To run AIAA with SSL, one needs to generate SSL key and cert files and use aiaa-ssl.conf.
We can use docker-compose with the following docker-compose.yml to do these steps automatically: (Remember to change those “/path/to/your_XXX” to your own path)
version: "3.8"
services:
clara-train-sdk:
image: nvcr.io/nvidia/clara-train-sdk:v4.0
command: sh -c "chmod 777 /workspace &&
mkdir -p /path/to &&
openssl genrsa -des3 -passout pass:throwaway -out /path/to/your_private.key.passcode.tmp 2048 &&
openssl rsa -passin pass:throwaway -in /path/to/your_private.key.passcode.tmp -out /path/to/your_private.key &&
yes '' | openssl req -new -key /path/to/your_private.key -out /path/to/your_private.csr.tmp &&
openssl x509 -req -sha256 -days 365 -in /path/to/your_private.csr.tmp -signkey /path/to/your_private.key -out /path/to/your_domain_name.crt &&
rm /path/to/*.tmp &&
chmod 644 /path/to/* &&
sed -i '/SSLCertificateChainFile/d' /etc/apache2/sites-available/aiaa-ssl.conf &&
a2enmod ssl &&
a2enmod headers &&
a2dissite aiaa &&
a2ensite aiaa-ssl &&
start_aiaa.sh --workspace /workspace/AIAA --engine TRITON --triton_ip tritonserver \
--triton_proto ${TRITON_PROTO} \
--triton_start_timeout ${TRITON_START_TIMEOUT} \
--triton_model_timeout ${TRITON_MODEL_TIMEOUT} \
--triton_verbose ${TRITON_VERBOSE}"
ports:
- "${AIAA_PORT}:5001"
volumes:
- ${AIAA_WORKSPACE}:/workspace
networks:
- aiaa
shm_size: 1gb
ulimits:
memlock: -1
stack: 67108864
depends_on:
- tritonserver
logging:
driver: json-file
tritonserver:
image: nvcr.io/nvidia/tritonserver:21.02-py3
command: >
sh -c "chmod 777 /triton_models &&
/opt/tritonserver/bin/tritonserver \
--model-store /triton_models \
--model-control-mode="poll" \
--repository-poll-secs=5 \
--log-verbose ${TRITON_VERBOSE}"
volumes:
- ${AIAA_WORKSPACE}/triton_models:/triton_models
networks:
- aiaa
shm_size: 1gb
ulimits:
memlock: -1
stack: 67108864
restart: unless-stopped
logging:
driver: json-file
deploy:
resources:
reservations:
devices:
- driver: nvidia
device_ids: ['0']
capabilities: [gpu]
networks:
aiaa: