Evan Lezar
e0b651668d
Merge pull request #997 from NVIDIA/dependabot/docker/deployments/container/release-1.17/nvidia/cuda-12.8.1-base-ubuntu20.04
...
CI Pipeline / code-scanning (push) Has been cancelled
CI Pipeline / variables (push) Has been cancelled
CI Pipeline / golang (push) Has been cancelled
CI Pipeline / image (push) Has been cancelled
CI Pipeline / e2e-test (push) Has been cancelled
Bump nvidia/cuda from 12.8.0-base-ubuntu20.04 to 12.8.1-base-ubuntu20.04 in /deployments/container
2025-03-17 12:41:30 +02:00
dependabot[bot]
6e59255149
Bump nvidia/cuda in /deployments/container
...
Bumps nvidia/cuda from 12.8.0-base-ubuntu20.04 to 12.8.1-base-ubuntu20.04.
---
updated-dependencies:
- dependency-name: nvidia/cuda
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-03-16 08:41:14 +00:00
Evan Lezar
a152a2fd7e
Merge pull request #986 from elezar/fix-signing-container
...
CI Pipeline / code-scanning (push) Has been cancelled
CI Pipeline / variables (push) Has been cancelled
CI Pipeline / golang (push) Has been cancelled
CI Pipeline / image (push) Has been cancelled
CI Pipeline / e2e-test (push) Has been cancelled
[no-relnote] Use centos:stream9 for signing container
2025-03-12 12:47:07 +02:00
Evan Lezar
b43c8c424e
[no-relnote] Use centos:stream9 for signing container
...
The signing container need not be based on a legacy centos version.
This change updates the signing contianer to be centos:stream9 based.
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-03-12 12:46:24 +02:00
Evan Lezar
f785e908a7
Merge pull request #971 from elezar/update-changelog
...
CI Pipeline / code-scanning (push) Has been cancelled
CI Pipeline / variables (push) Has been cancelled
CI Pipeline / golang (push) Has been cancelled
CI Pipeline / image (push) Has been cancelled
CI Pipeline / e2e-test (push) Has been cancelled
Update CHANGELOG
2025-03-07 17:42:16 +02:00
Evan Lezar
ef941f423c
Update CHANGELOG
...
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-03-07 17:28:27 +02:00
Evan Lezar
90d30740a4
Merge pull request #970 from elezar/allow-hooks-disable
...
Allow enable-cuda-compat hook to be disabled in CDI spec generation
2025-03-07 17:12:17 +02:00
Evan Lezar
35e0dea1d3
Disable enable-cuda-compat hook for management containers
...
Management containers don't generally need forward compatibility.
We disable the enable-cuda-compat hook to not include this in the
generated CDI specifications.
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-03-07 16:56:20 +02:00
Evan Lezar
ac9eee956b
Allow enable-cuda-compat hook to be disabled in CDI spec generation
...
This change adds support to the nvcdi package to opt out of specific hooks.
Currently only the `enable-cuda-compat` hook is supported. This allows clients to
generate a CDI spec that is compatible with older nvidia-cdi-hook CLIs.
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-03-07 16:55:45 +02:00
Evan Lezar
13bccdda73
Merge pull request #954 from NVIDIA/dependabot/go_modules/release-1.17/tags.cncf.io/container-device-interface-0.8.1
...
Bump tags.cncf.io/container-device-interface from 0.8.0 to 0.8.1
2025-03-07 15:41:39 +02:00
Evan Lezar
bdca5b83a1
Merge pull request #955 from NVIDIA/dependabot/go_modules/release-1.17/github.com/opencontainers/runtime-spec-1.2.1
...
Bump github.com/opencontainers/runtime-spec from 1.2.0 to 1.2.1
2025-03-07 15:40:40 +02:00
Evan Lezar
997d9a774f
Merge pull request #967 from elezar/backport-imex-cdi
...
CI Pipeline / code-scanning (push) Waiting to run
CI Pipeline / variables (push) Waiting to run
CI Pipeline / golang (push) Waiting to run
CI Pipeline / image (push) Blocked by required conditions
CI Pipeline / e2e-test (push) Blocked by required conditions
Add IMEX binaries to CDI discovery
2025-03-07 14:50:46 +02:00
Evan Lezar
a26ba7b2a7
Add IMEX binaries to CDI discovery
...
