diff --git a/.DEBIAN/control b/.DEBIAN/control index 1bab5e2..b58c41c 100644 --- a/.DEBIAN/control +++ b/.DEBIAN/control @@ -2,7 +2,7 @@ Package: fastapi-dls Version: 0.0 Architecture: all Maintainer: Oscar Krause oscar.krause@collinwebdesigns.de -Depends: python3, python3-fastapi, python3-uvicorn, python3-dotenv, python3-dateutil, python3-jose, python3-sqlalchemy, python3-pycryptodome, python3-markdown, uvicorn, openssl +Depends: python3, python3-fastapi, python3-uvicorn, python3-dotenv, python3-dateutil, python3-josepy, python3-sqlalchemy, python3-cryptography, python3-markdown, uvicorn, openssl Recommends: curl Installed-Size: 10240 Homepage: https://git.collinwebdesigns.de/oscar.krause/fastapi-dls diff --git a/.DEBIAN/requirements-bookworm-12.txt b/.DEBIAN/requirements-bookworm-12.txt index 223c64c..c3fe52e 100644 --- a/.DEBIAN/requirements-bookworm-12.txt +++ b/.DEBIAN/requirements-bookworm-12.txt @@ -1,8 +1,8 @@ # https://packages.debian.org/hu/ fastapi==0.92.0 uvicorn[standard]==0.17.6 -python-jose[pycryptodome]==3.3.0 -pycryptodome==3.11.0 +python-jose[cryptography]==3.3.0 +cryptography==38.0.4 python-dateutil==2.8.2 sqlalchemy==1.4.46 markdown==3.4.1 diff --git a/.DEBIAN/requirements-ubuntu-23.04.txt b/.DEBIAN/requirements-ubuntu-23.04.txt deleted file mode 100644 index f2d4b05..0000000 --- a/.DEBIAN/requirements-ubuntu-23.04.txt +++ /dev/null @@ -1,10 +0,0 @@ -# https://packages.ubuntu.com -fastapi==0.91.0 -uvicorn[standard]==0.15.0 -python-jose[pycryptodome]==3.3.0 -pycryptodome==3.11.0 -python-dateutil==2.8.2 -sqlalchemy==1.4.46 -markdown==3.4.3 -python-dotenv==0.21.0 -jinja2==3.1.2 diff --git a/.DEBIAN/requirements-ubuntu-23.10.txt b/.DEBIAN/requirements-ubuntu-23.10.txt deleted file mode 100644 index 4cab03f..0000000 --- a/.DEBIAN/requirements-ubuntu-23.10.txt +++ /dev/null @@ -1,10 +0,0 @@ -# https://packages.ubuntu.com -fastapi==0.101.0 -uvicorn[standard]==0.23.2 -python-jose[pycryptodome]==3.3.0 -pycryptodome==3.11.0 -python-dateutil==2.8.2 -sqlalchemy==1.4.47 -markdown==3.4.4 -python-dotenv==1.0.0 -jinja2==3.1.2 diff --git a/.DEBIAN/requirements-ubuntu-24.04.txt b/.DEBIAN/requirements-ubuntu-24.04.txt index 7cb653b..0ba3025 100644 --- a/.DEBIAN/requirements-ubuntu-24.04.txt +++ b/.DEBIAN/requirements-ubuntu-24.04.txt @@ -1,8 +1,8 @@ # https://packages.ubuntu.com fastapi==0.101.0 uvicorn[standard]==0.27.1 -python-jose[pycryptodome]==3.3.0 -pycryptodome==3.20.0 +python-jose[cryptography]==3.3.0 +cryptography==41.0.7 python-dateutil==2.8.2 sqlalchemy==1.4.50 markdown==3.5.2 diff --git a/.DEBIAN/requirements-ubuntu-24.10.txt b/.DEBIAN/requirements-ubuntu-24.10.txt new file mode 100644 index 0000000..59f9361 --- /dev/null +++ b/.DEBIAN/requirements-ubuntu-24.10.txt @@ -0,0 +1,10 @@ +# https://packages.ubuntu.com +fastapi==0.110.3 +uvicorn[standard]==0.30.3 +python-jose[cryptography]==3.3.0 +cryptography==42.0.5 +python-dateutil==2.9.0 +sqlalchemy==2.0.32 +markdown==3.6 +python-dotenv==1.0.1 +jinja2==3.1.3 diff --git a/.PKGBUILD/PKGBUILD b/.PKGBUILD/PKGBUILD index 09f606b..2504aaa 100644 --- a/.PKGBUILD/PKGBUILD +++ b/.PKGBUILD/PKGBUILD @@ -8,7 +8,7 @@ pkgdesc='NVIDIA DLS server implementation with FastAPI' arch=('any') url='https://git.collinwebdesigns.de/oscar.krause/fastapi-dls' license=('MIT') -depends=('python' 'python-jose' 'python-starlette' 'python-httpx' 'python-fastapi' 'python-dotenv' 'python-dateutil' 'python-sqlalchemy' 'python-pycryptodome' 'uvicorn' 'python-markdown' 'openssl') +depends=('python' 'python-jose' 'python-starlette' 'python-httpx' 'python-fastapi' 'python-dotenv' 'python-dateutil' 'python-sqlalchemy' 'python-cryptography' 'uvicorn' 'python-markdown' 'openssl') provider=("$pkgname") install="$pkgname.install" backup=('etc/default/fastapi-dls') @@ -39,7 +39,7 @@ check() { package() { install -d "$pkgdir/usr/share/doc/$pkgname" install -d "$pkgdir/var/lib/$pkgname/cert" - cp -r "$srcdir/$pkgname/doc"/* "$pkgdir/usr/share/doc/$pkgname/" + #cp -r "$srcdir/$pkgname/doc"/* "$pkgdir/usr/share/doc/$pkgname/" install -Dm644 "$srcdir/$pkgname/README.md" "$pkgdir/usr/share/doc/$pkgname/README.md" install -Dm644 "$srcdir/$pkgname/version.env" "$pkgdir/usr/share/doc/$pkgname/version.env" diff --git a/.gitignore b/.gitignore index 3421248..6d4a15c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,6 @@ .DS_Store venv/ .idea/ -app/*.sqlite* +*.sqlite app/cert/*.