From 98647de38fa26b623bc3da5e6d45933d754f0846 Mon Sep 17 00:00:00 2001 From: Yiheng Wang Date: Mon, 27 Sep 2021 12:55:45 +0800 Subject: [PATCH 1/2] update with nvflare 1.1 and monai 0.7 Signed-off-by: Yiheng Wang --- .../nvflare_example_docker/1-Startup.ipynb | 58 +----- .../nvflare_example_docker/2-Server.ipynb | 18 +- .../nvflare_example_docker/3-Client.ipynb | 34 ++-- .../nvflare_example_docker/4-Admin.ipynb | 189 +++++++++++++----- .../docker_files/Dockerfile | 4 +- .../expr_files/authz_config.json | 101 ---------- .../expr_files/prepare_expr_files.sh | 8 +- .../expr_files/project.yml | 100 +++++++-- 8 files changed, 249 insertions(+), 263 deletions(-) delete mode 100644 federated_learning/nvflare/nvflare_example_docker/expr_files/authz_config.json diff --git a/federated_learning/nvflare/nvflare_example_docker/1-Startup.ipynb b/federated_learning/nvflare/nvflare_example_docker/1-Startup.ipynb index 4123c671d3..c4896ecbed 100644 --- a/federated_learning/nvflare/nvflare_example_docker/1-Startup.ipynb +++ b/federated_learning/nvflare/nvflare_example_docker/1-Startup.ipynb @@ -37,19 +37,18 @@ "data": { "text/plain": [ "['project.yml',\n", - " 'prerpare_expr_files.sh',\n", " 'researcher@nvidia.com.zip',\n", " 'download_dataset.py',\n", - " 'authz_config.json',\n", " 'org1-b.zip',\n", " 'researcher@org2.com.zip',\n", " 'admin@nvidia.com.zip',\n", " 'org1-a.zip',\n", - " 'audit.pkl',\n", + " 'org3.zip',\n", " 'server.zip',\n", " 'researcher@org1.com.zip',\n", " 'org2.zip',\n", - " 'it@org2.com.zip']" + " 'it@org2.com.zip',\n", + " 'prepare_expr_files.sh']" ] }, "execution_count": 2, @@ -83,14 +82,9 @@ "text": [ "demo_workspace created!\n", "unzip: server finished.\n", - "unzip: admin@nvidia.com finished.\n", - "unzip: researcher@nvidia.com finished.\n", - "unzip: researcher@org1.com finished.\n", - "unzip: researcher@org2.com finished.\n", - "unzip: it@org2.com finished.\n", "unzip: org1-a finished.\n", "unzip: org1-b finished.\n", - "unzip: org2 finished.\n" + "unzip: admin@nvidia.com finished.\n" ] } ], @@ -102,39 +96,15 @@ " os.makedirs(workspace)\n", " print(workspace, \" created!\")\n", "\n", - "admin_name = \"admin@nvidia.com\"\n", - "client_name_1 = \"org1-a\"\n", - "client_name_2 = \"org1-b\"\n", - "server_name = \"server\"\n", + "used_file_names = [\"server\", \"org1-a\", \"org1-b\", \"admin@nvidia.com\"]\n", "\n", - "# access audit file get passwords for unzipping packages\n", - "with open(os.path.join(startup_path, \"audit.pkl\"), 'rb') as handle:\n", - " audit_file = pickle.load(handle)\n", - "\n", - "proj_name = list(audit_file.keys())[0]\n", - "pw_key = \"zip_pw\"\n", - "server_folder_list = [\"server\"]\n", - "client_folder_list = [\"admin_clients\", \"fl_clients\"]\n", - "\n", - "folder_pwd_dict = {}\n", - "for obj in server_folder_list:\n", - " unzip_pw = audit_file[proj_name][obj][pw_key]\n", - " folder_pwd_dict[obj] = unzip_pw\n", - "\n", - "for obj in client_folder_list:\n", - " obj_sub_dict = audit_file[proj_name][obj]\n", - " for client in obj_sub_dict.keys():\n", - " unzip_pw = obj_sub_dict[client][pw_key]\n", - " folder_pwd_dict[client] = unzip_pw\n", - "\n", - "# unzip all folders into workspace\n", - "for name, pwd in folder_pwd_dict.items():\n", + "for name in used_file_names:\n", " zip_file_path = os.path.join(startup_path, name + \".zip\")\n", " dst_file_path = os.path.join(workspace, name)\n", " if not os.path.exists(dst_file_path):\n", " os.makedirs(dst_file_path)\n", " with ZipFile(zip_file_path, 'r') as zip_ref:\n", - " zip_ref.extractall(path=dst_file_path, pwd=bytes(pwd, 'utf-8'))\n", + " zip_ref.extractall(path=dst_file_path)\n", " # change permissions\n", " if \".com\" in name:\n", " sub_file_list = [\"docker.sh\", \"fl_admin.sh\"]\n", @@ -153,15 +123,7 @@ { "data": { "text/plain": [ - "['org1-b',\n", - " 'researcher@nvidia.com',\n", - " 'server',\n", - " 'admin@nvidia.com',\n", - " 'researcher@org2.com',\n", - " 'org1-a',\n", - " 'org2',\n", - " 'researcher@org1.com',\n", - " 'it@org2.com']" + "['org1-b', 'server', 'admin@nvidia.com', 'org1-a']" ] }, "execution_count": 4, @@ -197,7 +159,7 @@ "source": [ "config_folder = \"spleen_example\"\n", "\n", - "transfer_path = os.path.join(workspace, admin_name, \"transfer/\")\n", + "transfer_path = os.path.join(workspace, \"admin@nvidia.com\", \"transfer/\")\n", "if not os.path.exists(transfer_path):\n", " os.makedirs(transfer_path)\n", "shutil.copytree(config_folder, os.path.join(transfer_path, config_folder))\n", @@ -233,7 +195,7 @@ ], "metadata": { "kernelspec": { - "display_name": "Python 3", + "display_name": "Python 3 (ipykernel)", "language": "python", "name": "python3" }, diff --git a/federated_learning/nvflare/nvflare_example_docker/2-Server.ipynb b/federated_learning/nvflare/nvflare_example_docker/2-Server.ipynb index e05829d86b..4ab15722b8 100644 --- a/federated_learning/nvflare/nvflare_example_docker/2-Server.ipynb +++ b/federated_learning/nvflare/nvflare_example_docker/2-Server.ipynb @@ -63,8 +63,8 @@ "== PyTorch ==\n", "=============\n", "\n", - "NVIDIA Release 21.04 (build 22382700)\n", - "PyTorch Version 1.9.0a0+2ecb2c7\n", + "NVIDIA Release 21.08 (build 26011915)\n", + "PyTorch Version 1.10.0a0+3fd9dcf\n", "\n", "Container image Copyright (c) 2021, NVIDIA CORPORATION. All rights reserved.\n", "\n", @@ -89,15 +89,9 @@ "By pulling and using the container, you accept the terms and conditions of this license:\n", "https://developer.nvidia.com/ngc/nvidia-deep-learning-container-license\n", "\n", - "WARNING: The NVIDIA Driver was not detected. GPU functionality will not be available.\n", - " Use 'nvidia-docker run' to start this container; see\n", - " https://github.com/NVIDIA/nvidia-docker/wiki/nvidia-docker .\n", - "\n", "NOTE: MOFED driver for multi-node communication was not detected.\n", " Multi-node communication performance may be reduced.\n", "\n", - "\u001b]0;root@sys: /workspace\u0007root@sys:/workspace# ^C\n", - "\n", "\u001b]0;root@sys: /workspace\u0007root@sys:/workspace# " ] } @@ -106,7 +100,7 @@ "server_name = \"server\"\n", "workspace = \"demo_workspace\"\n", "\n", - "server_startup_path = os.path.join(workspace, server_name, 'startup')\n", + "server_startup_path = os.path.join(workspace, server_name, \"startup\")\n", "cmd = server_startup_path + \"/docker.sh\"\n", "\n", "\n", @@ -137,8 +131,8 @@ "name": "stdout", "output_type": "stream", "text": [ - "CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\n", - "a4d31af29041 monai_nvflare:latest \"/usr/local/bin/nvid…\" 3 seconds ago Up 3 seconds flserver\n" + "CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\n", + "08492335d003 monai_nvflare:latest \"/usr/local/bin/nvid…\" 2 seconds ago Up 1 second flserver\n" ] } ], @@ -216,7 +210,7 @@ ], "metadata": { "kernelspec": { - "display_name": "Python 3", + "display_name": "Python 3 (ipykernel)", "language": "python", "name": "python3" }, diff --git a/federated_learning/nvflare/nvflare_example_docker/3-Client.ipynb b/federated_learning/nvflare/nvflare_example_docker/3-Client.ipynb index d70ba3ae41..88928ad542 100644 --- a/federated_learning/nvflare/nvflare_example_docker/3-Client.ipynb +++ b/federated_learning/nvflare/nvflare_example_docker/3-Client.ipynb @@ -159,7 +159,7 @@ }, { "cell_type": "code", - "execution_count": 4, + "execution_count": 3, "metadata": { "pycharm": { "metadata": false, @@ -171,8 +171,8 @@ "name": "stdout", "output_type": "stream", "text": [ - "running cmd demo_workspace/org1-a/startup/docker.sh\n", "running cmd demo_workspace/org1-b/startup/docker.sh\n", + "running cmd demo_workspace/org1-a/startup/docker.sh\n", "Starting docker with monai_nvflare:latest\n", "Starting docker with monai_nvflare:latest\n", "\n", @@ -180,8 +180,8 @@ "== PyTorch ==\n", "=============\n", "\n", - "NVIDIA Release 21.04 (build 22382700)\n", - "PyTorch Version 1.9.0a0+2ecb2c7\n", + "NVIDIA Release 21.08 (build 26011915)\n", + "PyTorch Version 1.10.0a0+3fd9dcf\n", "\n", "Container image Copyright (c) 2021, NVIDIA CORPORATION. All rights reserved.\n", "\n", @@ -210,8 +210,8 @@ "== PyTorch ==\n", "=============\n", "\n", - "NVIDIA Release 21.04 (build 22382700)\n", - "PyTorch Version 1.9.0a0+2ecb2c7\n", + "NVIDIA Release 21.08 (build 26011915)\n", + "PyTorch Version 1.10.0a0+3fd9dcf\n", "\n", "Container image Copyright (c) 2021, NVIDIA CORPORATION. All rights reserved.\n", "\n", @@ -239,14 +239,10 @@ "NOTE: MOFED driver for multi-node communication was not detected.\n", " Multi-node communication performance may be reduced.\n", "\n", - "\n", + "venn@sys:/workspace$ \n", "NOTE: MOFED driver for multi-node communication was not detected.\n", " Multi-node communication performance may be reduced.\n", "\n", - "venn@sys:/workspace$ venn@sys:/workspace$ ^C\n", - "\n", - "venn@sys:/workspace$ ^C\n", - "\n", "venn@sys:/workspace$ " ] } @@ -280,17 +276,17 @@ }, { "cell_type": "code", - "execution_count": 5, + "execution_count": 4, "metadata": {}, "outputs": [ { "name": "stdout", "output_type": "stream", "text": [ - "CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\n", - "d87439228f1a monai_nvflare:latest \"/usr/local/bin/nvid…\" 4 seconds ago Up 3 seconds org1-b\n", - "fc4227a0abfd monai_nvflare:latest \"/usr/local/bin/nvid…\" 4 seconds ago Up 3 seconds org1-a\n", - "a4d31af29041 monai_nvflare:latest \"/usr/local/bin/nvid…\" About a minute ago Up About a minute flserver\n" + "CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\n", + "96c8f9406303 monai_nvflare:latest \"/usr/local/bin/nvid…\" 2 seconds ago Up 1 second org1-a\n", + "6b5d9eefc699 monai_nvflare:latest \"/usr/local/bin/nvid…\" 2 seconds ago Up 1 second org1-b\n", + "08492335d003 monai_nvflare:latest \"/usr/local/bin/nvid…\" 40 seconds ago Up 39 seconds flserver\n" ] } ], @@ -317,7 +313,7 @@ }, { "cell_type": "code", - "execution_count": 6, + "execution_count": 5, "metadata": {}, "outputs": [ { @@ -329,7 +325,7 @@ "" ] }, - "execution_count": 6, + "execution_count": 5, "metadata": {}, "output_type": "execute_result" } @@ -390,7 +386,7 @@ ], "metadata": { "kernelspec": { - "display_name": "Python 3", + "display_name": "Python 3 (ipykernel)", "language": "python", "name": "python3" }, diff --git a/federated_learning/nvflare/nvflare_example_docker/4-Admin.ipynb b/federated_learning/nvflare/nvflare_example_docker/4-Admin.ipynb index 43344c39be..749be69c26 100644 --- a/federated_learning/nvflare/nvflare_example_docker/4-Admin.ipynb +++ b/federated_learning/nvflare/nvflare_example_docker/4-Admin.ipynb @@ -39,16 +39,6 @@ "cell_type": "code", "execution_count": 1, "metadata": {}, - "outputs": [], - "source": [ - "import os\n", - "from IPython.display import HTML" - ] - }, - { - "cell_type": "code", - "execution_count": 2, - "metadata": {}, "outputs": [ { "data": { @@ -56,14 +46,20 @@ "['spleen_example']" ] }, - "execution_count": 2, + "execution_count": 1, "metadata": {}, "output_type": "execute_result" } ], "source": [ - "workspace = 'demo_workspace/'\n", - "transfer_path = os.path.join(workspace, 'admin@nvidia.com', 'transfer')\n", + "import os\n", + "from IPython.display import HTML\n", + "from multiprocessing import Process\n", + "\n", + "workspace = \"demo_workspace/\"\n", + "admin_name = \"admin@nvidia.com\"\n", + "\n", + "transfer_path = os.path.join(workspace, admin_name, \"transfer\")\n", "os.listdir(transfer_path)" ] }, @@ -71,64 +67,151 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "### Build Admin Environment and Start" + "### Edit Docker Script\n", + "\n", + "Before starting the docker script, you need to edit it to ensure that the environments (such as dataset, GPUs, memory, ...) meet your requirement." ] }, { "cell_type": "markdown", "metadata": {}, "source": [ - "In the admin folder, there is a `.whl` file which contains all the required libraries for the admin client:" + "[Please click here to check the admin@nvidia.com script](demo_workspace/admin@nvidia.com/startup/docker.sh)\n", + "\n", + "For this experiment, please modify the script in order to use the host network:\n", + "\n", + "```\n", + "#!/usr/bin/env bash\n", + "DIR=\"$( cd \"$( dirname \"${BASH_SOURCE[0]}\" )\" >/dev/null 2>&1 && pwd )\"\n", + "# docker run script for FL admin\n", + "# to use host network, use line below\n", + "NETARG=\"--net=host\"\n", + "# Admin clients do not need to open ports, so the following line is not needed.\n", + "#NETARG=\"-p 8003:8003\"\n", + "DOCKER_IMAGE=monai_nvflare:latest\n", + "echo \"Starting docker with $DOCKER_IMAGE\"\n", + "docker run --rm -it --name=fladmin -v $DIR/..:/workspace/ -w /workspace/ --ipc=host $NETARG $DOCKER_IMAGE /bin/bash\n", + "```" + ] + }, + { + "cell_type": "markdown", + "metadata": { + "tags": [] + }, + "source": [ + "### Start Admin Docker" ] }, { "cell_type": "code", - "execution_count": 3, + "execution_count": 2, "metadata": {}, "outputs": [ { "name": "stdout", "output_type": "stream", "text": [ - "startup_path: demo_workspace/admin@nvidia.com/startup\n" + "running cmd demo_workspace/admin@nvidia.com/startup/docker.sh\n", + "Starting docker with monai_nvflare:latest\n", + "\n", + "=============\n", + "== PyTorch ==\n", + "=============\n", + "\n", + "NVIDIA Release 21.08 (build 26011915)\n", + "PyTorch Version 1.10.0a0+3fd9dcf\n", + "\n", + "Container image Copyright (c) 2021, NVIDIA CORPORATION. All rights reserved.\n", + "\n", + "Copyright (c) 2014-2021 Facebook Inc.\n", + "Copyright (c) 2011-2014 Idiap Research Institute (Ronan Collobert)\n", + "Copyright (c) 2012-2014 Deepmind Technologies (Koray Kavukcuoglu)\n", + "Copyright (c) 2011-2012 NEC Laboratories America (Koray Kavukcuoglu)\n", + "Copyright (c) 2011-2013 NYU (Clement Farabet)\n", + "Copyright (c) 2006-2010 NEC Laboratories America (Ronan Collobert, Leon Bottou, Iain Melvin, Jason Weston)\n", + "Copyright (c) 2006 Idiap Research Institute (Samy Bengio)\n", + "Copyright (c) 2001-2004 Idiap Research Institute (Ronan Collobert, Samy Bengio, Johnny Mariethoz)\n", + "Copyright (c) 2015 Google Inc.\n", + "Copyright (c) 2015 Yangqing Jia\n", + "Copyright (c) 2013-2016 The Caffe contributors\n", + "All rights reserved.\n", + "\n", + "NVIDIA Deep Learning Profiler (dlprof) Copyright (c) 2021, NVIDIA CORPORATION. All rights reserved.\n", + "\n", + "Various files include modifications (c) NVIDIA CORPORATION. All rights reserved.\n", + "\n", + "This container image and its contents are governed by the NVIDIA Deep Learning Container License.\n", + "By pulling and using the container, you accept the terms and conditions of this license:\n", + "https://developer.nvidia.com/ngc/nvidia-deep-learning-container-license\n", + "\n", + "NOTE: MOFED driver for multi-node communication was not detected.\n", + " Multi-node communication performance may be reduced.\n", + "\n", + "\u001b]0;root@sys: /workspace\u0007root@sys:/workspace# " ] - }, + } + ], + "source": [ + "admin_startup_path = os.path.join(workspace, admin_name, \"startup\")\n", + "cmd = admin_startup_path + \"/docker.sh\"\n", + "\n", + "\n", + "def run_admin():\n", + " cmd = admin_startup_path + \"/docker.sh\"\n", + " print(\"running cmd \" + cmd)\n", + " !$cmd\n", + "\n", + "\n", + "p1 = Process(target=run_admin)\n", + "\n", + "p1.start()" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Check Started Containers" + ] + }, + { + "cell_type": "code", + "execution_count": 3, + "metadata": {}, + "outputs": [ { - "data": { - "text/plain": [ - "['fl_admin.sh',\n", - " 'client.crt',\n", - " 'client.key',\n", - " 'readme.txt',\n", - " 'docker.sh',\n", - " 'clara_hci-4.0.0-py3-none-any.whl',\n", - " 'signature.pkl',\n", - " 'rootCA.pem']" - ] - }, - "execution_count": 3, - "metadata": {}, - "output_type": "execute_result" + "name": "stdout", + "output_type": "stream", + "text": [ + "CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\n", + "3de0f6690d8e monai_nvflare:latest \"/usr/local/bin/nvid…\" 6 seconds ago Up 6 seconds fladmin\n", + "96c8f9406303 monai_nvflare:latest \"/usr/local/bin/nvid…\" 52 seconds ago Up 52 seconds org1-a\n", + "6b5d9eefc699 monai_nvflare:latest \"/usr/local/bin/nvid…\" 52 seconds ago Up 52 seconds org1-b\n", + "08492335d003 monai_nvflare:latest \"/usr/local/bin/nvid…\" About a minute ago Up About a minute flserver\n" + ] } ], "source": [ - "startup_path = os.path.join(workspace, 'admin@nvidia.com', 'startup')\n", - "print(\"startup_path: \", startup_path)\n", - "os.listdir(startup_path)" + "!docker ps -a" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ - "To build the environment, you should:\n", - "- open a new terminal.\n", - "- create and then enter a new python virtual environment.\n", - "- install the `.whl` file.\n", + "### Start Admin" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "To start an admin, you should:\n", "\n", - "To start the admin, you should:\n", - "- run `fl_admin.sh`.\n", - "- type the admin name for authentication." + "- open a terminal and enter the container named `fladmin`.\n", + "- run `fl_admin.sh` under `startup/`.