将参数传递给在Docker容器中运行的python脚本 [英] Pass argument to python script running in a docker container
问题描述
假设以下设置:
- 用php/laravel编写的网站
- 用户上传文件(文本/doc/pdf)
- 我们有一个docker容器,其中包含一个python脚本,用于将文本转换为numpy数组.
我想获取此上传的数据并将其传递给python脚本.
I want to take this uploaded data and pass it to the python script.
我找不到任何能解释如何将动态生成的输入传递到容器中的东西.
I can't find anything which explains how to pass dynamically generated inputs into a container.
是否可以通过从laravel应用程序内部执行shell脚本来完成此操作,该脚本包含上传的文件作为dockerfile的ENTRYPOINT中指定的变量?
Can this be done by executing a shell script from inside the laravel app which contains the uploaded file as a variable specified in the dockerfile's ENTRYPOINT?
还有其他方法吗?
推荐答案
...的python脚本...
... a python script for ...
只需运行它;不要将其打包到Docker容器中.如果它的输入和输出都是本地文件,并且它希望执行该操作并立即退出,则这是双重事实:Docker提供的文件系统隔离在这里对您不利.
Just run it; don't package it into a Docker container. That's doubly true if its inputs and outputs are both local files, and it expects to do its thing and exit promptly: the filesystem isolation Docker provides works against you here.
这在技术上当然是可能的.根据支持程序容器的精确设置, docker run 末尾的命令"对于 sys.argv 中的Python脚本将是可见的,其他命令行选项.您可以使用 docker run -v 选项将主机文件系统的一部分发布到容器中.这样您就可以运行类似的东西
This is, of course, technically possible. Depending on how exactly the support program container is set up, the "command" at the end of docker run will be visible to the Python script in sys.argv, like any other command-line options. You can use a docker run -v option to publish parts of the host's filesystem into the container. So you might be able to run something like
docker run --rm -v $PWD/files:/data \
converter_image \
python convert.py /data/in.txt /data/out.pkl
其中所有/data 路径都在容器的专用文件系统空间中.
where all of the /data paths are in the container's private filesystem space.
有两个大警告:
-
docker run -v选项中的主机路径是专门在物理主机上的路径.如果您的HTTP服务也在容器中运行,则需要知道一些您可以写入的主机系统路径,该路径在容器文件系统中也是可见的.
The host paths in the
docker run -voption are paths specifically on the physical host. If your HTTP service is also running in a container you need to know some host-system path you can write to that's also visible in your container filesystem.
完全有效地运行任何 docker 命令都需要root特权.如果涉及的任何文件名或路径都是动态的,则 shell注入攻击可能会危害您的系统.要特别小心如何从可通过网络访问的脚本运行此脚本.
Running any docker command at all effectively requires root privileges. If any of the filenames or paths involved are dynamic, shell injection attacks can compromise your system. Be very careful with how you run this from a network-accessible script.
这篇关于将参数传递给在Docker容器中运行的python脚本的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
