nvidia-container-toolkit/pkg
Kevin Klues 20604621e4 Add 'compute' capability to list of defaults.
For most practical purposes, it should be fine to set
NVIDIA_DRIVER_CAPABILITIES=all nowadays.

Historically, these different capabilities exist because they were added
incrementally, with varying degrees of stability. It's fairly common to
run with GPUs in containers today, but a few years ago the driver didn't
support them very well, and it was important to make sure the libraries
being injected into the container actually worked in a containerized
environment. When they didn't, it was common to get information leaks,
crashes, or even silent failures.

In the past, whenever a new set of libraries was being vetted for
injected, a new capability was added to make sure that users had control
to explicitly include only those libraries they were comfortable having
injected into their containers.

The idea being that whoever puts together a container image for use with
GPUs should have the knowledge of what capabilities the software in that
container image requires, and can set the NVIDIA_DRIVER_CAPABILITIES
envvar in that image appropriately.

After some back and forth, we've decided it doesn't quite make sense to
set it to "all" just yet, but we should set it to "utility, compute"
instead of just "utility", so that at least the core CUDA libraries work
by default (once installed in the container).

Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-12-07 12:10:23 +00:00
..
capabilities.go Add the 'ngx' driver capability 2020-06-24 17:53:42 +00:00
container_config.go Add 'compute' capability to list of defaults. 2020-12-07 12:10:23 +00:00
container_test.go Add more tests for new semantics with device list from volume mounts 2020-08-07 16:30:31 +00:00
hook_config.go Refactor accepting device lists from volume mounts as a boolean 2020-08-07 16:30:19 +00:00
hook_test.go Add test to make sure that getNvidiaConfig() operates as expected 2020-07-24 12:50:05 +00:00
main.go