Skip to content

[vgpu-manager] support custom CA certificate injection at build time#768

Merged
rahulait merged 1 commit into
NVIDIA:mainfrom
Shivkumar13:custom-ca-enhancement-vgpu-manager
Jun 26, 2026
Merged

[vgpu-manager] support custom CA certificate injection at build time#768
rahulait merged 1 commit into
NVIDIA:mainfrom
Shivkumar13:custom-ca-enhancement-vgpu-manager

Conversation

@Shivkumar13

@Shivkumar13 Shivkumar13 commented May 9, 2026

Copy link
Copy Markdown
Contributor

Add an opt-in CUSTOM_CA_CERTS_DIR build arg to all four vGPU Manager Dockerfiles (rhel8, rhel9, ubuntu22.04, ubuntu24.04) and wire it through the Makefile build-vgpuhost-% target. Users behind a TLS-intercepting corporate proxy can drop *.crt files into vgpu-manager//certs/ and rebuild without editing the Dockerfile. The directory is empty by default, so out-of-the-box builds are unchanged.

@copy-pr-bot

copy-pr-bot Bot commented May 9, 2026

Copy link
Copy Markdown

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

@Shivkumar13 Shivkumar13 force-pushed the custom-ca-enhancement-vgpu-manager branch from 53a4f02 to a433142 Compare May 9, 2026 14:08
@rahulait

rahulait commented Jun 8, 2026

Copy link
Copy Markdown
Contributor

Thanks @Shivkumar13 . Lets get rid of ubuntu20.04 changes as we don't support it. Also, we should add support in ubuntu24.04 as well.

Is there a linked issue for this fix?

@Shivkumar13

Copy link
Copy Markdown
Contributor Author

@rahulait We don't have an issue, there is a customer case for this. I can open an issue or NVBug we want to track this.

@rahulait

Copy link
Copy Markdown
Contributor

Lets open internal bug for this then and you can add me to it. I would like to understand what the issue is and get others feedback as well.

@rahulait

Copy link
Copy Markdown
Contributor

@Shivkumar13 I was able to find the customer issue. Lets fix this PR by removing ubuntu20.04 change and adding support for ubuntu24.04 as well.

Add an opt-in CUSTOM_CA_CERTS_DIR build arg to all four vGPU Manager
Dockerfiles (rhel8, rhel9, ubuntu22.04, ubuntu24.04) and wire it through
the Makefile build-vgpuhost-% target. Users behind a TLS-intercepting
corporate proxy can drop *.crt files into vgpu-manager/<os>/certs/ and
rebuild without editing the Dockerfile. The directory is empty by
default, so out-of-the-box builds are unchanged.

Signed-off-by: Shivkumar Ople <sople@nvidia.com>
@Shivkumar13 Shivkumar13 force-pushed the custom-ca-enhancement-vgpu-manager branch from a433142 to 27957bf Compare June 26, 2026 09:33
@Shivkumar13

Copy link
Copy Markdown
Contributor Author

@rahulait done with changes, PTAL.

@rahulait rahulait left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @Shivkumar13 , LGTM

@rahulait rahulait merged commit 7e3d827 into NVIDIA:main Jun 26, 2026
48 checks passed
@tariq1890

Copy link
Copy Markdown
Contributor

@Shivkumar13 @rahulait Do we need to make changes for these in rhel10 too?

@rahulait

rahulait commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

@tariq1890 rhel10 is not there under vgpu-manager. Maybe we should start supporting rhel10 as well?

@tariq1890

Copy link
Copy Markdown
Contributor

Yes, we should. Let's create a GH issue so we can track this.

@Shivkumar13

Copy link
Copy Markdown
Contributor Author

@tariq1890 @rahulait I have created an issue, please feel free to change the issue description if needed

#838

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants