Oliver/video-accessibility
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
video-accessibility/backend/Dockerfile

129 lines
4.3 KiB
Docker
Raw Blame History

# =============================================================================
# Multi-stage Dockerfile for Accessible Video Processing Platform
# =============================================================================
# Stage 1: Builder - Install dependencies
# Stage 2: Base - Common runtime for API and Worker
# Stage 3: API - FastAPI + Gunicorn (no ffmpeg)
# Stage 4: Worker - Celery worker (with ffmpeg for video processing)
# =============================================================================
# -----------------------------------------------------------------------------
# Stage 1: Builder - Install Python dependencies using Poetry
# -----------------------------------------------------------------------------
FROM python:3.11-slim AS builder
# Install build dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
build-essential \
curl \
&& rm -rf /var/lib/apt/lists/*
# Install Poetry
RUN pip install --no-cache-dir poetry==1.8.2
# Configure Poetry to not create virtual environment (we're in a container)
ENV POETRY_NO_INTERACTION=1 \
POETRY_VIRTUALENVS_CREATE=false \
POETRY_CACHE_DIR=/tmp/poetry_cache
WORKDIR /app
# Copy dependency files
COPY pyproject.toml poetry.lock ./
# Install dependencies (using pip for simpler container)
# Export to requirements.txt and install with pip for smaller image
RUN poetry export -f requirements.txt --output requirements.txt --without-hashes \
&& pip install --no-cache-dir --user -r requirements.txt \
&& rm -rf $POETRY_CACHE_DIR
# -----------------------------------------------------------------------------
# Stage 2: Base - Common runtime environment
# -----------------------------------------------------------------------------
FROM python:3.11-slim AS base
# Install common runtime dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
libmagic1 \
curl \
tini \
&& rm -rf /var/lib/apt/lists/* \
&& apt-get clean
# Create non-root user for security
RUN groupadd --gid 1000 app \
&& useradd --uid 1000 --gid app --shell /bin/bash --create-home app
# Copy Python packages from builder
COPY --from=builder /root/.local /home/app/.local
# Set PATH to include user packages
ENV PATH="/home/app/.local/bin:$PATH" \
PYTHONPATH=/app \
PYTHONUNBUFFERED=1 \
PYTHONDONTWRITEBYTECODE=1
WORKDIR /app
# Copy application code
COPY --chown=app:app . .
# Switch to non-root user
USER app
# -----------------------------------------------------------------------------
# Stage 3: API - FastAPI + Gunicorn (Production API Server)
# -----------------------------------------------------------------------------
FROM base AS api
# Set production environment variables
ENV APP_ENV=prod
# Health check for API
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD curl -f http://localhost:8000/health || exit 1
# Expose API port
EXPOSE 8000
# Use tini as init system for proper signal handling
ENTRYPOINT ["tini", "--"]
# Start Gunicorn with Uvicorn workers
CMD ["gunicorn", "-c", "gunicorn_conf.py", "app.main:app"]
# -----------------------------------------------------------------------------
# Stage 4: Worker - Celery Worker (with ffmpeg for video processing)
# -----------------------------------------------------------------------------
FROM base AS worker
# Switch back to root to install ffmpeg
USER root
# Install ffmpeg for video processing
RUN apt-get update && apt-get install -y --no-install-recommends \
ffmpeg \
&& rm -rf /var/lib/apt/lists/* \
&& apt-get clean
# Switch back to non-root user
USER app
# Set production environment variables
ENV APP_ENV=prod \
C_FORCE_ROOT=0
# Health check for worker (check if Celery is responding)
HEALTHCHECK --interval=60s --timeout=15s --start-period=10s --retries=3 \
CMD python -c "from celery import Celery; app=Celery('accessible-video-tasks', broker='redis://redis:6379/0'); app.control.inspect().ping() or exit(1)" || exit 1
# Use tini as init system for proper signal handling
ENTRYPOINT ["tini", "--"]
# Start Celery worker listening to all queues
# --concurrency=4 for 4 worker processes (adjust based on CPU cores available)
CMD ["celery", "-A", "celery_worker", "worker", \
"-Q", "default,ingest,notify", \
"--loglevel=info", \
"--concurrency=4", \
"--max-tasks-per-child=100"]
Reference in a new issue View git blame Copy permalink