Install and run Face containers

Azure Cognitive Services Face provides a standardized Linux container for Docker that detects human faces in images. It also identifies attributes, which include face landmarks such as noses and eyes, gender, age, and other machine-predicted facial features. In addition to detection, Face can check if two faces in the same image or different images are the same by using a confidence score. Face also can compare faces against a database to see if a similar-looking or identical face already exists. It also can organize similar faces into groups by using shared visual traits.

If you don't have an Azure subscription, create a free account before you begin.

Prerequisites

You must meet the following prerequisites before you use the Face API containers.

Required Purpose
Docker Engine The Docker Engine must be installed on a host computer. Docker provides packages that configure the Docker environment on macOS, Windows, and Linux. For a primer on Docker and container basics, see the Docker overview.

Docker must be configured to allow the containers to connect with and send billing data to Azure.

On Windows, Docker also must be configured to support Linux containers.

Familiarity with Docker You need a basic understanding of Docker concepts, such as registries, repositories, containers, and container images. You also need knowledge of basic docker commands.
Azure Cognitive Services resource To use the container, you must have:

An Azure Cognitive Services resource and the associated billing key and the billing endpoint URI. Both values are available on the Overview and Keys pages for the resource. They're required to start the container. Add the face/v1.0 routing to the endpoint URI, as shown in the following BILLING_ENDPOINT_URI example:

{BILLING_KEY}: resource key

{BILLING_ENDPOINT_URI}: endpoint URI example is https://westus.api.cognitive.microsoft.com/face/v1.0

Request access to the private container registry

Fill out and submit the Cognitive Services Vision Containers Request form to request access to the container. The form requests information about you, your company, and the user scenario for which you'll use the container. After you submit the form, the Azure Cognitive Services team reviews it to make sure that you meet the criteria for access to the private container registry.

Important

You must use an email address associated with either a Microsoft Account (MSA) or an Azure Active Directory (Azure AD) account in the form.

If your request is approved, you receive an email with instructions that describe how to obtain your credentials and access the private container registry.

Log in to the private container registry

There are several ways to authenticate with the private container registry for Cognitive Services containers. We recommend that you use the command-line method by using the Docker CLI.

Use the docker login command, as shown in the following example, to log in to containerpreview.azurecr.io, which is the private container registry for Cognitive Services containers. Replace <username> with the user name and <password> with the password provided in the credentials you received from the Azure Cognitive Services team.

docker login containerpreview.azurecr.io -u <username> -p <password>

If you secured your credentials in a text file, you can concatenate the contents of that text file to the docker login command. Use the cat command, as shown in the following example. Replace <passwordFile> with the path and name of the text file that contains the password. Replace <username> with the user name provided in your credentials.

cat <passwordFile> | docker login containerpreview.azurecr.io -u <username> --password-stdin

The host computer

The host is a x64-based computer that runs the Docker container. It can be a computer on your premises or a Docker hosting service in Azure, such as:

Container requirements and recommendations

The following table describes the minimum and recommended CPU cores and memory to allocate for each Face API container.

Container Minimum Recommended Transactions per second
(Minimum, maximum)
Face 1 core, 2-GB memory 1 core, 4-GB memory 10, 20
  • Each core must be at least 2.6 GHz or faster.
  • Transactions per second (TPS).

Core and memory correspond to the --cpus and --memory settings, which are used as part of the docker run command.

Get the container image with docker pull

Container images for the Face API are available.

Container Repository
Face containerpreview.azurecr.io/microsoft/cognitive-services-face:latest

Tip

You can use the docker images command to list your downloaded container images. For example, the following command lists the ID, repository, and tag of each downloaded container image, formatted as a table:

docker images --format "table {{.ID}}\t{{.Repository}}\t{{.Tag}}"

IMAGE ID            REPOSITORY              TAG
ebbee78a6baa       <container-name>         latest

Docker pull for the Face container

docker pull containerpreview.azurecr.io/microsoft/cognitive-services-face:latest

Use the container

After the container is on the host computer, use the following process to work with the container.

  1. Run the container with the required billing settings. More examples of the docker run command are available.
  2. Query the container's prediction endpoint.

Run the container with docker run

Use the docker run command to run any of the three containers. The command uses the following parameters.

