public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #108547 from cpcloud/podman-nvidia

Browse Source
This commit is contained in:
Jörg Thalheim 2021-01-09 10:37:29 +00:00 committed by GitHub
commit ce9a7356a3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 71 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
nixos/modules/virtualisation/podman.nix
View File

@ -1,6 +1,8 @@
{ config, lib, pkgs, utils, ... }: { config, lib, pkgs, utils, ... }:
let let
cfg = config.virtualisation.podman; cfg = config.virtualisation.podman;
toml = pkgs.formats.toml { };
nvidia-docker = pkgs.nvidia-docker.override { containerRuntimePath = "${pkgs.runc}/bin/runc"; };
inherit (lib) mkOption types; inherit (lib) mkOption types;
@ -53,6 +55,14 @@ in
''; '';
}; };
enableNvidia = mkOption {
type = types.bool;
default = false;
description = ''
Enable use of NVidia GPUs from within podman containers.
'';
};
extraPackages = mkOption { extraPackages = mkOption {
type = with types; listOf package; type = with types; listOf package;
default = [ ]; default = [ ];
@ -78,21 +88,37 @@ in
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable (lib.mkMerge [
{
environment.systemPackages = [ cfg.package ]
++ lib.optional cfg.dockerCompat dockerCompat;
environment.systemPackages = [ cfg.package ] environment.etc."cni/net.d/87-podman-bridge.conflist".source = utils.copyFile "${pkgs.podman-unwrapped.src}/cni/87-podman-bridge.conflist";
++ lib.optional cfg.dockerCompat dockerCompat;
environment.etc."cni/net.d/87-podman-bridge.conflist".source = utils.copyFile "${pkgs.podman-unwrapped.src}/cni/87-podman-bridge.conflist"; virtualisation.containers = {
enable = true; # Enable common /etc/containers configuration
# Enable common /etc/containers configuration containersConf.extraConfig = lib.optionalString cfg.enableNvidia
virtualisation.containers.enable = true; (builtins.readFile (toml.generate "podman.nvidia.containers.conf" {
engine = {
assertions = [{ conmon_env_vars = [ "PATH=${lib.makeBinPath [ nvidia-docker ]}" ];
assertion = cfg.dockerCompat -> !config.virtualisation.docker.enable; runtimes.nvidia = [ "${nvidia-docker}/bin/nvidia-container-runtime" ];
message = "Option dockerCompat conflicts with docker"; };
}]; }));
};
};
assertions = [
{
assertion = cfg.dockerCompat -> !config.virtualisation.docker.enable;
message = "Option dockerCompat conflicts with docker";
}
{
assertion = cfg.enableNvidia -> !config.virtualisation.docker.enableNvidia;
message = "Option enableNvidia conflicts with docker.enableNvidia";
}
];
}
(lib.mkIf cfg.enableNvidia {
environment.etc."nvidia-container-runtime/config.toml".source = "${nvidia-docker}/etc/podman-config.toml";
})
]);
} }

20
pkgs/applications/virtualization/nvidia-docker/default.nix
View File

@ -6,15 +6,23 @@
, makeWrapper , makeWrapper
, buildGoModule , buildGoModule
, buildGoPackage , buildGoPackage
, git
, glibc , glibc
, docker
, linkFarm
, containerRuntimePath ? "${docker}/libexec/docker/runc"
}: }:
with lib; let with lib; let
libnvidia-container = callPackage ./libnvc.nix { }; libnvidia-container = callPackage ./libnvc.nix { };
isolatedContainerRuntimePath = linkFarm "isolated_container_runtime_path" [
{
name = "runc";
path = containerRuntimePath;
}
];
nvidia-container-runtime = buildGoPackage rec { nvidia-container-runtime = buildGoPackage rec {
pname = "nvidia-container-toolkit"; pname = "nvidia-container-runtime";
version = "3.4.0"; version = "3.4.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "NVIDIA"; owner = "NVIDIA";
@ -74,10 +82,18 @@ stdenv.mkDerivation rec {
installPhase = '' installPhase = ''
mkdir -p $out/{bin,etc} mkdir -p $out/{bin,etc}
cp -r bin $out cp -r bin $out
wrapProgram $out/bin/nvidia-container-cli \ wrapProgram $out/bin/nvidia-container-cli \
--prefix LD_LIBRARY_PATH : /run/opengl-driver/lib:/run/opengl-driver-32/lib --prefix LD_LIBRARY_PATH : /run/opengl-driver/lib:/run/opengl-driver-32/lib
# nvidia-container-runtime invokes docker-runc or runc if that isn't available on PATH
wrapProgram $out/bin/nvidia-container-runtime --prefix PATH : ${isolatedContainerRuntimePath}
cp ${./config.toml} $out/etc/config.toml cp ${./config.toml} $out/etc/config.toml
substituteInPlace $out/etc/config.toml --subst-var-by glibcbin ${lib.getBin glibc} substituteInPlace $out/etc/config.toml --subst-var-by glibcbin ${lib.getBin glibc}
cp ${./podman-config.toml} $out/etc/podman-config.toml
substituteInPlace $out/etc/podman-config.toml --subst-var-by glibcbin ${lib.getBin glibc}
''; '';
meta = { meta = {

13
pkgs/applications/virtualization/nvidia-docker/podman-config.toml Normal file
View File

@ -0,0 +1,13 @@
disable-require = true
#swarm-resource = "DOCKER_RESOURCE_GPU"
[nvidia-container-cli]
#root = "/run/nvidia/driver"
#path = "/usr/bin/nvidia-container-cli"
environment = []
#debug = "/var/log/nvidia-container-runtime-hook.log"
ldcache = "/tmp/ld.so.cache"
load-kmods = true
no-cgroups = true
#user = "root:video"
ldconfig = "@@glibcbin@/bin/ldconfig"