Documentation on using OCI images for model storage (modelcars) #415
Conversation
docs/odh/oci-model-storage.md
Outdated
| Finally, notice that ownership of the copied model files is changed to the `root` | ||
| user and group, and also read permissions are granted to all users. This is | ||
| important, because OpenShift runs containers with a random user ID and with the | ||
| `root` group ID. The adjustment of the group and the privileges on the model files |
There was a problem hiding this comment.
I am, not sure about it, avoiding using root is a good practice.
Did you try to add a dummy user and use this uid instead 0?
e.g.: COPY --chown=1001:0 models /models
There was a problem hiding this comment.
My understanding is that the advice against using root is applicable for running processes. In that case, you definitely want to avoid running as root because it has security implications.
In contrast, here the models are simple data files and cannot be run. The chmod command in the Containerfile only gives read permissions and won't give write nor execute permissions. The model server (which is another container) would load the model and run it, and would be running as non-root user (provided the user configured the ServingRuntime correctly).
So, given the models are simple data files, I'm not seeing security implications with giving root ownership. It has the added benefit that the model files cannot be modified once mounted in the pod. So, I preferred to keep the Containerfile simple and not creating users, nor using dummy UIDs.
There was a problem hiding this comment.
That's fine, my concern is that this image still has bash and it is up to the user to create it, so, avoiding the usage of root might be a good thing.
There was a problem hiding this comment.
I think I'm not understanding the relationship between bash and the data files... And the base image has a lot of files owned by root. Probably, I'm not seeing something as I don't understand the problem.
There was a problem hiding this comment.
It is more about good practices than a real problem.
| > [!IMPORTANT] | ||
| > Remember that, by default, models are exposed outside the cluster and not | ||
| > protected with authorization. Read the [authorization guide](authorization.md#deploying-a-protected-inferenceservice) | ||
| > and the [private services guide (TODO)](#TODO) to learn how to privately deploy |
There was a problem hiding this comment.
We don't have ODH-specific docs for private InferenceServices that are focused on the API. I'm not planning to write those docs in this PR. Thus, I left this as a placeholder.
There was a problem hiding this comment.
Maybe is good to also create the jiras so we don't forgot about it.
israel-hdez
force-pushed
the
j13446-modelcar-docs
branch
from
9f0d98f
to
d896129
Compare
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: israel-hdez, spolti The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Signed-off-by: Edgar Hernández <[email protected]>
israel-hdez
force-pushed
the
j13446-modelcar-docs
branch
from
d896129
to
36c83f8
Compare
|
I am ok with the change. |
openshift-merge-bot
bot
merged commit ac7ae34
into
opendatahub-io:master
What this PR does / why we need it:
Documentation on using OCI images for model storage (modelcars)
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):https://issues.redhat.com/browse/RHOAIENG-13446
Checklist: