From 811faa2b203c6df432ed527c15bc8604a96a6356 Mon Sep 17 00:00:00 2001 From: Frank Liu Date: Sat, 10 Dec 2022 11:33:27 -0800 Subject: [PATCH] [docker] Adds non-root user to docker Allows user run DJL docker image as non-root user --- serving/docker/Dockerfile | 2 ++ serving/docker/aarch64.Dockerfile | 2 ++ serving/docker/deepspeed.Dockerfile | 2 ++ serving/docker/paddle-cu112.Dockerfile | 2 ++ serving/docker/pytorch-cu117.Dockerfile | 2 ++ serving/docker/pytorch-inf1.Dockerfile | 2 ++ 6 files changed, 12 insertions(+) diff --git a/serving/docker/Dockerfile b/serving/docker/Dockerfile index 29fd8e302..c0907e5f2 100644 --- a/serving/docker/Dockerfile +++ b/serving/docker/Dockerfile @@ -37,6 +37,8 @@ ENV TF_CPP_MIN_LOG_LEVEL=1 ENV JAVA_OPTS="-Xmx1g -Xms1g -XX:-UseContainerSupport -XX:+ExitOnOutOfMemoryError" ENV MODEL_SERVER_HOME=/opt/djl +RUN useradd -m -d /home/djl djl + ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh"] CMD ["serve"] diff --git a/serving/docker/aarch64.Dockerfile b/serving/docker/aarch64.Dockerfile index 1841c68cb..189b042d7 100644 --- a/serving/docker/aarch64.Dockerfile +++ b/serving/docker/aarch64.Dockerfile @@ -23,6 +23,8 @@ ENV OMP_NUM_THREADS=1 ENV JAVA_OPTS="-Xmx1g -Xms1g -XX:-UseContainerSupport -XX:+ExitOnOutOfMemoryError -Dai.djl.default_engine=PyTorch" ENV MODEL_SERVER_HOME=/opt/djl +RUN useradd -m -d /home/djl djl + ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh"] CMD ["serve"] diff --git a/serving/docker/deepspeed.Dockerfile b/serving/docker/deepspeed.Dockerfile index 4ceb4dc86..ecae8edfd 100644 --- a/serving/docker/deepspeed.Dockerfile +++ b/serving/docker/deepspeed.Dockerfile @@ -29,6 +29,8 @@ ENV MODEL_SERVER_HOME=/opt/djl ENV MODEL_LOADING_TIMEOUT=1200 ENV PREDICT_TIMEOUT=240 +RUN useradd -m -d /home/djl djl + ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh"] CMD ["serve"] diff --git a/serving/docker/paddle-cu112.Dockerfile b/serving/docker/paddle-cu112.Dockerfile index 5ed541f7c..f182fb098 100644 --- a/serving/docker/paddle-cu112.Dockerfile +++ b/serving/docker/paddle-cu112.Dockerfile @@ -36,6 +36,8 @@ ENV OMP_NUM_THREADS=1 ENV JAVA_OPTS="-Xmx1g -Xms1g -XX:-UseContainerSupport -XX:+ExitOnOutOfMemoryError" ENV MODEL_SERVER_HOME=/opt/djl +RUN useradd -m -d /home/djl djl + ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh"] CMD ["serve"] diff --git a/serving/docker/pytorch-cu117.Dockerfile b/serving/docker/pytorch-cu117.Dockerfile index 78cbb5d02..8e4d71c63 100644 --- a/serving/docker/pytorch-cu117.Dockerfile +++ b/serving/docker/pytorch-cu117.Dockerfile @@ -30,6 +30,8 @@ ENV PYTORCH_VERSION=${torch_version} ENV PYTORCH_FLAVOR=cu117-precxx11 ENV JAVA_OPTS="-Xmx1g -Xms1g -XX:-UseContainerSupport -XX:+ExitOnOutOfMemoryError -Dai.djl.default_engine=PyTorch" +RUN useradd -m -d /home/djl djl + COPY scripts scripts/ RUN chmod +x /usr/local/bin/dockerd-entrypoint.sh && \ scripts/install_djl_serving.sh $djl_version && \ diff --git a/serving/docker/pytorch-inf1.Dockerfile b/serving/docker/pytorch-inf1.Dockerfile index 2d218b0bc..713d8f3b3 100644 --- a/serving/docker/pytorch-inf1.Dockerfile +++ b/serving/docker/pytorch-inf1.Dockerfile @@ -31,6 +31,8 @@ ENV PYTORCH_PRECXX11=true ENV PYTORCH_VERSION=1.12.1 ENV JAVA_OPTS="-Xmx1g -Xms1g -Xss2m -XX:-UseContainerSupport -XX:+ExitOnOutOfMemoryError -Dai.djl.default_engine=PyTorch" +RUN useradd -m -d /home/djl djl + ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh"] CMD ["serve"]