We want docker commands to work in podman rootless with cuda support & docker images/containers should work out of the box!
*Required for CUDA Support.
sudo nvidia-ctk cdi generate --output=/etc/cdi/nvidia.yaml
sudo chmod a+r /etc/cdi/nvidia.yaml
Place this in your ~/.local/bin/docker
#!/bin/bash
# Privileged and Security-Opt Disable are needed for SELinux
set -x
if [ "$1" == "exec" ]; then
# Remove 'exec' from $@
shift
script='
result_command="podman exec"
for i in $(printenv | grep "=" | grep -Ev " |\"" |
grep -Ev "^(HOST|HOSTNAME|HOME|PATH|SHELL|USER|_)"); do
result_command=$result_command --env="$i"
done
exec ${result_command} "$@"
'
exec sh -c "$script" - "$@"
elif [[ "$1" == "run"* ]]; then
# Remove 'run' from $@
shift
#exec podman run --privileged "$@"
exec podman run --runtime crun --hooks-dir "" --device nvidia.com/gpu=all --privileged "$@"
elif [[ "$1" == "start"* ]]; then
# Remove 'start' from $@
shift
exec podman start --runtime crun --hooks-dir "" "$@"
elif [[ "$1" == "buildx" && "$2" == "build" ]]; then
# Remove 'buildx build' from $@
shift 2
exec podman build --security-opt label=disable "$@"
else
exec podman "$@"
fi
and make it executable: chmod +x ~/.local/bin/docker
.
Place this in your ~/.config/containers/registries.conf
unqualified-search-registries = [ "docker.io", "quay.io", "registry.fedoraproject.org", "registry.access.redhat.com"]
short-name-mode="disabled"