Azure 認知服務容器Azure Cognitive Services containers

警告

Microsoft 於 2020 年 6 月 11 日宣佈,除非已制訂立基於人權的健全監管法規,否則不會將臉部辨識技術銷銷售給美國的警察部門。On June 11, 2020, Microsoft announced that it will not sell facial recognition technology to police departments in the United States until strong regulation, grounded in human rights, has been enacted. 因此,如果客戶隸屬於美國警察部門,或允許美國警察部門使用此類服務,則客戶可能無法使用臉部識別功能或 Azure 服務中納入的功能 (例如「臉部索引器」或「影片索引器」)。As such, customers may not use facial recognition features or functionality included in Azure Services, such as Face or Video Indexer, if a customer is, or is allowing use of such services by or for, a police department in the United States.

Azure 認知服務提供數個 Docker 容器 ,可讓您使用 Azure 中可用的相同 api (內部部署)。Azure Cognitive Services provides several Docker containers that let you use the same APIs that are available in Azure, on-premises. 使用這些容器可讓您彈性地將認知服務帶到更接近您的資料,以符合法規、安全性或其他操作原因。Using these containers gives you the flexibility to bring Cognitive Services closer to your data for compliance, security or other operational reasons.

容器支援目前適用于 Azure 認知服務的一部分,包括下列各項:Container support is currently available for a subset of Azure Cognitive Services, including parts of:

容器化是散發軟體的方法,它會將應用程式或服務 (包括其相依性及設定) 一起封裝成容器映像。Containerization is an approach to software distribution in which an application or service, including its dependencies & configuration, is packaged together as a container image. 在只需要小幅修改或不修改的情況下,便可將容器映像部署在容器主機上。With little or no modification, a container image can be deployed on a container host. 容器之間彼此隔離,也與基礎作業系統隔離,且磁碟使用量比虛擬機器更小。Containers are isolated from each other and the underlying operating system, with a smaller footprint than a virtual machine. 容器可以從容器映像具現化以進行短期工作,並於不再需要時移除。Containers can be instantiated from container images for short-term tasks, and removed when no longer needed.

認知服務資源可在 Microsoft Azure上取得。Cognitive Services resources are available on Microsoft Azure. 請登入 Azure 入口網站以建立並探索適用於這些服務的 Azure 資源。Sign into the Azure portal to create and explore Azure resources for these services.

功能與優點Features and benefits

  • 不可變的基礎結構:讓 DevOps 團隊能夠利用一致且可靠的已知系統參數集,同時能夠適應變更。Immutable infrastructure: Enable DevOps teams' to leverage a consistent and reliable set of known system parameters, while being able to adapt to change. 容器可讓您彈性地在可預測的生態系統內進行資料透視,並避免設定漂移。Containers provide the flexibility to pivot within a predictable ecosystem and avoid configuration drift.
  • 對資料的控制:選擇認知服務處理資料的位置。Control over data: Choose where your data gets processed by Cognitive Services. 如果您無法將資料傳送至雲端,但需要存取認知服務 API,這可能是不可或缺的。This can be essential if you can't send data to the cloud but need access to Cognitive Services APIs. 支援混合式環境中的一致性,橫跨資料、管理、身分識別及安全性。Support consistency in hybrid environments – across data, management, identity, and security.
  • 對模型更新的控制:在解決方案中部署的模型版本控制和更新的彈性。Control over model updates: Flexibility in versioning and updating of models deployed in their solutions.
  • 可移植的架構:可讓您建立可在 Azure、內部部署和邊緣上部署的可移植應用程式架構。Portable architecture: Enables the creation of a portable application architecture that can be deployed on Azure, on-premises and the edge. 您可以將容器直接部署至 Azure Kubernetes ServiceAzure 容器執行個體,或是已部署至 Azure StackKubernetes 叢集。Containers can be deployed directly to Azure Kubernetes Service, Azure Container Instances, or to a Kubernetes cluster deployed to Azure Stack. 如需詳細資訊,請參閱將 Kubernetes 部署至 Azure StackFor more information, see Deploy Kubernetes to Azure Stack.
  • 高輸送量/低延遲:讓認知服務在實體上以接近其應用程式邏輯和資料的方式執行,讓客戶能夠針對高輸送量和低延遲需求進行調整。High throughput / low latency: Provide customers the ability to scale for high throughput and low latency requirements by enabling Cognitive Services to run physically close to their application logic and data. 容器不會限制每秒交易 (TPS),而且如果您提供必要的硬體資源,會相應增加和相應放大來處理要求。Containers do not cap transactions per second (TPS) and can be made to scale both up and out to handle demand if you provide the necessary hardware resources.
  • 擴充:隨著容器化和容器協調流程軟體的普及,例如 Kubernetes;擴充性是技術進步的 forefront。Scalability: With the ever growing popularity of containerization and container orchestration software, such as Kubernetes; scalability is at the forefront of technological advancements. 以可調整的叢集基礎為基礎,應用程式開發已經考慮至高可用性。Building on a scalable cluster foundation, application development caters to high availability.

Azure 認知服務中的容器Containers in Azure Cognitive Services

Azure 認知服務容器能提供下列 Docker 容器集合,每個容器都包含 Azure 認知服務中服務之功能的子集:Azure Cognitive Services containers provide the following set of Docker containers, each of which contains a subset of functionality from services in Azure Cognitive Services:

服務Service 支援的定價層Supported Pricing Tier 容器Container DescriptionDescription
異常偵測器Anomaly detector F0,S0F0, S0 異常 偵測器 (映射) Anomaly-Detector (image) Anomaly Detector API 可讓您透過機器學習,監視和偵測時間序列資料中的異常狀況。The Anomaly Detector API enables you to monitor and detect abnormalities in your time series data with machine learning.
要求存取Request access
電腦視覺Computer Vision F0,S1F0, S1 讀取 OCR (映射) Read OCR (image) 「讀取 OCR」容器可讓您從影像和檔中取出列印和手寫的文字,並支援 JPEG、PNG、BMP、PDF 和 TIFF 檔案格式。The Read OCR container allows you to extract printed and handwritten text from images and documents with support for JPEG, PNG, BMP, PDF, and TIFF file formats. 如需詳細資訊,請參閱 讀取 API 檔For more information, see the Read API documentation.
要求存取Request access
臉部Face F0,S0F0, S0 臉部Face 能偵測影像中的人臉並識別其特性,包括臉部特徵點 (例如鼻子和眼睛)、性別、年齡及其他機器預測的臉部容貌。Detects human faces in images, and identifies attributes, including face landmarks (such as noses and eyes), gender, age, and other machine-predicted facial features. 除了偵測以外,臉部也可以使用信賴分數檢查相同或不同影像中的兩張臉是否相同,或將臉部向資料庫進行比對,看看是否有樣貌相似或相同的臉部。In addition to detection, Face can check if two faces in the same image or different images are the same by using a confidence score, or compare faces against a database to see if a similar-looking or identical face already exists. 它也能夠使用共同視覺特徵,將相似臉部分組。It can also organize similar faces into groups, using shared visual traits.
表單辨識器Form recognizer F0,S0F0, S0 表單辨識器Form Recognizer 表單理解會套用機器學習技術來識別和解壓縮表單中的索引鍵/值組和資料表。Form Understanding applies machine learning technology to identify and extract key-value pairs and tables from forms.
LUISLUIS F0,S0F0, S0 LUIS (影像)LUIS (image) 將已定型或發佈的 Language Understanding 模型 (也稱為 LUIS 應用程式) 載入 Docker 容器中,並提供從容器的 API 端點存取查詢預測的權限。Loads a trained or published Language Understanding model, also known as a LUIS app, into a docker container and provides access to the query predictions from the container's API endpoints. 您可以從容器收集查詢記錄,並將這些記錄重新上傳至 LUIS 入口網站,以改善應用程式的預測精確度。You can collect query logs from the container and upload these back to the LUIS portal to improve the app's prediction accuracy.
語音服務 APISpeech Service API F0,S0F0, S0 語音轉換文字 (映射) Speech-to-text (image) 連續的即時語音謄寫成文字。Transcribes continuous real-time speech into text.
語音服務 APISpeech Service API F0,S0F0, S0 自訂語音轉換文字 (映射) Custom Speech-to-text (image) 使用自訂模型,將即時語音轉譯為文字。Transcribes continuous real-time speech into text using a custom model.
語音服務 APISpeech Service API F0,S0F0, S0 文字轉換語音 (映射) Text-to-speech (image) 將文字轉換成自然發音語音。Converts text to natural-sounding speech.
語音服務 APISpeech Service API F0,S0F0, S0 自訂文字轉換語音 (映射) Custom Text-to-speech (image) 使用自訂模型將文字轉換成自然發音語音。Converts text to natural-sounding speech using a custom model.
語音服務 APISpeech Service API F0,S0F0, S0 神經文字轉換語音 (影像) Neural Text-to-speech (image) 使用深度類神經網路技術將文字轉換成自然發音語音,以允許更自然合成的語音。Converts text to natural-sounding speech using deep neural network technology, allowing for more natural synthesized speech.
文字分析Text Analytics F0、SF0, S 關鍵片語擷取 (影像)Key Phrase Extraction (image) 擷取關鍵片語來識別重點。Extracts key phrases to identify the main points. 例如,若輸入文字為 "The food was delicious and there were wonderful staff",API 即會傳回主要討論要點:"food" 和 "wonderful staff"。For example, for the input text "The food was delicious and there were wonderful staff", the API returns the main talking points: "food" and "wonderful staff".
文字分析Text Analytics F0、SF0, S 語言偵測 (影像)Language Detection (image) 偵測輸入文字是以何種語言撰寫的,並針對要求所提交的每份文件回報單一語言代碼,最多可達 120 種語言。For up to 120 languages, detects which language the input text is written in and report a single language code for every document submitted on the request. 語言代碼各配有一個分數,表示分數的強度。The language code is paired with a score indicating the strength of the score.
文字分析Text Analytics F0、SF0, S 情感分析 v3 (映射) Sentiment Analysis v3 (image) 分析原始文字以尋找正面或負面情感的線索。Analyzes raw text for clues about positive or negative sentiment. 此版本的情感分析會傳回情感標籤 (例如,在其中每個檔和句子的 正面負面) 。This version of sentiment analysis returns sentiment labels (for example positive or negative) for each document and sentence within it.
文字分析Text Analytics F0、SF0, S 健全狀況的文字分析Text Analytics for health 從非結構化臨床文字中將醫療資訊解壓縮並加上標籤。Extract and label medical information from unstructured clinical text.
空間分析Spatial Analysis S0S0 空間分析Spatial analysis 分析即時串流影片,以瞭解人員之間的空間關聯性、其移動和實體環境中物件的互動。Analyzes real-time streaming video to understand spatial relationships between people, their movement, and interactions with objects in physical environments.

