Skip to content

Commit

Permalink
swan-cern: Fix security issue with NVIDIA gpu-operator
Browse files Browse the repository at this point in the history 
Apply fix for a security vulnerability that was requested by the CERN
security team
  • Loading branch information
@PMax5 @etejedor
PMax5 authored and etejedor committed Oct 21, 2024
1 parent 501cfaa commit 4b9696c
Show file tree
Hide file tree
Showing 4 changed files with 24 additions and 12 deletions.
6 changes: 3 additions & 3 deletions swan-cern/Chart.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,6 @@ dependencies:
version: 0.4.3
- name: gpu-operator
repository: oci://registry.cern.ch/kubernetes/charts
version: v22.9.1
digest: sha256:4600d0fa64afa906aaa7570a138dd796a87b20edd18cb96829f0d8e08372c4f3
generated: "2024-10-01T09:39:24.176258854Z"
version: v24.6.2
digest: sha256:02b128aa07fd796252255ac4f09708fef9b99aabd0d01d4f2c29d28a2e1aca55
generated: "2024-10-16T10:39:56.250436142+02:00"
2 changes: 1 addition & 1 deletion swan-cern/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,6 @@ dependencies:
version: 0.4.3
repository: https://fluent.github.io/helm-charts
- name: gpu-operator
version: v22.9.1
version: v24.6.2
repository: oci://registry.cern.ch/kubernetes/charts
condition: gpu-operator.enabled
6 changes: 4 additions & 2 deletions ...lates/gpu/nvidia-time-slicing-config.yaml → ...ates/gpu/nvidia-device-plugin-config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,12 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: nvidia-time-slicing-config
name: nvidia-device-plugin-config
namespace: {{ .Release.Namespace }}
data:
default: |-
version: v1
flags: {}
slice-4: |-
version: v1
sharing:
Expand All @@ -24,4 +27,3 @@ data:
- name: nvidia.com/gpu
replicas: 10
{{- end }}

22 changes: 16 additions & 6 deletions swan-cern/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -274,10 +274,10 @@ gpu-operator:
enabled: true
validator:
repository: registry.cern.ch/kubernetes
version: v22.9.1
version: v24.6.2
operator:
repository: registry.cern.ch/kubernetes
version: v22.9.1
version: v24.6.2
defaultRuntime: containerd
initContainer:
repository: registry.cern.ch/kubernetes
Expand Down Expand Up @@ -306,12 +306,15 @@ gpu-operator:
driverManager:
repository: registry.cern.ch
version: v0.5.1
gdrcopy:
repository: registry.cern.ch/kubernetes
version: v2.4.1-1
vgpuDeviceManager:
repository: registry.cern.ch
version: v0.2.0
toolkit:
repository: registry.cern.ch/kubernetes
version: v1.11.0
version: v1.16.2-ubuntu20.04
devicePlugin:
repository: registry.cern.ch/kubernetes
version: v0.13.0
Expand All @@ -325,7 +328,7 @@ gpu-operator:
name: nvidia-dcgm-exporter-metrics
gfd:
repository: registry.cern.ch/kubernetes
version: v0.7.0
version: v0.16.2-ubi8
mig:
strategy: mixed
migManager:
Expand All @@ -335,12 +338,19 @@ gpu-operator:
name: nvidia-mig-config
nodeStatusExporter:
repository: registry.cern.ch
version: v22.9.1
version: v24.6.2
kataManager:
repository: registry.cern.ch/kubernetes
version: v0.2.1
sandboxDevicePlugin:
repository: registry.cern.ch/kubernetes
version: v1.2.1
ccManager:
repository: registry.cern.ch/kubernetes
version: v0.1.1
devicePlugin:
repository: registry.cern.ch/kubernetes
version: v0.12.2-ubi8
config:
name: nvidia-time-slicing-config
name: nvidia-device-plugin-config
default: "default"

0 comments on commit 4b9696c

Please sign in to comment.