Placeholder Value
{BILLING_KEY} This key is used to start the container and is available on the Azure Cognitive Services Keys page.
{BILLING_ENDPOINT_URI} The billing endpoint URI value is available on the Azure Cognitive Services Overview page. An example is https://westus.api.cognitive.microsoft.com/face/v1.0.

Add the face/v1.0 routing to the endpoint URI, as shown in the preceding BILLING_ENDPOINT_URI example.

Replace these parameters with your own values in the following docker run command example:

docker run --rm -it -p 5000:5000 --memory 4g --cpus 1 \
containerpreview.azurecr.io/microsoft/cognitive-services-face \
Eula=accept \
Billing={BILLING_ENDPOINT_URI} \
ApiKey={BILLING_KEY}

This command:

  • Runs a face container from the container image.
  • Allocates one CPU core and 4 GB of memory.
  • Exposes TCP port 5000 and allocates a pseudo TTY for the container.
  • Automatically removes the container after it exits. The container image is still available on the host computer.

More examples of the docker run command are available.

Important

The Eula, Billing, and ApiKey options must be specified to run the container or the container won't start. For more information, see Billing.

Run multiple containers on the same host

If you intend to run multiple containers with exposed ports, make sure to run each container with a different exposed port. For example, run the first container on port 5000 and the second container on port 5001.

You can have this container and a different Azure Cognitive Services container running on the HOST together. You also can have multiple containers of the same Cognitive Services container running.

Query the container's prediction endpoint

The container provides REST-based query prediction endpoint APIs.

Use the host, https://localhost:5000, for container APIs.

Validate that a container is running

There are several ways to validate that the container is running.

Request Purpose
http://localhost:5000/ The container provides a home page.
http://localhost:5000/status Requested with GET, to validate that the container is running without causing an endpoint query. This request can be used for Kubernetes liveness and readiness probes.
http://localhost:5000/swagger The container provides a full set of documentation for the endpoints and a Try it now feature. With this feature, you can enter your settings into a web-based HTML form and make the query without having to write any code. After the query returns, an example CURL command is provided to demonstrate the HTTP headers and body format that's required.

Container's home page

Stop the container

To shut down the container, in the command-line environment where the container is running, select Ctrl+C.

Troubleshooting

If you run the container with an output mount and logging is enabled, the container generates log files that are helpful to troubleshoot issues that happen while you start or run the container.

Billing

The Face API containers send billing information to Azure by using a Face API resource on your Azure account.

Queries to the container are billed at the pricing tier of the Azure resource used for the <ApiKey>.

Azure Cognitive Services containers aren't licensed to run without being connected to the billing endpoint for metering. You must enable the containers to communicate billing information with the billing endpoint at all times. Cognitive Services containers don't send customer data, such as the image or text that's being analyzed, to Microsoft.

Connect to Azure

The container needs the billing argument values to run. These values allow the container to connect to the billing endpoint. The container reports usage about every 10 to 15 minutes. If the container doesn't connect to Azure within the allowed time window, the container continues to run but doesn't serve queries until the billing endpoint is restored. The connection is attempted 10 times at the same time interval of 10 to 15 minutes. If it can't connect to the billing endpoint within the 10 tries, the container stops running.

Billing arguments

All three of the following options must be specified with valid values in order for the docker run command to start the container.

Option Description
ApiKey The API key of the Cognitive Services resource used to track billing information.
The value of this option must be set to an API key for the provisioned resource specified in Billing.
Billing The endpoint of the Cognitive Services resource used to track billing information.
The value of this option must be set to the endpoint URI of a provisioned Azure resource.
Eula Indicates that you accepted the license for the container.
The value of this option must be set to accept.

For more information about these options, see Configure containers.

Summary

In this article, you learned concepts and workflow for how to download, install, and run Face API containers. In summary:

  • The Face API provides three Linux containers for Docker that provide key phrase extraction, language detection, and sentiment analysis.
  • Container images are downloaded from the Azure Container Registry.
  • Container images run in Docker.
  • You can use either the REST API or the SDK to call operations in Face API containers by specifying the host URI of the container.
  • You must specify billing information when you instantiate a container.

Important

Cognitive Services containers aren't licensed to run without being connected to Azure for metering. Customers must enable the containers to communicate billing information with the metering service at all times. Cognitive Services containers don't send customer data, such as the image or text that's being analyzed, to Microsoft.

Next steps