The purpose of this example is to demonstrate following features of NVFlare,
- Run NVFlare in secure mode
- Demonstrate job-level authorization policy
- Install Python and set up a Virtual Environment,
python3 -m venv nvflare-env
source nvflare-env/bin/activate
- Install NVFlare
pip install nvflare
- The example is part of the NVFlare source code. The source code can be obtained like this,
git clone https://github.com/NVIDIA/NVFlare.git
- TLS requires domain names. Please add the following line in the
/etc/hostsfile,
127.0.0.1 server1
cd NVFlare/examples/advanced/job-level-authorization
./setup.sh
All the startup kits will be generated in this folder,
/tmp/nvflare/poc/job-level-authorization/prod_00
Note that the "workspace" folder is removed every time setup.sh is run. Please do not save customized files in this folder.
This script will start up the server and 2 clients,
nvflare poc start
For example, to login as the [email protected] user:
cd /tmp/nvflare/poc/job-level-authorization/prod_00/[email protected]
./startup/fl_admin.sh
At the prompt, enter the user email [email protected]
The setup.sh has copied the jobs folder to the workspace folder. So jobs can be submitted like this, type the following command in the admin console:
submit_job ../../job1
submit_job ../../job2
server1: NVFlare serversite_a: Site_a has a CustomSecurityHandler set up which does not allow the job "FL Demo Job1" to run. Any other named jobs will be able to deploy and run on site_a.site_b: Site_b does not have the extra security handling codes. It allows any job to be deployed and run.
- job1: The job is called
hello-numpy-sag. site_a will allow this job to run. - job2: The job is called
FL Demo Job1. site_a will block this job to run.