nvidia-container-toolkit/tools/container
Evan Lezar 90518e0ce5 Allow accept-visible-devices config options to be set
This change allows the
* accept-nvidia-visible-devices-envvar-when-unprivileged
* accept-nvidia-visible-devices-as-volume-mounts

options to be set in the toolkit-container. These are controlled
by command line flags or the following environment variables:

* ACCEPT_NVIDIA_VISIBLE_DEVICES_ENVVAR_WHEN_UNPRIVILEGED
* ACCEPT_NVIDIA_VISIBLE_DEVICES_AS_VOLUME_MOUNTS

Signed-off-by: Evan Lezar <elezar@nvidia.com>
2022-07-27 10:57:43 +02:00
..
containerd Also set default_runtime.options.BinaryName 2022-05-27 16:21:52 +02:00
crio Update references to nvidia-container-runtime-hook 2022-07-08 12:15:56 +02:00
docker Move docker config handling to internal package 2022-07-13 10:30:01 +02:00
nvidia-toolkit Remove unused TOOLKIT_ARGS / --toolkit-args 2022-07-27 10:50:18 +02:00
toolkit Allow accept-visible-devices config options to be set 2022-07-27 10:57:43 +02:00
README.md

Introduction

This repository contains tools that allow docker, containerd, or cri-o to be configured to use the NVIDIA Container Toolkit.

Note: These were copied from the container-config repository are being migrated to commands installed with the NVIDIA Container Toolkit.

These will be migrated into an upcoming nvidia-ctk CLI as required.

Docker

After building the docker binary, run:

docker setup \
    --runtime-name NAME \
        /run/nvidia/toolkit

Configure the nvidia-container-runtime as a docker runtime named NAME. If the --runtime-name flag is not specified, this runtime would be called nvidia. A runtime named nvidia-experimental will also be configured using the nvidia-container-runtime-experimental OCI-compliant runtime shim.

Since --set-as-default is enabled by default, the specified runtime name will also be set as the default docker runtime. This can be disabled by explicityly specifying --set-as-default=false.

Note: If --runtime-name is specified as nvidia-experimental explicitly, the nvidia-experimental runtime will be configured as the default runtime, with the nvidia runtime still configured and available for use.

The following table describes the behaviour for different --runtime-name and --set-as-default flag combinations.

Flags Installed Runtimes Default Runtime
NONE SPECIFIED nvidia, nvidia-experimental nvidia
--runtime-name nvidia nvidia, nvidia-experimental nvidia
--runtime-name NAME NAME, nvidia-experimental NAME
--runtime-name nvidia-experimental nvidia, nvidia-experimental nvidia-experimental
--set-as-default nvidia, nvidia-experimental nvidia
--set-as-default --runtime-name nvidia nvidia, nvidia-experimental nvidia
--set-as-default --runtime-name NAME NAME, nvidia-experimental NAME
--set-as-default --runtime-name nvidia-experimental nvidia, nvidia-experimental nvidia-experimental
--set-as-default=false nvidia, nvidia-experimental NOT SET
--set-as-default=false --runtime-name NAME NAME, nvidia-experimental NOT SET
--set-as-default=false --runtime-name nvidia nvidia, nvidia-experimental NOT SET
--set-as-default=false --runtime-name nvidia-experimental nvidia, nvidia-experimental NOT SET

These combinations also hold for the environment variables that map to the command line flags: DOCKER_RUNTIME_NAME, DOCKER_SET_AS_DEFAULT.

Containerd

After running the containerd binary, run:

containerd setup \
    --runtime-class NAME \
        /run/nvidia/toolkit

Configure the nvidia-container-runtime as a runtime class named NAME. If the --runtime-class flag is not specified, this runtime would be called nvidia. A runtime class named nvidia-experimental will also be configured using the nvidia-container-runtime-experimental OCI-compliant runtime shim.

Adding the --set-as-default flag as follows:

containerd setup \
    --runtime-class NAME \
    --set-as-default \
        /run/nvidia/toolkit

will set the runtime class NAME (or nvidia if not specified) as the default runtime class.

Note: If --runtime-class is specified as nvidia-experimental explicitly and --set-as-default is specified, the nvidia-experimental runtime will be configured as the default runtime class, with the nvidia runtime class still configured and available for use.

The following table describes the behaviour for different --runtime-class and --set-as-default flag combinations.

Flags Installed Runtime Classes Default Runtime Class
NONE SPECIFIED nvidia, nvidia-experimental NOT SET
--runtime-class NAME NAME, nvidia-experimental NOT SET
--runtime-class nvidia nvidia, nvidia-experimental NOT SET
--runtime-class nvidia-experimental nvidia, nvidia-experimental NOT SET
--set-as-default nvidia, nvidia-experimental nvidia
--set-as-default --runtime-class NAME NAME, nvidia-experimental NAME
--set-as-default --runtime-class nvidia nvidia, nvidia-experimental nvidia
--set-as-default --runtime-class nvidia-experimental nvidia, nvidia-experimental nvidia-experimental

These combinations also hold for the environment variables that map to the command line flags.