From 662d8b1648d3cde2be880ccfe4cdb14929fd5684 Mon Sep 17 00:00:00 2001 From: Felix Abecassis Date: Wed, 21 Feb 2018 20:45:32 -0800 Subject: [PATCH] Extract the hook into a standalone package Tools like CRI-O or Red Hat's fork of Docker only need the OCI hook, not the full runtime. The hook is also likely to move at a different cadence than the full runtime, which is tied to the upstream Docker releases. --- Makefile | 155 ++---------------- base/Dockerfile.centos7 | 23 +++ base/Dockerfile.stretch | 26 +++ base/Dockerfile.xenial | 26 +++ base/Makefile | 14 ++ hook/Dockerfile.centos7 | 31 ++++ hook/Dockerfile.stretch | 33 ++++ hook/Dockerfile.xenial | 33 ++++ hook/Makefile | 19 +++ .../config.toml.centos7 | 0 .../config.toml.stretch | 0 config.toml.xenial => hook/config.toml.xenial | 0 {debian => hook/debian}/compat | 0 hook/debian/control | 17 ++ {debian => hook/debian}/copyright | 23 +-- .../nvidia-container-runtime-hook.install | 2 +- ...a-container-runtime-hook.lintian-overrides | 1 + {debian => hook/debian}/prepare | 0 {debian => hook/debian}/rules | 0 .../container_config.go | 0 .../hook_config.go | 0 .../hook_test.go | 0 .../nvidia-container-runtime-hook}/main.go | 0 hook/rpm/SOURCES/LICENSE | 25 +++ .../SPECS/nvidia-container-runtime-hook.spec | 37 +++++ .../Dockerfile.centos7 | 44 +---- .../Dockerfile.stretch | 49 +----- .../Dockerfile.xenial | 48 +----- runtime/Makefile | 152 +++++++++++++++++ runtime/debian/compat | 1 + {debian => runtime/debian}/control | 2 +- runtime/debian/copyright | 24 +++ .../debian/nvidia-container-runtime.install | 1 + ...nvidia-container-runtime.lintian-overrides | 3 + runtime/debian/prepare | 5 + runtime/debian/rules | 7 + {rpm => runtime/rpm}/SOURCES/LICENSE | 29 ---- .../rpm}/SPECS/nvidia-container-runtime.spec | 17 +- ...k-nvidia-container-runtime-hook-to-t.patch | 0 ...ix-setup-cgroup-before-prestart-hook.patch | 0 ...k-nvidia-container-runtime-hook-to-t.patch | 0 .../54296cf40ad8143b62dbcaa1d90e520a2136ddfe | 0 ...ix-setup-cgroup-before-prestart-hook.patch | 0 ...k-nvidia-container-runtime-hook-to-t.patch | 0 ...ix-setup-cgroup-before-prestart-hook.patch | 0 ...k-nvidia-container-runtime-hook-to-t.patch | 0 .../b2567b37d7b75eb4cf325b77297b140ea686ce8f | 0 47 files changed, 527 insertions(+), 320 deletions(-) create mode 100644 base/Dockerfile.centos7 create mode 100644 base/Dockerfile.stretch create mode 100644 base/Dockerfile.xenial create mode 100644 base/Makefile create mode 100644 hook/Dockerfile.centos7 create mode 100644 hook/Dockerfile.stretch create mode 100644 hook/Dockerfile.xenial create mode 100644 hook/Makefile rename config.toml.centos7 => hook/config.toml.centos7 (100%) rename config.toml.stretch => hook/config.toml.stretch (100%) rename config.toml.xenial => hook/config.toml.xenial (100%) rename {debian => hook/debian}/compat (100%) create mode 100644 hook/debian/control rename {debian => hook/debian}/copyright (66%) rename debian/nvidia-container-runtime.install => hook/debian/nvidia-container-runtime-hook.install (52%) rename debian/nvidia-container-runtime.lintian-overrides => hook/debian/nvidia-container-runtime-hook.lintian-overrides (77%) rename {debian => hook/debian}/prepare (100%) rename {debian => hook/debian}/rules (100%) rename {nvidia-container-runtime-hook => hook/nvidia-container-runtime-hook}/container_config.go (100%) rename {nvidia-container-runtime-hook => hook/nvidia-container-runtime-hook}/hook_config.go (100%) rename {nvidia-container-runtime-hook => hook/nvidia-container-runtime-hook}/hook_test.go (100%) rename {nvidia-container-runtime-hook => hook/nvidia-container-runtime-hook}/main.go (100%) create mode 100644 hook/rpm/SOURCES/LICENSE create mode 100644 hook/rpm/SPECS/nvidia-container-runtime-hook.spec rename Dockerfile.centos7 => runtime/Dockerfile.centos7 (62%) rename Dockerfile.stretch => runtime/Dockerfile.stretch (50%) rename Dockerfile.xenial => runtime/Dockerfile.xenial (51%) create mode 100644 runtime/Makefile create mode 100644 runtime/debian/compat rename {debian => runtime/debian}/control (80%) create mode 100644 runtime/debian/copyright create mode 100644 runtime/debian/nvidia-container-runtime.install create mode 100644 runtime/debian/nvidia-container-runtime.lintian-overrides create mode 100755 runtime/debian/prepare create mode 100755 runtime/debian/rules rename {rpm => runtime/rpm}/SOURCES/LICENSE (87%) rename {rpm => runtime/rpm}/SPECS/nvidia-container-runtime.spec (54%) rename {runc => runtime/runc}/3f2f8b84a77f73d38244dd690525642a72156c64/0001-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch (100%) rename {runc => runtime/runc}/50a19c6ff828c58e5dab13830bd3dacde268afe5/0001-Fix-setup-cgroup-before-prestart-hook.patch (100%) rename {runc => runtime/runc}/50a19c6ff828c58e5dab13830bd3dacde268afe5/0002-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch (100%) rename {runc => runtime/runc}/54296cf40ad8143b62dbcaa1d90e520a2136ddfe (100%) rename {runc => runtime/runc}/810190ceaa507aa2727d7ae6f4790c76ec150bd2/0001-Fix-setup-cgroup-before-prestart-hook.patch (100%) rename {runc => runtime/runc}/810190ceaa507aa2727d7ae6f4790c76ec150bd2/0002-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch (100%) rename {runc => runtime/runc}/9df8b306d01f59d3a8029be411de015b7304dd8f/0001-Fix-setup-cgroup-before-prestart-hook.patch (100%) rename {runc => runtime/runc}/9df8b306d01f59d3a8029be411de015b7304dd8f/0002-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch (100%) rename {runc => runtime/runc}/b2567b37d7b75eb4cf325b77297b140ea686ce8f (100%) diff --git a/Makefile b/Makefile index dd7d48d..d87faaa 100644 --- a/Makefile +++ b/Makefile @@ -1,152 +1,31 @@ # Copyright (c) 2017-2018, NVIDIA CORPORATION. All rights reserved. -DOCKER ?