-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathCHANGELOG
123 lines (91 loc) · 4.05 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
Version 2.1.0
=============
This is a minor release.
New features:
-------------
- NV_ALLOW_OWN_GPU_REUSE allows users to run further containers on GPUs they
already use. Will only happen when explicitly requesting a GPU via NV_GPU, not
when implicitly assigning a new GPU.
- ARGS_ALWAYS and ARGS_AVAILABLE allow assignments in simple string args making
exactly this `--arg=val` combination mandatory/available to the user.
Minor improvements:
-------------------
- Print warnings in case no config.py is found, #2
- Enhanced docs for mounting /etc/{passwd,group} for uid to username mappings in
containers, #5
- Help now lists available mounts and allowed images
Bug fixes:
----------
- Removed allow_abbrev to allow flag combinations, #3
- Fixed parsing dups bug in ARGS_AVAILABLE and ARGS_ALWAYS, #4
- GPU assignment is now saved in USERDOCKER_NV_GPU container env var for later
use as docker's inspect was less stable than expected ("HostConfig" seems to
have disappeared)
Version 2.0.0
=============
This is a major release.
Backwards incompatibilities:
----------------------------
- VOLUME_MOUNT config vars could previously include {USER} and {HOME} strings.
This is now replaced by user_name and user_home python variables that can be
used throughout all config files (and in all settings, not only mounts).
- HOME env var in containers is set to user_home by default now.
- Executor nvidia-docker now includes configurable limits to NV_GPU env var.
Before the default was to always make all GPUs available (see new config
options below).
- PRIVILEGED dropped (use ARGS_AVAILABLE, but let me know how this is useful
with userdocker!)
- ALLOWED_PUBLISH_PORTS_ALL dropped (use ARGS_AVAILABLE)
New features:
-------------
- Config files now support python variables: uid, gid, user_name, group_name and
user_home.
- userdocker version command will include userdocker version information.
- Use of DOCKER_HOST env var will raise an ERROR.
- Users can now re-attach to their previously started containers (in case of
connection loss for example).
- ALLOWED_PORT_MAPPINGS config var to allow configurable explicit user port
publishing (docker run -p). Defaults to selectable container ports that are
mappable to random host port (like in -P), but user can decide if host local
or world accessible.
- Improved support for nvidia-docker's NV_GPU env var, which is now checked
against admin config options:
- User available GPU(s) configurable, including defaults in case NV_GPU isn't
specified (NV_ALLOWED_GPUS, NV_MAX_GPU_COUNT_RESERVATION,
NV_DEFAULT_GPU_COUNT_RESERVATION)
- Optional exclusive GPU usage per container via the
NV_EXCLUSIVE_CONTAINER_GPU_RESERVATION config option.
- Optional exclusion of otherwise busy GPUs from being available to user
containers (NV_GPU_UNAVAILABLE_ABOVE_MEMORY_USED)
- Users can list GPUs that are used by other containers
(userdocker ps --gpu-used)
- Users can list free GPUs (userdocker ps --gpu-free)
Bug fixes:
----------
- Error message in case of missing executable improved.
Version 1.0.1
=============
This is a patch release.
Bug fixes:
----------
- Mitigation for nvidia-docker "--" commandline bug.
Version 1.0.0
=============
Initial release.
Features:
---------
- Similar commandline interface as ``docker ...`` called ``userdocker ...``
- Support for several docker commands / plugins (docker, nvidia-docker)
- Fine granular configurability for admins in ``/etc/userdocker/`` allows to:
- restrict runnable images if desired (allows admin reviews)
- restrict run to locally available images
- restrict available mount points (or enforce them, or default mount)
- probe mounts (to make sure nfs automounts don't make docker sad)
- enforce non-root user in container (same uid:gid as on host)
- enforce dropping caps
- enforce environment vars
- enforce docker args
- restrict port publishing
- explicitly white-list available args to user
- System wide config + overrides for individual groups, gids, users, uids.
- Easy extensibility for further subcommands and args.