Modal logo
GuideReference

Overview

Introduction Example: Hello, world Tutorial: A simple web scraper

Custom container images

Custom container images Private registries Example: Use a headless browser

Scaling out

Scaling out Example: Hyperparameter search Example: Stock prices in parallel Example: Face detection on YouTube videos

Secrets and environment variables

Secrets Example: Write to Google Sheets

GPUs and other resources

GPU acceleration Requesting more memory Requesting more CPU

Deployment

Managing deployments Invoke deployed functions

Scheduling and cron jobs

Scheduling remote cron jobs Example: Hacker News Slackbot

Web endpoints

Web endpoints Web endpoint URLs Request timeouts Example: Document OCR job queue Example: Document OCR web app Example: Dynamic SVG badge

Sharing data

Passing local data Shared volumes

Machine learning examples

Fast Stable diffusion Transcribe podcasts in 1 minute with OpenAI's Whisper model Create Dreambooth Pet Art with HuggingFace and Gradio Train a FastAI model with WandB, and share it with Gradio Fit a model using TensorFlow and TensorBoard Run batch inference with HuggingFace Serve an object detection model on the web (with webcam input) Question-answering with LangChain Play with ControlNet

Example integrations

DuckDB: Analyze NYC taxi data in parallel Blender: Distributed 3D rendering SQLite: Publish explorable data with Datasette

Reliability and robustness

Failures and retries Preemption Timeouts Troubleshooting

Other topics

Developing and debugging Cold start performance Workspaces Asynchronous usage Global variables Container lifecycle (beta) Apps, stubs, and entrypoints Useful snippets Example: Algolia docsearch crawler

Private registries

Modal uses Docker Hub as the default container registry. All images pulled from Docker Hub are public.

We also support private image registries, starting with AWS’ Elastic Container Registry (ECR).

Elastic Container Registry (ECR)

You can pull images from your AWS ECR account by specifying the full image URI as follows:

aws_secret = modal.Secret.from_name("my-aws-secret")
image = (
    modal.Image
        .from_aws_ecr(
            "000000000000.dkr.ecr.us-east-1.amazonaws.com/my-private-registry:latest",
            secret=aws_secret)
        .pip_install("torch", "huggingface")
)

stub = modal.Stub(image=image)

As shown above, you also need to use a Modal Secret containing the environment variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY. The AWS IAM user account associated with those keys must have access to the private registry you want to access.

The user needs to have the following read-only policies:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ecr:GetAuthorizationToken",
        "ecr:BatchCheckLayerAvailability",
        "ecr:GetDownloadUrlForLayer",
        "ecr:GetRepositoryPolicy",
        "ecr:DescribeRepositories",
        "ecr:ListImages",
        "ecr:DescribeImages",
        "ecr:BatchGetImage",
        "ecr:GetLifecyclePolicy",
        "ecr:GetLifecyclePolicyPreview",
        "ecr:ListTagsForResource",
        "ecr:DescribeImageScanFindings"
      ],
      "Resource": "<MY-REGISTRY-ARN>"
    }
  ]
}

You can use the IAM configuration above as a template for creating an IAM user. You can then generate an access key and create a Modal Secret using the AWS integration option. Modal will use your access keys to generate an ephemeral ECR token. That token is only used to pull image layers at the time a new image is built. We don’t store this token but will cache the image once it has been pulled.

Images on ECR must be private and follow image configuration requirements.