You are viewing the RapidMiner Hub documentation for version 2024.0 - Check here for latest version
Real-Time Scoring Docker deployment
The documentation below describes the following Docker images:
- Real-Time Scoring (
rapidminer/rapidminer-execution-scoring:latest
) - Real-Time Scoring CRON (
rapidminer/rapidminer-real-time-scoring-cron:latest
) - Real-Time Scoring Proxy (
rapidminer/rapidminer-real-time-scoring-proxy:latest
) - Real-Time Scoring Web UI (
rapidminer/rapidminer-real-time-scoring-webui:latest
)
For available Docker images, see Docker Hub.
Using the Docker images Real-Time Scoring can be deployed on-site or on any cloud provider's Docker or Kubernetes platforms.
Here on docs.rapidminer.com, we maintain the documentation for every release of docker images, unlike Docker Hub, where only the latest release of Real-Time Scoring is documented.
As described in deployments page Docker based deployment can be done starting a single container or a multi-container setup with docker-compose.
Data persistence
The Real-Time Scoring stack uses the following volumes:
rts-deployments
for storing the deploymentsrts-licenses
for storing the deploymentsuploaded
for storing the uploaded Filescron-log
for storing the logfiles of the background processes of the stack
To make this data persistent, the docker-compose.yml
file defines this volumes, and mounts them to the related services.
Using the single container deployment only the rts-deployments
and the rts-licenses
volumes are mounted into the container.
Notices about data persistence
- If the volumes contains data from any previous executions, then the stack will be started with that data (e.g. licenses, deployments, etc.).
- Necessary files can be uploaded using the built in Web UI.
- Alternative to using volumes, bind mounting directories can provide access to the stored files directly from the host machine.
- By default when using the scoring service, neither request, nor response sensible data is logged, in the proxy access log only the request URL and some additional request informations are recorded, the parameters of the POST requests (e.g. the input of the scoring service) are not:
nginx-proxy_1_33dd1a206bd6 | 123.123.123.123 - admin [22/Aug/2019:08:36:20 +0000] "POST /services/my-first-deployment/score-titanic HTTP/1.1" 200 282 "-" "curl/7.58.0" "-"
- For details about HA deployment, please contact us.
- On the web UI we do not display sensibe informations (e.g. license keys, certificates, certificate keys), to view this files the most convenient way is to enter to the cron container and get the file content with cat:
cd /path/to/compose/file/
docker-compose exec cron bash
cat /rapidminer/rts_home/licenses/rapidminer-scoring.lic
cat /rapidminer/uploaded/certs/validated_cert.crt
cat /rapidminer/uploaded/certs/validated_cert.key
Good to know
- Real-Time Scoring requires at least 2GB of memory.
- If the licenses volume contains no license file, then the Real-Time Scoring container will wait for the license. You can start scoring after a valid license and a deployment is provided.
Single container-based deployments
We recommend this type of deployment only in case when the agent will run in a trusted network, or for testing.
- Create a folder on the host machine for the deployments, and copy all your deployment files there.
- Create a folder on the host machine for your licenses, and save your licenses there with .lic extension.
To start a Real-Time Scoring Agent container using bind mounts for data persistence, run the following command:
docker run \
-e WAIT_FOR_LICENSES=1 \
-v </PATH/TO/DEPLOYMENTS/HOME>:/rapidminer-scoring-agent/home/deployments/ \
-v </PATH/TO/LICENSES/HOME>:/rapidminer-scoring-agent/home/resources/licenses/rapidminer-scoring-agent/ \
-p 8090:8090 \
rapidminer/rapidminer-execution-scoring:latest
Provide the same paths as at the folder creation on the host machine for the licenses and for the deployments.
In this case the container will be listening on port 8090, you can use this port for scoring (eg. http://localhost:8090 or any other network interface). If the port 8090 is already bind, you can change the command above as you need (e.g. -p 8091:8090 will bind the service on port 8091 on the host machine).
The WAIT_FOR_LICENSES environment variable changes the behavior of the container in the case there is no license provided. Valid values are:
- 0 the container will exit and restart,
- 1 the container will periodically check if a license file is provided
The MANAGEMENT_API_ENDPOINT environment variable changes the behavior at the container startup, if this variable is provided, the container will try to download the license from a web server from the URL blow:
${MANAGEMENT_API_ENDPOINT}/uploaded/sync/licenses/license.lic
You can specify any URL, but please make sure, that the container has the right network access, and no one else can visit this URL. In case this variable is not defined, the container will check only the licenses folder for licenses.
For Docker image versions, see Docker Hub.
Notices about single-container deployment:
- Deployment Installation and Deployment modification via file needs a container restart, please consider using the REST API for deployment.
- Please pay attention for the data persistence.
Multi-container-based deployment
This is a fully functional Real-Time Scoring stack, for available versions, please see the tags on the image details pages on Docker Hub.
Docker-compose configuration
Start Real-Time Scoring Agent, proxy, webui, and cron containers using volumes for data persistence:
version: '3'
services:
real-time-scoring-agent:
image: rapidminer/rapidminer-execution-scoring:latest
restart: "always"
environment:
WAIT_FOR_LICENSES: 1
volumes:
- rts-deployments:/rapidminer-scoring-agent/home/deployments/
- rts-licenses:/rapidminer-scoring-agent/home/resources/licenses/rapidminer-scoring-agent/
networks:
rts-internal-network:
aliases:
- real-time-scoring-agent
nginx-proxy:
image: rapidminer/rapidminer-real-time-scoring-proxy:latest
restart: "always"
volumes:
- uploaded:/rapidminer/uploaded/:ro
ports:
- 80:80
- 443:443
networks:
rts-internal-network:
aliases:
- nginx-proxy
real-time-scoring-webui:
image: rapidminer/rapidminer-real-time-scoring-webui:latest
restart: "always"
volumes:
- uploaded:/var/www/html/uploaded/
networks:
rts-internal-network:
aliases:
- real-time-scoring-webui
cron:
image: rapidminer/rapidminer-real-time-scoring-cron:latest
restart: "always"
volumes:
- cron-log:/var/log/
- rts-licenses:/rapidminer/rts_home/licenses/
- uploaded:/rapidminer/uploaded/
- /var/run/docker.sock:/var/run/docker.sock
volumes:
rts-deployments:
rts-licenses:
uploaded:
cron-log:
networks:
rts-internal-network:
Architecture:
Notices about docker-compose deployment:
- For security considerations the
docker-compose.yml
file defines a dedicated docker network (rts-internal-network
) for the Real-Time Scoring containers, so they can communicate with each other, but from the external network only the proxy container is available on the 80 and 443 ports. You can use this ports for scoring, and to reach the Web UI (eg. http://localhost, http://localhost/rts-admin/ https://localhost, https://localhost/rts-admin/ or any other IP address or domain name). - The cron container needs the docker socket to be mounted in order to be able to manage (e.g. restart) the other containers. In case this is omitted, you have to restart the proxy container manually after uploading a certificate, and restart the real-time-scoring-agent container after a license is provided or changed.
- Please use the https protocol to provide sensible information (license keys, certificates, certificate keys, deployments), the built in self signed certificate is not secure enough, but it provides encryption and data integrity until a valid certificate and key file is provided.
- The default login credentials are admin / changeit.
- After submitting the certificate and a key file content, a per minute scheduled background process will do some syntax and content checks before applying them in the proxy configuration. If you experience that the new certificate and key files are not applied, please check the background process logs:
cd /path/to/compose/file/
docker-compose exec cron bash
cat /var/log/_process_uploads.log
Next: