pyrox.dev
Merge pull request #108862 from cpcloud/refactor-nvidia-containers
authored by
Jörg Thalheim
and committed by
GitHub
f3042e30
147270c1
-3
nixos/modules/virtualisation/docker.nix
-3
nixos/modules/virtualisation/docker.nix
+2
-10
nixos/modules/virtualisation/podman.nix
+2
-10
nixos/modules/virtualisation/podman.nix
···
2
2
let
3
3
cfg = config.virtualisation.podman;
4
4
toml = pkgs.formats.toml { };
5
-
nvidia-docker = pkgs.nvidia-docker.override { containerRuntimePath = "${pkgs.runc}/bin/runc"; };
6
5
7
6
inherit (lib) mkOption types;
8
7
···
100
99
containersConf.extraConfig = lib.optionalString cfg.enableNvidia
101
100
(builtins.readFile (toml.generate "podman.nvidia.containers.conf" {
102
101
engine = {
103
-
conmon_env_vars = [ "PATH=${lib.makeBinPath [ nvidia-docker ]}" ];
104
-
runtimes.nvidia = [ "${nvidia-docker}/bin/nvidia-container-runtime" ];
102
+
conmon_env_vars = [ "PATH=${lib.makeBinPath [ pkgs.nvidia-podman ]}" ];
103
+
runtimes.nvidia = [ "${pkgs.nvidia-podman}/bin/nvidia-container-runtime" ];
105
104
};
106
105
}));
107
106
};
···
111
110
assertion = cfg.dockerCompat -> !config.virtualisation.docker.enable;
112
111
message = "Option dockerCompat conflicts with docker";
113
112
}
114
-
{
115
-
assertion = cfg.enableNvidia -> !config.virtualisation.docker.enableNvidia;
116
-
message = "Option enableNvidia conflicts with docker.enableNvidia";
117
-
}
118
113
];
119
114
}
120
-
(lib.mkIf cfg.enableNvidia {
121
-
environment.etc."nvidia-container-runtime/config.toml".source = "${nvidia-docker}/etc/podman-config.toml";
122
-
})
123
115
]);
124
116
}
+72
pkgs/applications/virtualization/nvidia-container-runtime/default.nix
+72
pkgs/applications/virtualization/nvidia-container-runtime/default.nix
···
1
+
{ lib
2
+
, glibc
3
+
, fetchFromGitHub
4
+
, makeWrapper
5
+
, buildGoPackage
6
+
, linkFarm
7
+
, writeShellScript
8
+
, containerRuntimePath
9
+
, configTemplate
10
+
}:
11
+
let
12
+
isolatedContainerRuntimePath = linkFarm "isolated_container_runtime_path" [
13
+
{
14
+
name = "runc";
15
+
path = containerRuntimePath;
16
+
}
17
+
];
18
+
warnIfXdgConfigHomeIsSet = writeShellScript "warn_if_xdg_config_home_is_set" ''
19
+
set -eo pipefail
20
+
21
+
if [ -n "$XDG_CONFIG_HOME" ]; then
22
+
echo >&2 "$(tput setaf 3)warning: \$XDG_CONFIG_HOME=$XDG_CONFIG_HOME$(tput sgr 0)"
23
+
fi
24
+
'';
25
+
in
26
+
buildGoPackage rec {
27
+
pname = "nvidia-container-runtime";
28
+
version = "3.4.0";
29
+
30
+
src = fetchFromGitHub {
31
+
owner = "NVIDIA";
32
+
repo = pname;
33
+
rev = "v${version}";
34
+
sha256 = "095mks0r4079vawi50pk4zb5jk0g6s9idg2s1w55a0d27jkknldr";
35
+
};
36
+
37
+
goPackagePath = "github.com/${pname}/src";
38
+
buildFlagsArray = [ "-ldflags=" "-s -w" ];
39
+
nativeBuildInputs = [ makeWrapper ];
40
+
41
+
postInstall = ''
