diff --git a/.kres.yaml b/.kres.yaml index 383a8198..3116ffe5 100644 --- a/.kres.yaml +++ b/.kres.yaml @@ -34,12 +34,12 @@ spec: - nebula - nfsd - nut-client - - nvidia-container-toolkit-lts - - nvidia-container-toolkit-production - nvidia-fabricmanager-lts - nvidia-fabricmanager-production - - nvidia-open-gpu-kernel-modules-lts - - nvidia-open-gpu-kernel-modules-production + - nvidia-driver-lts + - nvidia-driver-production + - nvidia-driver-proprietary-lts + - nvidia-driver-proprietary-production - nvme-cli - panfrost - qemu-guest-agent diff --git a/Makefile b/Makefile index da3d72bd..1328dd9a 100644 --- a/Makefile +++ b/Makefile @@ -89,12 +89,12 @@ TARGETS += metal-agent TARGETS += nebula TARGETS += nfsd TARGETS += nut-client -TARGETS += nvidia-container-toolkit-lts -TARGETS += nvidia-container-toolkit-production TARGETS += nvidia-fabricmanager-lts TARGETS += nvidia-fabricmanager-production -TARGETS += nvidia-open-gpu-kernel-modules-lts -TARGETS += nvidia-open-gpu-kernel-modules-production +TARGETS += nvidia-driver-lts +TARGETS += nvidia-driver-production +TARGETS += nvidia-driver-proprietary-lts +TARGETS += nvidia-driver-proprietary-production TARGETS += nvme-cli TARGETS += panfrost TARGETS += qemu-guest-agent diff --git a/go.work b/go.work index 0c16edc9..698dd993 100644 --- a/go.work +++ b/go.work @@ -2,6 +2,5 @@ go 1.23.0 use ( ./examples/hello-world-service/src - ./nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime-wrapper - ./nvidia-gpu/nvidia-container-toolkit/nvidia-persistenced-wrapper + ./nvidia-gpu/nvidia-driver/service ) diff --git a/nvidia-gpu/nonfree/kmod-nvidia/lts/manifest.yaml b/nvidia-gpu/nonfree/kmod-nvidia/lts/manifest.yaml deleted file mode 100644 index 0571c0a9..00000000 --- a/nvidia-gpu/nonfree/kmod-nvidia/lts/manifest.yaml +++ /dev/null @@ -1,10 +0,0 @@ -version: v1alpha1 -metadata: - name: nonfree-kmod-nvidia-lts - version: "$VERSION" - author: Sidero Labs - description: | - This system extension provides nvidia proprietary kernel modules built against a specific Talos version. - compatibility: - talos: - version: ">= v1.5.0" diff --git a/nvidia-gpu/nonfree/kmod-nvidia/production/files/nvidia.conf b/nvidia-gpu/nonfree/kmod-nvidia/production/files/nvidia.conf deleted file mode 100644 index 62b5f931..00000000 --- a/nvidia-gpu/nonfree/kmod-nvidia/production/files/nvidia.conf +++ /dev/null @@ -1,4 +0,0 @@ -blacklist nvidia -blacklist nvidia_uvm -blacklist nvidia_drm -blacklist nvidia_modeset diff --git a/nvidia-gpu/nonfree/kmod-nvidia/production/manifest.yaml b/nvidia-gpu/nonfree/kmod-nvidia/production/manifest.yaml deleted file mode 100644 index f6ecfb81..00000000 --- a/nvidia-gpu/nonfree/kmod-nvidia/production/manifest.yaml +++ /dev/null @@ -1,10 +0,0 @@ -version: v1alpha1 -metadata: - name: nonfree-kmod-nvidia-production - version: "$VERSION" - author: Sidero Labs - description: | - This system extension provides nvidia proprietary kernel modules built against a specific Talos version. - compatibility: - talos: - version: ">= v1.5.0" diff --git a/nvidia-gpu/nonfree/kmod-nvidia/production/pkg.yaml b/nvidia-gpu/nonfree/kmod-nvidia/production/pkg.yaml deleted file mode 100644 index 5267d2e4..00000000 --- a/nvidia-gpu/nonfree/kmod-nvidia/production/pkg.yaml +++ /dev/null @@ -1,31 +0,0 @@ -name: nonfree-kmod-nvidia-production -variant: scratch -shell: /bin/bash -dependencies: - - stage: base -# The pkgs version for a particular release of Talos as defined in -# https://github.com/siderolabs/talos/blob//pkg/machinery/gendata/data/pkgs - - image: "{{ .BUILD_ARG_PKGS_PREFIX }}/nonfree-kmod-nvidia-production-pkg:{{ .BUILD_ARG_PKGS }}" -steps: - - prepare: - - | - sed -i 's#$VERSION#{{ .VERSION }}#' /pkg/manifest.yaml - - install: - - | - mkdir -p /rootfs/usr/lib/modules \ - /rootfs/usr/local/lib/modprobe.d - - cp /pkg/files/nvidia.conf /rootfs/usr/local/lib/modprobe.d/nvidia.conf - - cp -R /usr/lib/modules/* /rootfs/usr/lib/modules - test: - - | - mkdir -p /extensions-validator-rootfs - cp -r /rootfs/ /extensions-validator-rootfs/rootfs - cp /pkg/manifest.yaml /extensions-validator-rootfs/manifest.yaml - /extensions-validator validate --rootfs=/extensions-validator-rootfs --pkg-name="${PKG_NAME}" -finalize: - - from: /rootfs - to: /rootfs - - from: /pkg/manifest.yaml - to: / diff --git a/nvidia-gpu/nvidia-container-toolkit/DEVELOPMENT.md b/nvidia-gpu/nvidia-container-toolkit/DEVELOPMENT.md deleted file mode 100644 index 4971a722..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/DEVELOPMENT.md +++ /dev/null @@ -1,30 +0,0 @@ -# development - -This document is intended as a guide to updating the `nvidia-container-toolkit` dependencies. - -## Components - -### [nvidia-container-cli](./nvidia-container-cli/) - -`nvidia-container-cli` is called by the `nvidia-container-runtime` to setup the required NVIDIA library mounts and NVIDIA device files for a workload container - -### [nvidia-container-runtime](./nvidia-container-runtime/) - -`nvidia-container-runtime` is the runtime used by `containerd` to run workload containers. It's mostly a wrapper around `runc` - -It also ships a tool called `nvidia-container-runtime-hook` which is used to setup OCI hooks. - -### [glibc](./glibc/) - -`nvidia-container-cli` is fully dependent on `glibc` to be able to access the NVIDIA shared objects. - -## Updating the nvidia driver version - -- Update the driver version in `pkgs` repo [here](https://github.com/siderolabs/pkgs/blob/master/nonfree/kmod-nvidia/pkg.yaml) -- Update the driver version [here](../vars.yaml) -- Update the version checksums [here](./nvidia-pkgs/pkg.yaml) - -## Updating the nvidia-container-toolkit version - -- Update the `libnvidia-container` version checksums and `REVISION` [here](./nvidia-container-cli/pkg.yaml) -- Update the `container-toolkit` version checksums and `GIT_COMMIT` [here](./nvidia-container-runtime/pkg.yaml) diff --git a/nvidia-gpu/nvidia-container-toolkit/README.md b/nvidia-gpu/nvidia-container-toolkit/README.md deleted file mode 100644 index 57b501f1..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/README.md +++ /dev/null @@ -1,91 +0,0 @@ -# NVIDIA Container toolkit extension - - -## Installation - -See [Installing Extensions](https://github.com/siderolabs/extensions#installing-extensions). - - -## Usage - -The following NVIDIA modules needs to be loaded, so add this to the talos config: - -```yaml -machine: - kernel: - modules: - - name: nvidia - - name: nvidia_uvm - - name: nvidia_drm - - name: nvidia_modeset -``` - -`nvidia-container-cli` loads BPF programs and requires relaxed KSPP setting for [bpf_jit_harden](https://sysctl-explorer.net/net/core/bpf_jit_harden/), so Talos default setting -should be overridden: - -```yaml -machine: - sysctls: - net.core.bpf_jit_harden: 1 -``` - -> Warning! This disables [KSPP best practices](https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project/Recommended_Settings#sysctls) setting. - -## Testing - -Apply the following manifest to create a runtime class that uses the extension: - -```yaml ---- -apiVersion: node.k8s.io/v1 -kind: RuntimeClass -metadata: - name: nvidia -handler: nvidia -``` - -Install the NVIDIA device plugin: - -```bash -helm repo add nvdp https://nvidia.github.io/k8s-device-plugin -helm repo update -helm install nvidia-device-plugin nvdp/nvidia-device-plugin --version=0.14.1 --set=runtimeClassName=nvidia -``` - -Apply the following manifest to run CUDA pod via nvidia runtime: - -```yaml ---- -apiVersion: v1 -kind: Pod -metadata: - name: gpu-operator-test -spec: - restartPolicy: OnFailure - runtimeClassName: nvidia - containers: - - name: cuda-vector-add - image: "nvidia/samples:vectoradd-cuda11.6.0" - resources: - limits: - nvidia.com/gpu: 1 -``` - - -The status can be viewed by running: - -```bash -❯ kubectl get pods -NAME READY STATUS RESTARTS AGE -gpu-operator-test 0/1 Completed 0 13s -``` - -```bash -❯ kubectl logs gpu-operator-test -[Vector addition of 50000 elements] -Copy input data from the host memory to the CUDA device -CUDA kernel launch with 196 blocks of 256 threads -Copy output data from the CUDA device to the host memory -Test PASSED -Done -``` diff --git a/nvidia-gpu/nvidia-container-toolkit/lts/manifest.yaml b/nvidia-gpu/nvidia-container-toolkit/lts/manifest.yaml deleted file mode 100644 index a93c078a..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/lts/manifest.yaml +++ /dev/null @@ -1,10 +0,0 @@ -version: v1alpha1 -metadata: - name: nvidia-container-toolkit-lts - version: "$VERSION" - author: Sidero Labs - description: | - This system extension provides nvidia runtime and it's dependencies using NVIDIA's runtime handler. - compatibility: - talos: - version: ">= v1.2.0" diff --git a/nvidia-gpu/nvidia-container-toolkit/lts/vars.yaml b/nvidia-gpu/nvidia-container-toolkit/lts/vars.yaml deleted file mode 100644 index 38963327..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/lts/vars.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# the first part is the driver version and the second the container-toolkit version -VERSION: "{{ .NVIDIA_DRIVER_LTS_VERSION }}-{{ .CONTAINER_TOOLKIT_VERSION }}" diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/elfutils/pkg.yaml b/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/elfutils/pkg.yaml deleted file mode 100644 index 3dfd8289..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/elfutils/pkg.yaml +++ /dev/null @@ -1,46 +0,0 @@ -name: elfutils -variant: scratch -shell: /bin/bash -install: - - build-base - - bash - - m4 -dependencies: - - image: cgr.dev/chainguard/wolfi-base@{{ .WOLFI_BASE_REF }} - - stage: zlib - from: /rootfs -steps: - - sources: - - url: https://sourceware.org/elfutils/ftp/{{ .ELFUTILS_VERSION }}/elfutils-{{ .ELFUTILS_VERSION }}.tar.bz2 - destination: elfutils.tar.bz2 - sha256: {{ .ELFUTILS_SHA256 }} - sha512: {{ .ELFUTILS_SHA512 }} - prepare: - - | - tar -xjf elfutils.tar.bz2 --strip-components=1 - - mkdir build - cd build - - export CFLAGS="${CFLAGS} -I/usr/local/glibc/include/ -L/usr/local/glibc/lib" - - ../configure \ - --prefix=/usr/local/glibc \ - --with-zstd=no \ - --disable-libdebuginfod \ - --disable-debuginfod \ - CFLAGS="${CFLAGS} -fPIC -Wno-error" - build: - - | - cd build - - make -j $(nproc) - install: - - | - cd build - make DESTDIR=/rootfs install - # we only need the libs and headers, remove everything else - find /rootfs/usr/local/ -type d \( -name bin -o -name sbin -o -name share \) -prune -exec rm -rf {} \; -finalize: - - from: /rootfs - to: /rootfs diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/libcap2/pkg.yaml b/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/libcap2/pkg.yaml deleted file mode 100644 index 1e76e6e7..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/libcap2/pkg.yaml +++ /dev/null @@ -1,29 +0,0 @@ -name: libcap -variant: scratch -shell: /bin/bash -install: - - build-base - - bash - - patch -dependencies: - - image: cgr.dev/chainguard/wolfi-base@{{ .WOLFI_BASE_REF }} -steps: - - sources: - - url: https://kernel.org/pub/linux/libs/security/linux-privs/libcap2/libcap-{{ .LIBCAP_VERSION }}.tar.xz - destination: libcap.tar.xz - sha256: {{ .LIBCAP_SHA256 }} - sha512: {{ .LIBCAP_SHA512 }} - prepare: - - | - tar -xf libcap.tar.xz --strip-components=1 - build: - - | - make prefix=/usr/local/glibc lib=lib -j $(nproc) - install: - - | - make DESTDIR=/rootfs prefix=/usr/local lib=lib install - # we only need the libs and headers, remove everything else - find /rootfs/usr/local/ -type d \( -name bin -o -name sbin -o -name share \) -prune -exec rm -rf {} \; -finalize: - - from: /rootfs - to: /rootfs diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/libseccomp/pkg.yaml b/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/libseccomp/pkg.yaml deleted file mode 100644 index 38be45d9..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/libseccomp/pkg.yaml +++ /dev/null @@ -1,37 +0,0 @@ -name: libseccomp -variant: scratch -shell: /bin/bash -install: - - build-base - - bash - - gperf -dependencies: - - image: cgr.dev/chainguard/wolfi-base@{{ .WOLFI_BASE_REF }} -steps: - - sources: - - url: https://github.com/seccomp/libseccomp/releases/download/v{{ .LIBSECCOMP_VERSION }}/libseccomp-{{ .LIBSECCOMP_VERSION }}.tar.gz - destination: libseccomp.tar.gz - sha256: {{ .LIBSECCOMP_SHA256 }} - sha512: {{ .LIBSECCOMP_SHA512 }} - prepare: - - | - tar -xzf libseccomp.tar.gz --strip-components=1 - - mkdir build - cd build - - ../configure \ - --prefix=/usr/local/glibc - build: - - | - cd build - make -j $(nproc) - install: - - | - cd build - make install DESTDIR=/rootfs - # we only need the libs and headers, remove everything else - find /rootfs/usr/local/ -type d \( -name bin -o -name sbin -o -name share \) -prune -exec rm -rf {} \; -finalize: - - from: /rootfs - to: /rootfs diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/libtirpc/pkg.yaml b/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/libtirpc/pkg.yaml deleted file mode 100644 index 1b62b977..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/libtirpc/pkg.yaml +++ /dev/null @@ -1,35 +0,0 @@ - -name: libtirpc -variant: scratch -shell: /bin/bash -install: - - build-base - - bash - - autoconf -dependencies: - - image: cgr.dev/chainguard/wolfi-base@{{ .WOLFI_BASE_REF }} -steps: - - sources: - - url: https://src.fedoraproject.org/lookaside/extras/libtirpc/libtirpc-{{ .LIBTIRPC_VERSION | replace "-" "." }}.tar.bz2/sha512/df0781a74ff9ded2d3c4f5eb7e05496b9f58eac8060c02c68331dc14c4a00304dcd19f46836f5756fe0d9d27095fd463d42dd696fcdff891516711b7d63deabe/libtirpc-{{ .LIBTIRPC_VERSION | replace "-" "." }}.tar.bz2 - destination: libtirpc.tar.bz2 - sha256: {{ .LIBTIRPC_SHA256 }} - sha512: {{ .LIBTIRPC_SHA512 }} - prepare: - - | - tar -xf libtirpc.tar.bz2 --strip-components=1 - - ./configure \ - --prefix=/usr/local/glibc \ - --disable-gssapi - build: - - | - make -j $(nproc) - install: - - | - mkdir -p /rootfs - - make install DESTDIR=/rootfs - rm -rf /rootfs/usr/local/share/man -finalize: - - from: /rootfs - to: /rootfs diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/lts/pkg.yaml b/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/lts/pkg.yaml deleted file mode 100644 index 845934a4..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/lts/pkg.yaml +++ /dev/null @@ -1,70 +0,0 @@ -name: nvidia-container-cli-lts -variant: scratch -shell: /bin/bash -install: - - build-base - - bash - - go - - coreutils - - sed - - curl - - rpcsvc-proto - - patch -dependencies: - - image: cgr.dev/chainguard/wolfi-base@{{ .WOLFI_BASE_REF }} - # nvidia-pkgs depends on glibc, - # so any stage depending on nvidia-container-cli will have the updated ld.so.cache, - # from both nvidia-pkgs and nvidia-container-cli - - stage: nvidia-pkgs-lts - - stage: libseccomp - from: /rootfs - - stage: libcap - from: /rootfs - - stage: elfutils - from: /rootfs - - stage: zlib - from: /rootfs - - stage: libtirpc - from: /rootfs -steps: - - sources: - - url: https://github.com/NVIDIA/libnvidia-container/archive/refs/tags/{{ .LIBNVIDIA_CONTAINER_VERSION }}.tar.gz - destination: libnvidia-container.tar.gz - sha256: {{ .LIBNVIDIA_CONTAINER_SHA256 }} - sha512: {{ .LIBNVIDIA_CONTAINER_SHA512 }} - env: - SOURCE_DATE_EPOCH: {{ .BUILD_ARG_SOURCE_DATE_EPOCH }} - REVISION: {{ .LIBNVIDIA_CONTAINER_REF }} - LIB_VERSION: {{ .LIBNVIDIA_CONTAINER_VERSION | replace "v" "" }} - WITH_NVCGO: yes - WITH_LIBELF: yes - WITH_TIRPC: no # setting no means we'll use the system libtirpc - WITH_SECCOMP: yes - PKG_CONFIG_PATH: /usr/local/glibc/lib/pkgconfig # to find runtime libraries compiled in extensions (libseccomp) - PATH: "/usr/bin:{{ .PATH }}" # bldr doesn't have /usr/bin in PATH - prepare: - - | - mkdir libnvidia-container - tar -xzf libnvidia-container.tar.gz --strip-components=1 -C libnvidia-container - # FIXME: make downloads nvidia-modprobe - - network: default - build: - - | - cd libnvidia-container - - # LDLIBS=-L/usr/local/glibc/lib is set so that libnvidia-container-cli libs which are hardcoded as -llibname and not using pkg-config - CPPFLAGS="-I/usr/local/glibc/include/tirpc" LDLIBS="-L/usr/local/glibc/lib -ltirpc -lelf -lseccomp" LDFLAGS='-Wl,--rpath=\$$ORIGIN/../glibc/\$$LIB' make - - network: none - install: - - | - mkdir -p /rootfs - - cd libnvidia-container - - make install DESTDIR=/rootfs - - # run ldconfig to update the cache - /rootfs/usr/local/glibc/sbin/ldconfig -r /rootfs -finalize: - - from: /rootfs - to: /rootfs diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/production/pkg.yaml b/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/production/pkg.yaml deleted file mode 100644 index eb1acf94..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/production/pkg.yaml +++ /dev/null @@ -1,70 +0,0 @@ -name: nvidia-container-cli-production -variant: scratch -shell: /bin/bash -install: - - build-base - - bash - - go - - coreutils - - sed - - curl - - rpcsvc-proto - - patch -dependencies: - - image: cgr.dev/chainguard/wolfi-base@{{ .WOLFI_BASE_REF }} - # nvidia-pkgs depends on glibc, - # so any stage depending on nvidia-container-cli will have the updated ld.so.cache, - # from both nvidia-pkgs and nvidia-container-cli - - stage: nvidia-pkgs-production - - stage: libseccomp - from: /rootfs - - stage: libcap - from: /rootfs - - stage: elfutils - from: /rootfs - - stage: zlib - from: /rootfs - - stage: libtirpc - from: /rootfs -steps: - - sources: - - url: https://github.com/NVIDIA/libnvidia-container/archive/refs/tags/{{ .LIBNVIDIA_CONTAINER_VERSION }}.tar.gz - destination: libnvidia-container.tar.gz - sha256: {{ .LIBNVIDIA_CONTAINER_SHA256 }} - sha512: {{ .LIBNVIDIA_CONTAINER_SHA512 }} - env: - SOURCE_DATE_EPOCH: {{ .BUILD_ARG_SOURCE_DATE_EPOCH }} - REVISION: {{ .LIBNVIDIA_CONTAINER_REF }} - LIB_VERSION: {{ .LIBNVIDIA_CONTAINER_VERSION | replace "v" "" }} - WITH_NVCGO: yes - WITH_LIBELF: yes - WITH_TIRPC: no # setting no means we'll use the system libtirpc - WITH_SECCOMP: yes - PKG_CONFIG_PATH: /usr/local/glibc/lib/pkgconfig # to find runtime libraries compiled in extensions (libseccomp) - PATH: "/usr/bin:{{ .PATH }}" # bldr doesn't have /usr/bin in PATH - prepare: - - | - mkdir libnvidia-container - tar -xzf libnvidia-container.tar.gz --strip-components=1 -C libnvidia-container - # FIXME: make downloads nvidia-modprobe - - network: default - build: - - | - cd libnvidia-container - - # LDLIBS=-L/usr/local/glibc/lib is set so that libnvidia-container-cli libs which are hardcoded as -llibname and not using pkg-config - CPPFLAGS="-I/usr/local/glibc/include/tirpc" LDLIBS="-L/usr/local/glibc/lib -ltirpc -lelf -lseccomp" LDFLAGS='-Wl,--rpath=\$$ORIGIN/../glibc/\$$LIB' make - - network: none - install: - - | - mkdir -p /rootfs - - cd libnvidia-container - - make install DESTDIR=/rootfs - - # run ldconfig to update the cache - /rootfs/usr/local/glibc/sbin/ldconfig -r /rootfs -finalize: - - from: /rootfs - to: /rootfs diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/zlib/pkg.yaml b/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/zlib/pkg.yaml deleted file mode 100644 index 4cd6af65..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-cli/zlib/pkg.yaml +++ /dev/null @@ -1,35 +0,0 @@ -name: zlib -variant: scratch -shell: /bin/bash -install: - - build-base - - bash -dependencies: - - image: cgr.dev/chainguard/wolfi-base@{{ .WOLFI_BASE_REF }} -steps: - - sources: - - url: https://zlib.net/fossils/zlib-{{ .ZLIB_VERSION }}.tar.gz - destination: zlib.tar.gz - sha256: {{ .ZLIB_SHA256 }} - sha512: {{ .ZLIB_SHA512 }} - prepare: - - | - tar -xf zlib.tar.gz --strip-components=1 - mkdir build - cd build - - ../configure \ - --prefix=/usr/local/glibc - build: - - | - cd build - make -j $(nproc) - install: - - | - cd build - make DESTDIR=/rootfs install - # we only need the libs and headers, remove everything else - find /rootfs/usr/local/glibc -type d \( -name bin -o -name sbin -o -name share \) -prune -exec rm -rf {} \; -finalize: - - from: /rootfs - to: /rootfs diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime-wrapper/go.mod b/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime-wrapper/go.mod deleted file mode 100644 index 16766b1b..