Enroot Containers

Unlike traditional container engines, Enroot runs entirely in user space with no privileged daemons or root access required, making it ideal for multi-tenant and secure compute environments.

Enroot executes standard Docker or OCI images as unprivileged user processes, unpacking each image into an isolated filesystem that can be shared across nodes. It preserves direct access to GPUs, high-speed interconnects, and local storage, ensuring your jobs are performant inside containers.

You don’t need to run Enroot commands directly; TensorWave Slurm handles that automatically through Pyxis, which integrates Enroot with familiar Slurm tools like srun and sbatch. Together, they allow you to launch containerized jobs using the same workflow you already know with the added benefits of portability and reproducibility.

Optional: Importing an Image with Enroot

Although Pyxis automatically handles Enroot under the hood, you can manually import container images for debugging or pre-caching.

For example, to pull and unpack a PyTorch ROCm image locally:

# Import a container image into Enroot format
enroot import docker://tensorwavehq/pytorch-bnxt:rocm6.4.2_ubuntu22.04_py3.10_pytorch_release_2.6.0_bnxt_re23301522_v0.2

# Create a runnable instance
enroot start tensorwavehq+pytorch-bnxt+rocm6.4.2_ubuntu22.04_py3.10_pytorch_release_2.6.0_bnxt_re23301522_v0.2.sqsh

This workflow downloads the image, converts it into an Enroot container bundle, and runs it as an unprivileged user process.

You’ll typically never need to do this when submitting jobs through Pyxis, but it’s a useful way to verify container contents or pre-stage larger images.