\n", + "- input admin name `admin@nvidia.com`." ] }, { @@ -161,12 +244,8 @@ "You can accomplish these steps by running:\n", "\n", "```\n", - "python3 -m venv venv/fl-admin\n", - "source venv/fl-admin/bin/activate\n", - "cd demo_workspace/admin@nvidia.com/startup/\n", - "pip install --upgrade pip\n", - "python3 -m pip install *.whl\n", - "\n", + "docker exec -it fladmin bash\n", + "cd startup/\n", "bash fl_admin.sh\n", "admin@nvidia.com\n", "```" @@ -186,10 +265,10 @@ "\n", "The commands can be:\n", "```\n", - "upload_folder spleen_example\n", + "upload_app spleen_example\n", "set_run_number 1\n", - "deploy spleen_example server\n", - "deploy spleen_example client\n", + "deploy_app spleen_example server\n", + "deploy_app spleen_example client\n", "```\n", "\n", "Now, let's check if the folder has been distributed into the server and all client(s):" @@ -248,8 +327,8 @@ "source": [ "Now, you can start training with:\n", "```\n", - "start server\n", - "start client\n", + "start_app server\n", + "start_app client\n", "```\n", "You can check the status by running:\n", "```\n", @@ -329,7 +408,7 @@ ], "metadata": { "kernelspec": { - "display_name": "Python 3", + "display_name": "Python 3 (ipykernel)", "language": "python", "name": "python3" }, diff --git a/federated_learning/nvflare/nvflare_example_docker/docker_files/Dockerfile b/federated_learning/nvflare/nvflare_example_docker/docker_files/Dockerfile index 5aeae4c039..61d3f78ed7 100644 --- a/federated_learning/nvflare/nvflare_example_docker/docker_files/Dockerfile +++ b/federated_learning/nvflare/nvflare_example_docker/docker_files/Dockerfile @@ -1,4 +1,4 @@ -FROM projectmonai/monai:0.6.0 +FROM projectmonai/monai:0.7.0 ENV DEBIAN_FRONTEND noninteractive @@ -6,4 +6,4 @@ RUN apt-get -qq update RUN apt-get install -qq -y zip RUN python -m pip install --upgrade pip -RUN python -m pip install nvflare==1.0.2 +RUN python -m pip install nvflare==1.1 diff --git a/federated_learning/nvflare/nvflare_example_docker/expr_files/authz_config.json b/federated_learning/nvflare/nvflare_example_docker/expr_files/authz_config.json deleted file mode 100644 index 78f7a2dc12..0000000000 --- a/federated_learning/nvflare/nvflare_example_docker/expr_files/authz_config.json +++ /dev/null @@ -1,101 +0,0 @@ -{ - "version": "1.0", - "roles": { - "super": "super user of system", - "lead_researcher": "lead researcher of the study", - "site_researcher": "site researcher of the study", - "site_it": "site IT of the study", - "lead_it": "lead IT of the study" - }, - "groups": { - "relaxed": { - "desc": "org group with relaxed policies", - "rules": { - "allow_byoc": true, - "allow_custom_datalist": true - } - }, - "strict": { - "desc": "org group with strict policies", - "rules": { - "allow_byoc": false, - "allow_custom_datalist": false - } - }, - "general": { - "desc": "general group user rights", - "role_rights": { - "super": {}, - "lead_researcher": { - "train_all": true, - "view_all": true - }, - "site_researcher": { - "train_self": true, - "view_self": true - }, - "lead_it": { - "operate_all": true, - "view_all": true - }, - "site_it": { - "operate_self": true, - "view_self": true - } - } - } - }, - "users": { - "admin@nvidia.com": { - "org": "nvidia", - "roles": [ - "super" - ] - }, - "researcher@nvidia.com": { - "org": "nvidia", - "roles": [ - "lead_it", - "site_researcher" - ] - }, - "researcher@org1.com": { - "org": "org1", - "roles": [ - "site_researcher" - ] - }, - "researcher@org2.com": { - "org": "org2", - "roles": [ - "lead_researcher" - ] - }, - "it@org2.com": { - "org": "org2", - "roles": [ - "lead_it" - ] - } - }, - "orgs": { - "org1": [ - "strict", - "general" - ], - "org2": [ - "relaxed", - "general" - ], - "nvidia": [ - "general", - "relaxed" - ] - }, - "sites": { - "server": "nvidia", - "org2": "org2", - "org1-a": "org1", - "org1-b": "org1" - } -} diff --git a/federated_learning/nvflare/nvflare_example_docker/expr_files/prepare_expr_files.sh b/federated_learning/nvflare/nvflare_example_docker/expr_files/prepare_expr_files.sh index 125cb94945..e8bba8b496 100644 --- a/federated_learning/nvflare/nvflare_example_docker/expr_files/prepare_expr_files.sh +++ b/federated_learning/nvflare/nvflare_example_docker/expr_files/prepare_expr_files.sh @@ -1,9 +1,7 @@ -# set fl docker image name -export FL_DOCKER_IMAGE="monai_nvflare:latest" -DOCKER_PROVISION_PATH=/opt/conda/lib/python3.8/site-packages/provision +# prepare provision files +# refer to: https://nvidia.github.io/NVFlare/user_guide/provisioning_tool.html DEMO_PROVISION_PATH="expr_files" -provision -p $DEMO_PROVISION_PATH/project.yml -a $DEMO_PROVISION_PATH/authz_config.json -o $DEMO_PROVISION_PATH -cp $DOCKER_PROVISION_PATH/audit.pkl $DEMO_PROVISION_PATH +NVFL_DOCKER_IMAGE=monai_nvflare:latest provision -n -p $DEMO_PROVISION_PATH/project.yml -o $DEMO_PROVISION_PATH cd /fl_workspace/; chown -R 1000:1000 * # if you do not need to download the spleen dataset, please comment the following lines. diff --git a/federated_learning/nvflare/nvflare_example_docker/expr_files/project.yml b/federated_learning/nvflare/nvflare_example_docker/expr_files/project.yml index 900cb7e72f..d092855a69 100644 --- a/federated_learning/nvflare/nvflare_example_docker/expr_files/project.yml +++ b/federated_learning/nvflare/nvflare_example_docker/expr_files/project.yml @@ -1,3 +1,5 @@ +api_version: 1 + # org is to describe each participant's organization # schema change: org is now mandatory @@ -5,16 +7,17 @@ name: example_project # homomorphic encryption -he: - lib: tenseal - config: - poly_modulus_degree: 8192 - coeff_mod_bit_sizes: [60, 40, 40] - scale_bits: 40 - scheme: CKKS +he_config: + poly_modulus_degree: 8192 + coeff_mod_bit_sizes: [60, 40, 40] + scale_bits: 40 + scheme: CKKS config_folder: config +# Server enforcing role-based rights on admin users. true means all admin users are in role super +disable_authz: false + server: org: nvidia @@ -22,10 +25,10 @@ server: # never set it to example.com cn: localhost - # replace the number with that all clients can reach out to, and that the server can open to listen to + # replace the number with that all clients can reach out to and that the server can open to listen to fed_learn_port: 8002 - # again, replace the number with that all clients can reach out to, and that the server can open to listen to + # again replace the number with that all clients can reach out to and that the server can open to listen to # the value must be different from fed_learn_port admin_port: 8003 @@ -35,15 +38,11 @@ server: min_num_clients: 1 max_num_clients: 100 - # Server enforcing role-based rights on admin users. false means all admin users are in role "super" - auth: true - # The configuration validator class path. - # Server does not load configuration validator when it's set to empty. - # For example: - # config_validator: + # This line must have ONE indentation. That is, it must be + # inside server section. # - # When it's commented out, the default will be used (medl.apps.fed_learn.server.mmar_validator.MMARValidator) + # Server does not load configuration validator when it's commented out. # # Users can specifiy their own validator. For example: # config_validator: @@ -55,7 +54,7 @@ server: # arg1: abc # arg2: 123 - config_validator: + # config_validator: # The following values under fl_clients and admin_clients are for demo purpose only. # Please change them according to the information of actual project. @@ -63,21 +62,80 @@ fl_clients: # client_name must be unique # email is optional - org: org1 - client_name: org1-a + site: org1-a - org: org1 - client_name: org1-b + site: org1-b - org: org2 - client_name: org2 + site: org2 + - org: org3 + site: org3 admin_clients: - # email is the user name for admin authentication. Hence, it must be unique within the project + # email is the user name for admin authentication. Hence it must be unique within the project - org: nvidia email: admin@nvidia.com + roles: + - super - org: nvidia email: researcher@nvidia.com + roles: + - lead_it + - site_researcher - org: org1 email: researcher@org1.com + roles: + - site_researcher - org: org2 email: researcher@org2.com + roles: + - lead_researcher - org: org2 email: it@org2.com + roles: + - lead_it + +authz_policy: + orgs: + org1: + - strict + - general + org2: + - relaxed + - general + nvidia: + - general + - relaxed + org3: + - general + roles: + super: super user of system + lead_researcher: lead researcher of the study + site_researcher: site researcher of the study + site_it: site IT of the study + lead_it: lead IT of the study + groups: + relaxed: + desc: org group with relaxed policies + rules: + byoc: true + custom_datalist: true + strict: + desc: org group with strict policies + rules: + byoc: false + custom_datalist: false + general: + desc: general group user rights + role_rights: + lead_researcher: + train_all: true + view_all: true + site_researcher: + train_self: true + view_self: true + lead_it: + operate_all: true + view_all: true + site_it: + operate_self: true + view_self: true From 7dddce582f4c46608db85e099adae05fd7dd610f Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Mon, 27 Sep 2021 04:57:29 +0000 Subject: [PATCH 2/2] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- .../expr_files/project.yml | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/federated_learning/nvflare/nvflare_example_docker/expr_files/project.yml b/federated_learning/nvflare/nvflare_example_docker/expr_files/project.yml index d092855a69..fb29d5e985 100644 --- a/federated_learning/nvflare/nvflare_example_docker/expr_files/project.yml +++ b/federated_learning/nvflare/nvflare_example_docker/expr_files/project.yml @@ -16,7 +16,7 @@ he_config: config_folder: config # Server enforcing role-based rights on admin users. true means all admin users are in role super -disable_authz: false +disable_authz: false server: org: nvidia @@ -113,29 +113,29 @@ authz_policy: site_researcher: site researcher of the study site_it: site IT of the study lead_it: lead IT of the study - groups: - relaxed: + groups: + relaxed: desc: org group with relaxed policies - rules: + rules: byoc: true custom_datalist: true - strict: + strict: desc: org group with strict policies - rules: + rules: byoc: false custom_datalist: false - general: + general: desc: general group user rights - role_rights: - lead_researcher: + role_rights: + lead_researcher: train_all: true view_all: true - site_researcher: + site_researcher: train_self: true view_self: true - lead_it: + lead_it: operate_all: true view_all: true - site_it: + site_it: operate_self: true view_self: true