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime-wrapper/go.mod +++ /dev/null @@ -1,5 +0,0 @@ -module nvidia-container-runtime-wrapper - -go 1.23.0 - -require golang.org/x/sys v0.33.0 diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime-wrapper/main.go b/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime-wrapper/main.go deleted file mode 100644 index e4ba2177..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime-wrapper/main.go +++ /dev/null @@ -1,54 +0,0 @@ -// This Source Code Form is subject to the terms of the Mozilla Public -// License, v. 2.0. If a copy of the MPL was not distributed with this -// file, You can obtain one at http://mozilla.org/MPL/2.0/. - -package main - -import ( - "log" - "os" - "path/filepath" - - "golang.org/x/sys/unix" -) - -func main() { - cmdName := filepath.Base(os.Args[0]) - switch cmdName { - case - "nvidia-container-runtime", - "nvidia-container-runtime-hook", - "nvidia-container-runtime.cdi", - "nvidia-container-runtime.legacy", - "nvidia-container-toolkit", - "nvidia-ctk": - execCommand(cmdName, os.Args[1:]) - default: - log.Fatalf("nvidia-container-runtime-wrapper: unknown command %s\n", cmdName) - } -} - -func execCommand(cmdName string, args []string) { - environ := os.Environ() - environ = append(environ, "XDG_CONFIG_HOME=/usr/local/etc") - - realCmdName := cmdName + ".real" - - cmdArgs := []string{realCmdName} - - if cmdName == "nvidia-container-runtime-hook" { - cmdArgs = append( - cmdArgs, - "-config", - "/usr/local/etc/nvidia-container-runtime/config.toml", - ) - } - - cmdArgs = append(cmdArgs, args...) - - cmdFullPath := filepath.Join("/usr/local/bin", realCmdName) - - if err := unix.Exec(cmdFullPath, cmdArgs, environ); err != nil { - log.Fatalf("nvidia-container-runtime-wrapper: error execing %s %v\n", cmdFullPath, err) - } -} diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime-wrapper/pkg.yaml b/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime-wrapper/pkg.yaml deleted file mode 100644 index 81568254..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime-wrapper/pkg.yaml +++ /dev/null @@ -1,29 +0,0 @@ -name: nvidia-container-runtime-wrapper -variant: scratch -shell: /bin/bash -dependencies: - - stage: base -steps: - - env: - GOPATH: /tmp/go - - cachePaths: - - /.cache/go-build - - /tmp/go/pkg - - network: default - prepare: - - | - cp -r /pkg/* . - - | - go mod download - - network: none - build: - - | - CGO_ENABLED=0 go build -o nvidia-container-runtime-wrapper main.go - install: - - | - mkdir -p /rootfs/usr/local/bin - - cp nvidia-container-runtime-wrapper /rootfs/usr/local/bin/nvidia-container-runtime-wrapper -finalize: - - from: /rootfs - to: /rootfs diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime/10-nvidia-container-runtime.part b/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime/10-nvidia-container-runtime.part deleted file mode 100644 index 8e04a27f..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime/10-nvidia-container-runtime.part +++ /dev/null @@ -1,7 +0,0 @@ -[plugins."io.containerd.cri.v1.runtime".containerd.runtimes.nvidia] - privileged_without_host_devices = false - runtime_engine = "" - runtime_root = "" - runtime_type = "io.containerd.runc.v2" - [plugins."io.containerd.cri.v1.runtime".containerd.runtimes.nvidia.options] - BinaryName = "/usr/local/bin/nvidia-container-runtime" diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime/nvidia-container-runtime.toml b/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime/nvidia-container-runtime.toml deleted file mode 100644 index 91087fbc..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime/nvidia-container-runtime.toml +++ /dev/null @@ -1,15 +0,0 @@ -disable-require = false - -[nvidia-container-cli] -#root = "/run/nvidia/driver" -#path = "/usr/bin/nvidia-container-cli" -environment = [] -debug = "/var/log/nvidia-container-cli.log" -ldcache = "/usr/local/glibc/etc/ld.so.cache" -ldconfig = "@/usr/local/glibc/sbin/ldconfig" -load-kmods = false -user = "0:0" -#no-cgroups = false - -[nvidia-container-runtime] -debug = "/var/log/nvidia-container-runtime.log" diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime/patches/ldcache_path.patch b/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime/patches/ldcache_path.patch deleted file mode 100644 index c3730b61..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime/patches/ldcache_path.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git internal/ldcache/ldcache.go internal/ldcache/ldcache.go -index 5493dc3..9c86e41 100644 ---- internal/ldcache/ldcache.go -+++ internal/ldcache/ldcache.go -@@ -32,7 +32,7 @@ import ( - log "github.com/sirupsen/logrus" - ) - --const ldcachePath = "/etc/ld.so.cache" -+const ldcachePath = "/usr/local/glibc/etc/ld.so.cache" - - const ( - magicString1 = "ld.so-1.7.0" diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime/pkg.yaml b/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime/pkg.yaml deleted file mode 100644 index 454664f4..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime/pkg.yaml +++ /dev/null @@ -1,60 +0,0 @@ -name: nvidia-container-runtime -variant: scratch -shell: /bin/bash -install: - - build-base - - bash - - go - - patch -dependencies: - - image: cgr.dev/chainguard/wolfi-base@{{ .WOLFI_BASE_REF }} -steps: - - sources: - - url: https://github.com/NVIDIA/nvidia-container-toolkit/archive/refs/tags/{{ .CONTAINER_TOOLKIT_VERSION }}.tar.gz - destination: container-toolkit.tar.gz - sha256: {{ .CONTAINER_TOOLKIT_SHA256 }} - sha512: {{ .CONTAINER_TOOLKIT_SHA512 }} - env: - GIT_COMMIT: {{ substr 0 7 .CONTAINER_TOOLKIT_REF }} # build is using short sha - prepare: - - | - mkdir -p container-toolkit - tar -xzf container-toolkit.tar.gz --strip-components=1 -C container-toolkit - - cd container-toolkit - patch -p0 < /pkg/patches/ldcache_path.patch - build: - - | - cd container-toolkit - - make cmds - install: - - | - mkdir -p /rootfs/usr/local/bin - - cd container-toolkit - - # let's copy all built binaries suffixing them with .real - # the wrapper binary will call the real binary with the same name - for file in $(find . -maxdepth 1 -type f -executable); do - clean_file=$(basename $file) - - # oci-nvidia-hook is a shell script calling nvidia-container-runtime-hook - if [[ $clean_file == "oci-nvidia-hook" ]]; then - ln -sv nvidia-container-runtime-hook /rootfs/usr/local/bin/$clean_file - - continue - fi - - ln -sv nvidia-container-runtime-wrapper /rootfs/usr/local/bin/$(basename $clean_file) - cp $clean_file /rootfs/usr/local/bin/$(basename $clean_file).real - done - - | - mkdir -p /rootfs/etc/cri/conf.d - cp /pkg/10-nvidia-container-runtime.part /rootfs/etc/cri/conf.d/10-nvidia-container-runtime.part - - mkdir -p /rootfs/usr/local/etc/nvidia-container-runtime - cp /pkg/nvidia-container-runtime.toml /rootfs/usr/local/etc/nvidia-container-runtime/config.toml -finalize: - - from: /rootfs - to: /rootfs diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-persistenced-wrapper/go.sum b/nvidia-gpu/nvidia-container-toolkit/nvidia-persistenced-wrapper/go.sum deleted file mode 100644 index 9e6ab4c0..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-persistenced-wrapper/go.sum +++ /dev/null @@ -1,2 +0,0 @@ -golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw= -golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-pkgs/lts/files/15-nvidia-device.rules b/nvidia-gpu/nvidia-container-toolkit/nvidia-pkgs/lts/files/15-nvidia-device.rules deleted file mode 100644 index 9277b3cb..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-pkgs/lts/files/15-nvidia-device.rules +++ /dev/null @@ -1,5 +0,0 @@ -# This will create the device nvidia device nodes -ACTION=="add", DEVPATH=="/bus/pci/drivers/nvidia", RUN+="/usr/local/bin/nvidia-modprobe -c 0" - -# Create the device node for the nvidia-uvm module -ACTION=="add", DEVPATH=="/module/nvidia_uvm", SUBSYSTEM=="module", RUN+="/usr/local/bin/nvidia-modprobe -c 0 -u" diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-pkgs/lts/pkg.yaml b/nvidia-gpu/nvidia-container-toolkit/nvidia-pkgs/lts/pkg.yaml deleted file mode 100644 index 3a5cde2f..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-pkgs/lts/pkg.yaml +++ /dev/null @@ -1,98 +0,0 @@ -name: nvidia-pkgs-lts -variant: scratch -shell: /bin/bash -install: - - bash -dependencies: - - image: cgr.dev/chainguard/wolfi-base@{{ .WOLFI_BASE_REF }} - # depends on glibc to update ld.so.cache - # so any stage depending on nvidia-pkgs will have the updated cache - - stage: glibc -steps: - - sources: - # {{ if eq .ARCH "aarch64" }} This in fact is YAML comment, but Go templating instruction is evaluated by bldr - - url: https://developer.download.nvidia.com/compute/nvidia-driver/redist/nvidia_driver/linux-sbsa/nvidia_driver-linux-sbsa-{{ .NVIDIA_DRIVER_LTS_VERSION }}-archive.tar.xz - destination: nvidia.tar.xz - sha256: {{ .NVIDIA_PKGS_LTS_ARM64_SHA256 }} - sha512: {{ .NVIDIA_PKGS_LTS_ARM64_SHA512 }} - # {{ else }} This in fact is YAML comment, but Go templating instruction is evaluated by bldr - - url: https://developer.download.nvidia.com/compute/nvidia-driver/redist/nvidia_driver/linux-x86_64/nvidia_driver-linux-x86_64-{{ .NVIDIA_DRIVER_LTS_VERSION }}-archive.tar.xz - destination: nvidia.tar.xz - sha256: {{ .NVIDIA_PKGS_LTS_AMD64_SHA256 }} - sha512: {{ .NVIDIA_PKGS_LTS_AMD64_SHA512 }} - # {{ end }} This in fact is YAML comment, but Go templating instruction is evaluated by bldr - prepare: - - | - # the nvidia installer validates these packages are installed - ln -s /bin/true /bin/modprobe - ln -s /bin/true /bin/rmmod - ln -s /bin/true /bin/lsmod - ln -s /bin/true /bin/depmod - - tar xf nvidia.tar.xz --strip-components=1 - install: - - | - mkdir -p assets/{html,libglvnd_install_checker} - - cp -r bin/* assets/ - cp CHANGELOG assets/NVIDIA_Changelog - cp -r docs/* assets/html/ - cp -r etc/* assets/ - cp -r firmware assets/ - cp -r lib/* assets/ - cp LICENSE assets/ - cp -r man/man1/* assets/ - cp MANIFEST assets/.manifest - cp README assets/README.txt - cp -r sbin/* assets/ - cp -r share/* assets/ - cp -r supported-gpus assets/ - cp -r systemd assets/ - cp -r tests/glvnd/* assets/libglvnd_install_checker - # {{ if eq .ARCH "x86_64" }}cp -r wine/* assets/{{ end }} - - cd assets - - ./nvidia-installer --silent \ - --opengl-prefix=/rootfs/usr/local \ - --utility-prefix=/rootfs/usr/local \ - --utility-libdir=glibc/lib \ - --documentation-prefix=/rootfs/usr/local \ - --no-rpms \ - --no-kernel-modules \ - --log-file-name=/tmp/nvidia-installer.log \ - --no-distro-scripts \ - --no-wine-files \ - --no-kernel-module-source \ - --no-check-for-alternate-installs \ - --override-file-type-destination=NVIDIA_MODPROBE:/rootfs/usr/local/bin \ - --override-file-type-destination=FIRMWARE:/rootfs/usr/lib/firmware/nvidia/{{ .NVIDIA_DRIVER_LTS_VERSION }} \ - --no-systemd \ - # {{ if eq .ARCH "x86_64" }}--no-install-compat32-libs{{ end }} - - # copy vulkan/OpenGL json files - mkdir -p /rootfs/{etc/vulkan,usr/share/{glvnd,egl}} - - cp -r /usr/share/glvnd/* /rootfs/usr/share/glvnd - cp -r /usr/share/egl/* /rootfs/usr/share/egl - cp -r /etc/vulkan/* /rootfs/etc/vulkan - - # mv over files from /usr/local/lib -> /usr/local/glibc/lib - mv /rootfs/usr/local/lib/* /rootfs/usr/local/glibc/lib/ - - # copy xorg files - mkdir -p /rootfs/usr/local/glibc/lib/nvidia/xorg - find /usr/lib/xorg/modules -type f -exec cp {} /rootfs/usr/local/glibc/lib/nvidia/xorg \; - - # run ldconfig to update the cache - /rootfs/usr/local/glibc/sbin/ldconfig -r /rootfs - - mkdir -p /rootfs/usr/local/lib/containers/nvidia-persistenced \ - /rootfs/usr/local/etc/containers \ - /rootfs/usr/lib/udev/rules.d - - # copy udev rule - cp /pkg/files/15-nvidia-device.rules /rootfs/usr/lib/udev/rules.d -finalize: - - from: /rootfs - to: /rootfs diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-pkgs/production/files/15-nvidia-device.rules b/nvidia-gpu/nvidia-container-toolkit/nvidia-pkgs/production/files/15-nvidia-device.rules deleted file mode 100644 index 9277b3cb..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-pkgs/production/files/15-nvidia-device.rules +++ /dev/null @@ -1,5 +0,0 @@ -# This will create the device nvidia device nodes -ACTION=="add", DEVPATH=="/bus/pci/drivers/nvidia", RUN+="/usr/local/bin/nvidia-modprobe -c 0" - -# Create the device node for the nvidia-uvm module -ACTION=="add", DEVPATH=="/module/nvidia_uvm", SUBSYSTEM=="module", RUN+="/usr/local/bin/nvidia-modprobe -c 0 -u" diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-pkgs/production/pkg.yaml b/nvidia-gpu/nvidia-container-toolkit/nvidia-pkgs/production/pkg.yaml deleted file mode 100644 index bd11cde7..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-pkgs/production/pkg.yaml +++ /dev/null @@ -1,96 +0,0 @@ -name: nvidia-pkgs-production -variant: scratch -shell: /bin/bash -install: - - bash -dependencies: - - image: cgr.dev/chainguard/wolfi-base@{{ .WOLFI_BASE_REF }} - # depends on glibc to update ld.so.cache - # so any stage depending on nvidia-pkgs will have the updated cache - - stage: glibc -steps: - - sources: - # {{ if eq .ARCH "aarch64" }} This in fact is YAML comment, but Go templating instruction is evaluated by bldr - - url: https://developer.download.nvidia.com/compute/nvidia-driver/redist/nvidia_driver/linux-sbsa/nvidia_driver-linux-sbsa-{{ .NVIDIA_DRIVER_PRODUCTION_VERSION }}-archive.tar.xz - destination: nvidia.tar.xz - sha256: {{ .NVIDIA_PKGS_PRODUCTION_ARM64_SHA256 }} - sha512: {{ .NVIDIA_PKGS_PRODUCTION_ARM64_SHA512 }} - # {{ else }} This in fact is YAML comment, but Go templating instruction is evaluated by bldr - - url: https://developer.download.nvidia.com/compute/nvidia-driver/redist/nvidia_driver/linux-x86_64/nvidia_driver-linux-x86_64-{{ .NVIDIA_DRIVER_PRODUCTION_VERSION }}-archive.tar.xz - destination: nvidia.tar.xz - sha256: {{ .NVIDIA_PKGS_PRODUCTION_AMD64_SHA256 }} - sha512: {{ .NVIDIA_PKGS_PRODUCTION_AMD64_SHA512 }} - # {{ end }} This in fact is YAML comment, but Go templating instruction is evaluated by bldr - prepare: - - | - # the nvidia installer validates these packages are installed - ln -s /bin/true /bin/modprobe - ln -s /bin/true /bin/rmmod - ln -s /bin/true /bin/lsmod - ln -s /bin/true /bin/depmod - - tar xf nvidia.tar.xz --strip-components=1 - install: - - | - mkdir -p assets/html - - cp -r bin/* assets/ - cp CHANGELOG assets/NVIDIA_Changelog - cp -r docs/* assets/html/ - cp -r etc/* assets/ - cp -r firmware assets/ - cp -r lib/* assets/ - cp LICENSE assets/ - cp -r man/man1/* assets/ - cp MANIFEST assets/.manifest - cp README assets/README.txt - cp -r sbin/* assets/ - cp -r share/* assets/ - cp -r supported-gpus assets/ - cp -r systemd assets/ - # {{ if eq .ARCH "x86_64" }}cp -r wine/* assets/{{ end }} - - cd assets - - ./nvidia-installer --silent \ - --opengl-prefix=/rootfs/usr/local \ - --utility-prefix=/rootfs/usr/local \ - --utility-libdir=glibc/lib \ - --documentation-prefix=/rootfs/usr/local \ - --no-rpms \ - --no-kernel-modules \ - --log-file-name=/tmp/nvidia-installer.log \ - --no-distro-scripts \ - --no-wine-files \ - --no-kernel-module-source \ - --no-check-for-alternate-installs \ - --override-file-type-destination=NVIDIA_MODPROBE:/rootfs/usr/local/bin \ - --override-file-type-destination=FIRMWARE:/rootfs/usr/lib/firmware/nvidia/{{ .NVIDIA_DRIVER_PRODUCTION_VERSION }} \ - --no-systemd - - # copy vulkan/OpenGL json files - mkdir -p /rootfs/{etc/vulkan,usr/share/{glvnd,egl}} - - cp -r /usr/share/glvnd/* /rootfs/usr/share/glvnd - cp -r /usr/share/egl/* /rootfs/usr/share/egl - cp -r /etc/vulkan/* /rootfs/etc/vulkan - - # mv over files from /usr/local/lib -> /usr/local/glibc/lib - mv /rootfs/usr/local/lib/* /rootfs/usr/local/glibc/lib/ - - # copy xorg files - mkdir -p /rootfs/usr/local/glibc/lib/nvidia/xorg - find /usr/lib/xorg/modules -type f -exec cp {} /rootfs/usr/local/glibc/lib/nvidia/xorg \; - - # run ldconfig to update the cache - /rootfs/usr/local/glibc/sbin/ldconfig -r /rootfs - - mkdir -p /rootfs/usr/local/lib/containers/nvidia-persistenced \ - /rootfs/usr/local/etc/containers \ - /rootfs/usr/lib/udev/rules.d - - # copy udev rule - cp /pkg/files/15-nvidia-device.rules /rootfs/usr/lib/udev/rules.d -finalize: - - from: /rootfs - to: /rootfs diff --git a/nvidia-gpu/nvidia-container-toolkit/production/manifest.yaml b/nvidia-gpu/nvidia-container-toolkit/production/manifest.yaml deleted file mode 100644 index 49fc70ab..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/production/manifest.yaml +++ /dev/null @@ -1,10 +0,0 @@ -version: v1alpha1 -metadata: - name: nvidia-container-toolkit-production - version: "$VERSION" - author: Sidero Labs - description: | - This system extension provides nvidia runtime and it's dependencies using NVIDIA's runtime handler. - compatibility: - talos: - version: ">= v1.2.0" diff --git a/nvidia-gpu/nvidia-container-toolkit/production/vars.yaml b/nvidia-gpu/nvidia-container-toolkit/production/vars.yaml deleted file mode 100644 index 58e7f164..00000000 --- a/nvidia-gpu/nvidia-container-toolkit/production/vars.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# the first part is the driver version and the second the container-toolkit version -VERSION: "{{ .NVIDIA_DRIVER_PRODUCTION_VERSION }}-{{ .CONTAINER_TOOLKIT_VERSION }}" diff --git a/nvidia-gpu/nvidia-driver-proprietary/kernel-modules/lts/pkg.yaml b/nvidia-gpu/nvidia-driver-proprietary/kernel-modules/lts/pkg.yaml new file mode 100644 index 00000000..5b6999e1 --- /dev/null +++ b/nvidia-gpu/nvidia-driver-proprietary/kernel-modules/lts/pkg.yaml @@ -0,0 +1,16 @@ +name: nvidia-proprietary-gpu-kernel-modules-lts +variant: scratch +shell: /bin/bash +dependencies: + - stage: base + # The pkgs version for a particular release of Talos as defined in + # https://github.com/siderolabs/talos/blob//pkg/machinery/gendata/data/pkgs + - image: "{{ .BUILD_ARG_PKGS_PREFIX }}/nonfree-kmod-nvidia-lts-pkg:{{ .BUILD_ARG_PKGS }}" +steps: + - install: + - | + mkdir -p /rootfs/usr/lib/modules + cp -R /usr/lib/modules/* /rootfs/usr/lib/modules +finalize: + - from: /rootfs + to: /rootfs diff --git a/nvidia-gpu/nvidia-driver-proprietary/kernel-modules/production/pkg.yaml b/nvidia-gpu/nvidia-driver-proprietary/kernel-modules/production/pkg.yaml new file mode 100644 index 00000000..f24b1331 --- /dev/null +++ b/nvidia-gpu/nvidia-driver-proprietary/kernel-modules/production/pkg.yaml @@ -0,0 +1,16 @@ +name: nvidia-proprietary-gpu-kernel-modules-production +variant: scratch +shell: /bin/bash +dependencies: + - stage: base + # The pkgs version for a particular release of Talos as defined in + # https://github.com/siderolabs/talos/blob//pkg/machinery/gendata/data/pkgs + - image: "{{ .BUILD_ARG_PKGS_PREFIX }}/nonfree-kmod-nvidia-production-pkg:{{ .BUILD_ARG_PKGS }}" +steps: + - install: + - | + mkdir -p /rootfs/usr/lib/modules + cp -R /usr/lib/modules/* /rootfs/usr/lib/modules +finalize: + - from: /rootfs + to: /rootfs diff --git a/nvidia-gpu/nvidia-driver-proprietary/lts/manifest.yaml b/nvidia-gpu/nvidia-driver-proprietary/lts/manifest.yaml new file mode 100644 index 00000000..782bc0ee --- /dev/null +++ b/nvidia-gpu/nvidia-driver-proprietary/lts/manifest.yaml @@ -0,0 +1,12 @@ +version: v1alpha1 +metadata: + name: nvidia-driver-proprietary-lts + version: "$VERSION" + author: Jean-Francois Roy + description: | + This system extension provides the NVIDIA proprietary GPU kernel modules and matching userspace + drivers, LTS version. It depends on the glibc extension. NVIDIA recommends using the open-source + GPU kernel modules on supported architectures. + compatibility: + talos: + version: ">= v1.8.0" diff --git a/nvidia-gpu/nvidia-container-toolkit/lts/nvidia-persistenced.yaml b/nvidia-gpu/nvidia-driver-proprietary/lts/nvidia-driver.yaml similarity index 70% rename from nvidia-gpu/nvidia-container-toolkit/lts/nvidia-persistenced.yaml rename to nvidia-gpu/nvidia-driver-proprietary/lts/nvidia-driver.yaml index ffd99967..d88fec6d 100644 --- a/nvidia-gpu/nvidia-container-toolkit/lts/nvidia-persistenced.yaml +++ b/nvidia-gpu/nvidia-driver-proprietary/lts/nvidia-driver.yaml @@ -1,7 +1,6 @@ -# https://download.nvidia.com/XFree86/Linux-x86_64/515.65.01/README/nvidia-persistenced.html -name: nvidia-persistenced +name: nvidia-driver container: - entrypoint: /usr/local/bin/nvidia-persistenced-wrapper + entrypoint: /nvidia-driver mounts: # device files - source: /dev @@ -25,13 +24,21 @@ container: options: - bind - ro - # nvidia libraries - - source: /usr/local/lib - destination: /usr/local/lib + # nvidia driver source + - source: /usr/local/glibc + destination: /usr/local/glibc type: bind options: - bind - ro + # nvidia driver destination + - source: /run/nvidia + destination: /run/nvidia + type: bind + options: + - rshared + - rbind + - rw # service state file - source: /var/run destination: /var/run @@ -40,13 +47,6 @@ container: - rshared - rbind - rw - # binaries - - source: /usr/local/bin - destination: /usr/local/bin - type: bind - options: - - bind - - ro depends: - service: cri # we need to depend on udevd so that the nvidia device files are created diff --git a/nvidia-gpu/nvidia-container-toolkit/lts/pkg.yaml b/nvidia-gpu/nvidia-driver-proprietary/lts/pkg.yaml similarity index 61% rename from nvidia-gpu/nvidia-container-toolkit/lts/pkg.yaml rename to nvidia-gpu/nvidia-driver-proprietary/lts/pkg.yaml index 0cbf9218..87304ef0 100644 --- a/nvidia-gpu/nvidia-container-toolkit/lts/pkg.yaml +++ b/nvidia-gpu/nvidia-driver-proprietary/lts/pkg.yaml @@ -1,17 +1,12 @@ -name: nvidia-container-toolkit-lts +name: nvidia-driver-proprietary-lts variant: scratch shell: /bin/bash dependencies: - stage: base - - stage: nvidia-container-cli-lts - - stage: elfutils - - stage: zlib - - stage: libcap - - stage: libseccomp - - stage: libtirpc - - stage: nvidia-container-runtime - - stage: nvidia-container-runtime-wrapper - - stage: nvidia-persistenced-wrapper + - stage: nvidia-driver-common + - stage: nvidia-driver-service + - stage: nvidia-driver-userspace-lts + - stage: nvidia-proprietary-gpu-kernel-modules-lts steps: - prepare: - | @@ -19,7 +14,7 @@ steps: install: - | mkdir -p /rootfs/usr/local/etc/containers - cp /pkg/nvidia-persistenced.yaml /rootfs/usr/local/etc/containers/nvidia-persistenced.yaml + cp /pkg/nvidia-driver.yaml /rootfs/usr/local/etc/containers/ test: - | mkdir -p /extensions-validator-rootfs diff --git a/nvidia-gpu/nonfree/kmod-nvidia/lts/vars.yaml b/nvidia-gpu/nvidia-driver-proprietary/lts/vars.yaml similarity index 100% rename from nvidia-gpu/nonfree/kmod-nvidia/lts/vars.yaml rename to nvidia-gpu/nvidia-driver-proprietary/lts/vars.yaml diff --git a/nvidia-gpu/nvidia-driver-proprietary/production/manifest.yaml b/nvidia-gpu/nvidia-driver-proprietary/production/manifest.yaml new file mode 100644 index 00000000..87ce9ddb --- /dev/null +++ b/nvidia-gpu/nvidia-driver-proprietary/production/manifest.yaml @@ -0,0 +1,12 @@ +version: v1alpha1 +metadata: + name: nvidia-driver-proprietary-production + version: "$VERSION" + author: Jean-Francois Roy + description: | + This system extension provides the NVIDIA proprietary GPU kernel modules and matching userspace + drivers, production version. It depends on the glibc extension. NVIDIA recommends using the + open-source GPU kernel modules on supported architectures. + compatibility: + talos: + version: ">= v1.8.0" diff --git a/nvidia-gpu/nvidia-driver-proprietary/production/nvidia-driver.yaml b/nvidia-gpu/nvidia-driver-proprietary/production/nvidia-driver.yaml new file mode 100644 index 00000000..c1421693 --- /dev/null +++ b/nvidia-gpu/nvidia-driver-proprietary/production/nvidia-driver.yaml @@ -0,0 +1,50 @@ +name: nvidia-driver +container: + entrypoint: /nvidia-driver + mounts: + # device files + - source: /dev + destination: /dev + type: bind + options: + - rshared + - rbind + - rw + # glibc dynamic linker + - source: /lib64 + destination: /lib64 + type: bind + options: + - bind + - ro + # glibc root, which includes the nvidia driver userspace components + - source: /usr/local/glibc + destination: /usr/local/glibc + type: bind + options: + - bind + - ro + # nvidia driver destination + - source: /run/nvidia + destination: /run/nvidia + type: bind + options: + - rshared + - rbind + - rw + # service state file + - source: /var/run + destination: /var/run + type: bind + options: + - rshared + - rbind + - rw + security: + rootfsPropagation: shared +depends: + - service: cri + # we need to depend on udevd so that the nvidia device files are created + - service: udevd + - path: /sys/bus/pci/drivers/nvidia +restart: always diff --git a/nvidia-gpu/nvidia-container-toolkit/production/pkg.yaml b/nvidia-gpu/nvidia-driver-proprietary/production/pkg.yaml similarity index 60% rename from nvidia-gpu/nvidia-container-toolkit/production/pkg.yaml rename to nvidia-gpu/nvidia-driver-proprietary/production/pkg.yaml index 41dbcb5e..16c654a6 100644 --- a/nvidia-gpu/nvidia-container-toolkit/production/pkg.yaml +++ b/nvidia-gpu/nvidia-driver-proprietary/production/pkg.yaml @@ -1,17 +1,12 @@ -name: nvidia-container-toolkit-production +name: nvidia-driver-proprietary-production variant: scratch shell: /bin/bash dependencies: - stage: base - - stage: nvidia-container-cli-production - - stage: elfutils - - stage: zlib - - stage: libcap - - stage: libseccomp - - stage: libtirpc - - stage: nvidia-container-runtime - - stage: nvidia-container-runtime-wrapper - - stage: nvidia-persistenced-wrapper + - stage: nvidia-driver-common + - stage: nvidia-driver-service + - stage: nvidia-driver-userspace-production + - stage: nvidia-proprietary-gpu-kernel-modules-production steps: - prepare: - | @@ -19,7 +14,7 @@ steps: install: - | mkdir -p /rootfs/usr/local/etc/containers - cp /pkg/nvidia-persistenced.yaml /rootfs/usr/local/etc/containers/nvidia-persistenced.yaml + cp /pkg/nvidia-driver.yaml /rootfs/usr/local/etc/containers/ test: - | mkdir -p /extensions-validator-rootfs diff --git a/nvidia-gpu/nonfree/kmod-nvidia/production/vars.yaml b/nvidia-gpu/nvidia-driver-proprietary/production/vars.yaml similarity index 100% rename from nvidia-gpu/nonfree/kmod-nvidia/production/vars.yaml rename to nvidia-gpu/nvidia-driver-proprietary/production/vars.yaml diff --git a/nvidia-gpu/nonfree/kmod-nvidia/lts/files/nvidia.conf b/nvidia-gpu/nvidia-driver/common/files/nvidia.conf similarity index 77% rename from nvidia-gpu/nonfree/kmod-nvidia/lts/files/nvidia.conf rename to nvidia-gpu/nvidia-driver/common/files/nvidia.conf index 62b5f931..021b91c2 100644 --- a/nvidia-gpu/nonfree/kmod-nvidia/lts/files/nvidia.conf +++ b/nvidia-gpu/nvidia-driver/common/files/nvidia.conf @@ -1,4 +1,5 @@ blacklist nvidia blacklist nvidia_uvm -blacklist nvidia_drm blacklist nvidia_modeset +blacklist nvidia_peermem +blacklist nvidia_drm diff --git a/nvidia-gpu/nvidia-driver/common/pkg.yaml b/nvidia-gpu/nvidia-driver/common/pkg.yaml new file mode 100644 index 00000000..7fda7f31 --- /dev/null +++ b/nvidia-gpu/nvidia-driver/common/pkg.yaml @@ -0,0 +1,13 @@ +name: nvidia-driver-common +variant: scratch +shell: /bin/bash +dependencies: + - stage: base +steps: + - install: + - | + mkdir -p /rootfs/usr/local/lib/modprobe.d + cp /pkg/files/nvidia.conf /rootfs/usr/local/lib/modprobe.d/nvidia.conf +finalize: + - from: /rootfs + to: /rootfs diff --git a/nvidia-gpu/nvidia-driver/kernel-modules/lts/pkg.yaml b/nvidia-gpu/nvidia-driver/kernel-modules/lts/pkg.yaml new file mode 100644 index 00000000..e56a4215 --- /dev/null +++ b/nvidia-gpu/nvidia-driver/kernel-modules/lts/pkg.yaml @@ -0,0 +1,16 @@ +name: nvidia-open-gpu-kernel-modules-lts +variant: scratch +shell: /bin/bash +dependencies: + - stage: base + # The pkgs version for a particular release of Talos as defined in + # https://github.com/siderolabs/talos/blob//pkg/machinery/gendata/data/pkgs + - image: "{{ .BUILD_ARG_PKGS_PREFIX }}/nvidia-open-gpu-kernel-modules-lts-pkg:{{ .BUILD_ARG_PKGS }}" +steps: + - install: + - | + mkdir -p /rootfs/usr/lib/modules + cp -R /usr/lib/modules/* /rootfs/usr/lib/modules +finalize: + - from: /rootfs + to: /rootfs diff --git a/nvidia-gpu/nvidia-driver/kernel-modules/production/pkg.yaml b/nvidia-gpu/nvidia-driver/kernel-modules/production/pkg.yaml new file mode 100644 index 00000000..53d94546 --- /dev/null +++ b/nvidia-gpu/nvidia-driver/kernel-modules/production/pkg.yaml @@ -0,0 +1,16 @@ +name: nvidia-open-gpu-kernel-modules-production +variant: scratch +shell: /bin/bash +dependencies: + - stage: base + # The pkgs version for a particular release of Talos as defined in + # https://github.com/siderolabs/talos/blob//pkg/machinery/gendata/data/pkgs + - image: "{{ .BUILD_ARG_PKGS_PREFIX }}/nvidia-open-gpu-kernel-modules-production-pkg:{{ .BUILD_ARG_PKGS }}" +steps: + - install: + - | + mkdir -p /rootfs/usr/lib/modules + cp -R /usr/lib/modules/* /rootfs/usr/lib/modules +finalize: + - from: /rootfs + to: /rootfs diff --git a/nvidia-gpu/nvidia-driver/lts/manifest.yaml b/nvidia-gpu/nvidia-driver/lts/manifest.yaml new file mode 100644 index 00000000..fb563f1f --- /dev/null +++ b/nvidia-gpu/nvidia-driver/lts/manifest.yaml @@ -0,0 +1,11 @@ +version: v1alpha1 +metadata: + name: nvidia-driver-lts + version: "$VERSION" + author: Jean-Francois Roy + description: | + This system extension provides the NVIDIA open-source GPU kernel modules and matching userspace + drivers, LTS version. It depends on the glibc extension. + compatibility: + talos: + version: ">= v1.8.0" diff --git a/nvidia-gpu/nvidia-container-toolkit/production/nvidia-persistenced.yaml b/nvidia-gpu/nvidia-driver/lts/nvidia-driver.yaml similarity index 70% rename from nvidia-gpu/nvidia-container-toolkit/production/nvidia-persistenced.yaml rename to nvidia-gpu/nvidia-driver/lts/nvidia-driver.yaml index ffd99967..d88fec6d 100644 --- a/nvidia-gpu/nvidia-container-toolkit/production/nvidia-persistenced.yaml +++ b/nvidia-gpu/nvidia-driver/lts/nvidia-driver.yaml @@ -1,7 +1,6 @@ -# https://download.nvidia.com/XFree86/Linux-x86_64/515.65.01/README/nvidia-persistenced.html -name: nvidia-persistenced +name: nvidia-driver container: - entrypoint: /usr/local/bin/nvidia-persistenced-wrapper + entrypoint: /nvidia-driver mounts: # device files - source: /dev @@ -25,13 +24,21 @@ container: options: - bind - ro - # nvidia libraries - - source: /usr/local/lib - destination: /usr/local/lib + # nvidia driver source + - source: /usr/local/glibc + destination: /usr/local/glibc type: bind options: - bind - ro + # nvidia driver destination + - source: /run/nvidia + destination: /run/nvidia + type: bind + options: + - rshared + - rbind + - rw # service state file - source: /var/run destination: /var/run @@ -40,13 +47,6 @@ container: - rshared - rbind - rw - # binaries - - source: /usr/local/bin - destination: /usr/local/bin - type: bind - options: - - bind - - ro depends: - service: cri # we need to depend on udevd so that the nvidia device files are created diff --git a/nvidia-gpu/nonfree/kmod-nvidia/lts/pkg.yaml b/nvidia-gpu/nvidia-driver/lts/pkg.yaml similarity index 50% rename from nvidia-gpu/nonfree/kmod-nvidia/lts/pkg.yaml rename to nvidia-gpu/nvidia-driver/lts/pkg.yaml index 27f67c32..c5f2035c 100644 --- a/nvidia-gpu/nonfree/kmod-nvidia/lts/pkg.yaml +++ b/nvidia-gpu/nvidia-driver/lts/pkg.yaml @@ -1,23 +1,20 @@ -name: nonfree-kmod-nvidia-lts +name: nvidia-driver-lts variant: scratch shell: /bin/bash dependencies: - - stage: base -# The pkgs version for a particular release of Talos as defined in -# https://github.com/siderolabs/talos/blob//pkg/machinery/gendata/data/pkgs - - image: "{{ .BUILD_ARG_PKGS_PREFIX }}/nonfree-kmod-nvidia-lts-pkg:{{ .BUILD_ARG_PKGS }}" + - stage: base + - stage: nvidia-driver-common + - stage: nvidia-driver-service + - stage: nvidia-driver-userspace-lts + - stage: nvidia-open-gpu-kernel-modules-lts steps: - prepare: - | sed -i 's#$VERSION#{{ .VERSION }}#' /pkg/manifest.yaml - - install: + install: - | - mkdir -p /rootfs/usr/lib/modules \ - /rootfs/usr/local/lib/modprobe.d - - cp /pkg/files/nvidia.conf /rootfs/usr/local/lib/modprobe.d/nvidia.conf - - cp -R /usr/lib/modules/* /rootfs/usr/lib/modules + mkdir -p /rootfs/usr/local/etc/containers + cp /pkg/nvidia-driver.yaml /rootfs/usr/local/etc/containers/ test: - | mkdir -p /extensions-validator-rootfs diff --git a/nvidia-gpu/nvidia-modules/lts/vars.yaml b/nvidia-gpu/nvidia-driver/lts/vars.yaml similarity index 100% rename from nvidia-gpu/nvidia-modules/lts/vars.yaml rename to nvidia-gpu/nvidia-driver/lts/vars.yaml diff --git a/nvidia-gpu/nvidia-driver/production/manifest.yaml b/nvidia-gpu/nvidia-driver/production/manifest.yaml new file mode 100644 index 00000000..bfef69a6 --- /dev/null +++ b/nvidia-gpu/nvidia-driver/production/manifest.yaml @@ -0,0 +1,11 @@ +version: v1alpha1 +metadata: + name: nvidia-driver-production + version: "$VERSION" + author: Jean-Francois Roy + description: | + This system extension provides the NVIDIA open-source GPU kernel modules and matching userspace + drivers, production version. It depends on the glibc extension. + compatibility: + talos: + version: ">= v1.8.0" diff --git a/nvidia-gpu/nvidia-driver/production/nvidia-driver.yaml b/nvidia-gpu/nvidia-driver/production/nvidia-driver.yaml new file mode 100644 index 00000000..c1421693 --- /dev/null +++ b/nvidia-gpu/nvidia-driver/production/nvidia-driver.yaml @@ -0,0 +1,50 @@ +name: nvidia-driver +container: + entrypoint: /nvidia-driver + mounts: + # device files + - source: /dev + destination: /dev + type: bind + options: + - rshared + - rbind + - rw + # glibc dynamic linker + - source: /lib64 + destination: /lib64 + type: bind + options: + - bind + - ro + # glibc root, which includes the nvidia driver userspace components + - source: /usr/local/glibc + destination: /usr/local/glibc + type: bind + options: + - bind + - ro + # nvidia driver destination + - source: /run/nvidia + destination: /run/nvidia + type: bind + options: + - rshared + - rbind + - rw + # service state file + - source: /var/run + destination: /var/run + type: bind + options: + - rshared + - rbind + - rw + security: + rootfsPropagation: shared +depends: + - service: cri + # we need to depend on udevd so that the nvidia device files are created + - service: udevd + - path: /sys/bus/pci/drivers/nvidia +restart: always diff --git a/nvidia-gpu/nvidia-driver/production/pkg.yaml b/nvidia-gpu/nvidia-driver/production/pkg.yaml new file mode 100644 index 00000000..cf06d849 --- /dev/null +++ b/nvidia-gpu/nvidia-driver/production/pkg.yaml @@ -0,0 +1,28 @@ +name: nvidia-driver-production +variant: scratch +shell: /bin/bash +dependencies: + - stage: base + - stage: nvidia-driver-common + - stage: nvidia-driver-service + - stage: nvidia-driver-userspace-production + - stage: nvidia-open-gpu-kernel-modules-production +steps: + - prepare: + - | + sed -i 's#$VERSION#{{ .VERSION }}#' /pkg/manifest.yaml + install: + - | + mkdir -p /rootfs/usr/local/etc/containers + cp /pkg/nvidia-driver.yaml /rootfs/usr/local/etc/containers/ + test: + - | + mkdir -p /extensions-validator-rootfs + cp -r /rootfs/ /extensions-validator-rootfs/rootfs + cp /pkg/manifest.yaml /extensions-validator-rootfs/manifest.yaml + /extensions-validator validate --rootfs=/extensions-validator-rootfs --pkg-name="${PKG_NAME}" +finalize: + - from: /rootfs + to: /rootfs + - from: /pkg/manifest.yaml + to: / diff --git a/nvidia-gpu/nvidia-modules/production/vars.yaml b/nvidia-gpu/nvidia-driver/production/vars.yaml similarity index 100% rename from nvidia-gpu/nvidia-modules/production/vars.yaml rename to nvidia-gpu/nvidia-driver/production/vars.yaml diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-persistenced-wrapper/go.mod b/nvidia-gpu/nvidia-driver/service/go.mod similarity index 56% rename from nvidia-gpu/nvidia-container-toolkit/nvidia-persistenced-wrapper/go.mod rename to nvidia-gpu/nvidia-driver/service/go.mod index 01bd11eb..87dc4868 100644 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-persistenced-wrapper/go.mod +++ b/nvidia-gpu/nvidia-driver/service/go.mod @@ -1,4 +1,4 @@ -module nvidia-persistenced-wrapper +module nvidia-driver go 1.23.0 diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime-wrapper/go.sum b/nvidia-gpu/nvidia-driver/service/go.sum similarity index 100% rename from nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime-wrapper/go.sum rename to nvidia-gpu/nvidia-driver/service/go.sum diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-persistenced-wrapper/main.go b/nvidia-gpu/nvidia-driver/service/main.go similarity index 60% rename from nvidia-gpu/nvidia-container-toolkit/nvidia-persistenced-wrapper/main.go rename to nvidia-gpu/nvidia-driver/service/main.go index 6179e234..64e35097 100644 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-persistenced-wrapper/main.go +++ b/nvidia-gpu/nvidia-driver/service/main.go @@ -11,7 +11,9 @@ import ( "os" "os/exec" "os/signal" + "path/filepath" "strconv" + "syscall" "golang.org/x/sys/unix" ) @@ -19,49 +21,66 @@ import ( const ( stateFolder = "/var/run/nvidia-persistenced" pidFile = stateFolder + "/" + "nvidia-persistenced.pid" + + driverSource = "/usr/local/glibc" + driverTarget = "/run/nvidia/driver" ) func main() { + bindMounDriver() + execPersistenced() +} + +func bindMounDriver() { + err := os.MkdirAll(driverTarget, 0755) + if err != nil { + log.Fatalf("nvidia-driver: failed mkdir: %v", err) + } + err = syscall.Mount(driverSource, driverTarget, "", syscall.MS_BIND|syscall.MS_REC, "") + if err != nil { + log.Fatalf("nvidia-driver: failed mount BIND: %v", err) + } +} + +func execPersistenced() { // ref: https://docs.nvidia.com/deploy/driver-persistence/index.html // first check if the pid file exists, // then check if the process is running, // if running try to kill it, then start the new process if _, err := os.Stat(pidFile); err != nil { if !errors.Is(err, os.ErrNotExist) { - log.Fatalf("nvidia-persistenced-wrapper: failed to stat pid file: %s%v\n", pidFile, err) + log.Fatalf("nvidia-driver: failed to stat pid file: %s%v\n", pidFile, err) } } else { pid, err := getProcessId() if err != nil { - log.Fatalf("nvidia-persistenced-wrapper: error reading pid file: %s%v\n", pidFile, err) + log.Fatalf("nvidia-driver: error reading pid file: %s%v\n", pidFile, err) } if err := killProcess(pid); err != nil { - log.Fatalf("nvidia-persistenced-wrapper: error killing process: %d%v\n", pid, err) + log.Fatalf("nvidia-driver: error killing process: %d%v\n", pid, err) } // now we can remove the state directory if err := os.RemoveAll(stateFolder); err != nil { - log.Fatalf("nvidia-persistenced-wrapper: error removing state directory: %s%v\n", stateFolder, err) + log.Fatalf("nvidia-driver: error removing state directory: %s%v\n", stateFolder, err) } } - cmd := exec.Command("/usr/local/bin/nvidia-persistenced") - + cmd := exec.Command(filepath.Join(driverTarget, "/usr/bin/nvidia-persistenced")) cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr - if err := cmd.Start(); err != nil { - log.Fatalf("nvidia-persistenced-wrapper: error starting nvidia-persistenced: %v\n", err) + log.Fatalf("nvidia-driver: error starting nvidia-persistenced: %v\n", err) } ch := make(chan os.Signal, 1) signal.Notify(ch, unix.SIGINT, unix.SIGTERM) if err := cmd.Process.Signal(<-ch); err != nil { - log.Fatalf("nvidia-persistenced-wrapper: error sending signal to nvidia-persistenced: %v\n", err) + log.Fatalf("nvidia-driver: error sending signal to nvidia-persistenced: %v\n", err) } if _, err := cmd.Process.Wait(); err != nil { - log.Fatalf("nvidia-persistenced-wrapper: error waiting for nvidia-persistenced to exit: %v\n", err) + log.Fatalf("nvidia-driver: error waiting for nvidia-persistenced to exit: %v\n", err) } } diff --git a/nvidia-gpu/nvidia-container-toolkit/nvidia-persistenced-wrapper/pkg.yaml b/nvidia-gpu/nvidia-driver/service/pkg.yaml similarity index 56% rename from nvidia-gpu/nvidia-container-toolkit/nvidia-persistenced-wrapper/pkg.yaml rename to nvidia-gpu/nvidia-driver/service/pkg.yaml index 7e41f7e7..78772fff 100644 --- a/nvidia-gpu/nvidia-container-toolkit/nvidia-persistenced-wrapper/pkg.yaml +++ b/nvidia-gpu/nvidia-driver/service/pkg.yaml @@ -1,4 +1,4 @@ -name: nvidia-persistenced-wrapper +name: nvidia-driver-service variant: scratch shell: /bin/bash dependencies: @@ -17,13 +17,12 @@ steps: go mod download - network: none build: - - | - CGO_ENABLED=0 go build -o nvidia-persistenced-wrapper main.go + - | + CGO_ENABLED=0 go build -ldflags "-s -w" -trimpath -o nvidia-driver main.go install: - - | - mkdir -p /rootfs/usr/local/bin - - cp nvidia-persistenced-wrapper /rootfs/usr/local/bin/nvidia-persistenced-wrapper + - | + mkdir -p /rootfs/usr/local/lib/containers/nvidia-driver + cp nvidia-driver /rootfs/usr/local/lib/containers/nvidia-driver/ finalize: - from: /rootfs to: /rootfs diff --git a/nvidia-gpu/nvidia-driver/userspace/lts/pkg.yaml b/nvidia-gpu/nvidia-driver/userspace/lts/pkg.yaml new file mode 100644 index 00000000..9dc6bd83 --- /dev/null +++ b/nvidia-gpu/nvidia-driver/userspace/lts/pkg.yaml @@ -0,0 +1,73 @@ +name: nvidia-driver-userspace-lts +variant: scratch +shell: /bin/bash +install: + - bash +dependencies: + - image: cgr.dev/chainguard/wolfi-base@{{ .WOLFI_BASE_REF }} +steps: + - sources: + # {{ if eq .ARCH "aarch64" }} This in fact is YAML comment, but Go templating instruction is evaluated by bldr + - url: https://us.download.nvidia.com/tesla/{{ .NVIDIA_DRIVER_LTS_VERSION }}/NVIDIA-Linux-aarch64-{{ .NVIDIA_DRIVER_LTS_VERSION }}.run + destination: nvidia.run + sha256: {{ .NVIDIA_PKGS_LTS_ARM64_SHA256 }} + sha512: {{ .NVIDIA_PKGS_LTS_ARM64_SHA512 }} + # {{ else }} This in fact is YAML comment, but Go templating instruction is evaluated by bldr + - url: https://us.download.nvidia.com/tesla/{{ .NVIDIA_DRIVER_LTS_VERSION }}/NVIDIA-Linux-x86_64-{{ .NVIDIA_DRIVER_LTS_VERSION }}.run + destination: nvidia.run + sha256: {{ .NVIDIA_PKGS_LTS_AMD64_SHA256 }} + sha512: {{ .NVIDIA_PKGS_LTS_AMD64_SHA512 }} + # {{ end }} This in fact is YAML comment, but Go templating instruction is evaluated by bldr + prepare: + - | + # the nvidia installer validates these programs are installed + ln -s /bin/true /bin/modprobe + ln -s /bin/true /bin/rmmod + ln -s /bin/true /bin/lsmod + ln -s /bin/true /bin/depmod + + # the nvidia installer picks from an ordered list of lib directories and checks for them in + # the ldconf cache or (if that doesn't exists) in the filesystem; create /usr/lib64 for + # maximum compatibility with Ubuntu/glibc and Alpine/musl. + mkdir -p /rootfs/usr/local/glibc/usr/lib64 + + chmod +x nvidia.run + ./nvidia.run --extract-only --target nvidia + install: + - | + ./nvidia/nvidia-installer \ + --silent \ + --x-prefix=/rootfs/usr/local/glibc/usr \ + --opengl-prefix=/rootfs/usr/local/glibc/usr \ + --utility-prefix=/rootfs/usr/local/glibc/usr \ + --xdg-data-dir=/rootfs/usr/local/glibc/usr/share \ + --documentation-prefix=/rootfs/usr/local/glibc/usr \ + --application-profile-path=/rootfs/usr/local/glibc/usr/share/nvidia \ + --log-file-name=/tmp/nvidia-installer.log \ + --no-rpms \ + --no-backup \ + --no-recursion \ + --no-kernel-modules \ + --no-x-check \ + --no-nouveau-check \ + --no-distro-scripts \ + --no-wine-files \ + --no-kernel-module-source \ + --no-check-for-alternate-installs \ + --override-file-type-destination=FIRMWARE:/rootfs/usr/lib/firmware/nvidia/{{ .NVIDIA_DRIVER_PRODUCTION_VERSION }} \ + --no-systemd +finalize: + - from: /rootfs + to: /rootfs + - from: /etc/OpenCL + to: /rootfs/usr/local/glibc/etc/OpenCL + - from: /etc/vulkan + to: /rootfs/usr/local/glibc/etc/vulkan + - from: /usr/lib64/nvidia + to: /rootfs/usr/local/glibc/usr/lib64/nvidia + - from: /usr/share/egl + to: /rootfs/usr/local/glibc/usr/share/egl + - from: /usr/share/glvnd + to: /rootfs/usr/local/glibc/usr/share/glvnd + - from: /usr/share/nvidia + to: /rootfs/usr/local/glibc/usr/share/nvidia diff --git a/nvidia-gpu/nvidia-driver/userspace/production/pkg.yaml b/nvidia-gpu/nvidia-driver/userspace/production/pkg.yaml new file mode 100644 index 00000000..e6db337b --- /dev/null +++ b/nvidia-gpu/nvidia-driver/userspace/production/pkg.yaml @@ -0,0 +1,73 @@ +name: nvidia-driver-userspace-production +variant: scratch +shell: /bin/bash +install: + - bash +dependencies: + - image: cgr.dev/chainguard/wolfi-base@{{ .WOLFI_BASE_REF }} +steps: + - sources: + # {{ if eq .ARCH "aarch64" }} This in fact is YAML comment, but Go templating instruction is evaluated by bldr + - url: https://us.download.nvidia.com/tesla/{{ .NVIDIA_DRIVER_PRODUCTION_VERSION }}/NVIDIA-Linux-aarch64-{{ .NVIDIA_DRIVER_PRODUCTION_VERSION }}.run + destination: nvidia.run + sha256: {{ .NVIDIA_PKGS_PRODUCTION_ARM64_SHA256 }} + sha512: {{ .NVIDIA_PKGS_PRODUCTION_ARM64_SHA512 }} + # {{ else }} This in fact is YAML comment, but Go templating instruction is evaluated by bldr + - url: https://us.download.nvidia.com/tesla/{{ .NVIDIA_DRIVER_PRODUCTION_VERSION }}/NVIDIA-Linux-x86_64-{{ .NVIDIA_DRIVER_PRODUCTION_VERSION }}.run + destination: nvidia.run + sha256: {{ .NVIDIA_PKGS_PRODUCTION_AMD64_SHA256 }} + sha512: {{ .NVIDIA_PKGS_PRODUCTION_AMD64_SHA512 }} + # {{ end }} This in fact is YAML comment, but Go templating instruction is evaluated by bldr + prepare: + - | + # the nvidia installer validates these programs are installed + ln -s /bin/true /bin/modprobe + ln -s /bin/true /bin/rmmod + ln -s /bin/true /bin/lsmod + ln -s /bin/true /bin/depmod + + # the nvidia installer picks from an ordered list of lib directories and checks for them in + # the ldconf cache or (if that doesn't exists) in the filesystem; create /usr/lib64 for + # maximum compatibility with Ubuntu/glibc and Alpine/musl. + mkdir -p /rootfs/usr/local/glibc/usr/lib64 + + chmod +x nvidia.run + ./nvidia.run --extract-only --target nvidia + install: + - | + ./nvidia/nvidia-installer \ + --silent \ + --x-prefix=/rootfs/usr/local/glibc/usr \ + --opengl-prefix=/rootfs/usr/local/glibc/usr \ + --utility-prefix=/rootfs/usr/local/glibc/usr \ + --xdg-data-dir=/rootfs/usr/local/glibc/usr/share \ + --documentation-prefix=/rootfs/usr/local/glibc/usr \ + --application-profile-path=/rootfs/usr/local/glibc/usr/share/nvidia \ + --log-file-name=/tmp/nvidia-installer.log \ + --no-rpms \ + --no-backup \ + --no-recursion \ + --no-kernel-modules \ + --no-x-check \ + --no-nouveau-check \ + --no-distro-scripts \ + --no-wine-files \ + --no-kernel-module-source \ + --no-check-for-alternate-installs \ + --override-file-type-destination=FIRMWARE:/rootfs/usr/lib/firmware/nvidia/{{ .NVIDIA_DRIVER_PRODUCTION_VERSION }} \ + --no-systemd +finalize: + - from: /rootfs + to: /rootfs + - from: /etc/OpenCL + to: /rootfs/usr/local/glibc/etc/OpenCL + - from: /etc/vulkan + to: /rootfs/usr/local/glibc/etc/vulkan + - from: /usr/lib64/nvidia + to: /rootfs/usr/local/glibc/usr/lib64/nvidia + - from: /usr/share/egl + to: /rootfs/usr/local/glibc/usr/share/egl + - from: /usr/share/glvnd + to: /rootfs/usr/local/glibc/usr/share/glvnd + - from: /usr/share/nvidia + to: /rootfs/usr/local/glibc/usr/share/nvidia diff --git a/nvidia-gpu/nvidia-fabricmanager/lts/manifest.yaml b/nvidia-gpu/nvidia-fabricmanager/lts/manifest.yaml index b1ba3303..a4bb0e2c 100644 --- a/nvidia-gpu/nvidia-fabricmanager/lts/manifest.yaml +++ b/nvidia-gpu/nvidia-fabricmanager/lts/manifest.yaml @@ -4,7 +4,7 @@ metadata: version: "$VERSION" author: Sidero Labs description: | - This system extension provides the Nvidia fabricmanager for GPU's that need NVLink support. + This system extension provides the NVIDIA fabricmanager for GPU's that need NVLink support. compatibility: talos: version: ">= v1.2.0" diff --git a/nvidia-gpu/nvidia-fabricmanager/production/manifest.yaml b/nvidia-gpu/nvidia-fabricmanager/production/manifest.yaml index 61ccc162..13a3fb55 100644 --- a/nvidia-gpu/nvidia-fabricmanager/production/manifest.yaml +++ b/nvidia-gpu/nvidia-fabricmanager/production/manifest.yaml @@ -4,7 +4,7 @@ metadata: version: "$VERSION" author: Sidero Labs description: | - This system extension provides the Nvidia fabricmanager for GPU's that need NVLink support. + This system extension provides the NVIDIA fabricmanager for GPU's that need NVLink support. compatibility: talos: version: ">= v1.2.0" diff --git a/nvidia-gpu/nvidia-modules/lts/files/nvidia.conf b/nvidia-gpu/nvidia-modules/lts/files/nvidia.conf deleted file mode 100644 index 62b5f931..00000000 --- a/nvidia-gpu/nvidia-modules/lts/files/nvidia.conf +++ /dev/null @@ -1,4 +0,0 @@ -blacklist nvidia -blacklist nvidia_uvm -blacklist nvidia_drm -blacklist nvidia_modeset diff --git a/nvidia-gpu/nvidia-modules/lts/manifest.yaml b/nvidia-gpu/nvidia-modules/lts/manifest.yaml deleted file mode 100644 index 77874823..00000000 --- a/nvidia-gpu/nvidia-modules/lts/manifest.yaml +++ /dev/null @@ -1,10 +0,0 @@ -version: v1alpha1 -metadata: - name: nvidia-open-gpu-kernel-modules-lts - version: "$VERSION" - author: Sidero Labs - description: | - This system extension provides nvidia open source driver kernel modules built against a specific Talos version. - compatibility: - talos: - version: ">= v1.2.0" diff --git a/nvidia-gpu/nvidia-modules/lts/pkg.yaml b/nvidia-gpu/nvidia-modules/lts/pkg.yaml deleted file mode 100644 index 52da1fb4..00000000 --- a/nvidia-gpu/nvidia-modules/lts/pkg.yaml +++ /dev/null @@ -1,31 +0,0 @@ -name: nvidia-open-gpu-kernel-modules-lts -variant: scratch -shell: /bin/bash -dependencies: - - stage: base -# The pkgs version for a particular release of Talos as defined in -# https://github.com/siderolabs/talos/blob//pkg/machinery/gendata/data/pkgs - - image: "{{ .BUILD_ARG_PKGS_PREFIX }}/nvidia-open-gpu-kernel-modules-lts-pkg:{{ .BUILD_ARG_PKGS }}" -steps: - - prepare: - - | - sed -i 's#$VERSION#{{ .VERSION }}#' /pkg/manifest.yaml - - install: - - | - mkdir -p /rootfs/usr/lib/modules \ - /rootfs/usr/local/lib/modprobe.d - - cp /pkg/files/nvidia.conf /rootfs/usr/local/lib/modprobe.d/nvidia.conf - - cp -R /usr/lib/modules/* /rootfs/usr/lib/modules - test: - - | - mkdir -p /extensions-validator-rootfs - cp -r /rootfs/ /extensions-validator-rootfs/rootfs - cp /pkg/manifest.yaml /extensions-validator-rootfs/manifest.yaml - /extensions-validator validate --rootfs=/extensions-validator-rootfs --pkg-name="${PKG_NAME}" -finalize: - - from: /rootfs - to: /rootfs - - from: /pkg/manifest.yaml - to: / diff --git a/nvidia-gpu/nvidia-modules/production/files/nvidia.conf b/nvidia-gpu/nvidia-modules/production/files/nvidia.conf deleted file mode 100644 index 62b5f931..00000000 --- a/nvidia-gpu/nvidia-modules/production/files/nvidia.conf +++ /dev/null @@ -1,4 +0,0 @@ -blacklist nvidia -blacklist nvidia_uvm -blacklist nvidia_drm -blacklist nvidia_modeset diff --git a/nvidia-gpu/nvidia-modules/production/manifest.yaml b/nvidia-gpu/nvidia-modules/production/manifest.yaml deleted file mode 100644 index 7398546b..00000000 --- a/nvidia-gpu/nvidia-modules/production/manifest.yaml +++ /dev/null @@ -1,10 +0,0 @@ -version: v1alpha1 -metadata: - name: nvidia-open-gpu-kernel-modules-production - version: "$VERSION" - author: Sidero Labs - description: | - This system extension provides nvidia open source driver kernel modules built against a specific Talos version. - compatibility: - talos: - version: ">= v1.2.0" diff --git a/nvidia-gpu/nvidia-modules/production/pkg.yaml b/nvidia-gpu/nvidia-modules/production/pkg.yaml deleted file mode 100644 index 9b46f3ec..00000000 --- a/nvidia-gpu/nvidia-modules/production/pkg.yaml +++ /dev/null @@ -1,31 +0,0 @@ -name: nvidia-open-gpu-kernel-modules-production -variant: scratch -shell: /bin/bash -dependencies: - - stage: base -# The pkgs version for a particular release of Talos as defined in -# https://github.com/siderolabs/talos/blob//pkg/machinery/gendata/data/pkgs - - image: "{{ .BUILD_ARG_PKGS_PREFIX }}/nvidia-open-gpu-kernel-modules-production-pkg:{{ .BUILD_ARG_PKGS }}" -steps: - - prepare: - - | - sed -i 's#$VERSION#{{ .VERSION }}#' /pkg/manifest.yaml - - install: - - | - mkdir -p /rootfs/usr/lib/modules \ - /rootfs/usr/local/lib/modprobe.d - - cp /pkg/files/nvidia.conf /rootfs/usr/local/lib/modprobe.d/nvidia.conf - - cp -R /usr/lib/modules/* /rootfs/usr/lib/modules - test: - - | - mkdir -p /extensions-validator-rootfs - cp -r /rootfs/ /extensions-validator-rootfs/rootfs - cp /pkg/manifest.yaml /extensions-validator-rootfs/manifest.yaml - /extensions-validator validate --rootfs=/extensions-validator-rootfs --pkg-name="${PKG_NAME}" -finalize: - - from: /rootfs - to: /rootfs - - from: /pkg/manifest.yaml - to: / diff --git a/nvidia-gpu/vars.yaml b/nvidia-gpu/vars.yaml index e60b81e6..39cbe732 100644 --- a/nvidia-gpu/vars.yaml +++ b/nvidia-gpu/vars.yaml @@ -1,45 +1,23 @@ # only update if there's a matching fabric manager version # renovate: datasource=github-releases extractVersion=^\d+\.(?\d+\.\d+)$ depName=nvidia/open-gpu-kernel-modules NVIDIA_DRIVER_LTS_VERSION: 535.247.01 -NVIDIA_PKGS_LTS_ARM64_SHA256: 71b77bc88a2af5885b8879304d3dddfad069f36961314b10bb26cb881d20ce1d -NVIDIA_PKGS_LTS_ARM64_SHA512: 21957c183dbea5709a227c5f15610fdf5a071c9024d89d63ee041a026ca7bb602c6fb6deaa83ba8023d0458340132dae7b33f558814627ce46801e041a5b0ab3 -NVIDIA_PKGS_LTS_AMD64_SHA256: bcfeec3cec580c5b72f23e5a71f90d39f84a793e717a2ee4d05ecad086317145 -NVIDIA_PKGS_LTS_AMD64_SHA512: cce646f374c9b6768928125e66f5d120ee464a495893489caf793f1473ae80fed70970c0d610b286948f08a158addcfe0ff1e74e753fd121c1e73d95731e0617 +NVIDIA_PKGS_LTS_ARM64_SHA256: bd8ea5c3747a588ff1a29b4f59300d2eba69402a605cb95fce10a30f535993d0 +NVIDIA_PKGS_LTS_ARM64_SHA512: a0bd487238d41fd907c7e87d8ce10b4e19a367c8faafafc914fe6d741b348619e7427a5ff22dd2a475e4dd5cf3148965934b746bcc34b3f572bc01e8a6429bda +NVIDIA_PKGS_LTS_AMD64_SHA256: c250e686494cb0c1b5eeea58ba2003707510b2766df05b06ba20b11b3445466b +NVIDIA_PKGS_LTS_AMD64_SHA512: f8e04e5f7cf8b7fdae9135cb5f0f2740d5eae0ef9a44a41dbf78996d3c2d4139bdbec99be14f73aa2d275d78658b4a91a274f20545e4325cef787548e3d073a6 NVIDIA_FABRIC_MANAGER_LTS_ARM64_SHA256: 113adde500037510374b504e6a77cf7f321d539aaba06589e0b7a9e512b0b0b7 NVIDIA_FABRIC_MANAGER_LTS_ARM64_SHA512: 65e5561cb2f6f284da9fe3aeecacf8a2b4fdc39cb9016407812188e96dc3043ba767a68cdffaa0c08e43d21599526be7a8ff0680ead7657cfa1067ef3735aff1 NVIDIA_FABRIC_MANAGER_LTS_AMD64_SHA256: b8c23d6643dd1f28ff0d8e3a7e06fb031c04d06a430b27453fbaf4e944818f1d NVIDIA_FABRIC_MANAGER_LTS_AMD64_SHA512: 87d8931b86c2182b95e2ed68f5812340c0bfacb35403cc123e9ae04db1c710ad681f223da846cea88365517c1bb749a95364346ea1273ff718513d39fcad5163 # renovate: datasource=github-releases extractVersion=^\d+\.(?\d+\.\d+)$ depName=nvidia/open-gpu-kernel-modules NVIDIA_DRIVER_PRODUCTION_VERSION: 570.133.20 -NVIDIA_PKGS_PRODUCTION_ARM64_SHA256: f198b84b0d461d28e2aa39c0ddd7da42960adbf6c02a66116bb84d9e81a74fe8 -NVIDIA_PKGS_PRODUCTION_ARM64_SHA512: 93c73ef887099534d627f5b165f0565df6660b00a3ff8fd4e027fa3e6334c8e73870493079ae802eb171d6bd3556b934e6e06105b84bafa0b2335c0074f63013 -NVIDIA_PKGS_PRODUCTION_AMD64_SHA256: d5b9561a7b9d41390b074372dab1b895d7da9e4cb8ac008d0849f1e0f2674dc5 -NVIDIA_PKGS_PRODUCTION_AMD64_SHA512: a573b3554249c99dd77f4d9908895c7bab0ac5f1e3382150747d26c3e0185d288b6e5eff14b0d274ab627be35e1a06e23860c9ad2898d62c8629fcf4fb23b25e -NVIDIA_FABRIC_MANAGER_PRODUCTION_ARM64_SHA256: 15c0e2a7538fa840d0aaefbfe3822757ed57f134ea417518c1fed4371843e373 -NVIDIA_FABRIC_MANAGER_PRODUCTION_ARM64_SHA512: e9d353be430eabaec2d79c498a6cca4fa8f365ce262339ec381b51a39410eb149526b12f79210e90d28823a04507b15e4d85d5ceea9786e416f734406a0382b8 -NVIDIA_FABRIC_MANAGER_PRODUCTION_AMD64_SHA256: ed38bd2f1ce555f08eb8cba6c3ddee2cc7b401c5cdb23bb2ae1a12c5ca2f65ca -NVIDIA_FABRIC_MANAGER_PRODUCTION_AMD64_SHA512: b6bdacc15bdb95a1798c402eac189da7d2eaab995d5bf58e791897c61776469343e3bee409dabde685949e1b6299fd67f480cf614dab031466d80e95b5d0a41b -# renovate: datasource=github-releases depName=nvidia/nvidia-container-toolkit -CONTAINER_TOOLKIT_VERSION: v1.17.6 -CONTAINER_TOOLKIT_REF: e627eb2e21e167988e04c0579a1c941c1e263ff6 -CONTAINER_TOOLKIT_SHA256: 381484a01d447745a9e242ef50b3524a83a1ecb2adb4ac12832b4a1417e7a0e8 -CONTAINER_TOOLKIT_SHA512: 9b4dc074c21c88f3dcafe1fc1a5b3c12e7cab1bd904817a2c0fb759d89e46c7df06cad2fbf8c8019b0e56f45828e6e257be834d74979992dc4c215e7b27d6ba1 - # renovate: datasource=github-releases depName=nvidia/libnvidia-container -LIBNVIDIA_CONTAINER_VERSION: v1.17.6 -LIBNVIDIA_CONTAINER_REF: a198166e1c1166f4847598438115ea97dacc7a92 -LIBNVIDIA_CONTAINER_SHA256: 49c6bd8864c2cf457532dbfd9c8d1e012cec496aec1a3526d6f16f5b508cbc10 -LIBNVIDIA_CONTAINER_SHA512: f97046a8c1b857756d6d54968ed7036a53adce7fd54dff7f103308bd89835ea9afa62c0a3770f1b665ff0f1a45d2bfe8ef95f53c7b211b915d707659cd111c73 +NVIDIA_PKGS_PRODUCTION_ARM64_SHA256: 7e135f98be5d13afcc5f0ab23f4fdfd057364143b11bb6f4932f565534c89bd0 +NVIDIA_PKGS_PRODUCTION_ARM64_SHA512: a8e338f551e0086e0de899ccf7f7d8b440eabd8842f347ff778170d54f926a10346d79cedd562fa826cb515def92eef60d84064d41571fefe7eb00fc8d2e727b +NVIDIA_PKGS_PRODUCTION_AMD64_SHA256: 1253d17b1528e8a24bf1f34a8ac6591c924b98ad7a32344bde253aa622ac1605 +NVIDIA_PKGS_PRODUCTION_AMD64_SHA512: c6f443791b14e71273929e6e97660cceeb46e9fbd10a3df624236a2433a99b0c905f89ada7c490f2a6009ff37a715c8585a4e82df75adf0afed5236da39ae5b6 +NVIDIA_FABRIC_MANAGER_PRODUCTION_ARM64_SHA256: a7e0ebba25d85aa2211b20f9c4097e426d3a196d3748c03f13c432d7b3bc2cc9 +NVIDIA_FABRIC_MANAGER_PRODUCTION_ARM64_SHA512: fb6a06a067f8abbc065ef077ac214f61da0b7d75fbe607fdd9ee6b78743e8a8c8361506e991d67b93ef2211a0de0ed5d4dc0f046032360905911ca90377ee8d7 +NVIDIA_FABRIC_MANAGER_PRODUCTION_AMD64_SHA256: e2d359986ca733c568f5a21fd7686f1b002b09637bf1b3a596333bd5ffbc3edb +NVIDIA_FABRIC_MANAGER_PRODUCTION_AMD64_SHA512: fe6f37068391b1950f830d93d8b8d4e2c38cf91b2331aa4206089f5f3e34889f00b87aaf4d664287b1c36ad21a6edefd37919c11615be1b1cd91641025e33f19 # renovate: datasource=docker versioning=docker depName=cgr.dev/chainguard/wolfi-base WOLFI_BASE_REF: sha256:e3ce0a3bb47aefa02647e0bb6cdfb29a5a872e755660be73c9dd7b9578844258 -# renovate: datasource=github-tags extractVersion=^v(?.*)$ depName=seccomp/libseccomp -LIBSECCOMP_VERSION: 2.6.0 -LIBSECCOMP_SHA256: 83b6085232d1588c379dc9b9cae47bb37407cf262e6e74993c61ba72d2a784dc -LIBSECCOMP_SHA512: 9039478656d9b670af2ff4cb67b6b1fa315821e59d2f82ba6247e988859ddc7e3d15fea159eccca161bf2890828bb62aa6ab4d6b7ff55f27a9d6bd9532eeee1b -# renovate: datasource=git-tags extractVersion=^libcap-(?.*)$ depName=git://git.kernel.org/pub/scm/libs/libcap/libcap.git -LIBCAP_VERSION: 2.76 -LIBCAP_SHA256: 629da4ab29900d0f7fcc36227073743119925fd711c99a1689bbf5c9b40c8e6f -LIBCAP_SHA512: f9448628ce036a10ce71958b25e5dd31032c4d86d8d34d905d2dfa32890ad443804169d4c6b825fd4bfe260b5de20f046cee958e40268bcadbbe7f7731ae40ad -# renovate: datasource=git-tags extractVersion=^elfutils-(?.*)$ depName=git://sourceware.org/git/elfutils.git -ELFUTILS_VERSION: 0.193 -ELFUTILS_SHA256: 7857f44b624f4d8d421df851aaae7b1402cfe6bcdd2d8049f15fc07d3dde7635 -ELFUTILS_SHA512: 557e328e3de0d2a69d09c15a9333f705f3233584e2c6a7d3ce855d06a12dc129e69168d6be64082803630397bd64e1660a8b5324d4f162d17922e10ddb367d76