42
+
mv $out/bin/{src,nvidia-container-runtime}
43
+
mkdir -p $out/etc/nvidia-container-runtime
44
+
45
+
# nvidia-container-runtime invokes docker-runc or runc if that isn't
46
+
# available on PATH.
47
+
#
48
+
# Also set XDG_CONFIG_HOME if it isn't already to allow overriding
49
+
# configuration. This in turn allows users to have the nvidia container
50
+
# runtime enabled for any number of higher level runtimes like docker and
51
+
# podman, i.e., there's no need to have mutually exclusivity on what high
52
+
# level runtime can enable the nvidia runtime because each high level
53
+
# runtime has its own config.toml file.
54
+
wrapProgram $out/bin/nvidia-container-runtime \
55
+
--run "${warnIfXdgConfigHomeIsSet}" \
56
+
--prefix PATH : ${isolatedContainerRuntimePath} \
57
+
--set-default XDG_CONFIG_HOME $out/etc
58
+
59
+
cp ${configTemplate} $out/etc/nvidia-container-runtime/config.toml
60
+
61
+
substituteInPlace $out/etc/nvidia-container-runtime/config.toml \
62
+
--subst-var-by glibcbin ${lib.getBin glibc}
63
+
'';
64
+
65
+
meta = with lib; {
66
+
homepage = "https://github.com/NVIDIA/nvidia-container-runtime";
67
+
description = "NVIDIA container runtime";
68
+
license = licenses.asl20;
69
+
platforms = platforms.linux;
70
+
maintainers = with maintainers; [ cpcloud ];
71
+
};
72
+
}
+37
pkgs/applications/virtualization/nvidia-container-toolkit/default.nix
+37
pkgs/applications/virtualization/nvidia-container-toolkit/default.nix
···
1
+
{ lib
2
+
, fetchFromGitHub
3
+
, buildGoModule
4
+
, makeWrapper
5
+
, nvidia-container-runtime
6
+
}:
7
+
buildGoModule rec {
8
+
pname = "nvidia-container-toolkit";
9
+
version = "1.3.0";
10
+
11
+
src = fetchFromGitHub {
12
+
owner = "NVIDIA";
13
+
repo = pname;
14
+
rev = "v${version}";
15
+
sha256 = "04284bhgx4j55vg9ifvbji2bvmfjfy3h1lq7q356ffgw3yr9n0hn";
16
+
};
17
+
18
+
vendorSha256 = "17zpiyvf22skfcisflsp6pn56y6a793jcx89kw976fq2x5br1bz7";
19
+
buildFlagsArray = [ "-ldflags=" "-s -w" ];
20
+
nativeBuildInputs = [ makeWrapper ];
21
+
22
+
postInstall = ''
23
+
mv $out/bin/{pkg,${pname}}
24
+
ln -s $out/bin/nvidia-container-{toolkit,runtime-hook}
25
+
26
+
wrapProgram $out/bin/nvidia-container-toolkit \
27
+
--add-flags "-config ${nvidia-container-runtime}/etc/nvidia-container-runtime/config.toml"
28
+
'';
29
+
30
+
meta = with lib; {
31
+
homepage = "https://github.com/NVIDIA/nvidia-container-toolkit";
32
+
description = "NVIDIA container runtime hook";
33
+
license = licenses.asl20;
34
+
platforms = platforms.linux;
35
+
maintainers = with maintainers; [ cpcloud ];
36
+
};
37
+
}
pkgs/applications/virtualization/nvidia-docker/avoid-static-libtirpc-build.patch
pkgs/applications/virtualization/libnvidia-container/avoid-static-libtirpc-build.patch
pkgs/applications/virtualization/nvidia-docker/avoid-static-libtirpc-build.patch
pkgs/applications/virtualization/libnvidia-container/avoid-static-libtirpc-build.patch
+6
-80
pkgs/applications/virtualization/nvidia-docker/default.nix
+6
-80
pkgs/applications/virtualization/nvidia-docker/default.nix
···
1
-
{ stdenv
2
-
, lib
3
-
, fetchFromGitHub
4
-
, fetchpatch
5
-
, callPackage
6
-
, makeWrapper
7
-
, buildGoModule
8
-
, buildGoPackage
9
-
, glibc
10
-
, docker
11
-
, linkFarm
12
-
, containerRuntimePath ? "${docker}/libexec/docker/runc"
13
-
}:
14
-
15
-
with lib; let
16
-
libnvidia-container = callPackage ./libnvc.nix { };
17
-
isolatedContainerRuntimePath = linkFarm "isolated_container_runtime_path" [
18
-
{
19
-
name = "runc";
20
-
path = containerRuntimePath;
21
-
}
22
-
];
23
-
24
-
nvidia-container-runtime = buildGoPackage rec {
25
-
pname = "nvidia-container-runtime";
26
-
version = "3.4.0";
27
-
src = fetchFromGitHub {
28
-
owner = "NVIDIA";
29
-
repo = "nvidia-container-runtime";
30
-
rev = "v${version}";
31
-
sha256 = "095mks0r4079vawi50pk4zb5jk0g6s9idg2s1w55a0d27jkknldr";
32
-
};
33
-
goPackagePath = "github.com/nvidia-container-runtime/src";
34
-
buildFlagsArray = [ "-ldflags=" "-s -w" ];
35
-
postInstall = ''
36
-
mv $out/bin/{src,nvidia-container-runtime}
37
-
'';
38
-
};
39
-
40
-
nvidia-container-toolkit = buildGoModule rec {
41
-
pname = "nvidia-container-toolkit";
42
-
version = "1.3.0";
43
-
src = fetchFromGitHub {
44
-
owner = "NVIDIA";
45
-
repo = "nvidia-container-toolkit";
46
-
rev = "v${version}";
47
-
sha256 = "04284bhgx4j55vg9ifvbji2bvmfjfy3h1lq7q356ffgw3yr9n0hn";
48
-
};
49
-
vendorSha256 = "17zpiyvf22skfcisflsp6pn56y6a793jcx89kw976fq2x5br1bz7";
50
-
buildFlagsArray = [ "-ldflags=" "-s -w" ];
51
-
postInstall = ''
52
-
mv $out/bin/{pkg,${pname}}
53
-
cp $out/bin/{${pname},nvidia-container-runtime-hook}
54
-
'';
55
-
};
56
-
57
-
in
1
+
{ stdenv, lib, fetchFromGitHub, callPackage }:
58
2
stdenv.mkDerivation rec {
59
3
pname = "nvidia-docker";
60
4
version = "2.5.0";
61
5
62
6
src = fetchFromGitHub {
63
7
owner = "NVIDIA";
64
-
repo = "nvidia-docker";
8
+
repo = pname;
65
9
rev = "v${version}";
66
10
sha256 = "1n1k7fnimky67s12p2ycaq9mgk245fchq62vgd7bl3bzfcbg0z4h";
67
11
};
68
12
69
-
nativeBuildInputs = [ makeWrapper ];
70
-
71
13
buildPhase = ''
72
14
mkdir bin
73
15
74
16
cp nvidia-docker bin
75
17
substituteInPlace bin/nvidia-docker --subst-var-by VERSION ${version}
76
-
77
-
cp ${libnvidia-container}/bin/nvidia-container-cli bin
78
-
cp ${nvidia-container-toolkit}/bin/nvidia-container-{toolkit,runtime-hook} bin
79
-
cp ${nvidia-container-runtime}/bin/nvidia-container-runtime bin
80
18
'';
81
19
82
20
installPhase = ''
83
-
mkdir -p $out/{bin,etc}
84
-
cp -r bin $out
85
-
86
-
wrapProgram $out/bin/nvidia-container-cli \
87
-
--prefix LD_LIBRARY_PATH : /run/opengl-driver/lib:/run/opengl-driver-32/lib
88
-
89
-
# nvidia-container-runtime invokes docker-runc or runc if that isn't available on PATH
90
-
wrapProgram $out/bin/nvidia-container-runtime --prefix PATH : ${isolatedContainerRuntimePath}
91
-
92
-
cp ${./config.toml} $out/etc/config.toml
93
-
substituteInPlace $out/etc/config.toml --subst-var-by glibcbin ${lib.getBin glibc}
94
-
95
-
cp ${./podman-config.toml} $out/etc/podman-config.toml
96
-
substituteInPlace $out/etc/podman-config.toml --subst-var-by glibcbin ${lib.getBin glibc}
21
+
mkdir -p $out/bin
22
+
cp bin/nvidia-docker $out/bin
97
23
'';
98
24
99
-
meta = {
25
+
meta = with lib; {
100
26
homepage = "https://github.com/NVIDIA/nvidia-docker";
101
27
description = "NVIDIA container runtime for Docker";
102
28
license = licenses.bsd3;
103
29
platforms = platforms.linux;
104
-
maintainers = with lib.maintainers; [ cpcloud ];
30
+
maintainers = with maintainers; [ cpcloud ];
105
31
};
106
32
}
pkgs/applications/virtualization/nvidia-docker/libnvc-ldconfig-and-path-fixes.patch
pkgs/applications/virtualization/libnvidia-container/libnvc-ldconfig-and-path-fixes.patch
pkgs/applications/virtualization/nvidia-docker/libnvc-ldconfig-and-path-fixes.patch
pkgs/applications/virtualization/libnvidia-container/libnvc-ldconfig-and-path-fixes.patch
+10
-3
pkgs/applications/virtualization/nvidia-docker/libnvc.nix
pkgs/applications/virtualization/libnvidia-container/default.nix
+10
-3
pkgs/applications/virtualization/nvidia-docker/libnvc.nix
pkgs/applications/virtualization/libnvidia-container/default.nix
···
7
7
, libseccomp
8
8
, rpcsvc-proto
9
9
, libtirpc
10
+
, makeWrapper
10
11
}:
11
12
let
12
13
modp-ver = "450.57";
···
23
24
24
25
src = fetchFromGitHub {
25
26
owner = "NVIDIA";
26
-
repo = "libnvidia-container";
27
+
repo = pname;
27
28
rev = "v${version}";
28
29
sha256 = "0j6b8z9x9hrrs4xp11zyjjd7kyl7fzcicpiis8k1qb1q2afnqsrq";
29
30
};
···
64
65
popd
65
66
'';
66
67
68
+
postInstall = ''
69
+
wrapProgram $out/bin/nvidia-container-cli \
70
+
--prefix LD_LIBRARY_PATH : /run/opengl-driver/lib:/run/opengl-driver-32/lib
71
+
'';
72
+
67
73
NIX_CFLAGS_COMPILE = [ "-I${libtirpc.dev}/include/tirpc" ];
68
74
NIX_LDFLAGS = [ "-L${libtirpc.dev}/lib" "-ltirpc" ];
69
75
70
-
nativeBuildInputs = [ pkgconfig rpcsvc-proto ];
76
+
nativeBuildInputs = [ pkgconfig rpcsvc-proto makeWrapper ];
71
77
72
78
buildInputs = [ libelf libcap libseccomp libtirpc ];
73
79
74
80
meta = with lib; {
75
81
homepage = "https://github.com/NVIDIA/libnvidia-container";
76
82
description = "NVIDIA container runtime library";
77
-
license = licenses.bsd3;
83
+
license = licenses.asl20;
78
84
platforms = platforms.linux;
85
+
maintainers = with maintainers; [ cpcloud ];
79
86
};
80
87
}
pkgs/applications/virtualization/nvidia-docker/modprobe.patch
pkgs/applications/virtualization/libnvidia-container/modprobe.patch
pkgs/applications/virtualization/nvidia-docker/modprobe.patch
pkgs/applications/virtualization/libnvidia-container/modprobe.patch
pkgs/applications/virtualization/nvidia-docker/podman-config.toml
pkgs/applications/virtualization/nvidia-podman/config.toml
pkgs/applications/virtualization/nvidia-docker/podman-config.toml
pkgs/applications/virtualization/nvidia-podman/config.toml
+28
-1
pkgs/top-level/all-packages.nix
+28
-1
pkgs/top-level/all-packages.nix
···
15715
15715
15716
15716
nv-codec-headers = callPackage ../development/libraries/nv-codec-headers { };
15717
15717
15718
-
nvidia-docker = callPackage ../applications/virtualization/nvidia-docker { };
15718
+
mkNvidiaContainerPkg = { name, containerRuntimePath, configTemplate, additionalPaths ? [] }:
15719
+
let
15720
+
nvidia-container-runtime = callPackage ../applications/virtualization/nvidia-container-runtime {
15721
+
inherit containerRuntimePath configTemplate;
15722
+
};
15723
+
in symlinkJoin {
15724
+
inherit name;
15725
+
paths = [
15726
+
(callPackage ../applications/virtualization/libnvidia-container { })
15727
+
nvidia-container-runtime
15728
+
(callPackage ../applications/virtualization/nvidia-container-toolkit {
15729
+
inherit nvidia-container-runtime;
15730
+
})
15731
+
] ++ additionalPaths;
15732
+
};
15733
+
15734
+
nvidia-docker = mkNvidiaContainerPkg {
15735
+
name = "nvidia-docker";
15736
+
containerRuntimePath = "${docker}/libexec/docker/runc";
15737
+
configTemplate = ../applications/virtualization/nvidia-docker/config.toml;
15738
+
additionalPaths = [ (callPackage ../applications/virtualization/nvidia-docker { }) ];
15739
+
};
15740
+
15741
+
nvidia-podman = mkNvidiaContainerPkg {
15742
+
name = "nvidia-podman";
15743
+
containerRuntimePath = "${runc}/bin/runc";
15744
+
configTemplate = ../applications/virtualization/nvidia-podman/config.toml;
15745
+
};
15719
15746
15720
15747
nvidia-texture-tools = callPackage ../development/libraries/nvidia-texture-tools { };
15721
15748