Git and S3 Sidecar Containers

NVIDIA Run:ai enables AI practitioners to integrate with S3 or Git as data sources. When using a custom CA, sidecar containers used for S3 or Git integrations do not automatically inherit the CA configured at the cluster level. This requires manually building a custom container for each integration based on the default NVIDIA Run:ai image while incorporating the local CA certificates.

1. Build tag and publish the images for the S3 / Git integrations using the following Dockerfile:

   Copy

   #FROM gcr.io/run-ai-prod/goofys:master # S3
   #FROM registry.k8s.io/git-sync/git-sync:v4.4.0 # Git
   USER root
   ADD <ca_bundle_path> /usr/local/share/ca-certificates/ # example: anchors/
   RUN chmod 644 -R /usr/local/share/ca-certificates/ && update-ca-certificates
   WORKDIR /
   ENTRYPOINT ["sh"]
   CMD ["/usr/bin/run.sh"]

2. Edit the cluster configurations for images used by NVIDIA Run:ai following the S3 and Git sidecar images instructions.