-
Notifications
You must be signed in to change notification settings - Fork 39
Remove Dockerfile option #15
Comments
OK - let me think through one realistic use-case to see if it does. For example, what if I have a notebook doing MRI analysis, that has a few cells of bash calling out to some other software to process the data? Say mrtrix (https://github.com/MRtrix3/mrtrix3/wiki), a C++ library with quite a few dependencies (I think)? This is easily handled through docker (https://hub.docker.com/r/arokem/mrtrix/~/dockerfile/). Would it be similarly handled through conda (asking out of ignorance)? I am not saying that it should be covered here (maybe it's not a must-have?), but it is a realistic use-case (and there are many similar ones, I'd think), so if it is covered, that's fantastic. |
Thanks for the example @arokem ! I think that at least for now an It's worth noting that in this example you only used |
Ah, but those You could include As for easily handling it out of conda, it's a matter of creating your own conda build package or kindly asking @ContinuumIO to put a package together for it. I'm of the opinion that conda is a solid solution for non-root binary installs, I just wish there was more transparency into how they're built as well as the automation behind them. If we sanitize the Dockerfile, are we really creating something reproducible after it's launched on binder? What if binder is gone? How does someone rectify the difference between what's in the Dockerfile and what binder actually puts together? Would it be crazy for use to use some subselection of Travis configuration (for the ones that run on containers)? |
Just to follow-up after a chat with @rgbkrk and @andrewosh ... our working plan is to continue to maintain support for Dockerfiles for now, but lock down inter-container communication issues (e.g. #14 ) , and keep exploring vulnerabilities. At the same time, we'll try to add support for straight-up
A guiding philosophy is that whenever possible, we want to let people use a spec file already in their repo, rather than force them to write a new one. |
Small update to this plan: in various places we've been discussing a |
I certainly understand and sympathize with moving towards |
@rdhyee Something we've talked about and that @andrewosh has hacked on is making https://github.com/binder-project/binder-build for both local builds and for use on the web. |
D'oh! Now I see this was discussed on gitter as well. |
Now that Docker has user namespace mapping in its experimental branch, and assuming it lands in a stable release in the near-ish future (2.0?), does that change whether or not binder should support Dockerfiles? (Vulnerabilities in the implementation aside.) http://integratedcode.us/2015/10/13/user-namespaces-have-arrived-in-docker/ |
I am developing a Scala/Java 8 application for simulating financial markets that integrates with Jupyter notebooks and python for data analysis. Currently I am unable to use Is it really not possible to build a binder using a custom Dockerfile that doesn't inherit from |
Is this option to remove What if I want to |
This can probably be closed, for the foreseeable future we'll definitely keep the |
As discussed with @rgbkrk in a Jupyter dev meeting, for security reasons we should probably remove the ability to specify a binder with a custom
Dockerfile
, which we currently support so long as the Dockerfile builds on top of our base image. Although it provides an incredibly flexible deployment model, there are too many potential pitfalls with the freedom it provides. The question is, can we satisfy our various use cases without it?We currently support
requirements.txt
andconda
environment.yml
, which together should cover all Python-related builds. We can also add support for other kernels (e.g.R
andJulia
), and we can add the appropriate package dependency lists for those languages. For Julia, there appears to be a convention of specifying dependencies in aREQUIRE
file. Less clear what the appropriate convention should be for R. Comments from R or Julia devs would be welcome on this point!Is this enough, or can folks suggest use cases for Binder where the
Dockerfile
is a must have?Also, to be clear, we will still be using Docker under the hood to build the underlying images! This is just a question of how we expose the configuration options to users.
cc @andrewosh @arokem
The text was updated successfully, but these errors were encountered: