization platform.

::: {.fragment}  
Includes:  
- Docker Desktop  
- Docker Hub  
- Docker Engine  
- Docker Compose  
:::  

Technically, "Docker" as a platform has several components, listed here: Desktop, Hub, Engine, Compose. This can make it confusing when people say "Docker". Usually, when people say "Docker", they mean containerization as by docker. This is based on the use of the Engine, Compose, and maybe the Hub.

## What?
Docker
:   
> a (popular) freemium containerization platform.
  
Includes:  
- Docker Desktop    
- Docker Hub      :point_left:   
- Docker Engine   :point_left:    
- Docker Compose 

Today, we shall concentrate on using the Docker Engine + the Hub through the Linux CLI. When I say "Docker" in this presentation, this is what I will usually mean.

## Why?

Career POV:

- Docker/Containers are ubiquitous => (usually) good for your resume<sup>*</sup>

Arguably, one of the value propositions of an internship is to make you as job-ready as possible for as wide of an array of opportunities as possible (in DS/ML). Within a subset of the DS/ML job market, there are some opportunities where having experience with auxiliary tooling (e.g. version control, Linux CLI) is an asset. Containerization is one such tool.  

\* The caveat is of course containerization is not *required* in all jobs. E.g. teams that tend to use this tech more are production/enterprise-grade DS/ML teams. So usually not as required/marketable in more ad-hoc DS teams, where you run one-off experiments and research. 

That said, containers are everywhere. E.g. "From Gmail to YouTube to Search, everything at Google runs in containers.<a name="cite_ref-1"></a>[<sup>[1]</sup>](#cite_note-1) If you used a smartphone app, chances are it is served up to you from a container. Beside marketability as skill, you may also find containers useful in your own projects.

- Docker/Containers are integral to our/others' tech stack, but uni's often don't teach this => opportunity to learn

Traditional academic programs are good at teaching you core competences, like ML/statistical modeling and theory. But the latest tools of the trade used in the industry are often not taught; usually through no fault of their own. On the other hand, our ML team uses containers everywhere: from setting up replicable and shareable development environments to deploying and scaling entreprise machine learning solutions. Since this technology is frequently not part of DS/ML academic curriculum, being embedded in this team is an additional opportunity for you to expand your DS toolkit.

## Why?

Practical POV:

- Separation of responsibility

<a name="cite_ref-1"></a>[<sup>[1]</sup>](#cite_note-1)  

Containerization provides a clear separation of responsibility, as developers focus on application logic and dependencies, while IT operations teams can focus on deployment and management instead of application details such as specific software versions and configurations.

- Workload portability

<a name="cite_ref-1"></a>[<sup>[1]</sup>](#cite_note-1)  

Containers can run virtually anywhere, greatly easing development and deployment: on Linux, Windows, and Mac operating systems; on virtual machines or on physical servers; on a developer’s machine or in data centers on-premises; and of course, in the public cloud. 

- Application isolation

<a name="cite_ref-1"></a>[<sup>[1]</sup>](#cite_note-1)  

Containers virtualize CPU, memory, storage, and network resources at the operating system level, providing developers with a view of the OS logically isolated from other applications. Applications are safer in containers.<a name="cite_ref-3"></a>[<sup>[3]</sup>](#cite_note-3)

## Why?
![](media/container-vm-whatcontainer_2-980x783.png){.absolute top=125 left=0 height=400}    
![](media/docker-containerized-appliction-blue-border_2-980x783.png){.absolute .fragment top=125 right=50 height=400}    

::: {.fragment}  
![](media/cat-turtle-animals-fun.gif){.absolute top=225 left=20 height=400}    
![](media/cheetah-running.gif){.absolute top=225 right=30 height=300}     
:::

When trying to solve for the practical items on the previous slide, things like package environments (e.g. `venv`, `conda`, etc.) can help, but they don't replicate enough of the OS for full portability. E.g. your co-worker or the production server in the cloud may have Linux while you have developed in a `conda` environment on a Mac. To solve this problem we could try using a VM. But VMs virtualize the hardware and include the full OS. This makes them more hardware intensive and usually bigger in size (tens of GBs), and slow to boot. 

NEXT FRAGMENT

Containers, on the other hand, virtualize software only, are less hardware-hungry, and share the OS kernel. Containers, on the other hand, virtualize software only, are less hardware-hungry, and share the OS kernel. This makes them faster and more economical than VMs while achieving portability and isolation. Containers are typically tens of MBs to a few GBs in size.

NEXT FRAGMENT

It is not that there are no use cases for VM's, but for the goals we're trying to achieve Docker Containers have become the industry and our team's standard.

## TLDR So Far

::: {.column width="50%"}   
::: {.fragment}  
Containers:  

- ubiquotous  
- shippable  
- isolated  
- cross-platform  
- light   
- free     
:::  
:::


::: {.column width="50%"}   
::: {.fragment}  
Docker: 

- makes containers easier  
- popular
- free for personal use

:::    
:::  

## How?
### Workflow: from a Dockerfile
::::: {.columns}

:::: {.column width="25%"}  

::: {.fragment fragment-index=1}
:::{style="text-align: center"}  

![](media/docker_file_orange.png){fig-align="center" height=200}
Dockerfile

:::
:::
::::  

:::: {.column width="10%"}  
::: {style="font-size: 100%;"}
::: {.absolute top=265 left=260}
::: {.fragment fragment-index=2}
```
docker
build
```
:::
:::
::: {.fragment fragment-index=2}
![](media/arrow_right.png){.absolute top=300 height="50"}
:::
:::
::::


:::: {.column width="25%"}  

::: {.fragment fragment-index=3}
:::{style="text-align: center"}  

![](media/docker_image.png){fig-align="center" height=200}   
Docker Image

:::  
:::
::::

:::: {.column width="10%"}  
::: {style="font-size: 100%;"}
::: {.absolute top=265 right=315}
::: {.fragment fragment-index=4}
```
docker
run
```
:::
:::
::: {.fragment fragment-index=4}
![](media/arrow_right.png){.absolute top=300 height="50" right=335}
:::
:::
::::

:::: {.column width="30%"}

::: {.fragment fragment-index=5}
:::{style="text-align: left"}  

![](media/docker_container.png){fig-align="right" height=200}  
Docker Container

:::
:::

::::

:::::  





We shall explain the individual elements of the Docker workflow in more detail later, but here's the workflow in a nutshell: NEXT FRAGMENT  
We go from a Dockerfile, which is a just a plain textfile that the docker engine interprets... NEXT FRAGMENT  
Via a `docker build` command. NEXT FRAGMENT  
To turn it into a Docker Image. NEXT FRAGMENT  
We then use the `docker run` command... NEXT FRAGMENT  
To turn an image into a Docker Container.  

The analogy with programming is Dockerfile is like your "source code". When you do `docker build`, it's like compiling it into an `image` executable. Then, you can run many different "instances" or execute that "compiled" code, or `image`. These executed image "instances" are Docker containers.

## How?
### Workflow: from a Registry
::::: {.columns}

:::: {.column width="25%"}  

:::{style="text-align: center"}  

![](media/docker_registry.svg){fig-align="center" height=200}
Docker Registry

:::
::::  

:::: {.column width="10%"}  
::: {style="font-size: 100%;"}
::: {.absolute top=265 left=260}
```
docker
pull
```
:::
![](media/arrow_right.png){.absolute top=300 height="50"}
:::
::::


:::: {.column width="25%"}  

:::{style="text-align: center"}  

![](media/docker_image.png){fig-align="center" height=200}   
Docker Image

:::
::::

:::: {.column width="10%"}  
::: {style="font-size: 100%;"}
::: {.absolute top=265 right=315}
```
docker
run
```
:::
![](media/arrow_right.png){.absolute top=300 height="50" right=335}
:::
::::

:::: {.column width="28%"}

:::{style="text-align: left"}  

![](media/docker_container.png){fig-align="right" height=200}  
Docker Container

:::

::::

:::::  





Note that we don't have to start with the Dockerfile. We can download a pre-built image from a container registry<a name="cite_ref-4"></a>[<sup>[4]</sup>](#cite_note-4). This is useful when we don't want to write our own Dockerfile and build an image. Our ML team has a private registry. Docker Hub is a popular public registry.  

## Docker Image {.center}

## How?
### Docker Image: Naming

::: {.incremental}
- Name structure:  `registry/repository/image_name:tag`
    - `registry` - Is registry where the image is hosted; when skipped, defaults to `docker.io`, i.e. the Docker Hub
    - `repository` - Is repository where the image is hosted; not needed for Docker Official Images
    - `image_name` - Is the name of the image itself.
    - `tag` - Is a tagged "state" of that image that the creator has deemed useful.  
:::  

This should be self-explanatory.

## How?
### Docker Image: Naming

- Name structure:  `registry/repository/image_name:tag`

::: {.incremental}
- For example:

::: {.fragment}
```bash
docker.io/python:3.6.4  # Image name in a Docker Hub
python:3.6.4  # Same as above
pytorch/pytorch:2.4.0-cuda11.8-cudnn9-runtime  # In a Docker Hub/Pytorch repo
my_private_registry/some/repo/my_image:cool_tag-1.3  # In a private registry
```
:::
- [Docker Official Images](https://docs.docker.com/trusted-content/official-images/){target="_blank} skip `repository` name; considered common starting points and more secure
- You can see Docker Hub repositories/images via browser [here](https://hub.docker.com/){target="_blank"}  
:::


## How?
### Docker Image: List

::: {.fragment}  
Your turn! List your local images in Linux CLI:
```bash
docker images
```
:::

As mentioned, `registry` is optional, and defaults to Docker Hub. `repository` is optional for Docker Official Images.

If you're just staring to do Docker locally, this list may be empty.

## How?
### Docker Image: Pull
::: {.fragment .small}  
Now try pulling (== downloading) this Alpine Linux image from the Docker Hub registry:
```bash
docker pull docker.io/alpine:3.14
```
Because `docker.io` is the default, this would do the same:
```bash
docker pull alpine:3.14
```
:::

::: {.fragment}  
Once pulled, you have this image locally, so if you try pulling again, it won't download (unless the image changed in the registry).  
:::

::: {.fragment}  
Check your docker images again to see the newly pulled image it there:
```bash
docker images
```
:::

## How?
### Docker Image: Delete
::: {.fragment}  
Note that `docker images` lists images both by repo, tag, and image ID (which is the hash for the last layer). You can delete an image in various ways.  
Try this (by image name):
```bash
docker rmi alpine:3.14
```
OR this (by beginning characters that *uniquely* match an `IMAGE ID`):
```bash
docker rmi 9e1
```
Then check your docker images again to confirm deletion:
```bash
docker images
```
:::

## How?

### Docker Image: Login

Note that, if we were pulling from a private registry, we'd likely have to login first:  
```bash   
docker login my_private_registry  
```  

Then pull from that registry:  
```bash  
docker pull my_private_registry/some/repo/my_image:my_super_cool_tag-1.3  
```  

::: {.fragment}  
Less commonly used, but to push an image into a private repository:
```bash
docker push my_private_registry/some/repo/my_image:my_super_cool_tag-1.3
```
:::  



## Docker Container {.center}

## How?

### Docker Container

::: {.fragment}  
**Use case**: Setting up a portable and reproducible DS development environment.  
:::

::: {.fragment}  
Since we work in DS/ML, let's download this Python scientific stack image from the official [Jupyter Docker Stacks](https://jupyter-docker-stacks.readthedocs.io/en/latest/){target="_blank"}:
```bash
docker pull quay.io/jupyter/scipy-notebook:python-3.11.9
```
And, as usual, see that it's there:  
```bash
docker images
```
:::


Let's go over a **use case**: setting up a Python-based, reproducible/portable DS development environment.  

Note that we are downloading from a different registry, `quai.io`, and from the official `jupyter` repo.

## How?

### Docker Container: Run

::: {.fragment}
The syntax for command to start a container:
```bash
docker run [OPTIONS] IMAGE[:TAG|@DIGEST] [COMMAND] [ARG...]
```
:::

::: {.fragment}
Let's start a container for the first time from the image we downloaded (make sure nothing is taking that port currently, or map onto a different port).:
```bash
docker run -p 8888:8888 quay.io/jupyter/scipy-notebook:python-3.11.9
```
:::


Remember that a Container is like an "instance" of an Image. Let's "instantiate" an image into a container by doing the `run` command.  
We also see the `-p` flag, which maps port `8888` on our host machine to the `8888` on the container side. This is because Jupyter server starts at the `8888` port by default.

And you can run many different containers from this same image. You would just have to make sure to choose a new unused port on the host for the port mapping.

If you ever forget the port order mapping, think `host:guest`.

## How?

### Docker Container: Run Cont'd

::: {.fragment style="font-size: 75%;"}  
Now, assuming port `8888` on your host was not already taken, we should see the `http://127.0.0.1:8888/lab?token=...` URL in the CLI logs, and navigate to that address in the browser.  
:::  


::: {.fragment}   

::: {style="font-size: 75%;"}  
To see all *running* containers, open a *new terminal session* (<kbd>CTRL</kbd> + <kbd>ALT</kbd> + <kbd>T</kbd> on Linux) and enter:  
:::

```bash
docker ps
```

::: {style="font-size: 75%;"}  
This should list them all, including the image name from which the container was built, container name, ports, etc.    
:::

:::  

If we go to the URL in our browser (on the host side), we can start developing in that instance.

## How?

### Docker Container: Stop

::: {.fragment}
To (gracefully) stop a container from running:
```bash
docker stop CONTAINER_NAME|CONTAINER_ID 
```

::: {style="font-size: 75%;"}  
Just like with Docker images, containers can be idenfied with either a full container name *or* a full or partial container ID (with unique matching).  
:::

:::

::: {.fragment}  
Your turn! Find the ID and/or a name of your Jupyter container and stop it. Check via `docker ps` that it is no longer running.  
:::

## How?

### Docker Container: Stop Cont'd

::: {.fragment fragment-index=1}  
Note that, if there are any issues, like with a real PC, you can force shut down your container like so:
```bash
docker kill CONTAINER_NAME|CONTAINER_ID 
```
The difference with `stop` is `kill` is akin to using the force shutdown button on your PC.*   
:::

::: {.fragment fragment-index=2}  
Because this particular container was a Jupyter Server, we could have also <kbd>CTRL</kbd> + <kbd>C</kbd> in the live logs (STDOUT) to close the session down.  
:::  

::: {.fragment fragment-index=1}  
::: {style="font-size: 35%; text-align: center;"}  
*in UNIX terms, `stop` attempts to `SIGTERM` first, before doing `SIGKILL`; `kill` just `SIGKILL`'s immediately  
:::    
:::  

## How?

### Docker Container: Stop Cont'd

::: {.fragment}  
You can see all containers, including the dormant ones with the `-a` flag. Try:
```bash
docker ps -a
```
:::

## How?

### Docker Container: Stop Cont'd

::: {.fragment}  
You can restart a stopped/killed container that's already been `run`, i.e. created from an image:
```bash
docker start [OPTIONS] CONTAINER_NAME|CONTAINER_ID [CONTAINER...]
```
:::  

## How?

### Docker Container: Stop Cont'd

::: {.fragment}  
To delete a stopped container for good:
```bash
docker rm [OPTIONS] CONTAINER_NAME|CONTAINER_ID [CONTAINER...]
```
:::  

::: {.fragment}  
Try deleting the Jupyter Server container we stopped earlier.  
:::  

## How?

### Docker Container: Share Volumes

::: {.fragment}  
Let's complicate things a bit and learn some additional flags and other commands along the way.

**Use case extension**: share our local volume so that we can access it from inside a container + persist file changes!  
:::   


## How? {auto-animate=true}

### Docker Container: Share Volumes Cont'd 

::: {.fragment}  

::: {style="font-size: 75%;"}  
TLDR: To share a host volume, we need to (re-)run the container where we want the volume mounted and use the `-v` flag:  
:::

```bash
docker run -it --rm \
    --user "$(id -u)" --group-add users \
    -p 8888:8888 \
    -v "${PWD}"/:/home/jovyan/work \
    quay.io/jupyter/scipy-notebook:python-3.11.9 
```
:::  


Let's go over this line by line.

## How? {auto-animate=true}

### Docker Container: Share Volumes Cont'd

```{.bash code-line-numbers="1-5|1|2"}
docker run -it --rm \
    --user "$(id -u)" --group-add users \
    -p 8888:8888 \
    -v "${PWD}"/:/home/jovyan/work \
    quay.io/jupyter/scipy-notebook:python-3.11.9 
```

::: {style="font-size: 75%;"}

- `-it` makes the container interactive
- `--rm` auto-removes the container after it gets stopped or killed
- `--user` supplies container's user ID
- `"$(id -u)"` - our host user ID; will be container user's user ID
- `--group-add` adds a new user group. [Jupyter Stacks Docs tell us to do that](https://jupyter-docker-stacks.readthedocs.io/en/latest/using/troubleshooting.html#additional-tips-and-troubleshooting-commands-for-permission-related-errors){target="_blank"}.

:::  




## How?

### Docker Container: Share Volumes Cont'd 

```{.bash code-line-numbers="3,5|4"}
docker run -it --rm \
    --user "$(id -u)" --group-add users \
    -p 8888:8888 \
    -v "${PWD}"/:/home/jovyan/work \
    quay.io/jupyter/scipy-notebook:python-3.11.9 
```

::: {style="font-size: 75%;"}  
- We use the same port mapping and image as before
- The `-v` flag maps host to container volume. It uses the same `host:guest` syntax.
- `"${PWD}"` - path of the current working directory (on host)
:::



## How?

### Docker Container: Share Volumes Cont'd 

```{.bash}
docker run -it --rm \
    --user "$(id -u)" --group-add users \
    -p 8888:8888 \
    -v "${PWD}"/:/home/jovyan/work \
    quay.io/jupyter/scipy-notebook:python-3.11.9 
```

::: {.fragment}  
::: {.callout-important}  
Be careful! Mounting makes the Docker container think these files are its own.  Deleting a file inside the container ***WILL*** delete it on the host! That being said, mounting a file can be really useful for debugging and development.  
:::  
:::

::: {.fragment}  
`cd` into a safe directory to mount and run this monster!  
:::  


## How?

### Docker Container: Execute Commands

::: {.fragment}  
To run any command in a live container, use:
```bash
docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
```
:::  

::: {.fragment}  
For example, to run an interactive (note the `-it`) Python shell:
```bash
docker exec -it CONTAINER_ID|CONTAINER_NAME python
```
Or an interactive (note the `-it`) `bash` terminal:
```bash
docker exec -it CONTAINER_ID|CONTAINER_NAME bash
```  
:::    

## How?

### Docker Container: Execute Commands Cont'd

::: {.fragment}  
Your turn! Let's see file persistence in action:  

1.  Bash into your live Jupyter Server container  
2.  Use `cd` and `ls` commands to check that your host directory mounted into the container
3.  `touch` to make a test file from inside a container
4.  Stop your container
5.  Remove your container for good
6.  On your host, make sure that the file you created persisted
7.  Feel good  
:::  

## Dockerfile {.center}

## How?

### Dockerfile

::: {.fragment}  
So far: pulled images someone else made and instantiated them into containers  
:::   

::: {.fragment}  
Up next: build our own images using Dockerfiles  
:::   

## How?

### Dockerfile: Structure

::: {.fragment}  
TLDR: Dockerfile == fancy text file with layered instructions  
:::   

::: {.fragment}  
::: {.incremental}  
Longer version:  

- By convention/expected default, named `Dockerfile`. But can be whatever.
- Each line's format:
  ```dockerfile
  INSTRUCTION arguments
  ```
- Each line creates a new "layer"
- Full list of Dockerfile commands [here](https://docs.docker.com/reference/dockerfile/){target="_blank"}  
:::  
:::



## How?
### Dockerfile: Structure [Real Example](https://github.com/jupyter/docker-stacks/blob/7a918f53599a896ec45cb6886c515be7adaee6c3/images/base-notebook/Dockerfile){target="_blank"}

::: {.fragment}  
```dockerfile
# Copyright (c) Jupyter Development Team.
# Distributed under the terms of the Modified BSD License.
ARG REGISTRY=quay.io
ARG OWNER=jupyter
ARG BASE_CONTAINER=$REGISTRY/$OWNER/docker-stacks-foundation
FROM $BASE_CONTAINER

LABEL maintainer="Jupyter Project <jupyter@googlegroups.com>"

# Fix: https://github.com/hadolint/hadolint/wiki/DL4006
# Fix: https://github.com/koalaman/shellcheck/wiki/SC3014
SHELL ["/bin/bash", "-o", "pipefail", "-c"]

USER root

# Install all OS dependencies for the Server that starts
# but lacks all features (e.g., download as all possible file formats)
RUN apt-get update --yes && \
    apt-get install --yes --no-install-recommends \
    # - Add necessary fonts for matplotlib/seaborn
    #   See https://github.com/jupyter/docker-stacks/pull/380 for details
    fonts-liberation \
    # - `pandoc` is used to convert notebooks to html files
    #   it's not present in the aarch64 Ubuntu image, so we install it here
    pandoc \
    # - `run-one` - a wrapper script that runs no more
    #   than one unique instance of some command with a unique set of arguments,
    #   we use `run-one-constantly` to support the `RESTARTABLE` option
    run-one && \
    apt-get clean && rm -rf /var/lib/apt/lists/*

USER ${NB_UID}

# Install JupyterLab, Jupyter Notebook, JupyterHub and NBClassic
# Generate a Jupyter Server config
# Cleanup temporary files
# Correct permissions
# Do all this in a single RUN command to avoid duplicating all of the
# files across image layers when the permissions change
WORKDIR /tmp
RUN mamba install --yes \
    'jupyterlab' \
    'notebook' \
    'jupyterhub' \
    'nbclassic' && \
    jupyter server --generate-config && \
    mamba clean --all -f -y && \
    npm cache clean --force && \
    jupyter lab clean && \
    rm -rf "/home/${NB_USER}/.cache/yarn" && \
    fix-permissions "${CONDA_DIR}" && \
    fix-permissions "/home/${NB_USER}"

ENV JUPYTER_PORT=8888
EXPOSE $JUPYTER_PORT

# Configure container startup
CMD ["start-notebook.py"]

# Copy local files as late as possible to avoid cache busting
COPY start-notebook.py start-notebook.sh start-singleuser.py start-singleuser.sh /usr/local/bin/
COPY jupyter_server_config.py docker_healthcheck.py /etc/jupyter/

# Fix permissions on /etc/jupyter as root
USER root
RUN fix-permissions /etc/jupyter/

# HEALTHCHECK documentation: https://docs.docker.com/engine/reference/builder/#healthcheck
# This healtcheck works well for `lab`, `notebook`, `nbclassic`, `server`, and `retro` jupyter commands
# https://github.com/jupyter/docker-stacks/issues/915#issuecomment-1068528799
HEALTHCHECK --interval=3s --timeout=1s --start-period=3s --retries=3 \
    CMD /etc/jupyter/docker_healthcheck.py || exit 1

# Switch back to jovyan to avoid accidental container runs as root
USER ${NB_UID}

WORKDIR "${HOME}"
```
:::   



Explain various commands here.

## How?

### Dockerfile: Structure Cont'd

**Use case extension**: Use `Dockerfile` to customize the image we used previously.   

::: {.fragment}  
Make a new directory (or just use an existing one that is empty) and create a file named `Dockerfile` there.   
Let's build a simple Dockerfile that extends our original Jupyter container layer by layer now.  
::: 

## How? {auto-animate=true}

### Dockerfile: Structure Cont'd

::: {.fragment}  
```dockerfile
FROM jupyter/scipy-notebook@sha256:fca4bcc9cbd49d9a15e0e4df6c666adf17776c950da9fa94a4f0a045d5c4ad33

USER root

RUN TEMP_DEB="$(mktemp)" \
    && wget -O "$TEMP_DEB" "https://github.com/quarto-dev/quarto-cli/releases/download/v1.5.54/quarto-1.5.54-linux-amd64.deb" \
    && sudo dpkg -i "$TEMP_DEB" \
    && rm -f "$TEMP_DEB"

USER ${NB_UID}

RUN pip install poetry==1.8.2 \
    && poetry config virtualenvs.create false

COPY poetry.lock pyproject.toml ./work

RUN cd work \
    && poetry install --no-interaction \
    && rm poetry.lock pyproject.toml
```  
:::  

## How?
### Dockerfile: Build

::: {.fragment}   
[Build](https://docs.docker.com/reference/cli/docker/buildx/build/){target="_blank"} command "compiles" your `Dockerfile` into an image:
```dockerfile
docker build [OPTIONS] PATH | URL | -
```
:::   

::: {.fragment}   
About [build context](https://docs.docker.com/build/building/context/){target="_blank"}:  

- `PATH | URL | -` context you pass. Docker will not recognize anything outside of that context
- Can restrict files/directories in the context further via `.dockerignore`  
:::   


## How?
### Dockerfile: Build Cont'd

::: {.fragment}   
Let's "compile" our `Dockerfile` and name it `dev_test`:
```dockerfile
docker build . -t dev_test
```
:::   



## How?
### Dockerfile: Run

::: {.fragment}   
```dockerfile
docker run -it --rm \  
    -p 8888:8888 \  
    --user "$(id -u)" --group-add users \  
    -v ${PWD}:/home/jovyan/work dev_test  
```
:::   



## How?
### Dockerfile: Best Practices

::: {.incremental}  
- Combine and minimize the number of layers
- Think of the layer order strategically  
    - Rule of thumb: layers you expect to change more often should go towards the bottom of the `Dockerfile`
- Minimize the [build context](https://docs.docker.com/build/building/context/){target="_blank"} by [using a `.dockerignore`](https://docs.docker.com/build/building/context/#dockerignore-files){target="_blank"}.  
:::  



## Recap
::: {.incremental}  
- What containerization is
    - Package your apps/models into a portable, reproducible, isolated environment
- Why care
    - Good for your resume
    - Extends your core ML skills
    - Practical
- How to get started
    - TLDR: registry/dockerfile -> image(s) -> container(s)  + read the [docs](https://docs.docker.com/reference/){target="_blank"} and practice  
:::  

## Next Steps
::: {.fragment}  
[Docker](https://docs.docker.com/reference/){target="_blank"} -> [Docker Compose](https://docs.docker.com/compose/){target="_blank"} -> [Kubernetes](https://kubernetes.io/docs/tutorials/kubernetes-basics/){target="_blank"}  
:::  

## References/Resources
<a name="cite_note-1"></a>1. [^](#cite_ref-1) [What are Containers?](https://cloud.google.com/learn/what-are-containers){target="_blank"}  
<a name="cite_note-2"></a>2. [^](#cite_ref-2) [Understanding containers
](https://www.redhat.com/en/topics/containers){target="_blank"}  
<a name="cite_note-3"></a>3. [^](#cite_ref-3) [Use containers to Build, Share and Run your applications](https://www.docker.com/resources/what-container/){target="_blank"}  
<a name="cite_note-4"></a>4. [^](#cite_ref-4) [What is a registry?](https://docs.docker.com/guides/docker-concepts/the-basics/what-is-a-registry/){target="_blank"}  
<a name="cite_note-5"></a>5. [^](#cite_ref-5) [Docker Primer (Crowe Internal)](https://gitlab.apollo.crowe.com/taskforces/people-onboarding/-/wikis/New-Hires/Learning/docker/docker-primer){target="_blank"}  
<a name="cite_note-6"></a>6. [^](#cite_ref-6) [Docker Reference documentation](https://docs.docker.com/reference/){target="_blank"}  
<a name="cite_note-7"></a>7. [^](#cite_ref-7) [Jupyter Stacks Docs: Troubleshooting Common Problems](https://jupyter-docker-stacks.readthedocs.io/en/latest/using/troubleshooting.html){target="_blank"}  
<a name="cite_note-8"></a>8. [^](#cite_ref-8) [Docker Compose overview](https://docs.docker.com/compose/){target="_blank"}  
<a name="cite_note-9"></a>9. [^](#cite_ref-9) [Learn Kubernetes Basics](https://kubernetes.io/docs/tutorials/kubernetes-basics/){target="_blank"}  