* .pytest_cache diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 5543e53..dd97c6f 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -20,6 +20,7 @@ build:docker: changes: - app/**/* - Dockerfile + - requirements.txt - if: $CI_PIPELINE_SOURCE == 'merge_request_event' tags: [ docker ] before_script: @@ -126,7 +127,7 @@ build:pacman: - "*.pkg.tar.zst" test: - image: $IMAGE + image: python:3.12-slim-bookworm stage: test interruptible: true rules: @@ -141,16 +142,18 @@ test: DATABASE: sqlite:///../app/db.sqlite parallel: matrix: - - IMAGE: [ 'python:3.11-slim-bookworm', 'python:3.12-slim-bullseye' ] - REQUIREMENTS: - - requirements.txt - - .DEBIAN/requirements-bookworm-12.txt - - .DEBIAN/requirements-ubuntu-23.10.txt - - .DEBIAN/requirements-ubuntu-24.04.txt + - REQUIREMENTS: + - 'requirements.txt' +# - '.DEBIAN/requirements-bookworm-12.txt' +# - '.DEBIAN/requirements-ubuntu-24.04.txt' +# - '.DEBIAN/requirements-ubuntu-24.10.txt' before_script: - - apt-get update && apt-get install -y python3-dev gcc + - apt-get update && apt-get install -y python3-dev python3-pip python3-venv gcc + - python3 -m venv venv + - source venv/bin/activate + - pip install --upgrade pip - pip install -r $REQUIREMENTS - - pip install pytest httpx + - pip install pytest pytest-cov pytest-custom_exit_code httpx - mkdir -p app/cert - openssl genrsa -out app/cert/instance.private.pem 2048 - openssl rsa -in app/cert/instance.private.pem -outform PEM -pubout -out app/cert/instance.public.pem @@ -162,7 +165,7 @@ test: dotenv: version.env junit: ['**/report.xml'] -.test:linux: +.test:apt: stage: test rules: - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH @@ -201,15 +204,17 @@ test: - apt-get purge -qq -y fastapi-dls - apt-get autoremove -qq -y && apt-get clean -qq -test:debian: - extends: .test:linux - image: debian:bookworm-slim +test:apt: + extends: .test:apt + image: $IMAGE + parallel: + matrix: + - IMAGE: + - debian:bookworm-slim # EOL: June 06, 2026 + - ubuntu:24.04 # EOL: April 2036 + - ubuntu:24.10 -test:ubuntu: - extends: .test:linux - image: ubuntu:24.04 - -test:archlinux: +test:pacman:archlinux: image: archlinux:base rules: - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH @@ -250,7 +255,7 @@ semgrep-sast: test_coverage: # extends: test - image: python:3.11-slim-bookworm + image: python:3.12-slim-bookworm allow_failure: true stage: test rules: @@ -260,19 +265,19 @@ test_coverage: before_script: - apt-get update && apt-get install -y python3-dev gcc - pip install -r requirements.txt - - pip install pytest httpx + - pip install pytest pytest-cov pytest-custom_exit_code httpx - mkdir -p app/cert - openssl genrsa -out app/cert/instance.private.pem 2048 - openssl rsa -in app/cert/instance.private.pem -outform PEM -pubout -out app/cert/instance.public.pem - cd test script: - - pip install pytest pytest-cov - - coverage run -m pytest main.py + - coverage run -m pytest main.py --junitxml=report.xml --suppress-no-test-exit-code - coverage report - coverage xml coverage: '/(?i)total.*? (100(?:\.0+)?\%|[1-9]?\d(?:\.\d+)?\%)$/' artifacts: reports: + junit: [ '**/report.xml' ] coverage_report: coverage_format: cobertura path: '**/coverage.xml' @@ -297,13 +302,17 @@ gemnasium-python-dependency_scanning: deploy:docker: extends: .deploy + image: docker:dind stage: deploy + tags: [ docker ] before_script: - echo "Building docker image for commit $CI_COMMIT_SHA with version $CI_COMMIT_REF_NAME" + - docker buildx inspect + - docker buildx create --use script: - echo "========== GitLab-Registry ==========" - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY - - IMAGE=$CI_REGISTRY/$CI_PROJECT_PATH/$CI_COMMIT_REF_NAME + - IMAGE=$CI_REGISTRY/$CI_PROJECT_PATH - docker buildx build --progress=plain --platform $DOCKER_BUILDX_PLATFORM --build-arg VERSION=$CI_COMMIT_REF_NAME --build-arg COMMIT=$CI_COMMIT_SHA --tag $IMAGE:$CI_COMMIT_REF_NAME --push . - docker buildx build --progress=plain --platform $DOCKER_BUILDX_PLATFORM --build-arg VERSION=$CI_COMMIT_REF_NAME --build-arg COMMIT=$CI_COMMIT_SHA --tag $IMAGE:latest --push . - echo "========== Docker-Hub ==========" diff --git a/Dockerfile b/Dockerfile index ca25001..07feb70 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM python:3.11-alpine +FROM python:3.12-alpine ARG VERSION ARG COMMIT="" @@ -10,7 +10,7 @@ RUN apk update \ && apk add --no-cache --virtual build-deps gcc g++ python3-dev musl-dev pkgconfig \ && apk add --no-cache curl postgresql postgresql-dev mariadb-dev sqlite-dev \ && pip install --no-cache-dir --upgrade uvicorn \ - && pip install --no-cache-dir psycopg2==2.9.9 mysqlclient==2.2.4 pysqlite3==0.5.2 \ + && pip install --no-cache-dir psycopg2==2.9.10 mysqlclient==2.2.7 pysqlite3==0.5.4 \ && pip install --no-cache-dir -r /tmp/requirements.txt \ && apk del build-deps diff --git a/FAQ.md b/FAQ.md deleted file mode 100644 index 4ddd379..0000000 --- a/FAQ.md +++ /dev/null @@ -1,17 +0,0 @@ -# FAQ - -## `Failed to acquire license from (Info: - Error: The allowed time to process response has expired)` - -- Did your timezone settings are correct on fastapi-dls **and your guest**? - -- Did you download the client-token more than an hour ago? - -Please download a new client-token. The guest have to register within an hour after client-token was created. - - -## `jose.exceptions.JWTError: Signature verification failed.` - -- Did you recreated `instance.public.pem` / `instance.private.pem`? - -Then you have to download a **new** client-token on each of your guests. - diff --git a/README.md b/README.md index 3834be3..f928f84 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,12 @@ Minimal Delegated License Service (DLS). -Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0. For Driver compatibility see [here](#setup-client). +> [!note] +> Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0, 3.3.1, 3.4.0. For Driver compatibility +> see [compatibility matrix](#vgpu-software-compatibility-matrix). + +> [!warning] 18.x Drivers are not yet supported! +> Drivers are only supported until **17.x releases**. This service can be used without internet connection. Only the clients need a connection to this service on configured port. @@ -22,6 +27,7 @@ Only the clients need a connection to this service on configured port. * [NVIDIA vGPU Guide](https://gitlab.com/polloloco/vgpu-proxmox) - This document serves as a guide to install NVIDIA vGPU host drivers on the latest Proxmox VE version * [vgpu_unlock](https://github.com/DualCoder/vgpu_unlock) - Unlock vGPU functionality for consumer-grade Nvidia GPUs. * [vGPU_Unlock Wiki](https://docs.google.com/document/d/1pzrWJ9h-zANCtyqRgS7Vzla0Y8Ea2-5z2HEi4X75d2Q) - Guide for `vgpu_unlock` +* [Proxmox 8 vGPU in VMs and LXC Containers](https://medium.com/@dionisievldulrincz/proxmox-8-vgpu-in-vms-and-lxc-containers-4146400207a3) - Install *Merged Drivers* for using in Proxmox VMs and LXCs * [Proxmox All-In-One Installer Script](https://wvthoog.nl/proxmox-vgpu-v3/) - Also known as `proxmox-installer.sh` --- @@ -42,6 +48,9 @@ Tested with Ubuntu 22.10 (EOL!) (from Proxmox templates), actually its consuming - Make sure your timezone is set correct on you fastapi-dls server and your client +This guide does not show how to install vGPU host drivers! Look at the official documentation packed with the driver +releases. + ## Docker Docker-Images are available here for Intel (x86), AMD (amd64) and ARM (arm64): @@ -77,7 +86,7 @@ docker run -e DLS_URL=`hostname -i` -e DLS_PORT=443 -p 443:443 -v $WORKING_DIR:/ See [`examples`](examples) directory for more advanced examples (with reverse proxy usage). -> Adjust *REQUIRED* variables as needed +> Adjust `REQUIRED` variables as needed ```yaml version: '3.9' @@ -324,13 +333,14 @@ Packages are available here: - [GitLab-Registry](https://git.collinwebdesigns.de/oscar.krause/fastapi-dls/-/packages) -Successful tested with: +Successful tested with (**LTS Version**): -- Debian 12 (Bookworm) (EOL: tba.) -- Ubuntu 22.10 (Kinetic Kudu) (EOL: July 20, 2023) -- Ubuntu 23.04 (Lunar Lobster) (EOL: January 2024) -- Ubuntu 23.10 (Mantic Minotaur) (EOL: July 2024) -- Ubuntu 24.04 (Noble Numbat) (EOL: April 2036) +- **Debian 12 (Bookworm)** (EOL: June 06, 2026) +- *Ubuntu 22.10 (Kinetic Kudu)* (EOL: July 20, 2023) +- *Ubuntu 23.04 (Lunar Lobster)* (EOL: January 2024) +- *Ubuntu 23.10 (Mantic Minotaur)* (EOL: July 2024) +- **Ubuntu 24.04 (Noble Numbat)** (EOL: Apr 2029) +- *Ubuntu 24.10 (Oracular Oriole)* (EOL: Jul 2025) Not working with: @@ -388,6 +398,10 @@ Now you have to edit `/etc/default/fastapi-dls` as needed. Continue [here](#unraid-guest) for docker guest setup. +## NixOS + +Tanks to [@mrzenc](https://github.com/mrzenc) for [fastapi-dls-nixos](https://github.com/mrzenc/fastapi-dls-nixos). + ## Let's Encrypt Certificate (optional) If you're using installation via docker, you can use `traefik`. Please refer to their documentation. @@ -406,21 +420,21 @@ After first success you have to replace `--issue` with `--renew`. # Configuration -| Variable | Default | Usage | -|------------------------|----------------------------------------|------------------------------------------------------------------------------------------------------| -| `DEBUG` | `false` | Toggles `fastapi` debug mode | -| `DLS_URL` | `localhost` | Used in client-token to tell guest driver where dls instance is reachable | -| `DLS_PORT` | `443` | Used in client-token to tell guest driver where dls instance is reachable | -| `TOKEN_EXPIRE_DAYS` | `1` | Client auth-token validity (used for authenticate client against api, **not `.tok` file!**) | -| `LEASE_EXPIRE_DAYS` | `90` | Lease time in days | -| `LEASE_RENEWAL_PERIOD` | `0.15` | The percentage of the lease period that must elapse before a licensed client can renew a license \*1 | -| `DATABASE` | `sqlite:///db.sqlite` | See [official SQLAlchemy docs](https://docs.sqlalchemy.org/en/14/core/engines.html) | -| `CORS_ORIGINS` | `https://{DLS_URL}` | Sets `Access-Control-Allow-Origin` header (comma separated string) \*2 | -| `SITE_KEY_XID` | `00000000-0000-0000-0000-000000000000` | Site identification uuid | -| `INSTANCE_REF` | `10000000-0000-0000-0000-000000000001` | Instance identification uuid | -| `ALLOTMENT_REF` | `20000000-0000-0000-0000-000000000001` | Allotment identification uuid | -| `INSTANCE_KEY_RSA` | `/cert/instance.private.pem` | Site-wide private RSA key for singing JWTs \*3 | -| `INSTANCE_KEY_PUB` | `/cert/instance.public.pem` | Site-wide public key \*3 | +| Variable | Default | Usage | +|--------------------------|----------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------| +| `DEBUG` | `false` | Toggles `fastapi` debug mode | +| `DLS_URL` | `localhost` | Used in client-token to tell guest driver where dls instance is reachable | +| `DLS_PORT` | `443` | Used in client-token to tell guest driver where dls instance is reachable | +| `TOKEN_EXPIRE_DAYS` | `1` | Client auth-token validity (used for authenticate client against api, **not `.tok` file!**) | +| `LEASE_EXPIRE_DAYS` | `90` | Lease time in days | +| `LEASE_RENEWAL_PERIOD` | `0.15` | The percentage of the lease period that must elapse before a licensed client can renew a license \*1 | +| `DATABASE` | `sqlite:///db.sqlite` | See [official SQLAlchemy docs](https://docs.sqlalchemy.org/en/14/core/engines.html) | +| `CORS_ORIGINS` | `https://{DLS_URL}` | Sets `Access-Control-Allow-Origin` header (comma separated string) \*2 | +| `SITE_KEY_XID` | `00000000-0000-0000-0000-000000000000` | Site identification uuid | +| `INSTANCE_REF` | `10000000-0000-0000-0000-000000000001` | Instance identification uuid | +| `ALLOTMENT_REF` | `20000000-0000-0000-0000-000000000001` | Allotment identification uuid | +| `INSTANCE_KEY_RSA` | `/cert/instance.private.pem` | Site-wide private RSA key for singing JWTs \*3 | +| `INSTANCE_KEY_PUB` | `/cert/instance.public.pem` | Site-wide public key \*3 | \*1 For example, if the lease period is one day and the renewal period is 20%, the client attempts to renew its license every 4.8 hours. If network connectivity is lost, the loss of connectivity is detected during license renewal and the @@ -434,32 +448,8 @@ client has 19.2 hours in which to re-establish connectivity before its license e **The token file has to be copied! It's not enough to C&P file contents, because there can be special characters.** -Successfully tested with this package versions: - -| vGPU Suftware | Driver Branch | Linux vGPU Manager | Linux Driver | Windows Driver | Release Date | EOL Date | -|:-------------:|:-------------:|--------------------|--------------|----------------|--------------:|--------------:| -| `17.2` | R550 | `550.90.05` | `550.90.07` | `552.55` | June 2024 | February 2025 | -| `17.1` | R550 | `550.54.16` | `550.54.15` | `551.78` | March 2024 | | -| `17.0` | R550 | `550.54.10` | `550.54.14` | `551.61` | February 2024 | | -| `16.6` | R535 | `535.183.04` | `535.183.01` | `538.67` | June 2024 | July 2026 | -| `16.5` | R535 | `535.161.05` | `535.161.08` | `538.46` | February 2024 | | -| `16.4` | R535 | `535.161.05` | `535.161.07` | `538.33` | February 2024 | | -| `16.3` | R535 | `535.154.02` | `535.154.05` | `538.15` | January 2024 | | -| `16.2` | R535 | `535.129.03` | `535.129.03` | `537.70` | October 2023 | | -| `16.1` | R535 | `535.104.06` | `535.104.05` | `537.13` | August 2023 | | -| `16.0` | R535 | `535.54.06` | `535.54.03` | `536.22` | July 2023 | | -| `15.4` | R525 | `525.147.01` | `525.147.05` | `529.19` | June 2023 | October 2023 | -| `15.3` | R525 | `525.125.03` | `525.125.06` | `529.11` | June 2023 | | -| `15.2` | R525 | `525.105.14` | `525.105.17` | `528.89` | March 2023 | | -| `15.1` | R525 | `525.85.07` | `525.85.05` | `528.24` | January 2023 | | -| `15.0` | R525 | `525.60.12` | `525.60.13` | `527.41` | December 2022 | | -| `14.4` | R510 | `510.108.03` | `510.108.03` | `514.08` | December 2022 | February 2023 | -| `14.3` | R510 | `510.108.03` | `510.108.03` | `513.91` | November 2022 | | - -- https://docs.nvidia.com/grid/index.html -- https://docs.nvidia.com/grid/gpus-supported-by-vgpu.html - -*To get the latest drivers, visit Nvidia or search in Discord-Channel `GPU Unlocking` (Server-ID: `829786927829745685`) on channel `licensing` `biggerthanshit` +This guide does not show how to install vGPU guest drivers! Look at the official documentation packed with the driver +releases. ## Linux @@ -535,33 +525,32 @@ Done. For more information check [troubleshoot section](#troubleshoot). 8. Set schedule to `At First Array Start Only` 9. Click on Apply - -# Endpoints +# API Endpoints
show -### `GET /` +**`GET /`** Redirect to `/-/readme`. -### `GET /-/health` +**`GET /-/health`** Status endpoint, used for *healthcheck*. -### `GET /-/config` +**`GET /-/config`** Shows current runtime environment variables and their values. -### `GET /-/readme` +**`GET /-/readme`** HTML rendered README.md. -### `GET /-/manage` +**`GET /-/manage`** Shows a very basic UI to delete origins or leases. -### `GET /-/origins?leases=false` +**`GET /-/origins?leases=false`** List registered origins. @@ -569,11 +558,11 @@ List registered origins. |-----------------|---------|--------------------------------------| | `leases` | `false` | Include referenced leases per origin | -### `DELETE /-/origins` +**`DELETE /-/origins`** Deletes all origins and their leases. -### `GET /-/leases?origin=false` +**`GET /-/leases?origin=false`** List current leases. @@ -581,15 +570,15 @@ List current leases. |-----------------|---------|-------------------------------------| | `origin` | `false` | Include referenced origin per lease | -### `DELETE /-/lease/{lease_ref}` +**`DELETE /-/lease/{lease_ref}`** Deletes an lease. -### `GET /-/client-token` +**`GET /-/client-token`** Generate client token, (see [installation](#installation)). -### Others +**Others** There are many other internal api endpoints for handling authentication and lease process.
@@ -614,11 +603,26 @@ Logs are available in `C:\Users\Public\Documents\Nvidia\LoggingLog.NVDisplay.Con # Known Issues +## Generic + +### `Failed to acquire license from (Info: - Error: The allowed time to process response has expired)` + +- Did your timezone settings are correct on fastapi-dls **and your guest**? +- Did you download the client-token more than an hour ago? + +Please download a new client-token. The guest have to register within an hour after client-token was created. + +### `jose.exceptions.JWTError: Signature verification failed.` + +- Did you recreate `instance.public.pem` / `instance.private.pem`? + +Then you have to download a **new** client-token on each of your guests. + ## Linux -### `uvicorn.error:Invalid HTTP request received.` +### Invalid HTTP request -This message can be ignored. +This error message: `uvicorn.error:Invalid HTTP request received.` can be ignored. - Ref. https://github.com/encode/uvicorn/issues/441 @@ -744,11 +748,49 @@ The error message can safely be ignored (since we have no license limitation :P) +# vGPU Software Compatibility Matrix + +**18.x Drivers are not supported on FastAPI-DLS Versions < 1.6.0** + +
+ Show Table + +Successfully tested with this package versions. + +| vGPU Suftware | Driver Branch | Linux vGPU Manager | Linux Driver | Windows Driver | Release Date | EOL Date | +|:-------------:|:-------------:|--------------------|--------------|----------------|--------------:|--------------:| +| `17.5` | R550 | `550.144.02` | `550.144.03` | `553.62` | January 2025 | June 2025 | +| `17.4` | R550 | `550.127.06` | `550.127.05` | `553.24` | October 2024 | | +| `17.3` | R550 | `550.90.05` | `550.90.07` | `552.74` | July 2024 | | +| `17.2` | R550 | `550.90.05` | `550.90.07` | `552.55` | June 2024 | | +| `17.1` | R550 | `550.54.16` | `550.54.15` | `551.78` | March 2024 | | +| `17.0` | R550 | `550.54.10` | `550.54.14` | `551.61` | February 2024 | | +| `16.9` | R535 | `535.230.02` | `535.216.01` | `539.19` | October 2024 | July 2026 | +| `16.8` | R535 | `535.216.01` | `535.216.01` | `538.95` | October 2024 | | +| `16.7` | R535 | `535.183.04` | `535.183.06` | `538.78` | July 2024 | | +| `16.6` | R535 | `535.183.04` | `535.183.01` | `538.67` | June 2024 | | +| `16.5` | R535 | `535.161.05` | `535.161.08` | `538.46` | February 2024 | | +| `16.4` | R535 | `535.161.05` | `535.161.07` | `538.33` | February 2024 | | +| `16.3` | R535 | `535.154.02` | `535.154.05` | `538.15` | January 2024 | | +| `16.2` | R535 | `535.129.03` | `535.129.03` | `537.70` | October 2023 | | +| `16.1` | R535 | `535.104.06` | `535.104.05` | `537.13` | August 2023 | | +| `16.0` | R535 | `535.54.06` | `535.54.03` | `536.22` | July 2023 | | +| `15.4` | R525 | `525.147.01` | `525.147.05` | `529.19` | June 2023 | December 2023 | +| `14.4` | R510 | `510.108.03` | `510.108.03` | `514.08` | December 2022 | February 2023 | + +
