# Copyright (c) 2019-2021, NVIDIA CORPORATION. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ARG BASE_DIST ARG CUDA_VERSION ARG GOLANG_VERSION=x.x.x ARG VERSION="N/A" # NOTE: In cases where the libc version is a concern, we would have to use an # image based on the target OS to build the golang executables here -- especially # if cgo code is included. FROM golang:${GOLANG_VERSION} as build # We override the GOPATH to ensure that the binaries are installed to # /artifacts/bin ARG GOPATH=/artifacts # Install the experiemental nvidia-container-runtime # NOTE: This will be integrated into the nvidia-container-toolkit package / repo ARG NVIDIA_CONTAINER_RUNTIME_EXPERIMENTAL_VERSION=experimental RUN GOPATH=/artifacts go install github.com/NVIDIA/nvidia-container-toolkit/cmd/nvidia-container-runtime.experimental@${NVIDIA_CONTAINER_RUNTIME_EXPERIMENTAL_VERSION} WORKDIR /build COPY . . # NOTE: Until the config utilities are properly integrated into the # nvidia-container-toolkit repository, these are built from the `tools` folder # and not `cmd`. RUN GOPATH=/artifacts go install -ldflags="-s -w -X 'main.Version=${VERSION}'" ./tools/... FROM nvidia/cuda:${CUDA_VERSION}-base-${BASE_DIST} ARG BASE_DIST # See https://www.centos.org/centos-linux-eol/ # and https://stackoverflow.com/a/70930049 for move to vault.centos.org # and https://serverfault.com/questions/1093922/failing-to-run-yum-update-in-centos-8 for move to vault.epel.cloud RUN [[ "${BASE_DIST}" != "centos8" ]] || \ ( \ sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-Linux-* && \ sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.epel.cloud|g' /etc/yum.repos.d/CentOS-Linux-* \ ) ENV NVIDIA_DISABLE_REQUIRE="true" ENV NVIDIA_VISIBLE_DEVICES=all ENV NVIDIA_DRIVER_CAPABILITIES=utility ARG ARTIFACTS_ROOT ARG PACKAGE_DIST COPY ${ARTIFACTS_ROOT}/${PACKAGE_DIST} /artifacts/packages/${PACKAGE_DIST} WORKDIR /artifacts/packages ARG PACKAGE_VERSION ARG TARGETARCH ENV PACKAGE_ARCH ${TARGETARCH} RUN PACKAGE_ARCH=${PACKAGE_ARCH/amd64/x86_64} && PACKAGE_ARCH=${PACKAGE_ARCH/arm64/aarch64} && \ yum localinstall -y \ ${PACKAGE_DIST}/${PACKAGE_ARCH}/libnvidia-container1-1.*.rpm \ ${PACKAGE_DIST}/${PACKAGE_ARCH}/libnvidia-container-tools-1.*.rpm \ ${PACKAGE_DIST}/${PACKAGE_ARCH}/nvidia-container-toolkit*-${PACKAGE_VERSION}*.rpm WORKDIR /work COPY --from=build /artifacts/bin /work ENV PATH=/work:$PATH LABEL io.k8s.display-name="NVIDIA Container Runtime Config" LABEL name="NVIDIA Container Runtime Config" LABEL vendor="NVIDIA" LABEL version="${VERSION}" LABEL release="N/A" LABEL summary="Automatically Configure your Container Runtime for GPU support." LABEL description="See summary" RUN mkdir /licenses && mv /NGC-DL-CONTAINER-LICENSE /licenses/NGC-DL-CONTAINER-LICENSE # Install / upgrade packages here that are required to resolve CVEs ARG CVE_UPDATES RUN if [ -n "${CVE_UPDATES}" ]; then \ yum update -y ${CVE_UPDATES} && \ rm -rf /var/cache/yum/*; \ fi ENTRYPOINT ["/work/nvidia-toolkit"]