= docker - -VERSION := 1.1.1 -PKG_REV := 1 - -DIST_DIR := $(CURDIR)/dist - -.NOTPARALLEL: .PHONY: all all: xenial centos7 stretch -xenial: 17.12.0-xenial 17.09.1-xenial 17.09.0-xenial 17.06.2-xenial 17.03.2-xenial 1.13.1-xenial 1.12.6-xenial - -centos7: 17.12.0-centos7 17.09.1-centos7 17.09.0-centos7 17.06.2-centos7 17.03.2-centos7 1.13.1-centos7 1.12.6-centos7 - -stretch: 17.12.0-stretch 17.09.1-stretch 17.09.0-stretch 17.06.2-stretch 17.03.2-stretch - -17.12.0-xenial: - $(DOCKER) build --build-arg RUNC_COMMIT="b2567b37d7b75eb4cf325b77297b140ea686ce8f" \ - --build-arg PKG_VERS="$(VERSION)+docker17.12.0" \ - --build-arg PKG_REV="$(PKG_REV)" \ - -t nvidia-container-runtime:$@ -f Dockerfile.xenial . - $(DOCKER) run --rm -v $(DIST_DIR)/xenial:/dist:Z nvidia-container-runtime:$@ - -17.09.1-xenial: - $(DOCKER) build --build-arg RUNC_COMMIT="3f2f8b84a77f73d38244dd690525642a72156c64" \ - --build-arg PKG_VERS="$(VERSION)+docker17.09.1" \ - --build-arg PKG_REV="$(PKG_REV)" \ - -t nvidia-container-runtime:$@ -f Dockerfile.xenial . - $(DOCKER) run --rm -v $(DIST_DIR)/xenial:/dist:Z nvidia-container-runtime:$@ - -17.09.0-xenial: - $(DOCKER) build --build-arg RUNC_COMMIT="3f2f8b84a77f73d38244dd690525642a72156c64" \ - --build-arg PKG_VERS="$(VERSION)+docker17.09.0" \ - --build-arg PKG_REV="$(PKG_REV)" \ - -t nvidia-container-runtime:$@ -f Dockerfile.xenial . - $(DOCKER) run --rm -v $(DIST_DIR)/xenial:/dist:Z nvidia-container-runtime:$@ - -17.06.2-xenial: - $(DOCKER) build --build-arg RUNC_COMMIT="810190ceaa507aa2727d7ae6f4790c76ec150bd2" \ - --build-arg PKG_VERS="$(VERSION)+docker17.06.2" \ - --build-arg PKG_REV="$(PKG_REV)" \ - -t nvidia-container-runtime:$@ -f Dockerfile.xenial . - $(DOCKER) run --rm -v $(DIST_DIR)/xenial:/dist:Z nvidia-container-runtime:$@ - -17.03.2-xenial: - $(DOCKER) build --build-arg RUNC_COMMIT="54296cf40ad8143b62dbcaa1d90e520a2136ddfe" \ - --build-arg PKG_VERS="$(VERSION)+docker17.03.2" \ - --build-arg PKG_REV="$(PKG_REV)" \ - -t nvidia-container-runtime:$@ -f Dockerfile.xenial . - $(DOCKER) run --rm -v $(DIST_DIR)/xenial:/dist:Z nvidia-container-runtime:$@ - -1.13.1-xenial: - $(DOCKER) build --build-arg RUNC_COMMIT="9df8b306d01f59d3a8029be411de015b7304dd8f" \ - --build-arg PKG_VERS="$(VERSION)+docker1.13.1" \ - --build-arg PKG_REV="$(PKG_REV)" \ - -t nvidia-container-runtime:$@ -f Dockerfile.xenial . - $(DOCKER) run --rm -v $(DIST_DIR)/xenial:/dist:Z nvidia-container-runtime:$@ - -1.12.6-xenial: - $(DOCKER) build --build-arg RUNC_COMMIT="50a19c6ff828c58e5dab13830bd3dacde268afe5" \ - --build-arg PKG_VERS="$(VERSION)+docker1.12.6" \ - --build-arg PKG_REV="$(PKG_REV)" \ - -t nvidia-container-runtime:$@ -f Dockerfile.xenial . - $(DOCKER) run --rm -v $(DIST_DIR)/xenial:/dist:Z nvidia-container-runtime:$@ - -17.12.0-centos7: - $(DOCKER) build --build-arg RUNC_COMMIT="b2567b37d7b75eb4cf325b77297b140ea686ce8f" \ - --build-arg PKG_VERS="$(VERSION)" \ - --build-arg PKG_REV="$(PKG_REV).docker17.12.0" \ - -t nvidia-container-runtime:$@ -f Dockerfile.centos7 . - $(DOCKER) run --rm -v $(DIST_DIR)/centos7:/dist:Z nvidia-container-runtime:$@ - -17.09.1-centos7: - $(DOCKER) build --build-arg RUNC_COMMIT="3f2f8b84a77f73d38244dd690525642a72156c64" \ - --build-arg PKG_VERS="$(VERSION)" \ - --build-arg PKG_REV="$(PKG_REV).docker17.09.1" \ - -t nvidia-container-runtime:$@ -f Dockerfile.centos7 . - $(DOCKER) run --rm -v $(DIST_DIR)/centos7:/dist:Z nvidia-container-runtime:$@ - -17.09.0-centos7: - $(DOCKER) build --build-arg RUNC_COMMIT="3f2f8b84a77f73d38244dd690525642a72156c64" \ - --build-arg PKG_VERS="$(VERSION)" \ - --build-arg PKG_REV="$(PKG_REV).docker17.09.0" \ - -t nvidia-container-runtime:$@ -f Dockerfile.centos7 . - $(DOCKER) run --rm -v $(DIST_DIR)/centos7:/dist:Z nvidia-container-runtime:$@ - -17.06.2-centos7: - $(DOCKER) build --build-arg RUNC_COMMIT="810190ceaa507aa2727d7ae6f4790c76ec150bd2" \ - --build-arg PKG_VERS="$(VERSION)" \ - --build-arg PKG_REV="$(PKG_REV).docker17.06.2" \ - -t nvidia-container-runtime:$@ -f Dockerfile.centos7 . - $(DOCKER) run --rm -v $(DIST_DIR)/centos7:/dist:Z nvidia-container-runtime:$@ +# Build all packages for a specific distribution. +xenial: runtime-xenial hook-xenial -17.03.2-centos7: - $(DOCKER) build --build-arg RUNC_COMMIT="54296cf40ad8143b62dbcaa1d90e520a2136ddfe" \ - --build-arg PKG_VERS="$(VERSION)" \ - --build-arg PKG_REV="$(PKG_REV).docker17.03.2" \ - -t nvidia-container-runtime:$@ -f Dockerfile.centos7 . - $(DOCKER) run --rm -v $(DIST_DIR)/centos7:/dist:Z nvidia-container-runtime:$@ +centos7: runtime-centos7 hook-centos7 -1.13.1-centos7: - $(DOCKER) build --build-arg RUNC_COMMIT="9df8b306d01f59d3a8029be411de015b7304dd8f" \ - --build-arg PKG_VERS="$(VERSION)" \ - --build-arg PKG_REV="$(PKG_REV).docker1.13.1" \ - -t nvidia-container-runtime:$@ -f Dockerfile.centos7 . - $(DOCKER) run --rm -v $(DIST_DIR)/centos7:/dist:Z nvidia-container-runtime:$@ +stretch: runtime-stretch hook-stretch -1.12.6-centos7: - $(DOCKER) build --build-arg RUNC_COMMIT="50a19c6ff828c58e5dab13830bd3dacde268afe5" \ - --build-arg PKG_VERS="$(VERSION)" \ - --build-arg PKG_REV="$(PKG_REV).docker1.12.6" \ - -t nvidia-container-runtime:$@ -f Dockerfile.centos7 . - $(DOCKER) run --rm -v $(DIST_DIR)/centos7:/dist:Z nvidia-container-runtime:$@ +base-%: $(CURDIR)/base/Dockerfile.% + make -C $(CURDIR)/base $* -17.12.0-stretch: - $(DOCKER) build --build-arg RUNC_COMMIT="b2567b37d7b75eb4cf325b77297b140ea686ce8f" \ - --build-arg PKG_VERS="$(VERSION)+docker17.12.0" \ - --build-arg PKG_REV="$(PKG_REV)" \ - -t nvidia-container-runtime:$@ -f Dockerfile.stretch . - $(DOCKER) run --rm -v $(DIST_DIR)/stretch:/dist:Z nvidia-container-runtime:$@ +hook-%: base-% $(CURDIR)/hook/Dockerfile.% + make -C $(CURDIR)/hook $* -17.09.1-stretch: - $(DOCKER) build --build-arg RUNC_COMMIT="3f2f8b84a77f73d38244dd690525642a72156c64" \ - --build-arg PKG_VERS="$(VERSION)+docker17.09.1" \ - --build-arg PKG_REV="$(PKG_REV)" \ - -t nvidia-container-runtime:$@ -f Dockerfile.stretch . - $(DOCKER) run --rm -v $(DIST_DIR)/stretch:/dist:Z nvidia-container-runtime:$@ +runtime-%: base-% $(CURDIR)/runtime/Dockerfile.% + make -C $(CURDIR)/runtime $* -17.09.0-stretch: - $(DOCKER) build --build-arg RUNC_COMMIT="3f2f8b84a77f73d38244dd690525642a72156c64" \ - --build-arg PKG_VERS="$(VERSION)+docker17.09.0" \ - --build-arg PKG_REV="$(PKG_REV)" \ - -t nvidia-container-runtime:$@ -f Dockerfile.stretch . - $(DOCKER) run --rm -v $(DIST_DIR)/stretch:/dist:Z nvidia-container-runtime:$@ +# Build nvidia-container-runtime for specific versions of docker. +%-runtime-xenial: base-xenial + make -C $(CURDIR)/runtime $*-xenial -17.06.2-stretch: - $(DOCKER) build --build-arg RUNC_COMMIT="810190ceaa507aa2727d7ae6f4790c76ec150bd2" \ - --build-arg PKG_VERS="$(VERSION)+docker17.06.2" \ - --build-arg PKG_REV="$(PKG_REV)" \ - -t nvidia-container-runtime:$@ -f Dockerfile.stretch . - $(DOCKER) run --rm -v $(DIST_DIR)/stretch:/dist:Z nvidia-container-runtime:$@ +%-runtime-stretch: base-stretch + make -C $(CURDIR)/runtime $*-stretch -17.03.2-stretch: - $(DOCKER) build --build-arg RUNC_COMMIT="54296cf40ad8143b62dbcaa1d90e520a2136ddfe" \ - --build-arg PKG_VERS="$(VERSION)+docker17.03.2" \ - --build-arg PKG_REV="$(PKG_REV)" \ - -t nvidia-container-runtime:$@ -f Dockerfile.stretch . - $(DOCKER) run --rm -v $(DIST_DIR)/stretch:/dist:Z nvidia-container-runtime:$@ +%-runtime-centos7: base-centos7 + make -C $(CURDIR)/runtime $*-centos7 diff --git a/base/Dockerfile.centos7 b/base/Dockerfile.centos7 new file mode 100644 index 0000000..ddb4bbb --- /dev/null +++ b/base/Dockerfile.centos7 @@ -0,0 +1,23 @@ +FROM centos:7 + +RUN yum install -y \ + ca-certificates \ + wget \ + git \ + rpm-build && \ + rm -rf /var/cache/yum/* + +ARG GOLANG_VERSION=0.0.0 +RUN set -eux; \ + \ + arch="$(uname -m)"; \ + case "${arch##*-}" in \ + x86_64 | amd64) ARCH='amd64' ;; \ + ppc64el | ppc64le) ARCH='ppc64le' ;; \ + *) echo "unsupported architecture"; exit 1 ;; \ + esac; \ + wget -nv -O - https://storage.googleapis.com/golang/go${GOLANG_VERSION}.linux-${ARCH}.tar.gz \ + | tar -C /usr/local -xz + +ENV GOPATH /go +ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH diff --git a/base/Dockerfile.stretch b/base/Dockerfile.stretch new file mode 100644 index 0000000..a59fc47 --- /dev/null +++ b/base/Dockerfile.stretch @@ -0,0 +1,26 @@ +FROM debian:stretch + +RUN apt-get update && apt-get install -y --no-install-recommends \ + wget \ + ca-certificates \ + git \ + build-essential \ + dh-make \ + fakeroot \ + devscripts && \ + rm -rf /var/lib/apt/lists/* + +ARG GOLANG_VERSION=0.0.0 +RUN set -eux; \ + \ + arch="$(uname -m)"; \ + case "${arch##*-}" in \ + x86_64 | amd64) ARCH='amd64' ;; \ + ppc64el | ppc64le) ARCH='ppc64le' ;; \ + *) echo "unsupported architecture" ; exit 1 ;; \ + esac; \ + wget -nv -O - https://storage.googleapis.com/golang/go${GOLANG_VERSION}.linux-${ARCH}.tar.gz \ + | tar -C /usr/local -xz + +ENV GOPATH /go +ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH diff --git a/base/Dockerfile.xenial b/base/Dockerfile.xenial new file mode 100644 index 0000000..83b52b9 --- /dev/null +++ b/base/Dockerfile.xenial @@ -0,0 +1,26 @@ +FROM ubuntu:xenial + +RUN apt-get update && apt-get install -y --no-install-recommends \ + wget \ + ca-certificates \ + git \ + build-essential \ + dh-make \ + fakeroot \ + devscripts && \ + rm -rf /var/lib/apt/lists/* + +ARG GOLANG_VERSION=0.0.0 +RUN set -eux; \ + \ + arch="$(uname -m)"; \ + case "${arch##*-}" in \ + x86_64 | amd64) ARCH='amd64' ;; \ + ppc64el | ppc64le) ARCH='ppc64le' ;; \ + *) echo "unsupported architecture" ; exit 1 ;; \ + esac; \ + wget -nv -O - https://storage.googleapis.com/golang/go${GOLANG_VERSION}.linux-${ARCH}.tar.gz \ + | tar -C /usr/local -xz + +ENV GOPATH /go +ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH diff --git a/base/Makefile b/base/Makefile new file mode 100644 index 0000000..c9a156c --- /dev/null +++ b/base/Makefile @@ -0,0 +1,14 @@ +# Copyright (c) 2017-2018, NVIDIA CORPORATION. All rights reserved. + +DOCKER ?= docker + +GOLANG_VERSION := 1.9.4 + +.NOTPARALLEL: +.PHONY: all + +all: xenial centos7 stretch + +%: $(CURDIR)/Dockerfile.% + $(DOCKER) build --build-arg GOLANG_VERSION="$(GOLANG_VERSION)" \ + -t nvidia/build-base:$@ -f Dockerfile.$@ . diff --git a/hook/Dockerfile.centos7 b/hook/Dockerfile.centos7 new file mode 100644 index 0000000..db25de7 --- /dev/null +++ b/hook/Dockerfile.centos7 @@ -0,0 +1,31 @@ +FROM nvidia/build-base:centos7 + +# packaging +ARG PKG_VERS +ARG PKG_REV + +ENV VERSION $PKG_VERS +ENV RELEASE $PKG_REV + +# output directory +ENV DIST_DIR=/tmp/nvidia-container-runtime-hook-$PKG_VERS/SOURCES +RUN mkdir -p $DIST_DIR + +# nvidia-container-runtime-hook +COPY nvidia-container-runtime-hook/ $GOPATH/src/nvidia-container-runtime-hook + +RUN go get -v nvidia-container-runtime-hook && \ + mv $GOPATH/bin/nvidia-container-runtime-hook $DIST_DIR/nvidia-container-runtime-hook + +COPY config.toml.centos7 $DIST_DIR/config.toml + +WORKDIR $DIST_DIR/.. +COPY rpm . + +CMD arch=$(uname -m) && \ + rpmbuild --clean --target=$arch -bb \ + -D "_topdir $PWD" \ + -D "version $VERSION" \ + -D "release $RELEASE" \ + SPECS/nvidia-container-runtime-hook.spec && \ + mv RPMS/$arch/*.rpm /dist diff --git a/hook/Dockerfile.stretch b/hook/Dockerfile.stretch new file mode 100644 index 0000000..a4fa7cc --- /dev/null +++ b/hook/Dockerfile.stretch @@ -0,0 +1,33 @@ +FROM nvidia/build-base:stretch + +# packaging +ARG PKG_VERS +ARG PKG_REV +ARG PKG_ARCH + +ENV DEBFULLNAME "NVIDIA CORPORATION" +ENV DEBEMAIL "cudatools@nvidia.com" +ENV REVISION "$PKG_VERS-$PKG_REV" +ENV DISTRIB "UNRELEASED" +ENV SECTION "" + +# output directory +ENV DIST_DIR=/tmp/nvidia-container-runtime-hook-$PKG_VERS +RUN mkdir -p $DIST_DIR + +# nvidia-container-runtime-hook +COPY nvidia-container-runtime-hook/ $GOPATH/src/nvidia-container-runtime-hook + +RUN go get -v nvidia-container-runtime-hook && \ + mv $GOPATH/bin/nvidia-container-runtime-hook $DIST_DIR/nvidia-container-runtime-hook + +COPY config.toml.stretch $DIST_DIR/config.toml + +WORKDIR $DIST_DIR +COPY debian ./debian + +RUN dch --create --package nvidia-container-runtime-hook -v "$REVISION" "v$REVISION" -D "$DISTRIB" && \ + dch -r "" + +CMD debuild -eSECTION --dpkg-buildpackage-hook='sh debian/prepare' -i -us -uc -b && \ + mv /tmp/nvidia-container-runtime-hook_*.deb /dist diff --git a/hook/Dockerfile.xenial b/hook/Dockerfile.xenial new file mode 100644 index 0000000..0968e12 --- /dev/null +++ b/hook/Dockerfile.xenial @@ -0,0 +1,33 @@ +FROM nvidia/build-base:xenial + +# packaging +ARG PKG_VERS +ARG PKG_REV +ARG PKG_ARCH + +ENV DEBFULLNAME "NVIDIA CORPORATION" +ENV DEBEMAIL "cudatools@nvidia.com" +ENV REVISION "$PKG_VERS-$PKG_REV" +ENV DISTRIB "UNRELEASED" +ENV SECTION "" + +# output directory +ENV DIST_DIR=/tmp/nvidia-container-runtime-hook-$PKG_VERS +RUN mkdir -p $DIST_DIR + +# nvidia-container-runtime-hook +COPY nvidia-container-runtime-hook/ $GOPATH/src/nvidia-container-runtime-hook + +RUN go get -v nvidia-container-runtime-hook && \ + mv $GOPATH/bin/nvidia-container-runtime-hook $DIST_DIR/nvidia-container-runtime-hook + +COPY config.toml.xenial $DIST_DIR/config.toml + +WORKDIR $DIST_DIR +COPY debian ./debian + +RUN dch --create --package nvidia-container-runtime-hook -v "$REVISION" "v$REVISION" -D "$DISTRIB" && \ + dch -r "" + +CMD debuild -eSECTION --dpkg-buildpackage-hook='sh debian/prepare' -i -us -uc -b && \ + mv /tmp/*.deb /dist diff --git a/hook/Makefile b/hook/Makefile new file mode 100644 index 0000000..a4359ba --- /dev/null +++ b/hook/Makefile @@ -0,0 +1,19 @@ +# Copyright (c) 2017-2018, NVIDIA CORPORATION. All rights reserved. + +DOCKER ?