1. Documentation
2. 10.2 (Latest)10.110.09.109.99.89.79.69.59.49.39.29.19.08.28.18.07.6
3. Hub
4. Endpoints
5. Install
6. RapidMiner Real-Time Scoring Docker deployment

RapidMiner Real-Time Scoring Docker deployment

The documentation below describes the following Docker images:

• RapidMiner Real-Time Scoring (rapidminer/rapidminer-execution-scoring:latest)
• RapidMiner Real-Time Scoring CRON (rapidminer/rapidminer-real-time-scoring-cron:latest)
• RapidMiner Real-Time Scoring Proxy (rapidminer/rapidminer-real-time-scoring-proxy:latest)
• RapidMiner Real-Time Scoring Web UI (rapidminer/rapidminer-real-time-scoring-webui:latest)

For available Docker images, seeDocker Hub.

Using the Docker images RapidMiner Real-Time Scoring can be deployed on-site or on any cloud provider's Docker or Kubernetes platforms.

在docs.www.turtlecreekpls.com上,我们维持documentation for every release of docker images, unlikeDocker Hub, where only the latest release of RapidMiner Real-Time Scoring is documented.

As described indeployments pageDocker based deployment can be done starting asingle containeror a multi-container setup withdocker-compose.

Data persistence

The RapidMiner Real-Time Scoring stack uses the following volumes:

• rts-deploymentsfor storing the deployments
• rts-licensesfor storing the deployments
• uploadedfor storing the uploaded Files
• cron-logfor storing the logfiles of the background processes of the stack

To make this data persistent, thedocker-compose.ymlfile defines this volumes, and mounts them to the related services.

Using the single container deployment only therts-deploymentsand therts-licensesvolumes are mounted into the container.

Notices about data persistence

• If the volumes contains data from any previous executions, then the stack will be started with that data (e.g. licenses, deployments, etc.).
• Necessary files can be uploaded using the built inWeb UI.
• Alternative to using volumes, bind mounting directories can provide access to the stored files directly from the host machine.
• By default when using the scoring service, neither request, nor response sensible data is logged, in the proxy access log only the request URL and some additional request informations are recorded, the parameters of the POST requests (e.g. the input of the scoring service) are not:

nginx-proxy_1_33dd1a206bd6 | 123.123.123.123 - admin [22/Aug/2019:08:36:20 +0000] "POST /services/my-first-deployment/score-titanic HTTP/1.1" 200 282 "-" "curl/7.58.0" "-"

• For details about HA deployment, please contact us.
• On the web UI we do not display sensibe informations (e.g. license keys, certificates, certificate keys), to view this files the most convenient way is to enter to the cron container and get the file content with cat:

cd /path/to/compose/file/ docker-compose exec cron bash cat /rapidminer/rts_home/licenses/rapidminer-scoring.lic cat /rapidminer/uploaded/certs/validated_cert.crt cat /rapidminer/uploaded/certs/validated_cert.key

Good to know

• RapidMiner Real-Time Scoring requires at least 2GB of memory.
• If the licenses volume contains no license file, then the RapidMiner Real-Time Scoring container will wait for the license. You can start scoring after a valid license and a deployment is provided.

Single container-based deployments

We recommend this type of deployment only in case when the agent will run in a trusted network, or for testing.

• 在主机fo创建一个文件夹r the deployments, and copy all your deployment files there.
• 在主机fo创建一个文件夹r your licenses, and save your licenses there with .lic extension.

To start a RapidMiner Real-Time Scoring Agent container using bind mounts for data persistence, run the following command:

docker run \ -e WAIT_FOR_LICENSES=1 \ -v :/rapidminer-scoring-agent/home/deployments/ \ -v :/rapidminer-scoring-agent/home/resources/licenses/rapidminer-scoring-agent/ \ -p 8090:8090 \ rapidminer/rapidminer-execution-scoring:latest

Provide the same paths as at the folder creation on the host machine for the licenses and for the deployments.

In this case the container will be listening on port 8090, you can use this port for scoring (eg. http://localhost:8090 or any other network interface). If the port 8090 is already bind, you can change the command above as you need (e.g. -p 8091:8090 will bind the service on port 8091 on the host machine).

The WAIT_FOR_LICENSES environment variable changes the behavior of the container in the case there is no license provided. Valid values are:

• 0 the container will exit and restart,
• 1 the container will periodically check if a license file is provided

The MANAGEMENT_API_ENDPOINT environment variable changes the behavior at the container startup, if this variable is provided, the container will try to download the license from a web server from the URL blow:

${MANAGEMENT_API_ENDPOINT}/uploaded/sync/licenses/license.lic

You can specify any URL, but please make sure, that the container has the right network access, and no one else can visit this URL. In case this variable is not defined, the container will check only the licenses folder for licenses.

For Docker image versions, seeDocker Hub.

Notices about single-container deployment:

• Deployment InstallationandDeployment modificationvia file needs a container restart, please consider using the REST API for deployment.
• Please pay attention for the data persistence.

Multi-container-based deployment

This is a fully functional RapidMiner Real-Time Scoring stack, for available versions, please see the tags on the image details pages onDocker Hub.

Docker-compose configuration

Start RapidMiner Real-Time Scoring Agent, proxy, webui, and cron containers using volumes for data persistence:

version: '3' services: real-time-scoring-agent: image: rapidminer/rapidminer-execution-scoring:latest restart: "always" environment: WAIT_FOR_LICENSES: 1 volumes: - rts-deployments:/rapidminer-scoring-agent/home/deployments/ - rts-licenses:/rapidminer-scoring-agent/home/resources/licenses/rapidminer-scoring-agent/ networks: rts-internal-network: aliases: - real-time-scoring-agent nginx-proxy: image: rapidminer/rapidminer-real-time-scoring-proxy:latest restart: "always" volumes: - uploaded:/rapidminer/uploaded/:ro ports: - 80:80 - 443:443 networks: rts-internal-network: aliases: - nginx-proxy real-time-scoring-webui: image: rapidminer/rapidminer-real-time-scoring-webui:latest restart: "always" volumes: - uploaded:/var/www/html/uploaded/ networks: rts-internal-network: aliases: - real-time-scoring-webui cron: image: rapidminer/rapidminer-real-time-scoring-cron:latest restart: "always" volumes: - cron-log:/var/log/ - rts-licenses:/rapidminer/rts_home/licenses/ - uploaded:/rapidminer/uploaded/ - /var/run/docker.sock:/var/run/docker.sock volumes: rts-deployments: rts-licenses: uploaded: cron-log: networks: rts-internal-network:

Architecture:

Notices about docker-compose deployment:

• For security considerations thedocker-compose.ymlfile defines a dedicated docker network (rts-internal-network) for the RapidMiner Real-Time Scoring containers, so they can communicate with each other, but from the external network only the proxy container is available on the 80 and 443 ports. You can use this ports for scoring, and to reach the Web UI (eg. http://localhost, http://localhost/rts-admin/ https://localhost, https://localhost/rts-admin/ or any other IP address or domain name).
• The cron container needs the docker socket to be mounted in order to be able to manage (e.g. restart) the other containers. In case this is omitted, you have to restart the proxy container manually after uploading a certificate, and restart the real-time-scoring-agent container after a license is provided or changed.
• Please use the https protocol to provide sensible information (license keys, certificates, certificate keys, deployments), the built in self signed certificate is not secure enough, but it provides encryption and data integrity until a valid certificate and key file is provided.
• The default login credentials are admin / changeit.
• After submitting the certificate and a key file content, a per minute scheduled background process will do some syntax and content checks before applying them in the proxy configuration. If you experience that the new certificate and key files are not applied, please check the background process logs:

cd /path/to/compose/file/ docker-compose exec cron bash cat /var/log/_process_uploads.log

Next:

• Web UI