diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index 9d2678a..bb533f1 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -4,6 +4,7 @@ on: push: branches: - master + - feature/archlinux tags: jobs: @@ -23,6 +24,9 @@ jobs: include: - flavor: nvidia suffix: -nvidia + # NOTE: version 1.13.5 + version_libnvidia_container: 1a8bdbb5898b4fcfc273b7c372938054e00e3fd8 + version_nvidia_container_toolkit: 19b9024e3ed404609a2e31f52683385aaa726db6 steps: - name: Checkout @@ -77,6 +81,8 @@ jobs: context: ${{ matrix.flavor }} build-args: | version=${{ matrix.version }} + version_nvidia_container_toolkit=${{ matrix.version_nvidia_container_toolkit }} + version_libnvidia_container=${{ matrix.version_libnvidia_container }} push: true labels: ${{ steps.meta.outputs.labels }} tags: ${{ steps.meta.outputs.tags }} diff --git a/nvidia/Dockerfile b/nvidia/Dockerfile index 9cfac10..84c4f6b 100644 --- a/nvidia/Dockerfile +++ b/nvidia/Dockerfile @@ -1,13 +1,66 @@ -ARG base=ubuntu:22.04 +ARG base=archlinux ### -FROM ${base} +FROM ${base} as dep-base + +RUN pacman -Sy --noconfirm \ + base-devel \ + bmake \ + lsb-release \ + rpcsvc-proto && \ + # See https://github.com/NVIDIA/nvidia-container-toolkit/issues/113 + pacman -U --noconfirm https://archive.archlinux.org/packages/g/go/go-2:1.20.7-1-x86_64.pkg.tar.zst && \ + mkdir -p -m 0777 /.cache + +### + +FROM dep-base as dep-nvidia-container-toolkit + +ARG version_libnvidia_container= +ARG version_nvidia_container_toolkit= -ARG TARGETARCH +WORKDIR /tmp + +RUN curl --parallel \ + --output libnvidia-container.tar.gz https://gitlab.archlinux.org/archlinux/packaging/packages/libnvidia-container/-/archive/${version_libnvidia_container}/libnvidia-container-${version_libnvidia_container}.tar.gz \ + --output nvidia-container-toolkit.tar.gz https://gitlab.archlinux.org/archlinux/packaging/packages/nvidia-container-toolkit/-/archive/${version_nvidia_container_toolkit}/nvidia-container-toolkit-${version_nvidia_container_toolkit}.tar.gz && \ + runuser -u nobody -- \ + mkdir -p libnvidia-container && \ + tar -xvz --strip-components 1 -C libnvidia-container -f libnvidia-container.tar.gz && \ + runuser -u nobody -- \ + mkdir -p nvidia-container-toolkit && \ + tar -xvz --strip-components 1 -C nvidia-container-toolkit -f nvidia-container-toolkit.tar.gz && \ + (\ + cd libnvidia-container && \ + export pkgver=$(grep -Po '(?<=pkgver=).*$' PKGBUILD) && \ + runuser -u nobody -- \ + makepkg -f --cleanbuild && \ + cp libnvidia-container-${pkgver}-1-x86_64.pkg.tar.zst libnvidia-container.pkg.tar.zst && \ + cp libnvidia-container-tools-${pkgver}-1-x86_64.pkg.tar.zst libnvidia-container-tools.pkg.tar.zst && \ + pacman -U libnvidia-container.pkg.tar.zst libnvidia-container-tools.pkg.tar.zst \ + ) && \ + (\ + cd nvidia-container-toolkit && \ + export pkgver=$(grep -Po '(?<=pkgver=).*$' PKGBUILD) && \ + runuser -u nobody -- \ + makepkg -f --cleanbuild && \ + cp nvidia-container-toolkit-${pkgver}-1-x86_64.pkg.tar.zst nvidia-container-toolkit.pkg.tar.zst \ + ) + +### + +FROM ${base} as dep-docker + +ARG version= + +ADD https://archive.archlinux.org/packages/d/docker/docker-1:${version}-1-x86_64.pkg.tar.zst /tmp/docker.pkg.tar.zst + +### + +FROM ${base} ARG version= -ARG containerd=1.6.31 ENV DOCKER_VERSION=${version} ENV DOCKER_TLS_CERTDIR=/certs @@ -18,35 +71,26 @@ EXPOSE 2376/tcp ENTRYPOINT ["dockerd-entrypoint.sh"] - # Install docker -RUN apt-get update && \ - apt-get install -y \ +# COPY --from=dep-docker /tmp/docker.pkg.tar.zst . +# COPY --from=dep-nvidia-container-toolkit /tmp/libnvidia-container/libnvidia-container.pkg.tar.zst . +# COPY --from=dep-nvidia-container-toolkit /tmp/libnvidia-container/libnvidia-container-tools.pkg.tar.zst . +# COPY --from=dep-nvidia-container-toolkit /tmp/nvidia-container-toolkit/nvidia-container-toolkit.pkg.tar.zst . + +RUN pacman -Sy --noconfirm \ curl \ ca-certificates \ iptables \ - iproute2 \ + inetutils \ openssl \ - tini \ kmod && \ - . /etc/os-release; version_major=$(echo ${version} | cut -d. -f1); curl -s --parallel \ + pacman -S --noconfirm docker && \ + # pacman -U --noconfirm \ + # docker.pkg.tar.zst && \ + export version_major=$(echo ${version} | cut -d. -f1) && \ + curl -s --parallel \ --output /usr/local/bin/modprobe https://raw.githubusercontent.com/docker-library/docker/master/${version_major}/cli/modprobe.sh \ --output /usr/local/bin/dockerd-entrypoint.sh https://raw.githubusercontent.com/docker-library/docker/master/${version_major}/dind/dockerd-entrypoint.sh \ - --output /usr/local/bin/dind https://raw.githubusercontent.com/moby/moby/v${version}/hack/dind \ - --output containerd.io.deb https://download.docker.com/linux/ubuntu/dists/${VERSION_CODENAME}/pool/stable/${TARGETARCH}/containerd.io_${containerd}-1_${TARGETARCH}.deb \ - --output docker-ce-cli.deb https://download.docker.com/linux/ubuntu/dists/${VERSION_CODENAME}/pool/stable/${TARGETARCH}/docker-ce-cli_${version}-1~ubuntu.${VERSION_ID}~${VERSION_CODENAME}_${TARGETARCH}.deb \ - --output docker-ce.deb https://download.docker.com/linux/ubuntu/dists/${VERSION_CODENAME}/pool/stable/${TARGETARCH}/docker-ce_${version}-1~ubuntu.${VERSION_ID}~${VERSION_CODENAME}_${TARGETARCH}.deb && \ - dpkg -i \ - containerd.io.deb \ - docker-ce.deb \ - docker-ce-cli.deb && \ - apt-get remove -y \ - curl && \ - rm *.deb && \ - # Setup - ln -s $(which tini) /usr/bin/docker-init && \ - # HACK: ubuntu 22.04 uses iptables-nft by default, but docker doesn't support it yet - update-alternatives --set iptables $(which iptables-legacy) && \ - update-alternatives --set ip6tables $(which ip6tables-legacy) && \ + --output /usr/local/bin/dind https://raw.githubusercontent.com/moby/moby/v${version}/hack/dind && \ chmod +x \ /usr/local/bin/modprobe \ /usr/local/bin/dockerd-entrypoint.sh \ @@ -56,21 +100,11 @@ RUN apt-get update && \ dockerd --version && \ containerd --version && \ ctr --version && \ - runc --version - - # Install nvidia-container-toolkit -RUN apt-get update && \ - apt-get install -y \ - curl \ - gnupg2 && \ - curl -fsSL https://nvidia.github.io/libnvidia-container/gpgkey | gpg --dearmor -o /usr/share/keyrings/nvidia-container-toolkit-keyring.gpg && \ - . /etc/os-release; curl -s -L https://nvidia.github.io/libnvidia-container/${ID}${VERSION_ID}/nvidia-container-toolkit.list | \ - sed 's|deb https://|deb [signed-by=/usr/share/keyrings/nvidia-container-toolkit-keyring.gpg] https://|g' | \ - tee /etc/apt/sources.list.d/nvidia-container-toolkit.list && \ - apt-get update && \ - apt-get install -y \ - nvidia-container-toolkit && \ - apt-get remove -y \ - curl \ - gnupg2 && \ - nvidia-ctk runtime configure --runtime=docker + runc --version && \ + # pacman -U --noconfirm \ + # libnvidia-container.pkg.tar.zst \ + # libnvidia-container-tools.pkg.tar.zst \ + # nvidia-container-toolkit.pkg.tar.zst && \ + pacman -S --noconfirm nvidia-container-toolkit && \ + nvidia-ctk runtime configure --runtime=docker && \ + rm -rf *.pkg.tar.zst