DeepStream SDK delivers a complete streaming analytics toolkit for AI based video and image understanding and multi-sensor processing. This container is for NVIDIA Enterprise GPUs.
Before You Start
We have introduced a new NGC DeepStream SDK Collection.
This collection serves as a hub for all DeepStream assets. Make sure you check it out!
DeepStream container for Enterprise Grade GPUs
Please refer to the section below which describes the different container options offered for NVIDIA Data Center GPUs running on x86 platform.
td, th { text-align: left; }| Container Name | Architecture | License Type | Notes |
|---|---|---|---|
| deepstream:9.0-triton-multiarch | Multi-Arch x86 + Jetson |
Deployment | The DeepStream Triton container enables inference using Triton Inference Server. With Triton developers can run inference natively using PyTorch and ONNX-RT. Inference with Triton is supported in the reference application (deepstream-app) |
| deepstream:9.0-samples-multiarch | Multi-Arch x86 + Jetson |
Deployment | The DeepStream samples container extends the base container to also include sample applications that are included in the DeepStream SDK along with associated config files, models, and streams. This container is ideal to understand and explore the DeepStream SDK using the provided samples. |
| deepstream:9.0-triton-sbsa-dgx-spark | ARM SBSA + DGX Spark | Deployment | SBSA container for ARM based servers and systems. |
Read the DeepStream 9.0 Release Notes for full list of features of the release
NOTE: Dockers from previous CUDA releases DeepStream dockers or dockers derived from previous releases (before DeepStream 6.1) will need to update their CUDA GPG key to perform software updates. You can find additional details here for details.
Getting Started
Prerequisites:
Ensure these prerequisites are installed in your system before proceeding to the next step:
| Component | Details |
|---|---|
| nvidia-docker | We recommend using Docker 29.3.0 along with the latest nvidia-container-toolkit as described in the installation steps. Usage of nvidia-docker2 packages in conjunction with prior docker versions is now deprecated. |
| NVIDIA GPU Driver | Use version: 590.48.01 for production deployments for Data Center GPUs |
| Codecs script | DeepStream dockers no longer package libraries for certain multimedia operations such as audio data parsing, CPU decode, and CPU encode. This translates into limited functionality with MP4 files. We provide a script to install these components. Make sure to execute
the script within the container: |
Pull the container:
-
From the top-right corner of this page, select the pull-down Get Container and copy the URL to the default container. Alternatively, click on View all tags to select a different container.
-
Open a command prompt on your Linux compatible system and run the following command. Ensure the pull completes successfully before proceeding to the next step.
docker pull nvcr.io/nvidia/deepstream:9.0-triton-multiarchRun the container:
- Allow external applications to connect to the host's X display:
xhost +- Run the docker container (use the desired container tag in the
command line below):
If using docker (recommended):
For x86 Systems:
docker run --gpus all -it --rm --network=host --privileged -v /tmp/.X11-unix:/tmp/.X11-unix -e DISPLAY=$DISPLAY -w /opt/nvidia/deepstream/deepstream-9.0 nvcr.io/nvidia/deepstream:9.0-triton-multiarchFor ARM SBSA and Spark Systems:
docker run -it --rm --runtime=nvidia --network=host -e NVIDIA\_DRIVER\_CAPABILITIES=compute,utility,video,graphics --gpus all --privileged -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix -v /etc/X11:/etc/X11 nvcr.io/nvidia/deepstream:9.0-triton-sbsa-dgx-sparkDocker command line options explained:
| Option | Description |
|---|---|
| -it | means run in interactive mode |
| --gpus | This option makes GPUs accessible inside the container. It is also possible to specify a device (i.e. '"'device=0'") |
| --rm | will delete the container when finished |
| --privileged | grants access to the container to the host resources. |
| -v | Specifies the mounting directory and it can be used to mount host's X11 display in the container filesystem to render output videos. Users can mount additional directories (using -v option) as required to easily access configuration files, models, and other resources. (i.e., use -v /home:/home) to mount the home directory into the container filesystem. |
| --cap-add SYSLOG | This option needs to be included to enable usage of the nvds_logger functionality inside the container |
| -p | to enable RTSP out, network port needs to be mapped from container to host to enable incoming connections using the -p option in the command line; eg :-p 8554:8554 |
-
NOTES:
Please refer to /opt/nvidia/deepstream/deepstream-9.0/README inside the container for details on deepstream-app usage. -
Using the Triton docker as a base image:
For creating a base image using the Triton (x86) docker as a baseline, one approach is to use an entry point with a combined script so end users can run a specific script for their application.