= docker + +VERSION := 1.2.1 +PKG_REV := 1 + +DIST_DIR := $(CURDIR)/../dist + +.NOTPARALLEL: +.PHONY: all + +all: xenial centos7 stretch + +%: $(CURDIR)/Dockerfile.% + $(DOCKER) build --build-arg PKG_VERS="$(VERSION)" \ + --build-arg PKG_REV="$(PKG_REV)" \ + -t nvidia-container-runtime-hook:$@ -f Dockerfile.$@ . + $(DOCKER) run --rm -v $(DIST_DIR)/$@:/dist:Z nvidia-container-runtime-hook:$@ diff --git a/config.toml.centos7 b/hook/config.toml.centos7 similarity index 100% rename from config.toml.centos7 rename to hook/config.toml.centos7 diff --git a/config.toml.stretch b/hook/config.toml.stretch similarity index 100% rename from config.toml.stretch rename to hook/config.toml.stretch diff --git a/config.toml.xenial b/hook/config.toml.xenial similarity index 100% rename from config.toml.xenial rename to hook/config.toml.xenial diff --git a/debian/compat b/hook/debian/compat similarity index 100% rename from debian/compat rename to hook/debian/compat diff --git a/hook/debian/control b/hook/debian/control new file mode 100644 index 0000000..ef2f836 --- /dev/null +++ b/hook/debian/control @@ -0,0 +1,17 @@ +Source: nvidia-container-runtime-hook +Section: @SECTION@utils +Priority: optional +Maintainer: NVIDIA CORPORATION +Standards-Version: 3.9.8 +Homepage: https://github.com/NVIDIA/nvidia-container-runtime/wiki +Vcs-Git: https://github.com/NVIDIA/nvidia-container-runtime +Vcs-Browser: https://github.com/NVIDIA/nvidia-container-runtime +Build-Depends: debhelper (>= 9) + +Package: nvidia-container-runtime-hook +Architecture: any +Depends: ${misc:Depends}, libnvidia-container-tools (>= 0.1.0), libnvidia-container-tools (<< 2.0.0) +Breaks: nvidia-container-runtime (<< 2.0.0) +Replaces: nvidia-container-runtime (<< 2.0.0) +Description: NVIDIA container runtime hook + Provides a OCI hook to enable GPU support in containers. diff --git a/debian/copyright b/hook/debian/copyright similarity index 66% rename from debian/copyright rename to hook/debian/copyright index b94e24e..67e33d5 100644 --- a/debian/copyright +++ b/hook/debian/copyright @@ -1,32 +1,11 @@ Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ -Upstream-Name: nvidia-container-runtime +Upstream-Name: nvidia-container-runtime-hook Source: https://github.com/NVIDIA/nvidia-container-runtime Files: * Copyright: 2017-2018 NVIDIA CORPORATION License: BSD-3-Clause -Files: runc/* -Copyright: 2017-2018 NVIDIA CORPORATION -License: Apache-2 -Comment: https://github.com/opencontainers/runc/blob/master/NOTICE - -License: Apache-2 - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - . - http://www.apache.org/licenses/LICENSE-2.0 - . - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - . - On Debian systems, the complete text of the Apache License 2.0 can - be found in "/usr/share/common-licenses/Apache-2.0" - License: BSD-3-clause Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are diff --git a/debian/nvidia-container-runtime.install b/hook/debian/nvidia-container-runtime-hook.install similarity index 52% rename from debian/nvidia-container-runtime.install rename to hook/debian/nvidia-container-runtime-hook.install index 537d06a..4bcfe09 100644 --- a/debian/nvidia-container-runtime.install +++ b/hook/debian/nvidia-container-runtime-hook.install @@ -1,2 +1,2 @@ config.toml /etc/nvidia-container-runtime -nvidia-* /usr/bin \ No newline at end of file +nvidia-container-runtime-hook /usr/bin \ No newline at end of file diff --git a/debian/nvidia-container-runtime.lintian-overrides b/hook/debian/nvidia-container-runtime-hook.lintian-overrides similarity index 77% rename from debian/nvidia-container-runtime.lintian-overrides rename to hook/debian/nvidia-container-runtime-hook.lintian-overrides index 87b11c8..9b839d9 100644 --- a/debian/nvidia-container-runtime.lintian-overrides +++ b/hook/debian/nvidia-container-runtime-hook.lintian-overrides @@ -1,3 +1,4 @@ new-package-should-close-itp-bug binary-without-manpage statically-linked-binary +description-is-pkg-name diff --git a/debian/prepare b/hook/debian/prepare similarity index 100% rename from debian/prepare rename to hook/debian/prepare diff --git a/debian/rules b/hook/debian/rules similarity index 100% rename from debian/rules rename to hook/debian/rules diff --git a/nvidia-container-runtime-hook/container_config.go b/hook/nvidia-container-runtime-hook/container_config.go similarity index 100% rename from nvidia-container-runtime-hook/container_config.go rename to hook/nvidia-container-runtime-hook/container_config.go diff --git a/nvidia-container-runtime-hook/hook_config.go b/hook/nvidia-container-runtime-hook/hook_config.go similarity index 100% rename from nvidia-container-runtime-hook/hook_config.go rename to hook/nvidia-container-runtime-hook/hook_config.go diff --git a/nvidia-container-runtime-hook/hook_test.go b/hook/nvidia-container-runtime-hook/hook_test.go similarity index 100% rename from nvidia-container-runtime-hook/hook_test.go rename to hook/nvidia-container-runtime-hook/hook_test.go diff --git a/nvidia-container-runtime-hook/main.go b/hook/nvidia-container-runtime-hook/main.go similarity index 100% rename from nvidia-container-runtime-hook/main.go rename to hook/nvidia-container-runtime-hook/main.go diff --git a/hook/rpm/SOURCES/LICENSE b/hook/rpm/SOURCES/LICENSE new file mode 100644 index 0000000..d80ee24 --- /dev/null +++ b/hook/rpm/SOURCES/LICENSE @@ -0,0 +1,25 @@ +Copyright (c) 2017-2018, NVIDIA CORPORATION. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + * Neither the name of NVIDIA CORPORATION nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS ``AS IS'' AND ANY +EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, +EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR +PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY +OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/hook/rpm/SPECS/nvidia-container-runtime-hook.spec b/hook/rpm/SPECS/nvidia-container-runtime-hook.spec new file mode 100644 index 0000000..ac697b8 --- /dev/null +++ b/hook/rpm/SPECS/nvidia-container-runtime-hook.spec @@ -0,0 +1,37 @@ +Name: nvidia-container-runtime-hook +Version: %{version} +Release: %{release} +Group: Development Tools + +Vendor: NVIDIA CORPORATION +Packager: NVIDIA CORPORATION + +Summary: NVIDIA container runtime hook +URL: https://github.com/NVIDIA/nvidia-container-runtime +License: BSD + +Source0: nvidia-container-runtime-hook +Source1: config.toml +Source2: LICENSE + +Obsoletes: nvidia-container-runtime < 2.0.0 +Requires: libnvidia-container-tools >= 0.1.0, libnvidia-container-tools < 2.0.0 + +%description +Provides a OCI hook to enable GPU support in containers. + +%prep +cp %{SOURCE0} %{SOURCE1} %{SOURCE2} . + +%install +mkdir -p %{buildroot}%{_bindir} +install -m 755 -t %{buildroot}%{_bindir} nvidia-container-runtime-hook +mkdir -p %{buildroot}/etc/nvidia-container-runtime +install -m 644 -t %{buildroot}/etc/nvidia-container-runtime config.toml + +%files +%license LICENSE +%{_bindir}/nvidia-container-runtime-hook +/etc/nvidia-container-runtime/config.toml + +%changelog diff --git a/Dockerfile.centos7 b/runtime/Dockerfile.centos7 similarity index 62% rename from Dockerfile.centos7 rename to runtime/Dockerfile.centos7 index b87fa78..118e082 100644 --- a/Dockerfile.centos7 +++ b/runtime/Dockerfile.centos7 @@ -1,4 +1,4 @@ -FROM centos:7 +FROM nvidia/build-base:centos7 # Install a more version of git (for vndr) RUN yum install -y \ @@ -21,35 +21,19 @@ RUN GIT_DOWNLOAD_SUM=e19d450648d6d100eb93abaa5d06ffbc778394fb502354b7026d73e9bcb # runc dependencies RUN yum install -y \ - ca-certificates \ - wget \ pkgconfig \ gcc \ libseccomp-devel \ libselinux-devel && \ rm -rf /var/cache/yum/* -ENV GOLANG_VERSION 1.9.4 -RUN set -eux; \ - \ - arch="$(uname -m)"; \ - case "${arch##*-}" in \ - x86_64 | amd64) ARCH='amd64' ;; \ - ppc64el | ppc64le) ARCH='ppc64le' ;; \ - *) echo "unsupported architecture"; exit 1 ;; \ - esac; \ - wget -nv -O - https://storage.googleapis.com/golang/go${GOLANG_VERSION}.linux-${ARCH}.tar.gz \ - | tar -C /usr/local -xz - -ENV GOPATH /go -ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH - RUN go get github.com/LK4D4/vndr -# packaging dependencies -RUN yum install -y \ - rpm-build && \ - rm -rf /var/cache/yum/* +# runc +WORKDIR $GOPATH/src/github.com/opencontainers/runc + +RUN git clone https://github.com/docker/runc.git . && \ + git fetch https://github.com/opencontainers/runc.git # packaging ARG PKG_VERS @@ -62,27 +46,15 @@ ENV RELEASE $PKG_REV ENV DIST_DIR=/tmp/nvidia-container-runtime-$PKG_VERS/SOURCES RUN mkdir -p $DIST_DIR -# runc -WORKDIR $GOPATH/src/github.com/opencontainers/runc - ARG RUNC_COMMIT COPY runc/$RUNC_COMMIT/ /tmp/patches/runc -RUN git clone https://github.com/docker/runc.git . && \ - git fetch https://github.com/opencontainers/runc.git && \ - git checkout $RUNC_COMMIT && \ + +RUN git checkout $RUNC_COMMIT && \ git apply /tmp/patches/runc/* && \ if [ -f vendor.conf ]; then vndr; fi && \ make BUILDTAGS="seccomp selinux" && \ mv runc $DIST_DIR/nvidia-container-runtime -# nvidia-container-runtime-hook -COPY nvidia-container-runtime-hook/ $GOPATH/src/nvidia-container-runtime-hook - -RUN go get -v nvidia-container-runtime-hook && \ - mv $GOPATH/bin/nvidia-container-runtime-hook $DIST_DIR/nvidia-container-runtime-hook - -COPY config.toml.centos7 $DIST_DIR/config.toml - WORKDIR $DIST_DIR/.. COPY rpm . diff --git a/Dockerfile.stretch b/runtime/Dockerfile.stretch similarity index 50% rename from Dockerfile.stretch rename to runtime/Dockerfile.stretch index a2c00e0..1a1f6b4 100644 --- a/Dockerfile.stretch +++ b/runtime/Dockerfile.stretch @@ -1,41 +1,20 @@ -FROM debian:stretch +FROM nvidia/build-base:stretch # runc dependencies RUN apt-get update && apt-get install -y \ - wget \ - git \ - make \ pkg-config \ - gcc \ libseccomp-dev \ libapparmor-dev \ libselinux1-dev && \ rm -rf /var/lib/apt/lists/* -ENV GOLANG_VERSION 1.9.4 -RUN set -eux; \ - \ - arch="$(uname -m)"; \ - case "${arch##*-}" in \ - x86_64 | amd64) ARCH='amd64' ;; \ - ppc64el | ppc64le) ARCH='ppc64le' ;; \ - *) echo "unsupported architecture" ; exit 1 ;; \ - esac; \ - wget -nv -O - https://storage.googleapis.com/golang/go${GOLANG_VERSION}.linux-${ARCH}.tar.gz \ - | tar -C /usr/local -xz - -ENV GOPATH /go -ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH - RUN go get github.com/LK4D4/vndr -# packaging dependencies -RUN apt-get update && apt-get install -y --no-install-recommends \ - build-essential \ - dh-make \ - fakeroot \ - devscripts && \ - rm -rf /var/lib/apt/lists/* +# runc +WORKDIR $GOPATH/src/github.com/opencontainers/runc + +RUN git clone https://github.com/docker/runc.git . && \ + git fetch https://github.com/opencontainers/runc.git # packaging ARG PKG_VERS @@ -52,27 +31,15 @@ ENV SECTION "" ENV DIST_DIR=/tmp/nvidia-container-runtime-$PKG_VERS RUN mkdir -p $DIST_DIR -# runc -WORKDIR $GOPATH/src/github.com/opencontainers/runc - ARG RUNC_COMMIT COPY runc/$RUNC_COMMIT/ /tmp/patches/runc -RUN git clone https://github.com/docker/runc.git . && \ - git fetch https://github.com/opencontainers/runc.git && \ - git checkout $RUNC_COMMIT && \ + +RUN git checkout $RUNC_COMMIT && \ git apply /tmp/patches/runc/* && \ if [ -f vendor.conf ]; then vndr; fi && \ make BUILDTAGS="seccomp apparmor selinux" && \ mv runc $DIST_DIR/nvidia-container-runtime -# nvidia-container-runtime-hook -COPY nvidia-container-runtime-hook/ $GOPATH/src/nvidia-container-runtime-hook - -RUN go get -v nvidia-container-runtime-hook && \ - mv $GOPATH/bin/nvidia-container-runtime-hook $DIST_DIR/nvidia-container-runtime-hook - -COPY config.toml.stretch $DIST_DIR/config.toml - WORKDIR $DIST_DIR COPY debian ./debian diff --git a/Dockerfile.xenial b/runtime/Dockerfile.xenial similarity index 51% rename from Dockerfile.xenial rename to runtime/Dockerfile.xenial index 59e3171..356dfc6 100644 --- a/Dockerfile.xenial +++ b/runtime/Dockerfile.xenial @@ -1,40 +1,20 @@ -FROM ubuntu:xenial +FROM nvidia/build-base:xenial # runc dependencies RUN apt-get update && apt-get install -y \ - wget \ - git \ - make \ pkg-config \ - gcc \ libseccomp-dev \ libapparmor-dev \ libselinux1-dev && \ rm -rf /var/lib/apt/lists/* -ENV GOLANG_VERSION 1.9.4 -RUN set -eux; \ - \ - arch="$(uname -m)"; \ - case "${arch##*-}" in \ - x86_64 | amd64) ARCH='amd64' ;; \ - ppc64el | ppc64le) ARCH='ppc64le' ;; \ - *) echo "unsupported architecture" ; exit 1 ;; \ - esac; \ - wget -nv -O - https://storage.googleapis.com/golang/go${GOLANG_VERSION}.linux-${ARCH}.tar.gz \ - | tar -C /usr/local -xz - -ENV GOPATH /go -ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH - RUN go get github.com/LK4D4/vndr -# packaging dependencies -RUN apt-get update && apt-get install -y --no-install-recommends \ - dh-make \ - fakeroot \ - devscripts && \ - rm -rf /var/lib/apt/lists/* +# runc +WORKDIR $GOPATH/src/github.com/opencontainers/runc + +RUN git clone https://github.com/docker/runc.git . && \ + git fetch https://github.com/opencontainers/runc.git # packaging ARG PKG_VERS @@ -51,27 +31,15 @@ ENV SECTION "" ENV DIST_DIR=/tmp/nvidia-container-runtime-$PKG_VERS RUN mkdir -p $DIST_DIR -# runc -WORKDIR $GOPATH/src/github.com/opencontainers/runc - ARG RUNC_COMMIT COPY runc/$RUNC_COMMIT/ /tmp/patches/runc -RUN git clone https://github.com/docker/runc.git . && \ - git fetch https://github.com/opencontainers/runc.git && \ - git checkout $RUNC_COMMIT && \ + +RUN git checkout $RUNC_COMMIT && \ git apply /tmp/patches/runc/* && \ if [ -f vendor.conf ]; then vndr; fi && \ make BUILDTAGS="seccomp apparmor selinux" && \ mv runc $DIST_DIR/nvidia-container-runtime -# nvidia-container-runtime-hook -COPY nvidia-container-runtime-hook/ $GOPATH/src/nvidia-container-runtime-hook - -RUN go get -v nvidia-container-runtime-hook && \ - mv $GOPATH/bin/nvidia-container-runtime-hook $DIST_DIR/nvidia-container-runtime-hook - -COPY config.toml.xenial $DIST_DIR/config.toml - WORKDIR $DIST_DIR COPY debian ./debian diff --git a/runtime/Makefile b/runtime/Makefile new file mode 100644 index 0000000..c699486 --- /dev/null +++ b/runtime/Makefile @@ -0,0 +1,152 @@ +# Copyright (c) 2017-2018, NVIDIA CORPORATION. All rights reserved. + +DOCKER ?= docker + +VERSION := 2.0.0 +PKG_REV := 1 + +DIST_DIR := $(CURDIR)/../dist + +.NOTPARALLEL: +.PHONY: all + +all: xenial centos7 stretch + +xenial: 17.12.0-xenial 17.09.1-xenial 17.09.0-xenial 17.06.2-xenial 17.03.2-xenial 1.13.1-xenial 1.12.6-xenial + +centos7: 17.12.0-centos7 17.09.1-centos7 17.09.0-centos7 17.06.2-centos7 17.03.2-centos7 1.13.1-centos7 1.12.6-centos7 + +stretch: 17.12.0-stretch 17.09.1-stretch 17.09.0-stretch 17.06.2-stretch 17.03.2-stretch + +17.12.0-xenial: + $(DOCKER) build --build-arg RUNC_COMMIT="b2567b37d7b75eb4cf325b77297b140ea686ce8f" \ + --build-arg PKG_VERS="$(VERSION)+docker17.12.0" \ + --build-arg PKG_REV="$(PKG_REV)" \ + -t nvidia-container-runtime:$@ -f Dockerfile.xenial . + $(DOCKER) run --rm -v $(DIST_DIR)/xenial:/dist:Z nvidia-container-runtime:$@ + +17.09.1-xenial: + $(DOCKER) build --build-arg RUNC_COMMIT="3f2f8b84a77f73d38244dd690525642a72156c64" \ + --build-arg PKG_VERS="$(VERSION)+docker17.09.1" \ + --build-arg PKG_REV="$(PKG_REV)" \ + -t nvidia-container-runtime:$@ -f Dockerfile.xenial . + $(DOCKER) run --rm -v $(DIST_DIR)/xenial:/dist:Z nvidia-container-runtime:$@ + +17.09.0-xenial: + $(DOCKER) build --build-arg RUNC_COMMIT="3f2f8b84a77f73d38244dd690525642a72156c64" \ + --build-arg PKG_VERS="$(VERSION)+docker17.09.0" \ + --build-arg PKG_REV="$(PKG_REV)" \ + -t nvidia-container-runtime:$@ -f Dockerfile.xenial . + $(DOCKER) run --rm -v $(DIST_DIR)/xenial:/dist:Z nvidia-container-runtime:$@ + +17.06.2-xenial: + $(DOCKER) build --build-arg RUNC_COMMIT="810190ceaa507aa2727d7ae6f4790c76ec150bd2" \ + --build-arg PKG_VERS="$(VERSION)+docker17.06.2" \ + --build-arg PKG_REV="$(PKG_REV)" \ + -t nvidia-container-runtime:$@ -f Dockerfile.xenial . + $(DOCKER) run --rm -v $(DIST_DIR)/xenial:/dist:Z nvidia-container-runtime:$@ + +17.03.2-xenial: + $(DOCKER) build --build-arg RUNC_COMMIT="54296cf40ad8143b62dbcaa1d90e520a2136ddfe" \ + --build-arg PKG_VERS="$(VERSION)+docker17.03.2" \ + --build-arg PKG_REV="$(PKG_REV)" \ + -t nvidia-container-runtime:$@ -f Dockerfile.xenial . + $(DOCKER) run --rm -v $(DIST_DIR)/xenial:/dist:Z nvidia-container-runtime:$@ + +1.13.1-xenial: + $(DOCKER) build --build-arg RUNC_COMMIT="9df8b306d01f59d3a8029be411de015b7304dd8f" \ + --build-arg PKG_VERS="$(VERSION)+docker1.13.1" \ + --build-arg PKG_REV="$(PKG_REV)" \ + -t nvidia-container-runtime:$@ -f Dockerfile.xenial . + $(DOCKER) run --rm -v $(DIST_DIR)/xenial:/dist:Z nvidia-container-runtime:$@ + +1.12.6-xenial: + $(DOCKER) build --build-arg RUNC_COMMIT="50a19c6ff828c58e5dab13830bd3dacde268afe5" \ + --build-arg PKG_VERS="$(VERSION)+docker1.12.6" \ + --build-arg PKG_REV="$(PKG_REV)" \ + -t nvidia-container-runtime:$@ -f Dockerfile.xenial . + $(DOCKER) run --rm -v $(DIST_DIR)/xenial:/dist:Z nvidia-container-runtime:$@ + +17.12.0-centos7: + $(DOCKER) build --build-arg RUNC_COMMIT="b2567b37d7b75eb4cf325b77297b140ea686ce8f" \ + --build-arg PKG_VERS="$(VERSION)" \ + --build-arg PKG_REV="$(PKG_REV).docker17.12.0" \ + -t nvidia-container-runtime:$@ -f Dockerfile.centos7 . + $(DOCKER) run --rm -v $(DIST_DIR)/centos7:/dist:Z nvidia-container-runtime:$@ + +17.09.1-centos7: + $(DOCKER) build --build-arg RUNC_COMMIT="3f2f8b84a77f73d38244dd690525642a72156c64" \ + --build-arg PKG_VERS="$(VERSION)" \ + --build-arg PKG_REV="$(PKG_REV).docker17.09.1" \ + -t nvidia-container-runtime:$@ -f Dockerfile.centos7 . + $(DOCKER) run --rm -v $(DIST_DIR)/centos7:/dist:Z nvidia-container-runtime:$@ + +17.09.0-centos7: + $(DOCKER) build --build-arg RUNC_COMMIT="3f2f8b84a77f73d38244dd690525642a72156c64" \ + --build-arg PKG_VERS="$(VERSION)" \ + --build-arg PKG_REV="$(PKG_REV).docker17.09.0" \ + -t nvidia-container-runtime:$@ -f