此外,認知服務的 個供應專案資源金鑰中支援某些容器。In addition, some containers are supported in Cognitive Services All-In-One offering resource keys. 您可以建立單一的「認知服務」全功能資源,並在支援的服務之間使用相同的計費金鑰來執行下列服務:You can create one single Cognitive Services All-In-One resource and use the same billing key across supported services for the following services:

  • 電腦視覺Computer Vision
  • 臉部Face
  • LUISLUIS
  • 文字分析Text Analytics

Azure 認知服務中的容器可用性Container availability in Azure Cognitive Services

Azure 認知服務容器可透過您的 Azure 訂用帳戶公開取得,而 Docker 容器映像則可以從 Microsoft Container Registry 或 Docker Hub 提取。Azure Cognitive Services containers are publicly available through your Azure subscription, and Docker container images can be pulled from either the Microsoft Container Registry or Docker Hub. 您可以使用 docker pull (英文) 命令來從適當的登錄下載容器映像。You can use the docker pull command to download a container image from the appropriate registry.

容器儲存機制和映射Container repositories and images

下表列出 Azure 認知服務所提供的可用容器映射。The tables below are a listing of the available container images offered by Azure Cognitive Services. 如需所有可用容器映射名稱及其可用標記的完整清單,請參閱 認知服務容器映射標記For a complete list of all the available container image names and their available tags, see Cognitive Services container image tags.

正式推出Generally available

Microsoft Container Registry (MCR) syndicates 所有正式推出的認知服務容器。The Microsoft Container Registry (MCR) syndicates all of the generally available containers for Cognitive Services. 您也可以直接從 Docker hub使用容器。The containers are also available directly from the Docker hub.

LUISLUIS

容器Container Container Registry/存放庫/映射名稱Container Registry / Repository / Image Name
LUISLUIS mcr.microsoft.com/azure-cognitive-services/language/luis

如需詳細資訊,請參閱 如何執行和安裝 LUIS 容器See How to run and install LUIS containers for more information.

文字分析Text Analytics

容器Container Container Registry/存放庫/映射名稱Container Registry / Repository / Image Name
情感分析 v3 (英文) Sentiment Analysis v3 (English) mcr.microsoft.com/azure-cognitive-services/textanalytics/sentiment:3.0-en
情感分析 v3 (西班牙文) Sentiment Analysis v3 (Spanish) mcr.microsoft.com/azure-cognitive-services/textanalytics/sentiment:3.0-es
情感分析 v3 (法文) Sentiment Analysis v3 (French) mcr.microsoft.com/azure-cognitive-services/textanalytics/sentiment:3.0-fr
情感分析 v3 (義大利文) Sentiment Analysis v3 (Italian) mcr.microsoft.com/azure-cognitive-services/textanalytics/sentiment:3.0-it
情感分析 v3 (德文) Sentiment Analysis v3 (German) mcr.microsoft.com/azure-cognitive-services/textanalytics/sentiment:3.0-de
情感分析 v3 (簡體中文) Sentiment Analysis v3 (Chinese - simplified) mcr.microsoft.com/azure-cognitive-services/textanalytics/sentiment:3.0-zh
情感分析 v3 (繁體中文) Sentiment Analysis v3 (Chinese - traditional) mcr.microsoft.com/azure-cognitive-services/textanalytics/sentiment:3.0-zht
情感分析 v3 (日文) Sentiment Analysis v3 (Japanese) mcr.microsoft.com/azure-cognitive-services/textanalytics/sentiment:3.0-ja
情感分析 v3 (葡萄牙文) Sentiment Analysis v3 (Portuguese) mcr.microsoft.com/azure-cognitive-services/textanalytics/sentiment:3.0-pt
情感分析 v3 (荷蘭) Sentiment Analysis v3 (Dutch) mcr.microsoft.com/azure-cognitive-services/textanalytics/sentiment:3.0-nl

如需詳細資訊,請參閱 如何執行和安裝文字分析容器See How to run and install Text Analytics containers for more information.

異常偵測器Anomaly Detector

容器Container Container Registry/存放庫/映射名稱Container Registry / Repository / Image Name
異常偵測器Anomaly detector mcr.microsoft.com/azure-cognitive-services/decision/anomaly-detector

如需詳細資訊,請參閱 如何執行和安裝異常 偵測器容器。See How to run and install Anomaly detector containers for more information.

語音服務Speech Service

注意

若要使用語音容器,您將需要完成 線上要求表單To use Speech containers, you will need to complete an online request form.

容器Container Container Registry/存放庫/映射名稱Container Registry / Repository / Image Name
語音轉換文字Speech-to-text mcr.microsoft.com/azure-cognitive-services/speechservices/speech-to-text
自訂語音轉換文字Custom Speech-to-text mcr.microsoft.com/azure-cognitive-services/speechservices/custom-speech-to-text
文字轉換語音Text-to-speech mcr.microsoft.com/azure-cognitive-services/speechservices/text-to-speech

"Ungated" 預覽"Ungated" preview

以下是公開提供的預覽容器。The following preview containers are available publicly. Microsoft Container Registry (MCR) syndicates 認知服務的所有公開可用 ungated 容器。The Microsoft Container Registry (MCR) syndicates all of the publicly available ungated containers for Cognitive Services. 您也可以直接從 Docker hub使用容器。The containers are also available directly from the Docker hub.

