Skip to content

Commit

Permalink
feat: update to new repo for nvidia-container-toolkit (ublue-os#6)
Browse files Browse the repository at this point in the history 
This enables us to get a newer nvidia container toolkit version 1.14
which now provides root and rootless podman modes without configuration
files, plus CDI.

Added some links to docs.
  • Loading branch information
@bsherman
bsherman authored Oct 5, 2023
1 parent 62026b4 commit 014d687
Show file tree
Hide file tree
Showing 6 changed files with 22 additions and 57 deletions.
4 changes: 1 addition & 3 deletions Containerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,13 @@ ARG COREOS_VERSION="${COREOS_VERSION:-stable}"

COPY build*.sh /tmp
COPY certs /tmp/certs
ADD files/etc/nvidia-container-runtime/config-rootless.toml \
/tmp/ublue-os-ucore-nvidia/rpmbuild/SOURCES/config-rootless.toml
ADD ublue-os-ucore-nvidia.spec \
/tmp/ublue-os-ucore-nvidia/ublue-os-ucore-nvidia.spec

RUN /tmp/build-prep.sh

RUN /tmp/build-kmod-nvidia.sh
RUN /tmp/build-ublue-nvidia.sh
RUN /tmp/build-kmod-nvidia.sh
RUN /tmp/build-kmod-zfs.sh

RUN for RPM in $(find /var/cache/akmods/ -type f -name \*.rpm); do \
Expand Down
4 changes: 3 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,9 @@ A layer for adding extra kernel modules to your Fedora CoreOS image.
Feel free to PR more kmod build scripts into this repo!

- [nvidia](https://negativo17.org/nvidia-driver) - latest driver (currently version 535) built from negativo17's akmod package
- ublue-os-ucore-nvidia - RPM with nvidia container runtime repo and selinux policy
- ublue-os-ucore-nvidia - RPM with nvidia container toolkit repo and selinux policy
- [nvidia container selinux policy](https://github.com/NVIDIA/dgx-selinux/tree/master/src/nvidia-container-selinux) - uses RHEL9 policy as the closest match
- [nvidia-container-tookkit repo](https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/latest/install-guide.html#installing-with-yum-or-dnf) - version 1.14.2 (and newer) provide CDI for podman use of nvidia gpus
- [zfs](https://github.com/openzfs/zfs) - OpenZFS advanced file system and volume manager


Expand Down
2 changes: 0 additions & 2 deletions build-kmod-nvidia.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,6 @@ KERNEL_VERSION=${KERNEL_VERSION}
RELEASE=${RELEASE}
NVIDIA_AKMOD_VERSION=${NVIDIA_AKMOD_VERSION}
EOF
#NVIDIA_FULL_VERSION=${NVIDIA_FULL_VERSION}
#NVIDIA_LIB_VERSION=${NVIDIA_LIB_VERSION}

mv /var/cache/akmods/nvidia/*.rpm \
/var/cache/rpms/kmods/nvidia/
8 changes: 5 additions & 3 deletions build-ublue-nvidia.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,11 @@ set -oeux pipefail

#install -D /etc/pki/akmods/certs/public_key.der /tmp/ublue-os-ucore-nvidia/rpmbuild/SOURCES/public_key.der

curl -L https://nvidia.github.io/nvidia-docker/rhel9.0/nvidia-docker.repo \
-o /tmp/ublue-os-ucore-nvidia/rpmbuild/SOURCES/nvidia-container-runtime.repo
sed -i "s@gpgcheck=0@gpgcheck=1@" /tmp/ublue-os-ucore-nvidia/rpmbuild/SOURCES/nvidia-container-runtime.repo
mkdir -p /tmp/ublue-os-ucore-nvidia/rpmbuild/SOURCES/

curl -L https://nvidia.github.io/libnvidia-container/stable/rpm/nvidia-container-toolkit.repo \
-o /tmp/ublue-os-ucore-nvidia/rpmbuild/SOURCES/nvidia-container-toolkit.repo
sed -i "s@gpgcheck=0@gpgcheck=1@" /tmp/ublue-os-ucore-nvidia/rpmbuild/SOURCES/nvidia-container-toolkit.repo

curl -L https://raw.githubusercontent.com/NVIDIA/dgx-selinux/master/bin/RHEL9/nvidia-container.pp \
-o /tmp/ublue-os-ucore-nvidia/rpmbuild/SOURCES/nvidia-container.pp
Expand Down
34 changes: 0 additions & 34 deletions files/etc/nvidia-container-runtime/config-rootless.toml
View file

This file was deleted.