Dockerfile.centos7 . + $(DOCKER) run --rm -v $(DIST_DIR)/centos7:/dist:Z nvidia-container-runtime:$@ + +17.06.2-centos7: + $(DOCKER) build --build-arg RUNC_COMMIT="810190ceaa507aa2727d7ae6f4790c76ec150bd2" \ + --build-arg PKG_VERS="$(VERSION)" \ + --build-arg PKG_REV="$(PKG_REV).docker17.06.2" \ + -t nvidia-container-runtime:$@ -f Dockerfile.centos7 . + $(DOCKER) run --rm -v $(DIST_DIR)/centos7:/dist:Z nvidia-container-runtime:$@ + +17.03.2-centos7: + $(DOCKER) build --build-arg RUNC_COMMIT="54296cf40ad8143b62dbcaa1d90e520a2136ddfe" \ + --build-arg PKG_VERS="$(VERSION)" \ + --build-arg PKG_REV="$(PKG_REV).docker17.03.2" \ + -t nvidia-container-runtime:$@ -f Dockerfile.centos7 . + $(DOCKER) run --rm -v $(DIST_DIR)/centos7:/dist:Z nvidia-container-runtime:$@ + +1.13.1-centos7: + $(DOCKER) build --build-arg RUNC_COMMIT="9df8b306d01f59d3a8029be411de015b7304dd8f" \ + --build-arg PKG_VERS="$(VERSION)" \ + --build-arg PKG_REV="$(PKG_REV).docker1.13.1" \ + -t nvidia-container-runtime:$@ -f Dockerfile.centos7 . + $(DOCKER) run --rm -v $(DIST_DIR)/centos7:/dist:Z nvidia-container-runtime:$@ + +1.12.6-centos7: + $(DOCKER) build --build-arg RUNC_COMMIT="50a19c6ff828c58e5dab13830bd3dacde268afe5" \ + --build-arg PKG_VERS="$(VERSION)" \ + --build-arg PKG_REV="$(PKG_REV).docker1.12.6" \ + -t nvidia-container-runtime:$@ -f Dockerfile.centos7 . + $(DOCKER) run --rm -v $(DIST_DIR)/centos7:/dist:Z nvidia-container-runtime:$@ + +17.12.0-stretch: + $(DOCKER) build --build-arg RUNC_COMMIT="b2567b37d7b75eb4cf325b77297b140ea686ce8f" \ + --build-arg PKG_VERS="$(VERSION)+docker17.12.0" \ + --build-arg PKG_REV="$(PKG_REV)" \ + -t nvidia-container-runtime:$@ -f Dockerfile.stretch . + $(DOCKER) run --rm -v $(DIST_DIR)/stretch:/dist:Z nvidia-container-runtime:$@ + +17.09.1-stretch: + $(DOCKER) build --build-arg RUNC_COMMIT="3f2f8b84a77f73d38244dd690525642a72156c64" \ + --build-arg PKG_VERS="$(VERSION)+docker17.09.1" \ + --build-arg PKG_REV="$(PKG_REV)" \ + -t nvidia-container-runtime:$@ -f Dockerfile.stretch . + $(DOCKER) run --rm -v $(DIST_DIR)/stretch:/dist:Z nvidia-container-runtime:$@ + +17.09.0-stretch: + $(DOCKER) build --build-arg RUNC_COMMIT="3f2f8b84a77f73d38244dd690525642a72156c64" \ + --build-arg PKG_VERS="$(VERSION)+docker17.09.0" \ + --build-arg PKG_REV="$(PKG_REV)" \ + -t nvidia-container-runtime:$@ -f Dockerfile.stretch . + $(DOCKER) run --rm -v $(DIST_DIR)/stretch:/dist:Z nvidia-container-runtime:$@ + +17.06.2-stretch: + $(DOCKER) build --build-arg RUNC_COMMIT="810190ceaa507aa2727d7ae6f4790c76ec150bd2" \ + --build-arg PKG_VERS="$(VERSION)+docker17.06.2" \ + --build-arg PKG_REV="$(PKG_REV)" \ + -t nvidia-container-runtime:$@ -f Dockerfile.stretch . + $(DOCKER) run --rm -v $(DIST_DIR)/stretch:/dist:Z nvidia-container-runtime:$@ + +17.03.2-stretch: + $(DOCKER) build --build-arg RUNC_COMMIT="54296cf40ad8143b62dbcaa1d90e520a2136ddfe" \ + --build-arg PKG_VERS="$(VERSION)+docker17.03.2" \ + --build-arg PKG_REV="$(PKG_REV)" \ + -t nvidia-container-runtime:$@ -f Dockerfile.stretch . + $(DOCKER) run --rm -v $(DIST_DIR)/stretch:/dist:Z nvidia-container-runtime:$@ diff --git a/runtime/debian/compat b/runtime/debian/compat new file mode 100644 index 0000000..ec63514 --- /dev/null +++ b/runtime/debian/compat @@ -0,0 +1 @@ +9 diff --git a/debian/control b/runtime/debian/control similarity index 80% rename from debian/control rename to runtime/debian/control index b05dcae..9c3cfce 100644 --- a/debian/control +++ b/runtime/debian/control @@ -10,7 +10,7 @@ Build-Depends: debhelper (>= 9) Package: nvidia-container-runtime Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, libnvidia-container-tools (>= 0.1.0), libnvidia-container-tools (<< 2.0.0), libseccomp2 +Depends: ${shlibs:Depends}, ${misc:Depends}, nvidia-container-runtime-hook (<< 2.0.0), libseccomp2 Description: NVIDIA container runtime Provides a modified version of runc allowing users to run GPU enabled containers. diff --git a/runtime/debian/copyright b/runtime/debian/copyright new file mode 100644 index 0000000..6102fd5 --- /dev/null +++ b/runtime/debian/copyright @@ -0,0 +1,24 @@ +Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: nvidia-container-runtime +Source: https://github.com/NVIDIA/nvidia-container-runtime + +Files: * +Copyright: 2017-2018 NVIDIA CORPORATION +License: Apache-2 +Comment: https://github.com/opencontainers/runc/blob/master/NOTICE + +License: Apache-2 + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + . + http://www.apache.org/licenses/LICENSE-2.0 + . + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + . + On Debian systems, the complete text of the Apache License 2.0 can + be found in "/usr/share/common-licenses/Apache-2.0" diff --git a/runtime/debian/nvidia-container-runtime.install b/runtime/debian/nvidia-container-runtime.install new file mode 100644 index 0000000..b7104e6 --- /dev/null +++ b/runtime/debian/nvidia-container-runtime.install @@ -0,0 +1 @@ +nvidia-container-runtime /usr/bin \ No newline at end of file diff --git a/runtime/debian/nvidia-container-runtime.lintian-overrides b/runtime/debian/nvidia-container-runtime.lintian-overrides new file mode 100644 index 0000000..273c48a --- /dev/null +++ b/runtime/debian/nvidia-container-runtime.lintian-overrides @@ -0,0 +1,3 @@ +new-package-should-close-itp-bug +binary-without-manpage +description-is-pkg-name diff --git a/runtime/debian/prepare b/runtime/debian/prepare new file mode 100755 index 0000000..a28095e --- /dev/null +++ b/runtime/debian/prepare @@ -0,0 +1,5 @@ +#! /bin/sh + +set -e + +sed -i "s;@SECTION@;${SECTION:+$SECTION/};g" debian/control diff --git a/runtime/debian/rules b/runtime/debian/rules new file mode 100755 index 0000000..f3908b2 --- /dev/null +++ b/runtime/debian/rules @@ -0,0 +1,7 @@ +#!/usr/bin/make -f +# -*- makefile -*- + +#export DH_VERBOSE=1 + +%: + dh $@ diff --git a/rpm/SOURCES/LICENSE b/runtime/rpm/SOURCES/LICENSE similarity index 87% rename from rpm/SOURCES/LICENSE rename to runtime/rpm/SOURCES/LICENSE index 34d4d73..f4446de 100644 --- a/rpm/SOURCES/LICENSE +++ b/runtime/rpm/SOURCES/LICENSE @@ -1,32 +1,3 @@ -Copyright (c) 2017-2018, NVIDIA CORPORATION. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - * Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - * Neither the name of NVIDIA CORPORATION nor the names of its - contributors may be used to endorse or promote products derived - from this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS ``AS IS'' AND ANY -EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR -CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, -EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR -PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY -OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - - -For runc/*: Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ diff --git a/rpm/SPECS/nvidia-container-runtime.spec b/runtime/rpm/SPECS/nvidia-container-runtime.spec similarity index 54% rename from rpm/SPECS/nvidia-container-runtime.spec rename to runtime/rpm/SPECS/nvidia-container-runtime.spec index 7e6b51e..2a7fafd 100644 --- a/rpm/SPECS/nvidia-container-runtime.spec +++ b/runtime/rpm/SPECS/nvidia-container-runtime.spec @@ -8,16 +8,14 @@ Packager: NVIDIA CORPORATION Summary: NVIDIA container runtime URL: https://github.com/NVIDIA/nvidia-container-runtime -# The entire source code is BSD except runc/* which is ASL 2.0 # runc NOTICE file: https://github.com/opencontainers/runc/blob/master/NOTICE -License: BSD and ASL 2.0 +License: ASL 2.0 Source0: nvidia-container-runtime -Source1: nvidia-container-runtime-hook -Source2: config.toml -Source3: LICENSE +Source1: LICENSE -Requires: libnvidia-container-tools >= 0.1.0, libnvidia-container-tools < 2.0.0 +Obsoletes: nvidia-container-runtime < 2.0.0 +Requires: nvidia-container-runtime-hook < 2.0.0 Requires: libseccomp %description @@ -25,19 +23,14 @@ Provides a modified version of runc allowing users to run GPU enabled containers. %prep -cp %{SOURCE0} %{SOURCE1} %{SOURCE2} %{SOURCE3} . +cp %{SOURCE0} %{SOURCE1} . %install mkdir -p %{buildroot}%{_bindir} install -m 755 -t %{buildroot}%{_bindir} nvidia-container-runtime -install -m 755 -t %{buildroot}%{_bindir} nvidia-container-runtime-hook -mkdir -p %{buildroot}/etc/nvidia-container-runtime -install -m 644 -t %{buildroot}/etc/nvidia-container-runtime config.toml %files %license LICENSE -%{_bindir}/nvidia-container-runtime-hook %{_bindir}/nvidia-container-runtime -/etc/nvidia-container-runtime/config.toml %changelog diff --git a/runc/3f2f8b84a77f73d38244dd690525642a72156c64/0001-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch b/runtime/runc/3f2f8b84a77f73d38244dd690525642a72156c64/0001-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch similarity index 100% rename from runc/3f2f8b84a77f73d38244dd690525642a72156c64/0001-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch rename to runtime/runc/3f2f8b84a77f73d38244dd690525642a72156c64/0001-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch diff --git a/runc/50a19c6ff828c58e5dab13830bd3dacde268afe5/0001-Fix-setup-cgroup-before-prestart-hook.patch b/runtime/runc/50a19c6ff828c58e5dab13830bd3dacde268afe5/0001-Fix-setup-cgroup-before-prestart-hook.patch similarity index 100% rename from runc/50a19c6ff828c58e5dab13830bd3dacde268afe5/0001-Fix-setup-cgroup-before-prestart-hook.patch rename to runtime/runc/50a19c6ff828c58e5dab13830bd3dacde268afe5/0001-Fix-setup-cgroup-before-prestart-hook.patch diff --git a/runc/50a19c6ff828c58e5dab13830bd3dacde268afe5/0002-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch b/runtime/runc/50a19c6ff828c58e5dab13830bd3dacde268afe5/0002-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch similarity index 100% rename from runc/50a19c6ff828c58e5dab13830bd3dacde268afe5/0002-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch rename to runtime/runc/50a19c6ff828c58e5dab13830bd3dacde268afe5/0002-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch diff --git a/runc/54296cf40ad8143b62dbcaa1d90e520a2136ddfe b/runtime/runc/54296cf40ad8143b62dbcaa1d90e520a2136ddfe similarity index 100% rename from runc/54296cf40ad8143b62dbcaa1d90e520a2136ddfe rename to runtime/runc/54296cf40ad8143b62dbcaa1d90e520a2136ddfe diff --git a/runc/810190ceaa507aa2727d7ae6f4790c76ec150bd2/0001-Fix-setup-cgroup-before-prestart-hook.patch b/runtime/runc/810190ceaa507aa2727d7ae6f4790c76ec150bd2/0001-Fix-setup-cgroup-before-prestart-hook.patch similarity index 100% rename from runc/810190ceaa507aa2727d7ae6f4790c76ec150bd2/0001-Fix-setup-cgroup-before-prestart-hook.patch rename to runtime/runc/810190ceaa507aa2727d7ae6f4790c76ec150bd2/0001-Fix-setup-cgroup-before-prestart-hook.patch diff --git a/runc/810190ceaa507aa2727d7ae6f4790c76ec150bd2/0002-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch b/runtime/runc/810190ceaa507aa2727d7ae6f4790c76ec150bd2/0002-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch similarity index 100% rename from runc/810190ceaa507aa2727d7ae6f4790c76ec150bd2/0002-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch rename to runtime/runc/810190ceaa507aa2727d7ae6f4790c76ec150bd2/0002-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch diff --git a/runc/9df8b306d01f59d3a8029be411de015b7304dd8f/0001-Fix-setup-cgroup-before-prestart-hook.patch b/runtime/runc/9df8b306d01f59d3a8029be411de015b7304dd8f/0001-Fix-setup-cgroup-before-prestart-hook.patch similarity index 100% rename from runc/9df8b306d01f59d3a8029be411de015b7304dd8f/0001-Fix-setup-cgroup-before-prestart-hook.patch rename to runtime/runc/9df8b306d01f59d3a8029be411de015b7304dd8f/0001-Fix-setup-cgroup-before-prestart-hook.patch diff --git a/runc/9df8b306d01f59d3a8029be411de015b7304dd8f/0002-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch b/runtime/runc/9df8b306d01f59d3a8029be411de015b7304dd8f/0002-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch similarity index 100% rename from runc/9df8b306d01f59d3a8029be411de015b7304dd8f/0002-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch rename to runtime/runc/9df8b306d01f59d3a8029be411de015b7304dd8f/0002-Add-prestart-hook-nvidia-container-runtime-hook-to-t.patch diff --git a/runc/b2567b37d7b75eb4cf325b77297b140ea686ce8f b/runtime/runc/b2567b37d7b75eb4cf325b77297b140ea686ce8f similarity index 100% rename from runc/b2567b37d7b75eb4cf325b77297b140ea686ce8f rename to runtime/runc/b2567b37d7b75eb4cf325b77297b140ea686ce8f -- GitLab