服務Service 容器Container Container Registry/存放庫/映射名稱Container Registry / Repository / Image Name
文字分析Text Analytics 關鍵片語擷取Key Phrase Extraction mcr.microsoft.com/azure-cognitive-services/textanalytics/keyphrase
文字分析Text Analytics 語言偵測Language Detection mcr.microsoft.com/azure-cognitive-services/textanalytics/language

「閘道」預覽"Gated" preview

先前,閘道預覽容器裝載于存放 containerpreview.azurecr.io 庫。Previously, gated preview containers were hosted on the containerpreview.azurecr.io repository. 自2020年9月22日起,這些容器 (除了健康情況) 的文字分析之外,還裝載于 Microsoft Container Registry (MCR) ,且不需要使用 docker login 命令就能下載。Starting September 22nd 2020, these containers (except Text Analytics for health) are hosted on the Microsoft Container Registry (MCR), and downloading them doesn't require using the docker login command. 若要使用容器,您將需要:To use the container you will need to:

  1. 使用您的 Azure 訂用帳戶識別碼和使用者案例完成 要求表單Complete a request form with your Azure Subscription ID and user scenario.
  2. 核准時,從 MCR 下載容器。Upon approval, download the container from the MCR.
  3. 使用來自適當 Azure 資源的金鑰和端點來驗證執行時間的容器。Use the key and endpoint from an appropriate Azure resource to authenticate the container at runtime.
服務Service 容器Container Container Registry/存放庫/映射名稱Container Registry / Repository / Image Name
電腦視覺Computer Vision 讀取 v3。0Read v3.0 mcr.microsoft.com/azure-cognitive-services/vision/read:3.0-preview
電腦視覺Computer Vision 讀取3.1 版Read v3.1 mcr.microsoft.com/azure-cognitive-services/vision/read:3.1-preview
電腦視覺Computer Vision 空間分析Spatial Analysis mcr.microsoft.com/azure-cognitive-services/vision/spatial-analysis
語音服務 APISpeech Service API 自訂文字轉換語音Custom Text-to-speech mcr.microsoft.com/azure-cognitive-services/speechservices/custom-text-to-speech
語音服務 APISpeech Service API 語言偵測Language Detection mcr.microsoft.com/azure-cognitive-services/speechservices/language-detection
語音服務 APISpeech Service API 神經文字轉換語音Neural Text-to-speech mcr.microsoft.com/azure-cognitive-services/speechservices/neural-text-to-speech
健全狀況的文字分析Text Analytics for health 健康情況的文字分析Text Analytics for health containerpreview.azurecr.io/microsoft/cognitive-services-healthcare

必要條件Prerequisites

您必須滿足下列必要條件才能使用 Azure 認知服務容器:You must satisfy the following prerequisites before using Azure Cognitive Services containers:

Docker 引擎:您必須在本機安裝 Docker 引擎。Docker Engine: You must have Docker Engine installed locally. Docker 提供可在 macOS (英文)、Linux (英文) 和 Windows (英文) 上設定 Docker 環境的套件。Docker provides packages that configure the Docker environment on macOS, Linux, and Windows. 在 Windows 上,必須將 Docker 設定為支援 Linux 容器。On Windows, Docker must be configured to support Linux containers. 您也可以將 Docker 容器直接部署至 Azure Kubernetes ServiceAzure 容器執行個體Docker containers can also be deployed directly to Azure Kubernetes Service or Azure Container Instances.

Docker 必須設定為允許容器與 Azure 連線,以及傳送帳單資料至 Azure。Docker must be configured to allow the containers to connect with and send billing data to Azure.

對 Microsoft Container Registry 和 Docker 的熟悉度:您應具備對 Microsoft Container Registry 和 Docker 概念 (例如登錄、存放庫、容器和容器映像等) 的基本了解,以及基本 docker 命令的知識。Familiarity with Microsoft Container Registry and Docker: You should have a basic understanding of both Microsoft Container Registry and Docker concepts, like registries, repositories, containers, and container images, as well as knowledge of basic docker commands.

如需 Docker 和容器基本概念的入門,請參閱 Docker 概觀 (英文)。For a primer on Docker and container basics, see the Docker overview.

個別的容器可能也會有各自的需求,包括伺服器和記憶體配置需求。Individual containers can have their own requirements, as well, including server and memory allocation requirements.

