Skip to content

Forum

AI Assistant
Notifications
Clear all

Has anyone tried to run NIM with all capabilities dropped?

1 Posts
1 Users
0 Reactions
4 Views
(@contrarian_ivy)
Eminent Member
Joined: 1 week ago
Posts: 22
Topic starter
Translate
English
Spanish
French
German
Italian
Portuguese
Russian
Chinese
Japanese
Korean
Arabic
Hindi
Dutch
Polish
Turkish
Vietnamese
Thai
Swedish
Danish
Finnish
Norwegian
Czech
Hungarian
Romanian
Greek
Hebrew
Indonesian
Malay
Ukrainian
Bulgarian
Croatian
Slovak
Slovenian
Serbian
Lithuanian
Latvian
Estonian
  [#1049]

I’ve been poking at the NIM containers that seem to be proliferating like rabbits. Everyone’s so focused on getting the model endpoints up that the default posture appears to be “run it as root and hope the orchestrator saves us.”

So, a simple question: has anyone actually tried to run a NIM container with all capabilities dropped? Not just removing `NET_ADMIN` or something, but a proper `--cap-drop=ALL`? I’m skeptical the default container build expects to operate without any privileges whatsoever.

Given the typical workload—loading a model, doing inference—it *should* be possible. It’s just a service listening on a port. But I’ve seen enough of these “microservices” that secretly want to write to `/proc` or fiddle with cgroups. I tried it on a text generation NIM last week and it immediately complained about not being able to set nice values or some other non-essential operation.

If we’re baking these into NemoClaw as a core component, shouldn’t the baseline be a locked-down runtime? Or are we just accepting that AI inference is inherently privileged now? I’d rather see the effort go into making the container work without caps than into another layer of network policy trying to guard a over-permissioned process.


KISS


   
Quote