27 changes: 13 additions & 14 deletions ublue-os-ucore-nvidia.spec
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
Name: ublue-os-ucore-nvidia
Version: 0.1
Version: 0.2
Release: 1%{?dist}
Summary: Additional files for nvidia driver support on CoreOS

Expand All @@ -9,9 +9,8 @@ URL: https://github.com/ublue-os/ucore-kmods
BuildArch: noarch
Supplements: mokutil policycoreutils

Source0: nvidia-container-runtime.repo
Source1: config-rootless.toml
Source2: nvidia-container.pp
Source0: nvidia-container-toolkit.repo
Source1: nvidia-container.pp

%description
Adds various runtime files for nvidia support on Fedora CoreOS.
Expand All @@ -21,25 +20,25 @@ Adds various runtime files for nvidia support on Fedora CoreOS.


%build
install -Dm0644 %{SOURCE0} %{buildroot}%{_datadir}/ublue-os/%{_sysconfdir}/yum.repos.d/nvidia-container-runtime.repo
install -Dm0644 %{SOURCE1} %{buildroot}%{_datadir}/ublue-os/%{_sysconfdir}/nvidia-container-runtime/config-rootless.toml
install -Dm0644 %{SOURCE2} %{buildroot}%{_datadir}/ublue-os/%{_datadir}/selinux/packages/nvidia-container.pp
install -Dm0644 %{SOURCE0} %{buildroot}%{_datadir}/ublue-os/%{_sysconfdir}/yum.repos.d/nvidia-container-toolkit.repo
install -Dm0644 %{SOURCE1} %{buildroot}%{_datadir}/ublue-os/%{_datadir}/selinux/packages/nvidia-container.pp

sed -i 's@enabled=1@enabled=0@g' %{buildroot}%{_datadir}/ublue-os/%{_sysconfdir}/yum.repos.d/nvidia-container-runtime.repo
sed -i 's@enabled=1@enabled=0@g' %{buildroot}%{_datadir}/ublue-os/%{_sysconfdir}/yum.repos.d/nvidia-container-toolkit.repo

install -Dm0644 %{buildroot}%{_datadir}/ublue-os/%{_sysconfdir}/yum.repos.d/nvidia-container-runtime.repo %{buildroot}%{_sysconfdir}/yum.repos.d/nvidia-container-runtime.repo
install -Dm0644 %{buildroot}%{_datadir}/ublue-os/%{_sysconfdir}/nvidia-container-runtime/config-rootless.toml %{buildroot}%{_sysconfdir}/nvidia-container-runtime/config-rootless.toml
install -Dm0644 %{buildroot}%{_datadir}/ublue-os/%{_sysconfdir}/yum.repos.d/nvidia-container-toolkit.repo %{buildroot}%{_sysconfdir}/yum.repos.d/nvidia-container-toolkit.repo
install -Dm0644 %{buildroot}%{_datadir}/ublue-os/%{_datadir}/selinux/packages/nvidia-container.pp %{buildroot}%{_datadir}/selinux/packages/nvidia-container.pp

%files
%attr(0644,root,root) %{_datadir}/ublue-os/%{_sysconfdir}/yum.repos.d/nvidia-container-runtime.repo
%attr(0644,root,root) %{_datadir}/ublue-os/%{_sysconfdir}/nvidia-container-runtime/config-rootless.toml
%attr(0644,root,root) %{_datadir}/ublue-os/%{_sysconfdir}/yum.repos.d/nvidia-container-toolkit.repo
%attr(0644,root,root) %{_datadir}/ublue-os/%{_datadir}/selinux/packages/nvidia-container.pp
%attr(0644,root,root) %{_sysconfdir}/yum.repos.d/nvidia-container-runtime.repo
%attr(0644,root,root) %{_sysconfdir}/nvidia-container-runtime/config-rootless.toml
%attr(0644,root,root) %{_sysconfdir}/yum.repos.d/nvidia-container-toolkit.repo
%attr(0644,root,root) %{_datadir}/selinux/packages/nvidia-container.pp

%changelog
* Wed Oct 04 2023 Benjamin Sherman <[email protected]> - 0.2
- use newer nvidia-container-toolkit repo
- repo provides newer toolkit, no longer requires config.toml

* Sat Aug 19 2023 Benjamin Sherman <[email protected]> - 0.1
First release for Fedora CoreOS based on ublue-os-nvidia-addons includes:
- nvidia-container-runtime repo
Expand Down

0 comments on commit 014d687

Please sign in to comment.