ENTRYPOINT ["/bin/sh", "-c" , "/opt/nvidia/deepstream/deepstream- 9.0/entrypoint.sh && \custom command\"]
- For Triton samples, while running /opt/nvidia/deepstream/deepstream-9.0/samples/prepare_classification_test_video.sh, FFMPEG package along with additional dependent libs need to be installed using command below. For additional information please refer to section 1.2 (for codecs: DIFFERENCES SINCE DEEPSTREAM 6.1 AND ABOVE) & section 1.3 for BREAKING CHANGES in Release notes.
apt-get install --reinstall libflac8 libmp3lame0 libxvidcore4 ffmpeg
Known Limitations
DeepStream 9.0 Triton containers (x86 and SBSA) have the following CVE(s):
| CVE | Description |
|---|---|
| CVE-2025-3887 | GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. This impacts Gstreamer H265 parser on Ubuntu 24.04. There is no publicly available fix for Ubuntu 24.04. Users can opt for Ubuntu Pro which has this fix included from Canonical. |
| GHSA-8rrh-rw8j-w5fx | The vulnerability exists in how the unpack function handles file
permissions after extraction. Wheel is affected by Arbitrary File
Permission Modification via Path Traversal in wheel unpack. As a fix, users can install setuptools as prerequisites, generate a wheel file that passes internal hash validation and run the exploit. This exploit works against the unpack function imported from setuptools._vendor.wheel.cli.unpack. DeepStream installs packages from fixed list hence is not affected. Users should follow guidance provided in Recommended Fix. |
| GHSA-58pv-8j8x-9vj2 | There is a Zip Slip path traversal vulnerability in the
jaraco.context package. This vulnerability may allow attackers to
extract files outside the intended extraction directory when malicious
tar archives are processed. As a fix, removing the custom filter is not feasible given backward compatibility issues. Users can use a safer filter strip_first_component that skips or sanitizes ../ character sequences. Since DeepStream does not install malicious/unknown tarballs, we are not affected. Users need to follow guidance mentioned in Remediation |
License
The following licenses apply to the DeepStream SDK assets:
| Asset | Applicable EULA | Notes |
|---|---|---|
| SDK | DeepStream SDK EULA | A copy of the license is available on the following folder of the
SDK: /opt/nvidia/deepstream/deepstream-9.0/LicenseAgreement.pdf |
| Containers | DeepStream NGC License | License grants redistribution rights allowing developers to build applications on top of the DeepStream containers |
| Development Containers | DeepStream NGC Development License | A development-only license. Does not allow redistribution of the container |
| TAO Models | NVIDIA AI Product License | All TAO pre-trained models included in the DeepStream SDK are covered by the NVIDIA AI Product License. |
NOTE: By pulling, downloading, or using the DeepStream SDK, you accept
the terms and conditions of the EULA licenses listed above.
This project will download and install additional third-party open
source software projects. Review the license terms of these open source
projects before use.
Please note that all container images come with the following packages installed:
-
autoconf ( license and license exception )
The software listed below is provided under the terms of GPLv3.
To obtain source code for software provided under licenses that require redistribution of source code, including the GNU General Public License (GPL) and GNU Lesser General Public License (LGPL), available under DeepStream Resources 9.0_3rd_party_oss. This offer is valid for a period of three (3) years from the date of the distribution of this product by NVIDIA CORPORATION.
| Component | License |
|---|---|
| autoconf | GPL 3.0 |
| libtool | GPL 3.0 |
| libglvnd-dev | GPL 3.0 |
| libgl1-mesa-dev | GPL 3.0 |
| libegl1-mesa-dev | GPL 3.0 |
| libgles2-mesa-dev | GPL 3.0 |
Ethical AI
NVIDIA’s platforms and application frameworks enable developers to build a wide array of AI applications. Consider potential algorithmic bias when choosing or creating the models being deployed. Work with the model’s developer to ensure that it meets the requirements for the relevant industry and use case; that the necessary instruction and documentation are provided to understand error rates, confidence intervals, and results; and that the model is being used under the conditions and in the manner intended.