Search code examples
azure-machine-learning-service

How to get reference to AzureML Workspace Class in scoring script?

My scoring function needs to refer to an Azure ML Registered Dataset for which I need a reference to the AzureML Workspace object. When including this in the init() function of the scoring script it gives the following error:

 "code": "ScoreInitRestart",
      "message": "Your scoring file's init() function restarts frequently. You can address the error by increasing the value of memory_gb in deployment_config."

On debugging the issue is:

To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code [REDACTED] to authenticate.

How can I resolve this issue without exposing Service Principal Credentials in the scoring script?

Solution

  • I found a workaround to reference the workspace in the scoring script. Below is a code snippet of how one can do that -

    My deploy script looks like this :

    from azureml.core import Environment
from azureml.core.model import InferenceConfig

#Add python dependencies for the models
scoringenv = Environment.from_conda_specification(
                                   name = "scoringenv",
                                   file_path="config_files/scoring_env.yml"
                                    )
#Create a dictionary to set-up the env variables   
env_variables={'tenant_id':tenant_id,
                        'subscription_id':subscription_id,
                        'resource_group':resource_group,
                        'client_id':client_id,
                        'client_secret':client_secret
                        }
    
scoringenv.environment_variables=env_variables
            
# Configure the scoring environment
inference_config = InferenceConfig(
                                   entry_script='score.py',
                                   source_directory='scripts/',
                                   environment=scoringenv
                                        )

    What I am doing here is creating an image with the python dependencies(in the scoring_env.yml) and passing a dictionary of the secrets as environment variables. I have the secrets stored in the key-vault. You may define and pass native python datatype variables.

    Now, In my score.py, I reference these environment variables in the init() like this -

    tenant_id = os.environ.get('tenant_id')
client_id = os.environ.get('client_id')
client_secret = os.environ.get('client_secret')
subscription_id = os.environ.get('subscription_id')
resource_group = os.environ.get('resource_group')

    Once you have these variables, you may create a workspace object using Service Principal authentication like @Anders Swanson mentioned in his reply.

    Another way to resolve this may be by using managed identities for AKS. I did not explore that option.

    Hope this helps! Please let me know if you found a better way of solving this.

    Thanks!