NVIDIA
diff --git a/‎.common-ci.yml‎
Lines changed: 34 additions & 0 deletions b/‎.common-ci.yml‎
Lines changed: 34 additions & 0 deletions
diff --git a/‎.gitlab-ci.yml‎
Lines changed: 15 additions & 0 deletions b/‎.gitlab-ci.yml‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎.nvidia-ci.yml‎
Lines changed: 21 additions & 0 deletions b/‎.nvidia-ci.yml‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎Makefile‎
Lines changed: 1 addition & 1 deletion b/‎Makefile‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎ci/localbuild.sh‎
Lines changed: 1 addition & 0 deletions b/‎ci/localbuild.sh‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎ci/run.sh‎
Lines changed: 2 additions & 1 deletion b/‎ci/run.sh‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎rhel9/Dockerfile‎
Lines changed: 113 additions & 0 deletions b/‎rhel9/Dockerfile‎
Lines changed: 113 additions & 0 deletions
@@ -87,6 +87,12 @@ trigger-pipeline:
       - DRIVER_BRANCH: [525, 535]
         KERNEL_FLAVOR: [generic, nvidia, aws, azure]
 
+# Define the driver versions for jobs that can be run in parallel for rhel9
+.driver-versions-rhel9:
+  parallel:
+    matrix:
+      - DRIVER_VERSION: [525.147.05, 535.154.05]
+
 # Define the distribution targets
 .dist-ubuntu20.04:
   variables:
@@ -102,6 +108,10 @@ trigger-pipeline:
   variables:
     DIST: rhel8
 
+.dist-rhel9:
+  variables:
+    DIST: rhel9
+
 .dist-centos7:
   variables:
     DIST: centos7
@@ -167,6 +177,14 @@ trigger-pipeline:
   rules:
     - if: $CI_PIPELINE_SOURCE != "schedule"
 
+.release-rhel9:
+  # Perform for each DRIVER_VERSION
+  extends:
+    - .release-generic
+    - .driver-versions-rhel9
+  rules:
+    - if: $CI_PIPELINE_SOURCE != "schedule"
+
 .release:
   # Perform for each DRIVER_VERSION
   extends:
@@ -196,6 +214,15 @@ trigger-pipeline:
     OUT_REGISTRY: "${CI_REGISTRY}"
     OUT_IMAGE_NAME: "${CI_REGISTRY_IMAGE}/staging/driver"
 
+.release:staging-rhel9:
+  extends:
+    - .release-rhel9
+  variables:
+    OUT_REGISTRY_USER: "${CI_REGISTRY_USER}"
+    OUT_REGISTRY_TOKEN: "${CI_REGISTRY_PASSWORD}"
+    OUT_REGISTRY: "${CI_REGISTRY}"
+    OUT_IMAGE_NAME: "${CI_REGISTRY_IMAGE}/staging/driver"
+
 # Define an external release step that pushes an image to an external repository.
 .release:external:
   extends:
@@ -244,6 +271,13 @@ release:staging-rhel8:
   needs:
     - image-rhel8
 
+release:staging-rhel9:
+  extends:
+    - .release:staging-rhel9
+    - .dist-rhel9
+  needs:
+    - image-rhel9
+
 release:staging-centos7:
   extends:
     - .release:staging
 
@@ -49,6 +49,16 @@ include:
   rules:
     - if: $CI_PIPELINE_SOURCE != "schedule"
 
+# Define the image build targets
+.image-build-rhel9:
+  # Perform for each DRIVER_VERSION
+  extends:
+    - .driver-versions-rhel9
+    - .image-build-generic
+  rules:
+    - if: $CI_PIPELINE_SOURCE != "schedule"
+
+
 image-ubuntu20.04:
   extends:
     - .image-build
@@ -64,6 +74,11 @@ image-rhel8:
     - .image-build
     - .dist-rhel8
 
+image-rhel9:
+  extends:
+    - .image-build-rhel9
+    - .dist-rhel9
+
 image-centos7:
   extends:
     - .image-build
 
@@ -115,6 +115,11 @@ image-rhel8:
     - .image-pull
     - .dist-rhel8
 
+image-rhel9:
+  extends:
+    - .image-pull
+    - .dist-rhel9
+
 image-centos7:
   extends:
     - .image-pull
@@ -259,6 +264,22 @@ scan-rhel8-arm64:
   needs:
     - image-rhel8
 
+scan-rhel9-amd64:
+  extends:
+    - .scan
+    - .dist-rhel9
+    - .platform-amd64
+  needs:
+    - image-rhel9
+
+scan-rhel9-arm64:
+  extends:
+    - .scan
+    - .dist-rhel9
+    - .platform-arm64
+  needs:
+    - image-rhel9
+
 scan-centos7-amd64:
   extends:
     - .scan
 
@@ -54,7 +54,7 @@ OUT_IMAGE_TAG = $(OUT_IMAGE_VERSION)-$(OUT_DIST)
 OUT_IMAGE = $(OUT_IMAGE_NAME):$(OUT_IMAGE_TAG)
 
 ##### Public rules #####
-DISTRIBUTIONS := ubuntu18.04 ubuntu20.04 ubuntu22.04 signed_ubuntu20.04 signed_ubuntu22.04 rhel8 centos7 flatcar fedora36 sles15.3 precompiled_rhcos
+DISTRIBUTIONS := ubuntu18.04 ubuntu20.04 ubuntu22.04 signed_ubuntu20.04 signed_ubuntu22.04 rhel8 rhel9 centos7 flatcar fedora36 sles15.3 precompiled_rhcos
 PUSH_TARGETS := $(patsubst %, push-%, $(DISTRIBUTIONS))
 BASE_FROM := jammy focal
 PUSH_TARGETS := $(patsubst %, push-%, $(DISTRIBUTIONS))
 
@@ -64,6 +64,7 @@ driver_container_build_rhel()
 {
   driver_container_build_simple "rhel7"
   driver_container_build_simple "rhel8"
+  driver_container_build_simple "rhel9"
 }
 
 list_all_containers()
 
@@ -66,7 +66,7 @@ latest_rhel_kernel() {
       "yum install -y yum-utils &> /dev/null && repoquery kernel-headers \
         | cut -d ':' -f 2 \
         | tail -n 1"
-  elif [[ "${1}" -eq 8 ]]; then
+  elif [[ "${1}" -eq 8 || "${1}" -eq 9 ]]; then
     docker run --rm centos:"${1}" /bin/bash -c\
       "dnf repoquery -q --latest-limit 1 kernel-headers \
         | cut -d ':' -f 2 | head -n 1"
@@ -187,6 +187,7 @@ done
 
 build "rhel7" "${CONTAINER_VERSION}-rhel7" "$(mk_short_version rhel7)" ""
 build "rhel8" "${CONTAINER_VERSION}-rhel8" "$(mk_short_version rhel8)" ""
+build "rhel9" "${CONTAINER_VERSION}-rhel9" "$(mk_short_version rhel9)" ""
 
