UniqAI/nvidia-container-toolkit
1
0
Fork 0
mirror of https://github.com/NVIDIA/nvidia-container-toolkit synced 2024-11-25 21:39:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,166 Commits 21 Branches 73 Tags 29 MiB
470b4eebd8
Commit Graph

192 Commits

Author SHA1 Message Date
Carlos Eduardo Arango Gutierrez
6750df8e01 Merge branch 'fix-cdi-spec-permissions' into 'main' 
Generate CDI specifications with 644 permissions to allow non-root clients to consume them

See merge request nvidia/container-toolkit/container-toolkit!381
 2023-05-02 19:36:40 +00:00
Elliot Courant
140b1e33ef
chore(cmd): Fixing minor spelling error. 
Fixed a minor spelling error inside `nvidia-ctk system create-device-nodes`.

Signed-off-by: Elliot Courant <me@elliotcourant.dev>
 2023-05-02 12:53:45 -05:00
Evan Lezar
3056428eda Generate spec file with 644 permissions 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-05-02 16:47:44 +02:00
Evan Lezar
d77f46aa09 Create ld.so.conf file with permissions 644 
By default, temporary files are created with permissions 600 and
this means that the files created when updating the ldcache are
not readable in non-root containers.

Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-05-02 12:51:27 +02:00
Carlos Eduardo Arango Gutierrez
81d8b94cdc
Export pkg config/engine 
Signed-off-by: Carlos Eduardo Arango Gutierrez <eduardoa@nvidia.com>
 2023-04-25 07:16:59 +02:00
Evan Lezar
70920d7a04 Add support for containerd to the runtime configure CLI 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-04-24 18:32:28 +02:00
Evan Lezar
f1e201d368 Refactor runtime configure cli 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-04-24 18:32:04 +02:00
Evan Lezar
29c6288128 Only update ldcache if it exists 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-04-13 17:18:09 +02:00
Evan Lezar
f6983969ad Merge branch 'nvidia-ctk-cdi-transform' into 'main' 
Add 'target-driver-root' option to 'nvidia-ctk cdi generate' to transform root...

See merge request nvidia/container-toolkit/container-toolkit!363
 2023-03-28 20:05:12 +00:00
Evan Lezar
7f7fc35843 Move input and output to transform root subcommand 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-28 21:12:48 +02:00
Evan Lezar
f27c33b45f Remove target-driver-root from generate 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-28 11:49:45 -07:00
Evan Lezar
6a83e2ebe5 Add nvidia-ctk cdi transform root command 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-28 11:45:58 -07:00
Evan Lezar
e774c51c97 Add nvidia-ctk system create-device-nodes command 
This change adds an nvidia-ctk system create-device-nodes command for
creating NVIDIA device nodes. Currently this is limited to control devices
(nvidia-uvm, nvidia-uvm-tools, nvidia-modeset, nvidiactl).

A --dry-run mode is included for outputing commands that would be executed and
the driver root can be specified.

Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-28 11:29:45 +02:00
Christopher Desiniotis
7f5c9abc1e Add ability to configure CDI kind with 'nvidia-ctk cdi generate' 
Signed-off-by: Christopher Desiniotis <cdesiniotis@nvidia.com>
 2023-03-27 23:12:00 -07:00
Christopher Desiniotis
92d82ceaee Add 'target-driver-root' option to 'nvidia-ctk cdi generate' to transform root paths in generated spec 
Signed-off-by: Christopher Desiniotis <cdesiniotis@nvidia.com>
 2023-03-27 22:22:36 -07:00
Evan Lezar
226c54613e Also return an error from nvcdi.New 
This change allows nvcdi.New to return an error in addition to the
constructed library instead of panicing.

Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-26 16:13:12 +02:00
Evan Lezar
685802b1ce Only init nvml as required when generating CDI specs 
CDI generation modes such as management and wsl don't require
NVML. This change removes the top-level instantiation of nvmllib
and replaces it with an instanitation in the nvml CDI spec generation
code.

Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-20 14:24:08 +02:00
Evan Lezar
3a11f6ee0a Add nvidia-container-runtime-hook.skip-mode-detection option to config 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-09 20:15:40 +02:00
Evan Lezar
936fad1d04 Move check for privileged images to config/image/ package 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-09 11:15:53 +02:00
Evan Lezar
3bac4fad09 Migrate cri-o config update to engine.Interface 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-07 20:59:54 +02:00
Evan Lezar
9fff19da23 Migrate docker config to engine.Interface 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-07 20:59:54 +02:00
Evan Lezar
e5bb4d2718 Move runtime config code from config to config/engine 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-07 20:59:54 +02:00
Evan Lezar
cb5006c73f Merge branch 'CNT-3897/generate-management-container-spec' into 'main' 
Generate CDI specs for management containers

See merge request nvidia/container-toolkit/container-toolkit!314
 2023-03-06 16:23:13 +00:00
Evan Lezar
20d3bb189b Rename --discovery-mode to --mode 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-06 11:00:22 +02:00
Evan Lezar
f7e817cff6 Support management mode in nvidia-ctk cdi generate 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-06 10:53:43 +02:00
Evan Lezar
314059fcf0 Move path manipulation to spec.Save 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-01 13:49:04 +02:00
Evan Lezar
221781bd0b Use full path for output spec 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-01 13:48:28 +02:00
Evan Lezar
8be6de177f Move formatJSON and formatYAML to nvcdi/spec package 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-01 13:48:28 +02:00
Evan Lezar
890a519121 Use nvcdi.spec package to write and validate spec 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-01 13:48:28 +02:00
Evan Lezar
89321edae6 Add top-level GetSpec function to nvcdi API 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-03-01 13:48:28 +02:00
Evan Lezar
accba4ead5 Merge branch 'CNT-3965/clean-up-by-path-symlinks' into 'main' 
Improve handling of /dev/dri devices and nested device paths

See merge request nvidia/container-toolkit/container-toolkit!307
 2023-03-01 10:25:48 +00:00
Evan Lezar
b4dc1f338d Generate nested device folder permission hooks per device 
This change generates device folder permission hooks per device instead of
at a spec level. This ensures that the hook is not injected for a device that
does not have any nested device nodes.

Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-22 17:16:23 +02:00
Evan Lezar
2542224d7b Skip paths with errors in chmod hook 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-21 11:47:11 +02:00
Evan Lezar
2680c45811 Add mode constants to nvcdi 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-20 16:33:51 +02:00
Evan Lezar
4ccb0b9a53 Add and resolve auto discovery mode for cdi generation 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-20 14:49:58 +02:00
Evan Lezar
b21dc929ef Add WSL2 discovery and spec generation 
These changes add a wsl discovery mode to the nvidia-ctk cdi generate command.

If wsl mode is enabled, the driver store for the available devices is used as
the source for discovered entities.

Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-20 10:30:13 +02:00
Evan Lezar
20d6e9af04 Add --discovery-mode to nvidia-ctk cdi generate command 
This change adds --discovery-mode flag to the nvidia-ctk cdi generate
command and plumbs this through to the CDI API.

Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-20 10:30:13 +02:00
Evan Lezar
a844749791 Ensure that generate uses a consistent nvidia-ctk path 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-20 10:28:45 +02:00
Evan Lezar
5b110fba2d Add nvcdi package with basic CDI generation API 
This change adds an nvcdi package that exposes a basic API for
CDI spec generation. This is used from the nvidia-ctk cdi generate
command and can be consumed by DRA implementations and the device plugin.

Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-14 19:52:31 +01:00
Evan Lezar
fdc759f7c2 Add nvidia-container-runtime.legacy executable 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-13 16:09:46 +01:00
Evan Lezar
43448bac11 Add nvidia-container-runtime.cdi executable 
This change adds an nvidia-container-runtime.cdi executable that
overrides the runtime mode from the config to "cdi".

Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-13 16:09:46 +01:00
Evan Lezar
406a5ec76f Implement runtime package for creating runtime CLI 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-13 16:09:46 +01:00
Evan Lezar
f71c419cfb Move modifying OCI runtime wrapper to oci package 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-13 16:09:46 +01:00
Evan Lezar
97008f2db6 Move IPC discoverer into DriverDiscoverer 
This simplifies the construction of the required common edits
when constructing a CDI specification.

Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-08 09:06:07 +01:00
Evan Lezar
076eed7eb4 Update ipcMount to add noexec option 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-08 09:06:07 +01:00
Evan Lezar
3b8c40c3e6 Move IPC discoverer to internal/discover package 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-08 09:06:07 +01:00
Evan Lezar
daceac9117 Rename discover.Config.Root to discover.Config.DriverRoot 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-02 15:57:15 +01:00
Evan Lezar
cfa2647260 Rename root to driverRoot for CDI generation 
This makes the intent of the command line argument clearer since this
relates specifically to the root where the NVIDIA driver is installed.

Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-02-02 15:42:04 +01:00
Evan Lezar
707e3479f8 Fix lint errors 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-01-30 13:39:57 +01:00
Evan Lezar
201232dae3 Add logging of minimum CDI version 
Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2023-01-30 13:39:08 +01:00