This change adds the nvidia-imex and nivdia-imex-ctl binaries to
the list of driver binaries that are searched when using CDI.
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-03-07 13:52:59 +02:00
Evan Lezar
1c13a9647c
Merge pull request #965 from elezar/bump-release-v1.17.5
...
CI Pipeline / code-scanning (push) Waiting to run
CI Pipeline / variables (push) Waiting to run
CI Pipeline / golang (push) Waiting to run
CI Pipeline / image (push) Blocked by required conditions
CI Pipeline / e2e-test (push) Blocked by required conditions
Bump version for v1.17.5 release
2025-03-06 12:45:33 +02:00
Evan Lezar
4e84c0dc50
Bump version for v1.17.5 release
...
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-03-06 11:03:44 +02:00
Evan Lezar
997f23cf11
Merge pull request #953 from elezar/backport-enable-cdi-container
...
Add option in toolkit container to enable CDI in runtime
2025-03-06 10:50:43 +02:00
Evan Lezar
e4f8406139
Merge pull request #952 from elezar/add-disable-imex-channels-feature
...
Add ignore-imex-channel-requests feature flag.
2025-03-06 10:49:47 +02:00
Evan Lezar
aa0d4af51a
Merge pull request #951 from elezar/add-e2e-tests
...
CI Pipeline / code-scanning (push) Waiting to run
CI Pipeline / variables (push) Waiting to run
CI Pipeline / golang (push) Waiting to run
CI Pipeline / image (push) Blocked by required conditions
CI Pipeline / e2e-test (push) Blocked by required conditions
Add e2e tests to release-1.17 branch
2025-03-05 19:04:50 +02:00
dependabot[bot]
7b3ec6f42d
Bump github.com/opencontainers/runtime-spec from 1.2.0 to 1.2.1
...
Bumps [github.com/opencontainers/runtime-spec](https://github.com/opencontainers/runtime-spec ) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/opencontainers/runtime-spec/releases )
- [Changelog](https://github.com/opencontainers/runtime-spec/blob/main/ChangeLog )
- [Commits](https://github.com/opencontainers/runtime-spec/compare/v1.2.0...v1.2.1 )
---
updated-dependencies:
- dependency-name: github.com/opencontainers/runtime-spec
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-03-02 08:50:46 +00:00
dependabot[bot]
936827d09f
Bump tags.cncf.io/container-device-interface from 0.8.0 to 0.8.1
...
Bumps [tags.cncf.io/container-device-interface](https://github.com/cncf-tags/container-device-interface ) from 0.8.0 to 0.8.1.
- [Release notes](https://github.com/cncf-tags/container-device-interface/releases )
- [Commits](https://github.com/cncf-tags/container-device-interface/compare/v0.8.0...v0.8.1 )
---
updated-dependencies:
- dependency-name: tags.cncf.io/container-device-interface
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-03-02 08:50:42 +00:00
Evan Lezar
267fb5987f
Merge pull request #950 from elezar/seal-ldconfig
...
CodeQL / Analyze Go code with CodeQL (push) Has been cancelled
Golang / check (push) Has been cancelled
Golang / Unit test (push) Has been cancelled
Golang / Build (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, centos7-aarch64) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, centos7-x86_64) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, centos8-ppc64le) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, ubuntu18.04-amd64) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, ubuntu18.04-arm64) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, ubuntu18.04-ppc64le) (push) Has been cancelled
image / image (packaging, ${{github.event_name == 'pull_request'}}) (push) Has been cancelled
image / image (ubi8, ${{github.event_name == 'pull_request'}}) (push) Has been cancelled
image / image (ubuntu20.04, ${{github.event_name == 'pull_request'}}) (push) Has been cancelled
Use memfd when running ldconfig
2025-02-28 22:12:57 +02:00
Evan Lezar
eb48d2d5fd
Enable CDI in runtime if CDI_ENABLED is set
...
This change also enables CDI in the configured runtime when the toolkit
is installed with CDI enabled.
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-28 22:10:38 +02:00
Evan Lezar
b71bb87d91
Fix overwriting docker feature flags
...
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-28 18:33:53 +02:00
Christopher Desiniotis
cc88c554ed
Add option in toolkit container to enable CDI in runtime
...
Signed-off-by: Christopher Desiniotis <cdesiniotis@nvidia.com>
2025-02-28 18:33:40 +02:00
Evan Lezar
ce7cea3a0d
Remove Set from engine config API
...
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-28 18:33:30 +02:00
Christopher Desiniotis
1bc9548a2f
Add EnableCDI() method to engine.Interface
...
This change adds an EnableCDI method to the container engine config files and
Updates the 'nvidia-ctk runtime configure' command to use this new method.
Signed-off-by: Christopher Desiniotis <cdesiniotis@nvidia.com>
2025-02-28 18:33:21 +02:00
Evan Lezar
7c758c97b8
Add ignore-imex-channel-requests feature flag
...
This allows the NVIDIA Container Toolkit to ignore IMEX channel requests
through the NVIDIA_IMEX_CHANNELS envvar or volume mounts and ensures that
the NVIDIA Container Toolkit cannot be used to provide out-of-band access
to an IMEX channel by simply specifying an environment variable, possibly
bypassing other checks by an orchestration system such as kubernetes.
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-28 17:54:11 +02:00
Evan Lezar
48d538eef9
[no-relnotes] Update makefile for images
...
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-28 17:43:01 +02:00
Evan Lezar
9848c3e985
[no-relnote] Use github actions from main
...
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-28 17:25:21 +02:00
Carlos Eduardo Arango Gutierrez
868f385a01
Rename test folder to tests
...
Signed-off-by: Carlos Eduardo Arango Gutierrez <eduardoa@nvidia.com>
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-28 17:24:22 +02:00
Evan Lezar
069926e4b6
Move test to tests
...
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-28 17:21:23 +02:00
Evan Lezar
91a983a341
Merge pull request #945 from elezar/disable-nvsandboxutils
...
Disable nvsandboxutils in nvcdi API
2025-02-28 17:10:56 +02:00
Evan Lezar
f5680dd0cd
Merge pull request #948 from elezar/add-compat-lib-hook
...
Add CUDA forward compatibility hook
2025-02-28 17:10:31 +02:00
Evan Lezar
5bdf14b1e7
Use libcontainer execseal to run ldconfig
...
This change copies ldconfig into a memfd before executing it from
the createContainer hook.
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-28 14:47:31 +02:00
Evan Lezar
b598826ff2
[no-relnote] Move root to separate file
...
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-28 14:01:50 +02:00
Evan Lezar
c1bac2873b
Add disable-cuda-compat-lib-hook feature flag
...
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-27 17:35:00 +02:00
Evan Lezar
9f611a5a23
Ensure that mode hook is executed last
...
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-27 17:35:00 +02:00
Evan Lezar
e330a938fd
Add enable-cuda-compat hook to CDI spec generation
...
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-27 17:34:59 +02:00
Evan Lezar
f445d4b614
Add ldconfig hook in legacy mode
...
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-27 17:26:15 +02:00
Evan Lezar
e1ae57eef9
Add enable-cuda-compat hook if required
...
This change adds the enable-cuda-compat hook to the incomming OCI runtime spec
if the allow-cuda-compat-libs-from-container feature flag is not enabled.
An update-ldcache hook is also injected to ensure that the required folders
are processed.
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-27 17:26:15 +02:00
Evan Lezar
76040ff2ad
Add enable-cuda-compat hook to allow compat libs to be discovered
...
This change adds an nvidia-cdi-hook enable-cuda-compat hook that checks the
container for cuda compat libs and updates /etc/ld.so.conf.d to include their
parent folder if their driver major version is sufficient.
This allows CUDA Forward Compatibility to be used when this is not available
through the libnvidia-container.
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-27 17:26:15 +02:00
Evan Lezar
fd865bb9e7
Disable nvsandboxutils in nvcdi API
...
Repeated calls to nvsandboxutils.Init and Shutdown are causing
segmentation violations. Here we disabled nvsandbox utils unless explicitly
specified.
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-27 11:09:00 +02:00
Evan Lezar
6b037a0dde
Merge pull request #917 from elezar/remove-nvidia-container-runtime-hook-in-cdi-mode
...
CodeQL / Analyze Go code with CodeQL (push) Has been cancelled
Golang / check (push) Has been cancelled
Golang / Unit test (push) Has been cancelled
Golang / Build (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, centos7-aarch64) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, centos7-x86_64) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, centos8-ppc64le) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, ubuntu18.04-amd64) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, ubuntu18.04-arm64) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, ubuntu18.04-ppc64le) (push) Has been cancelled
image / image (packaging, ${{github.event_name == 'pull_request'}}) (push) Has been cancelled
image / image (ubi8, ${{github.event_name == 'pull_request'}}) (push) Has been cancelled
image / image (ubuntu20.04, ${{github.event_name == 'pull_request'}}) (push) Has been cancelled
Remove nvidia container runtime hook in cdi mode
2025-02-11 10:36:54 +01:00
Evan Lezar
9eccc1659d
Allow cdi mode to work with --gpus flag
...
This changes ensures that the cdi modifier also removes the NVIDIA
Container Runtime Hook from the incoming spec. This aligns with what is
done for CSV modifications and prevents an error when starting the
container.
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-10 19:21:10 +01:00
Evan Lezar
6da7af8dfa
[no-relnote] Remove duplicate test case
...
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-02-10 19:20:38 +01:00
Evan Lezar
b170a35328
Merge pull request #898 from elezar/backport-quemu
...
CodeQL / Analyze Go code with CodeQL (push) Has been cancelled
Golang / check (push) Has been cancelled
Golang / Unit test (push) Has been cancelled
Golang / Build (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, centos7-aarch64) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, centos7-x86_64) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, centos8-ppc64le) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, ubuntu18.04-amd64) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, ubuntu18.04-arm64) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, ubuntu18.04-ppc64le) (push) Has been cancelled
image / image (packaging, ${{github.event_name == 'pull_request'}}) (push) Has been cancelled
image / image (ubi8, ${{github.event_name == 'pull_request'}}) (push) Has been cancelled
image / image (ubuntu20.04, ${{github.event_name == 'pull_request'}}) (push) Has been cancelled
[no-relnote] switch to the newer qemu artifacts image
2025-02-05 17:57:28 +01:00
Tariq Ibrahim
2b11b7eaf2
[no-relnote] switch to the newer qemu artifacts image
...
Signed-off-by: Tariq Ibrahim <tibrahim@nvidia.com>
2025-02-05 17:47:09 +01:00
Evan Lezar
82090b547e
Merge pull request #870 from NVIDIA/dependabot/docker/deployments/devel/release-1.17/golang-1.23.5
...
Bump golang from 1.23.4 to 1.23.5 in /deployments/devel
2025-02-05 16:01:16 +01:00
dependabot[bot]
f452ef4747
Bump golang from 1.23.4 to 1.23.5 in /deployments/devel
...
Bumps golang from 1.23.4 to 1.23.5.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-02-03 15:39:26 +00:00
Evan Lezar
c3622abeac
Merge pull request #889 from NVIDIA/dependabot/docker/deployments/container/release-1.17/nvidia/cuda-12.8.0-base-ubuntu20.04
...
CodeQL / Analyze Go code with CodeQL (push) Has been cancelled
Golang / check (push) Has been cancelled
Golang / Unit test (push) Has been cancelled
Golang / Build (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, centos7-aarch64) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, centos7-x86_64) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, centos8-ppc64le) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, ubuntu18.04-amd64) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, ubuntu18.04-arm64) (push) Has been cancelled
image / packages (${{github.event_name == 'pull_request'}}, ubuntu18.04-ppc64le) (push) Has been cancelled
image / image (packaging, ${{github.event_name == 'pull_request'}}) (push) Has been cancelled
image / image (ubi8, ${{github.event_name == 'pull_request'}}) (push) Has been cancelled
image / image (ubuntu20.04, ${{github.event_name == 'pull_request'}}) (push) Has been cancelled
Bump nvidia/cuda from 12.6.3-base-ubuntu20.04 to 12.8.0-base-ubuntu20.04 in /deployments/container
2025-02-03 16:38:25 +01:00