 # Add rhcos tags
 docker pull "${REGISTRY}:${CONTAINER_VERSION}-rhel8"
 
@@ -0,0 +1,113 @@
+ARG CUDA_VERSION
+FROM nvidia/cuda:${CUDA_VERSION}-base-ubi9 as build
+
+ARG TARGETARCH
+
+SHELL ["/bin/bash", "-c"]
+
+RUN dnf install -y git wget
+
+ENV GOLANG_VERSION=1.22.0
+
+# download appropriate binary based on the target architecture for multi-arch builds
+RUN OS_ARCH=${TARGETARCH/x86_64/amd64} && OS_ARCH=${OS_ARCH/aarch64/arm64} && \
+    curl https://storage.googleapis.com/golang/go${GOLANG_VERSION}.linux-${OS_ARCH}.tar.gz \
+    | tar -C /usr/local -xz
+
+ENV PATH /usr/local/go/bin:$PATH
+
+WORKDIR /work
+
+RUN git clone https://gitlab.com/nvidia/container-images/driver && \
+    cd driver/vgpu/src && \
+    go build -o vgpu-util && \
+    mv vgpu-util /work
+
+FROM nvidia/cuda:${CUDA_VERSION}-base-ubi9
+
+ARG TARGETARCH
+ENV TARGETARCH=$TARGETARCH
+
+SHELL ["/bin/bash", "-c"]
+
+#ARG BASE_URL=http://us.download.nvidia.com/XFree86/Linux-x86_64
+ARG BASE_URL=https://us.download.nvidia.com/tesla
+ARG DRIVER_VERSION
+ENV DRIVER_VERSION=$DRIVER_VERSION
+
+# Arg to indicate if driver type is either of passthrough/baremetal or vgpu
+ARG DRIVER_TYPE=passthrough
+ENV DRIVER_TYPE=$DRIVER_TYPE
+ARG VGPU_LICENSE_SERVER_TYPE=NLS
+ENV VGPU_LICENSE_SERVER_TYPE=$VGPU_LICENSE_SERVER_TYPE
+# Enable vGPU version compability check by default
+ARG DISABLE_VGPU_VERSION_CHECK=true
+ENV DISABLE_VGPU_VERSION_CHECK=$DISABLE_VGPU_VERSION_CHECK
+# Avoid dependency of container-toolkit for driver container
+ENV NVIDIA_VISIBLE_DEVICES=void
+
+ADD install.sh /tmp/
+
+RUN NVIDIA_GPGKEY_SUM=d0664fbbdb8c32356d45de36c5984617217b2d0bef41b93ccecd326ba3b80c87 && \
+    OS_ARCH=${TARGETARCH/amd64/x86_64} && OS_ARCH=${OS_ARCH/arm64/sbsa} && \
+    curl -fsSL "https://developer.download.nvidia.com/compute/cuda/repos/rhel9/$OS_ARCH/D42D0685.pub" | sed '/^Version/d' > /etc/pki/rpm-gpg/RPM-GPG-KEY-NVIDIA && \
+    echo "$NVIDIA_GPGKEY_SUM  /etc/pki/rpm-gpg/RPM-GPG-KEY-NVIDIA" | sha256sum -c --strict -
+
+RUN sh /tmp/install.sh depinstall && \
+    curl -fsSL -o /usr/local/bin/donkey https://github.com/3XX0/donkey/releases/download/v1.1.0/donkey && \
+    curl -fsSL -o /usr/local/bin/extract-vmlinux https://raw.githubusercontent.com/torvalds/linux/master/scripts/extract-vmlinux && \
+    chmod +x /usr/local/bin/donkey /usr/local/bin/extract-vmlinux && \
+    ln -s /sbin/ldconfig /sbin/ldconfig.real
+
+ADD drivers drivers/
+
+# Fetch the installer automatically for passthrough/baremetal types
+RUN if [ "$DRIVER_TYPE" != "vgpu" ]; then \
+    cd drivers && \
+    DRIVER_ARCH=${TARGETARCH/amd64/x86_64} && DRIVER_ARCH=${DRIVER_ARCH/arm64/aarch64} && \
+    curl -fSsl -O $BASE_URL/$DRIVER_VERSION/NVIDIA-Linux-$DRIVER_ARCH-$DRIVER_VERSION.run && \
+    chmod +x  NVIDIA-Linux-$DRIVER_ARCH-$DRIVER_VERSION.run; fi
+
+# Install fabric-manager packages
+RUN if [ "$DRIVER_TYPE" != "vgpu" ] && [ "$TARGETARCH" != "arm64" ]; then \
+    versionArray=(${DRIVER_VERSION//./ }); \
+    DRIVER_BRANCH=${versionArray[0]}; \
+    dnf module enable -y nvidia-driver:${DRIVER_BRANCH} && \
+    dnf install -y nvidia-fabric-manager-${DRIVER_VERSION}-1 libnvidia-nscq-${DRIVER_BRANCH}-${DRIVER_VERSION}-1; fi
+
+COPY nvidia-driver /usr/local/bin
+COPY ocp_dtk_entrypoint /usr/local/bin
+COPY common.sh /usr/local/bin
+
+COPY --from=build /work/vgpu-util /usr/local/bin
+
+WORKDIR /drivers
+
+ARG PUBLIC_KEY=empty
+COPY ${PUBLIC_KEY} kernel/pubkey.x509
+
+ARG PRIVATE_KEY
+ARG KERNEL_VERSION=latest
+
+LABEL io.k8s.display-name="NVIDIA Driver Container"
+LABEL name="NVIDIA Driver Container"
+LABEL vendor="NVIDIA"
+LABEL version="${DRIVER_VERSION}"
+LABEL release="N/A"
+LABEL summary="Provision the NVIDIA driver through containers"
+LABEL description="See summary"
+
+# Add NGC DL license from the CUDA image
+RUN mkdir /licenses && mv /NGC-DL-CONTAINER-LICENSE /licenses/NGC-DL-CONTAINER-LICENSE
+
+# Install / upgrade packages here that are required to resolve CVEs
+ARG CVE_UPDATES
+RUN if [ -n "${CVE_UPDATES}" ]; then \
+        yum update -y ${CVE_UPDATES} && \
+        rm -rf /var/cache/yum/*; \
+    fi
+
+# Remove cuda repository to avoid GPG errors
+RUN rm -f /etc/yum.repos.d/cuda.repo
+
+ENTRYPOINT ["nvidia-driver", "init"]
Original file line number	Diff line number	Diff line change
`@@ -64,6 +64,7 @@ driver_container_build_rhel()`
`64`	`64`	`{`
`65`	`65`	`driver_container_build_simple "rhel7"`
`66`	`66`	`driver_container_build_simple "rhel8"`
	`67`	`+ driver_container_build_simple "rhel9"`
`67`	`68`	`}`
`68`	`69`
`69`	`70`	`list_all_containers()`