Azure 認知服務容器安全性Azure Cognitive Services container security

當您在開發應用程式時,安全性應該是主要焦點。Security should be a primary focus whenever you're developing applications. 安全性的重要性是成功的度量。The importance of security is a metric for success. 當您在架構包含認知服務容器的軟體解決方案時,請務必瞭解您可用的限制和功能。When you're architecting a software solution that includes Cognitive Services containers, it's vital to understand the limitations and capabilities available to you. 如需網路安全性的詳細資訊,請參閱 設定 Azure 認知服務虛擬網路For more information about network security, see Configure Azure Cognitive Services virtual networks.

重要

根據預設,認知服務容器 API 沒有任何安全性By default there is no security on the Cognitive Services container API. 這是因為容器最常作為 pod 的一部分執行,而該 pod 是由網路橋接外部保護。The reason for this is that most often the container will run as part of a pod which is protected from the outside by a network bridge. 不過,您可以啟用驗證,其運作方式與存取 雲端式認知服務時所使用的驗證相同。However, it is possible to enable authentication which works identically to the authentication used when accessing the cloud-based Cognitive Services.

下圖說明預設和 不安全 的方法:The diagram below illustrates the default and non-secure approach:

容器安全性

作為替代且 安全 的方法,認知服務容器的取用者可以使用 front 元件增強容器,讓容器端點保持私用。As an alternative and secure approach, consumers of Cognitive Services containers could augment a container with a front-facing component, keeping the container endpoint private. 讓我們看看使用 Istio 做為輸入閘道的案例。Let's consider a scenario where we use Istio as an ingress gateway. Istio 支援 HTTPS/TLS 和用戶端憑證驗證。Istio supports HTTPS/TLS and client-certificate authentication. 在此案例中,Istio 前端會公開容器存取權,並呈現事先以 Istio 核准的用戶端憑證。In this scenario, the Istio frontend exposes the container access, presenting the client certificate that is approved beforehand with Istio.

Nginx 是相同類別中的另一種常用選擇。Nginx is another popular choice in the same category. Istio 和 Nginx 都可作為服務網格,並提供額外的功能,包括負載平衡、路由和速率控制等。Both Istio and Nginx act as a service mesh and offer additional features including things like load-balancing, routing, and rate-control.

容器網路服務Container networking

需要有認知服務容器,才能提交計量資訊以供計費之用。The Cognitive Services containers are required to submit metering information for billing purposes. 唯一的例外狀況是 離線容器 ,因為它們遵循不同的計費方法。The only exception, is Offline containers as they follow a different billing methodology. 若無法允許列出認知服務容器所依賴的各種網路通道,將會導致容器無法運作。Failure to allow list various network channels that the Cognitive Services containers rely on will prevent the container from working.

允許列出認知服務網域和埠Allow list Cognitive Services domains and ports

主機應該允許清單 埠 443 和下列網域:The host should allow list port 443 and the following domains:

  • *.cognitive.microsoft.com
  • *.cognitiveservices.azure.com

停用深度封包檢查Disable deep packet inspection

深度封包檢查 (DPI) 是一種資料處理方式,會詳細檢查透過電腦網路傳送的資料,而且通常會依適當的方式封鎖、重新路由傳送或記錄它來採取動作。Deep packet inspection (DPI) is a type of data processing that inspects in detail the data being sent over a computer network, and usually takes action by blocking, re-routing, or logging it accordingly.

停用認知服務容器建立到 Microsoft 伺服器的安全通道上的 DPI。Disable DPI on the secure channels that the Cognitive Services containers create to Microsoft servers. 若無法這樣做,將會導致容器無法正常運作。Failure to do so will prevent the container from functioning correctly.

部落格文章Blog posts

開發人員範例Developer samples

開發人員範例可從我們的 GitHub 存放庫取得。Developer samples are available at our GitHub repository.

檢視網路研討會View webinar

加入網路研討會以了解:Join the webinar to learn about:

  • 如何將認知服務部署到任何使用 Docker 的機器How to deploy Cognitive Services to any machine using Docker
  • 如何將認知服務部署到 AKSHow to deploy Cognitive Services to AKS

後續步驟Next steps

深入瞭解您可以搭配認知服務使用的 容器配方Learn about container recipes you can use with the Cognitive Services.

安裝並探索由 Azure 認知服務中的容器所提供的功能:Install and explore the functionality provided by containers in Azure Cognitive Services: