Skip to content

Releases: NVIDIA/nvidia-container-toolkit

v1.16.2

25 Sep 11:44
@github-actions github-actions
v1.16.2
a5a5833
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.16.2

This release provides critical security updates and is recommended for all users.

It includes updates for:

To view any published security bulletins for NVIDIA products, see the NVIDIA product security page (https://www.nvidia.com/en-us/security/)

For more information regarding NVIDIA's security vulnerability remediation policies, see (https://www.nvidia.com/en-us/security/psirt-policies/)

NOTE: This release is a unified release of the NVIDIA Container Toolkit that consists of the following packages:

The packages for this release are published to the libnvidia-container package repositories.

What's Changed

  • Exclude libnvidia-allocator from graphics mounts. This fixes a bug that leaks mounts when a container is started with bi-directional mount propagation.
  • Use empty string for default runtime-config-override. This removes a redundant warning for runtimes (e.g. Docker) where this is not applicable.

Changes in the Toolkit Container

  • Bump CUDA base image version to 12.6.0

Changes in libnvidia-container

  • Add no-gsp-firmware command line option
  • Add no-fabricmanager command line option
  • Add no-persistenced command line option
  • Skip directories and symlinks when mounting libraries

Full Changelog: v1.16.1...v1.16.2

Loading

v1.16.1

23 Jul 18:56
@github-actions github-actions
v1.16.1
a470818
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.16.1

What's Changed

  • Fix bug with processing errors during CDI spec generation for MIG devices

Full Changelog: v1.16.0...v1.16.1

Loading

v1.16.0

15 Jul 15:10
@github-actions github-actions
v1.16.0
c5c124b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.16.0

This is a promotion of the v1.16.0-rc.2 release to GA.

NOTE: This release does NOT include the nvidia-container-runtime and nvidia-docker2 packages. It is recommended that the nvidia-container-toolkit packages be installed directly.

NOTE: This release is a unified release of the NVIDIA Container Toolkit that consists of the following packages:

The packages for this release are published to the libnvidia-container package repositories.

Full Changelog: v1.15.0...v1.16.0

What's Changed

  • Promote v1.16.0-rc.2 to v1.16.0

Changes in the Toolkit Container

  • Bump CUDA base image version to 12.5.1

v1.16.0-rc.2

  • Use relative path to locate driver libraries
  • Add RelativeToRoot function to Driver
  • Inject additional libraries for full X11 functionality
  • Extract options from default runtime if runc does not exist
  • Avoid using map pointers as maps are always passed by reference
  • Reduce logging for the NVIDIA Container runtime
  • Fix bug in argument parsing for logger creation

v1.16.0-rc.1

  • Support vulkan ICD files directly in a driver root. This allows for the discovery of vulkan files in GKE driver installations.
  • Increase priority of ld.so.conf.d config file injected into container. This ensures that injected libraries are preferred over libraries present in the container.
  • Set default CDI spec permissions to 644. This fixes permission issues when using the nvidia-ctk cdi transform functions.
  • Add dev-root option to nvidia-ctk system create-device-nodes command.
  • Fix location of libnvidia-ml.so.1 when a non-standard driver root is used. This enabled CDI spec generation when using the driver container on a host.
  • Recalculate minimum required CDI spec version on save.
  • Move nvidia-ctk hook commands to a separate nvidia-cdi-hook binary. The same subcommands are supported.
  • Use : as an nvidia-ctk config --set list separator. This fixes a bug when trying to set config options that are lists.

Changes in the Toolkit Container

  • Bump CUDA base image version to 12.5.0
  • Allow the path to toolkit.pid to be specified directly.
  • Remove provenance information from image manifests.
  • Add dev-root option when configuring the toolkit. This adds support for GKE driver installations.
Loading

v1.16.0-rc.2

10 Jul 14:32
@elezar elezar
v1.16.0-rc.2
d51cee6
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.16.0-rc.2 Pre-release
Pre-release

What's Changed

  • Use relative path to locate driver libraries
  • Add RelativeToRoot function to Driver
  • Inject additional libraries for full X11 functionality
  • Extract options from default runtime if runc does not exist
  • Update libnvidia-container
  • Reduce logging for the NVIDIA Container runtime
  • Add Tracef to logger Interface
  • Add String function to oci.Runtime interface
  • Fix bug in argument parsing for logger creation
  • Use ref_name on release workflow

Changes in the Toolkit Container

  • Extract options from default runtime if runc does not exist
  • avoid using map pointers as maps are always passed by reference

Full Changelog: v1.16.0-rc.1...v1.16.0-rc.2

Loading

v1.16.0-rc.1

17 Jun 14:30
@elezar elezar
v1.16.0-rc.1
f2eb4ea
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.16.0-rc.1 Pre-release
Pre-release

What's Changed

  • Support vulkan ICD files directly in a driver root. This allows for the discovery of vulkan files in GKE driver installations.
  • Increase priority of ld.so.conf.d config file injected into container. This ensures that injected libraries are preferred over libraries present in the container.
  • Set default CDI spec permissions to 644. This fixes permission issues when using the nvidia-ctk cdi transform functions.
  • Add dev-root option to nvidia-ctk system create-device-nodes command.
  • Fix location of libnvidia-ml.so.1 when a non-standard driver root is used. This enabled CDI spec generation when using the driver container on a host.
  • Recalculate minimum required CDI spec version on save.
  • Move nvidia-ctk hook commands to a separate nvidia-cdi-hook binary. The same subcommands are supported.
  • Use : as an nvidia-ctk config --set list separator. This fixes a bug when trying to set config options that are lists.

Changes in the Toolkit Container

  • Bump CUDA base image version to 12.5.0
  • Allow the path to toolkit.pid to be specified directly.
  • Remove provenance information from image manifests.
  • Add dev-root option when configuring the toolkit. This adds support for GKE driver installations.

Full Changelog: v1.15.0...v1.16.0-rc.1

Loading

v1.15.0

16 Apr 13:24
@elezar elezar
v1.15.0
ddeeca3
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.15.0

This is a promotion of the v1.15.0-rc.4 release to GA.

NOTE: This release does NOT include the nvidia-container-runtime and nvidia-docker2 packages. It is recommended that the nvidia-container-toolkit packages be installed directly.

NOTE: This release is a unified release of the NVIDIA Container Toolkit that consists of the following packages:

The packages for this release are published to the libnvidia-container package repositories.

Full Changelog: v1.14.0...v1.15.0

What's Changed

  • Remove nvidia-container-runtime and nvidia-docker2 packages.
  • Use XDG_DATA_DIRS environment variable when locating config files such as graphics config files.
  • Add support for v0.7.0 Container Device Interface (CDI) specification.
  • Add --config-search-path option to nvidia-ctk cdi generate command. These paths are used when locating driver files such as graphics config files.
  • Add support for v1.2.0 OCI Runtime specification.
  • Explicitly set NVIDIA_VISIBLE_DEVICES=void in generated CDI specifications. This prevents the NVIDIA Container Runtime from making additional modifications.

Changes in the toolkit-container

  • Bump CUDA base image version to 12.4.1

v1.15.0-rc.4

  • Fix build and tests targets on darwin by @elezar in #333
  • Add spec-dir flag to nvidia-ctk cdi list command by @elezar in #342
  • Specify DRIVER_ROOT consistently by @elezar in #346
  • Support nvidia and nvidia-frontend names when getting device major by @tariq1890 in #330
  • Allow multiple naming strategies when generating CDI specification by @elezar in #314
  • Add --create-device-nodes option to toolkit config by @elezar in #345
  • Remove additional libnvidia-container0 dependency by @elezar in #370
  • Add imex support by @klueska in #375
  • [R550 driver support] add fallback logic to device.Exists(name) by @tariq1890 in #379
  • Use D3DKMTEnumAdapters3 for adapter enumeration by @jbujak in #397
  • Add NVIDIA_VISIBLE_DEVICES=void to CDI specs by @elezar in #395

Changes in libnvidia-container

Changes in the toolkit-container

  • Remove centos7 container-toolkit image by @elezar in #382
  • Bump CUDA base image version to 12.3.2.

v1.15.0-rc.3

  • Fix bug in nvidia-ctk hook update-ldcache where default --ldconfig-path value was not applied.

v1.15.0-rc.2

  • Extend the runtime.nvidia.com/gpu CDI kind to support full-GPUs and MIG devices specified by index or UUID.
  • Fix bug when specifying --dev-root for Tegra-based systems.
  • Log explicitly requested runtime mode.
  • Remove package dependency on libseccomp.
  • Added detection of libnvdxgdmal.so.1 on WSL2
  • Use devRoot to resolve MIG device nodes.
  • Fix bug in determining default nvidia-container-runtime.user config value on SUSE-based systems.
  • Add crun to the list of configured low-level runtimes.
  • Added support for --ldconfig-path to nvidia-ctk cdi generate command.
  • Fix nvidia-ctk runtime configure --cdi.enabled for Docker.
  • Add discovery of the GDRCopy device (gdrdrv) if the NVIDIA_GDRCOPY environment variable of the container is set to enabled

Changes in libnvidia-container

  • Added detection of libnvdxgdmal.so.1 on WSL2

Changes in the toolkit-container

  • Bump CUDA base image version to 12.3.1.

v1.15.0-rc.1

  • Skip update of ldcache in containers without ldconfig. The .so.SONAME symlinks are still created.
  • Normalize ldconfig path on use. This automatically adjust the ldconfig setting applied to ldconfig.real on systems where this exists.
  • Include nvidia/nvoptix.bin in list of graphics mounts.
  • Include vulkan/icd.d/nvidia_layers.json in list of graphics mounts.
  • Add support for --library-search-paths to nvidia-ctk cdi generate command.
  • Add support for injecting /dev/nvidia-nvswitch* devices if the NVIDIA_NVSWITCH=enabled envvar is specified.
  • Added support for nvidia-ctk runtime configure --enable-cdi for the docker runtime. Note that this requires Docker >= 25.
  • Fixed bug in nvidia-ctk config command when using --set. The types of applied config options are now applied correctly.
  • Add --relative-to option to nvidia-ctk transform root command. This controls whether the root transformation is applied to host or container paths.
  • Added automatic CDI spec generation when the runtime.nvidia.com/gpu=all device is requested by a container.

Changes in libnvidia-container

  • Fix device permission check when using cgroupv2 (fixes NVIDIA/libnvidia-container/#227)

Contributors

klueska, elezar, and 2 other contributors
Loading

v1.15.0-rc.4

19 Mar 10:54
@elezar elezar
v1.15.0-rc.4
1ddc859
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.15.0-rc.4 Pre-release
Pre-release

What's Changed

  • Fix build and tests targets on darwin by @elezar in #333
  • Add spec-dir flag to nvidia-ctk cdi list command by @elezar in #342
  • Specify DRIVER_ROOT consistently by @elezar in #346
  • Support nvidia and nvidia-frontend names when getting device major by @tariq1890 in #330
  • Allow multiple naming strategies when generating CDI specification by @elezar in #314
  • Add --create-device-nodes option to toolkit config by @elezar in #345
  • Remove additional libnvidia-container0 dependency by @elezar in #370
  • Add imex support by @klueska in #375
  • [R550 driver support] add fallback logic to device.Exists(name) by @tariq1890 in #379
  • Use D3DKMTEnumAdapters3 for adapter enumeration by @jbujak in #397
  • Add NVIDIA_VISIBLE_DEVICES=void to CDI specs by @elezar in #395

Changes in libnvidia-container

Changes in the toolkit-container

  • Remove centos7 container-toolkit image by @elezar in #382
  • Bump CUDA base image version to 12.3.2.

Full Changelog: v1.15.0-rc.3...v1.15.0-rc.4

Contributors

klueska, elezar, and 2 other contributors
Loading

v1.14.6

28 Feb 11:53
@elezar elezar
v1.14.6
5605d19
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.14.6

What's Changed

  • Add support for extracting device major number from /proc/devices if nvidia is used as a device name over nvidia-frontend. This is required to support the creation of /dev/char symlinks on NVIDIA CUDA drivers with version 550.x.
  • Add support for selecting IMEX channels using the NVIDIA_IMEX_CHANNELS environement variable.

Changes in libnvidia-container

  • Added creation and injection of IMEX channels.

Dependency updates

  • Bump github.com/sirupsen/logrus from 1.9.0 to 1.9.3 by @dependabot in #355
  • Bump golang.org/x/sys from 0.7.0 to 0.17.0 by @dependabot in #357
  • Bump github.com/pelletier/go-toml from 1.9.4 to 1.9.5 by @dependabot in #359
  • Bump github.com/fsnotify/fsnotify from 1.5.4 to 1.7.0 by @dependabot in #358
  • Bump github.com/urfave/cli/v2 from 2.3.0 to 2.27.1 by @dependabot in #356
  • Bump golang.org/x/mod from 0.5.0 to 0.15.0 by @dependabot in #367
  • Bump github.com/stretchr/testify from 1.8.1 to 1.8.4 by @dependabot in #366
  • Bump github.com/NVIDIA/go-nvml from 0.12.0-1 to 0.12.0-2 by @dependabot in #365
  • Bump github.com/opencontainers/runtime-spec from 1.1.0 to 1.2.0 by @dependabot in #368

Full Changelog: v1.14.5...v1.14.6

Contributors

dependabot
Loading

v1.14.5

07 Feb 18:49
@elezar elezar
v1.14.5
9ea3360
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.14.5

What's Changed

  • Update dependencies to address CVE in runc.
  • Fix nvidia-ctk runtime configure --cdi.enabled for Docker. This was incorrectly setting experimental = true instead
    of setting features.cdi = true.

Full Changelog: v1.14.4...v1.14.5

Loading

v1.15.0-rc.3

01 Mar 06:53
@elezar elezar
v1.15.0-rc.3
93e15bc
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.15.0-rc.3 Pre-release
Pre-release

What's Changed

  • Fix bug in nvidia-ctk hook update-ldcache where default --ldconfig-path value was not applied.

Full Changelog: v1.15.0-rc.2...v1.15.0-rc.3

Loading