상혁 손 wrote:

podman에서 nVidia GPU 연동 하는 방법을 정리

위키: Podman nVidia GPU 연동¶

상혁 손 wrote:

podman에서 nVidia GPU 연동 하는 방법을 정리

nVidia GPU 연동¶

기준 podman version 5.6.2

• podman test(정상 동작 확인용)
  podman run --rm --network=slirp4netns --security-opt=label=disable --device=nvidia.com/gpu=all nvidia/cuda:12.2.3-base-ubuntu22.04 nvidia-smi

• 위 podman을 기반으로 동작하는 yml, Containerfile파일 만들기

  • docker-compose.yml

    version: '3.8'
services:
base-server:
build:
context: .
dockerfile: Containerfile
container_name: bigdata_server
restart: unless-stopped
network_mode: "host"

    # podman-compose에서 동작하는 예시 방식
devices:
- "nvidia.com/gpu=all"

    labels:
- "run.oci.runtime.podman.devices=all"

    security_opt:
- label=disable # 또는 SELinux 사용시 제거하고 :Z 사용
- seccomp=unconfined

    environment:
- NVIDIA_VISIBLE_DEVICES=all
- TZ=Asia/Seoul
- DB_HOST=localhost
- DB_PORT=15433
- DB_USER=spacs
- DB_PASSWORD=scaps
- DB_NAME=spacs

    volumes:
- ./ssdoctors:/home/ssdoctors # (아래 node_modules 처리 참고)
- ./data/workspace:/workspace

    # 2. PostgreSQL 서비스 (Bigdata용)
postgres:
build:
context: .
dockerfile: postgres.Containerfile
container_name: bigdata_postgresql # <<< 변경: 컨테이너 이름 변경
restart: unless-stopped
#pull_policy: always
#user: '70:70'
init: true
privileged: true
network_mode: "host"
ports:
- "15433:5432"
command: postgres -c port=15433 -c shared_preload_libraries=pg_cron -c cron.database_name=spacs
environment:
- TZ=Asia/Seoul
- POSTGRES_USER=spacs
- POSTGRES_PASSWORD=scaps
- POSTGRES_DB=spacs
- PGPORT=15433
volumes:
- ./data/postgresql:/var/lib/postgresql/data:Z
security_opt:
- label=disable
- seccomp=unconfined
#healthcheck:
# test: ["CMD-SHELL", "pg_isready -U spacs -d spacs -p 15433"]
# interval: 10s
# timeout: 5s
# retries: 5

    volumes:
# (필요시 node_modules용 named volume 추가 – 아래 참고)

    version: '3.8'
services:
base-server:
build:
context: .
dockerfile: Containerfile
container_name: bigdata_server
restart: unless-stopped
network_mode: "host"``# podman-compose에서 동작하는 예시 방식
devices:
- "nvidia.com/gpu=all"``labels:
- "run.oci.runtime.podman.devices=all"``security_opt:
- label=disable # 또는 SELinux 사용시 제거하고 :Z 사용
- seccomp=unconfined``environment:
- NVIDIA_VISIBLE_DEVICES=all
- TZ=Asia/Seoul
- DB_HOST=localhost
- DB_PORT=15433
- DB_USER=spacs
- DB_PASSWORD=scaps
- DB_NAME=spacs``volumes:
- ./ssdoctors:/home/ssdoctors # (아래 node_modules 처리 참고)
- ./data/workspace:/workspace``# 2. PostgreSQL 서비스 (Bigdata용)
postgres:
build:
context: .
dockerfile: postgres.Containerfile
container_name: bigdata_postgresql # <<< 변경: 컨테이너 이름 변경
restart: unless-stopped
#pull_policy: always
#user: '70:70'
init: true
privileged: true
network_mode: "host"
ports:
- "15433:5432"
command: postgres -c port=15433 -c shared_preload_libraries=pg_cron -c cron.database_name=spacs
environment:
- TZ=Asia/Seoul
- POSTGRES_USER=spacs
- POSTGRES_PASSWORD=scaps
- POSTGRES_DB=spacs
- PGPORT=15433
volumes:
- ./data/postgresql:/var/lib/postgresql/data:Z
security_opt:
- label=disable
- seccomp=unconfined
#healthcheck:
# test: ["CMD-SHELL", "pg_isready -U spacs -d spacs -p 15433"]
# interval: 10s
# timeout: 5s
# retries: 5``volumes:
# (필요시 node_modules용 named volume 추가 – 아래 참고)

  • Containerfile 

    # Containerfile

    # 기반 이미지를 NVIDIA CUDA 이미지로 변경
FROM nvidia/cuda:12.2.2-devel-ubuntu22.04

    #MAINTAINER "birdhead"

    # 로케일 및 타임존 환경 변수 설정
ENV LANG en_US.UTF-8
ENV TZ=Asia/Seoul
ENV DEBIAN_FRONTEND=noninteractive

    # 패키지 설치
RUN \
echo "deb http://kr.archive.ubuntu.com/ubuntu/ jammy main restricted universe multiverse" > /etc/apt/sources.list && \
echo "deb http://kr.archive.ubuntu.com/ubuntu/ jammy-updates main restricted universe multiverse" >> /etc/apt/sources.list && \
echo "deb http://kr.archive.ubuntu.com/ubuntu/ jammy-backports main restricted universe multiverse" >> /etc/apt/sources.list && \
echo "deb http://security.ubuntu.com/ubuntu jammy-security main restricted universe multiverse" >> /etc/apt/sources.list && \
apt-get update && \
apt-get install -y --no-install-recommends \
cron rsyslog openssh-server supervisor \
build-essential vim curl wget git ca-certificates gnupg \
sudo pkg-config \
cmake g++ gdb \
libboost-all-dev libdcmtk-dev libsndfile1-dev \
libpq-dev libnsl-dev \
python3 python3-pip python3-venv \
ffmpeg libopenblas-dev && \
\
# --- SSH 호스트 키 생성 및 필요 디렉토리 설정 ---
ssh-keygen -A && \
mkdir -p /run/sshd && \
chown root:root /run/sshd && \
chmod 755 /run/sshd && \
\
# --- Node.js 22.x 버전 설치 시작 ---
curl -fsSL https://deb.nodesource.com/setup_22.x | bash - && \
apt-get install -y nodejs && \
# --- Node.js 설치 끝 ---
\
apt-get clean && \
rm -rf /var/lib/apt/lists/*

    # 필요한 커스텀 파일들을 이미지에 미리 복사
COPY --chown=root:root ./system/etc/. /etc/
COPY --chown=root:root ./system/usr_local/. /usr/local/

    # Set Timezone
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

    # npm을 사용하여 pm2 전역 설치
RUN npm install pm2 -g && npm cache clean --force

    # ssdoctors 사용자가 비밀번호 없이 sudo를 사용하도록 설정
RUN echo "ssdoctors ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/ssdoctors

    # supervisord.conf 파일을 컨테이너 안으로 복사
COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf

    # 컨테이너 시작 시 실행할 명령
#CMD ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisord.conf"]

    # ✅ entrypoint.sh 스크립트 추가
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh

    ENTRYPOINT ["/entrypoint.sh"]