packages/nvidia-ctk-with-config: init

This adds a preconfigured `nvidia-ctk` package for use with peer pods GPU containers.
edgelesssys · Nov 11, 2024 · 31478f7 · 31478f7
1 parent 8da19c0
commit 31478f7
Show file tree

Hide file tree

Showing 3 changed files with 62 additions and 0 deletions.
diff --git a/packages/by-name/mkNixosConfig/package.nix b/packages/by-name/mkNixosConfig/package.nix
@@ -41,6 +41,7 @@ lib.makeOverridable (
             cloud-api-adaptor
             kernel-podvm-azure
             pause-bundle
+            nvidia-ctk-with-config
             ;
           inherit (outerPkgs.kata) kata-agent;
         })

diff --git a/packages/by-name/nvidia-ctk-with-config/config.toml b/packages/by-name/nvidia-ctk-with-config/config.toml
@@ -0,0 +1,40 @@
+#accept-nvidia-visible-devices-as-volume-mounts = false
+#accept-nvidia-visible-devices-envvar-when-unprivileged = true
+disable-require = true
+supported-driver-capabilities = "compat32,compute,display,graphics,ngx,utility,video"
+#swarm-resource = "DOCKER_RESOURCE_GPU"
+
+[nvidia-container-cli]
+no-pivot = true
+debug = "/var/log/nvidia-kata-container/nvidia-container-toolkit.log"
+environment = []
+ldcache = "/tmp/ld.so.cache"
+ldconfig = "@@glibcbin@/bin/ldconfig"
+load-kmods = true
+no-cgroups = true
+path = "@nvidia-container-cli@"
+#root = "/run/nvidia/driver"
+#user = "root:video"
+
+[nvidia-container-runtime]
+debug = "/var/log/nvidia-kata-container/nvidia-container-runtime.log"
+log-level = "debug"
+mode = "cdi"
+runtimes = ["docker-runc", "runc", "crun"]
+
+[nvidia-container-runtime.modes]
+
+[nvidia-container-runtime.modes.cdi]
+annotation-prefixes = ["cdi.k8s.io/"]
+default-kind = "nvidia.com/gpu"
+spec-dirs = ["/var/run/cdi"]
+
+[nvidia-container-runtime.modes.csv]
+mount-spec-path = "/etc/nvidia-container-runtime/host-files-for-container.d"
+
+[nvidia-container-runtime-hook]
+path = "@nvidia-container-runtime-hook@"
+skip-mode-detection = true
+
+[nvidia-ctk]
+path = "@nvidia-ctk@"
diff --git a/packages/by-name/nvidia-ctk-with-config/package.nix b/packages/by-name/nvidia-ctk-with-config/package.nix
@@ -0,0 +1,21 @@
+# Copyright 2024 Edgeless Systems GmbH
+# SPDX-License-Identifier: AGPL-3.0-only
+
+# This builds an nvidia-container-toolkit package with a custom config required
+# for use in peer pods GPU containers.
+
+{
+  nvidia-container-toolkit,
+  libnvidia-container,
+  replaceVars,
+  glibc,
+  lib,
+}:
+nvidia-container-toolkit.override {
+  configTemplatePath = replaceVars ./config.toml {
+    "nvidia-container-cli" = "${lib.getExe' libnvidia-container "nvidia-container-cli"}";
+    "nvidia-container-runtime-hook" = "${lib.getExe' nvidia-container-toolkit "nvidia-container-runtime-hook"}";
+    "nvidia-ctk" = "${lib.getExe' nvidia-container-toolkit "nvidia-ctk"}";
+    "glibcbin" = "${lib.getBin glibc}";
+  };
+}