+ +- https://docs.nvidia.com/grid/index.html +- https://docs.nvidia.com/grid/gpus-supported-by-vgpu.html + +*To get the latest drivers, visit Nvidia or search in Discord-Channel `GPU Unlocking` (Server-ID: `829786927829745685`) +on channel `licensing` + # Credits Thanks to vGPU community and all who uses this project and report bugs. -Special thanks to +Special thanks to: - @samicrusader who created build file for **ArchLinux** - @cyrus who wrote the section for **openSUSE** @@ -757,5 +799,6 @@ Special thanks to - @DualCoder who creates the `vgpu_unlock` functionality [vgpu_unlock](https://github.com/DualCoder/vgpu_unlock) - Krutav Shah who wrote the [vGPU_Unlock Wiki](https://docs.google.com/document/d/1pzrWJ9h-zANCtyqRgS7Vzla0Y8Ea2-5z2HEi4X75d2Q/) - Wim van 't Hoog for the [Proxmox All-In-One Installer Script](https://wvthoog.nl/proxmox-vgpu-v3/) +- @mrzenc who wrote [fastapi-dls-nixos](https://github.com/mrzenc/fastapi-dls-nixos) And thanks to all people who contributed to all these libraries! diff --git a/app/main.py b/app/main.py index 91557e7..6ffbc19 100644 --- a/app/main.py +++ b/app/main.py @@ -2,7 +2,7 @@ import logging from base64 import b64encode as b64enc from calendar import timegm from contextlib import asynccontextmanager -from datetime import datetime +from datetime import datetime, timedelta, UTC from hashlib import sha256 from json import loads as json_loads from os import getenv as env @@ -21,7 +21,8 @@ from starlette.middleware.cors import CORSMiddleware from starlette.responses import StreamingResponse, JSONResponse as JSONr, HTMLResponse as HTMLr, Response, \ RedirectResponse -from orm import init as db_init, migrate, Site, Instance, Origin, Lease +from orm import Origin, Lease, init as db_init, migrate +from util import PrivateKey, PublicKey, load_file # Load variables load_dotenv('../version.env') @@ -43,6 +44,14 @@ CORS_ORIGINS = str(env('CORS_ORIGINS', '')).split(',') if (env('CORS_ORIGINS')) ALLOTMENT_REF = str(env('ALLOTMENT_REF', '20000000-0000-0000-0000-000000000001')) # todo +# Logging +LOG_LEVEL = logging.DEBUG if DEBUG else logging.INFO +logging.basicConfig(format='[{levelname:^7}] [{module:^15}] {message}', style='{') +logger = logging.getLogger(__name__) +logger.setLevel(LOG_LEVEL) +logging.getLogger('util').setLevel(LOG_LEVEL) +logging.getLogger('NV').setLevel(LOG_LEVEL) + # FastAPI @asynccontextmanager @@ -55,6 +64,7 @@ async def lifespan(_: FastAPI): client_token_expire_delta = default_instance.get_client_token_expire_delta() logger.info(f''' + Using timezone: {str(TZ)}. Make sure this is correct and match your clients! Your clients will renew their license every {str(Lease.calculate_renewal(lease_renewal_period, lease_renewal_delta))}. @@ -85,14 +95,6 @@ app.add_middleware( allow_headers=['*'], ) -# Logging -LOG_LEVEL = logging.DEBUG if DEBUG else logging.INFO -logging.basicConfig(format='[{levelname:^7}] [{module:^15}] {message}', style='{') -logger = logging.getLogger(__name__) -logger.setLevel(LOG_LEVEL) -logging.getLogger('util').setLevel(LOG_LEVEL) -logging.getLogger('NV').setLevel(LOG_LEVEL) - # Helper def __get_token(request: Request, jwt_decode_key: "jose.jwt") -> dict: @@ -299,10 +301,10 @@ async def _client_token(): # venv/lib/python3.9/site-packages/nls_services_auth/test/test_origins_controller.py @app.post('/auth/v1/origin', description='find or create an origin') async def auth_v1_origin(request: Request): - j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow() + j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC) origin_ref = j.get('candidate_origin_ref') - logging.info(f'> [ origin ]: {origin_ref}: {j}') + logger.info(f'> [ origin ]: {origin_ref}: {j}') data = Origin( origin_ref=origin_ref, @@ -329,10 +331,10 @@ async def auth_v1_origin(request: Request): # venv/lib/python3.9/site-packages/nls_services_auth/test/test_origins_controller.py @app.post('/auth/v1/origin/update', description='update an origin evidence') async def auth_v1_origin_update(request: Request): - j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow() + j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC) origin_ref = j.get('origin_ref') - logging.info(f'> [ update ]: {origin_ref}: {j}') + logger.info(f'> [ update ]: {origin_ref}: {j}') data = Origin( origin_ref=origin_ref, @@ -356,10 +358,10 @@ async def auth_v1_origin_update(request: Request): # venv/lib/python3.9/site-packages/nls_core_auth/auth.py - CodeResponse @app.post('/auth/v1/code', description='get an authorization code') async def auth_v1_code(request: Request): - j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow() + j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC) origin_ref = j.get('origin_ref') - logging.info(f'> [ code ]: {origin_ref}: {j}') + logger.info(f'> [ code ]: {origin_ref}: {j}') delta = relativedelta(minutes=15) expires = cur_time + delta @@ -391,7 +393,7 @@ async def auth_v1_code(request: Request): # venv/lib/python3.9/site-packages/nls_core_auth/auth.py - TokenResponse @app.post('/auth/v1/token', description='exchange auth code and verifier for token') async def auth_v1_token(request: Request): - j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow() + j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC) default_site, default_instance = Site.get_default_site(db), Instance.get_default_instance(db) jwt_encode_key, jwt_decode_key = default_instance.get_jwt_encode_key(), default_instance.get_jwt_decode_key() @@ -402,7 +404,7 @@ async def auth_v1_token(request: Request): return JSONr(status_code=400, content={'status': 400, 'title': 'invalid token', 'detail': str(e)}) origin_ref = payload.get('origin_ref') - logging.info(f'> [ auth ]: {origin_ref}: {j}') + logger.info(f'> [ auth ]: {origin_ref}: {j}') # validate the code challenge challenge = b64enc(sha256(j.get('code_verifier').encode('utf-8')).digest()).rstrip(b'=').decode('utf-8') @@ -448,7 +450,7 @@ async def leasing_v1_lessor(request: Request): origin_ref = token.get('origin_ref') scope_ref_list = j.get('scope_ref_list') - logging.info(f'> [ create ]: {origin_ref}: create leases for scope_ref_list {scope_ref_list}') + logger.info(f'> [ create ]: {origin_ref}: create leases for scope_ref_list {scope_ref_list}') lease_result_list = [] for scope_ref in scope_ref_list: @@ -499,7 +501,7 @@ async def leasing_v1_lessor_lease(request: Request): origin_ref = token.get('origin_ref') active_lease_list = list(map(lambda x: x.lease_ref, Lease.find_by_origin_ref(db, origin_ref))) - logging.info(f'> [ leases ]: {origin_ref}: found {len(active_lease_list)} active leases') + logger.info(f'> [ leases ]: {origin_ref}: found {len(active_lease_list)} active leases') response = { "active_lease_list": active_lease_list, @@ -525,7 +527,7 @@ async def leasing_v1_lease_renew(request: Request, lease_ref: str): return JSONr(status_code=401, content={'status': 401, 'detail': 'token is not valid'}) origin_ref = token.get('origin_ref') - logging.info(f'> [ renew ]: {origin_ref}: renew {lease_ref}') + logger.info(f'> [ renew ]: {origin_ref}: renew {lease_ref}') entity = Lease.find_by_origin_ref_and_lease_ref(db, origin_ref, lease_ref) if entity is None: @@ -559,7 +561,7 @@ async def leasing_v1_lease_delete(request: Request, lease_ref: str): return JSONr(status_code=401, content={'status': 401, 'detail': 'token is not valid'}) origin_ref = token.get('origin_ref') - logging.info(f'> [ return ]: {origin_ref}: return {lease_ref}') + logger.info(f'> [ return ]: {origin_ref}: return {lease_ref}') entity = Lease.find_by_lease_ref(db, lease_ref) if entity.origin_ref != origin_ref: @@ -595,7 +597,7 @@ async def leasing_v1_lessor_lease_remove(request: Request): released_lease_list = list(map(lambda x: x.lease_ref, Lease.find_by_origin_ref(db, origin_ref))) deletions = Lease.cleanup(db, origin_ref) - logging.info(f'> [ remove ]: {origin_ref}: removed {deletions} leases') + logger.info(f'> [ remove ]: {origin_ref}: removed {deletions} leases') response = { "released_lease_list": released_lease_list, @@ -609,7 +611,7 @@ async def leasing_v1_lessor_lease_remove(request: Request): @app.post('/leasing/v1/lessor/shutdown', description='shutdown all leases') async def leasing_v1_lessor_shutdown(request: Request): - j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow() + j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC) jwt_decode_key = Instance.get_default_instance(db).get_jwt_decode_key() @@ -619,7 +621,7 @@ async def leasing_v1_lessor_shutdown(request: Request): released_lease_list = list(map(lambda x: x.lease_ref, Lease.find_by_origin_ref(db, origin_ref))) deletions = Lease.cleanup(db, origin_ref) - logging.info(f'> [ shutdown ]: {origin_ref}: removed {deletions} leases') + logger.info(f'> [ shutdown ]: {origin_ref}: removed {deletions} leases') response = { "released_lease_list": released_lease_list, @@ -642,7 +644,7 @@ if __name__ == '__main__': # ### - logging.info(f'> Starting dev-server ...') + logger.info(f'> Starting dev-server ...') ssl_keyfile = join(dirname(__file__), 'cert/webserver.key') ssl_certfile = join(dirname(__file__), 'cert/webserver.crt') diff --git a/app/orm.py b/app/orm.py index a63186c..87ec623 100644 --- a/app/orm.py +++ b/app/orm.py @@ -1,8 +1,7 @@ -import logging -from datetime import datetime, timedelta +from datetime import datetime, timedelta, timezone, UTC from dateutil.relativedelta import relativedelta -from sqlalchemy import Column, VARCHAR, CHAR, ForeignKey, DATETIME, update, and_, inspect, text, BLOB, INT, FLOAT +from sqlalchemy import Column, VARCHAR, CHAR, ForeignKey, DATETIME, update, and_, inspect, text from sqlalchemy.engine import Engine from sqlalchemy.orm import sessionmaker, declarative_base, Session, relationship @@ -190,7 +189,17 @@ class Origin(Base): if origin_refs is None: deletions = session.query(Origin).delete() else: - deletions = session.query(Origin).filter(Origin.origin_ref in origin_refs).delete() + deletions = session.query(Origin).filter(Origin.origin_ref.in_(origin_refs)).delete() + session.commit() + session.close() + return deletions + + @staticmethod + def delete_expired(engine: Engine) -> int: + session = sessionmaker(bind=engine)() + origins = session.query(Origin).join(Lease, Origin.origin_ref == Lease.origin_ref, isouter=True).filter(Lease.lease_ref.is_(None)).all() + origin_refs = [origin.origin_ref for origin in origins] + deletions = session.query(Origin).filter(Origin.origin_ref.in_(origin_refs)).delete() session.commit() session.close() return deletions @@ -224,10 +233,10 @@ class Lease(Base): 'lease_ref': self.lease_ref, 'origin_ref': self.origin_ref, # 'scope_ref': self.scope_ref, - 'lease_created': self.lease_created.isoformat(), - 'lease_expires': self.lease_expires.isoformat(), - 'lease_updated': self.lease_updated.isoformat(), - 'lease_renewal': lease_renewal.isoformat(), + 'lease_created': self.lease_created.replace(tzinfo=timezone.utc).isoformat(), + 'lease_expires': self.lease_expires.replace(tzinfo=timezone.utc).isoformat(), + 'lease_updated': self.lease_updated.replace(tzinfo=timezone.utc).isoformat(), + 'lease_renewal': lease_renewal.replace(tzinfo=timezone.utc).isoformat(), } @staticmethod @@ -298,7 +307,7 @@ class Lease(Base): @staticmethod def delete_expired(engine: Engine) -> int: session = sessionmaker(bind=engine)() - deletions = session.query(Lease).filter(Lease.lease_expires <= datetime.utcnow()).delete() + deletions = session.query(Lease).filter(Lease.lease_expires <= datetime.now(UTC)).delete() session.commit() session.close() return deletions diff --git a/app/util.py b/app/util.py index d377e6a..1aae17b 100644 --- a/app/util.py +++ b/app/util.py @@ -1,8 +1,81 @@ import logging +from cryptography.hazmat.primitives import serialization +from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey, RSAPublicKey, generate_private_key +from cryptography.hazmat.primitives.serialization import load_pem_private_key, load_pem_public_key + logging.basicConfig() +class PrivateKey: + + def __init__(self, data: bytes): + self.__key = load_pem_private_key(data, password=None) + + @staticmethod + def from_file(filename: str) -> "PrivateKey": + log = logging.getLogger(__name__) + log.debug(f'Importing RSA-Private-Key from "{filename}"') + + with open(filename, 'rb') as f: + data = f.read() + + return PrivateKey(data=data.strip()) + + def raw(self) -> RSAPrivateKey: + return self.__key + + def pem(self) -> bytes: + return self.__key.private_bytes( + encoding=serialization.Encoding.PEM, + format=serialization.PrivateFormat.TraditionalOpenSSL, + encryption_algorithm=serialization.NoEncryption() + ) + + def public_key(self) -> "PublicKey": + data = self.__key.public_key().public_bytes( + encoding=serialization.Encoding.PEM, + format=serialization.PublicFormat.SubjectPublicKeyInfo + ) + return PublicKey(data=data) + + @staticmethod + def generate(public_exponent: int = 65537, key_size: int = 2048) -> "PrivateKey": + log = logging.getLogger(__name__) + log.debug(f'Generating RSA-Key') + key = generate_private_key(public_exponent=public_exponent, key_size=key_size) + data = key.private_bytes( + encoding=serialization.Encoding.PEM, + format=serialization.PrivateFormat.TraditionalOpenSSL, + encryption_algorithm=serialization.NoEncryption() + ) + return PrivateKey(data=data) + + +class PublicKey: + + def __init__(self, data: bytes): + self.__key = load_pem_public_key(data) + + @staticmethod + def from_file(filename: str) -> "PublicKey": + log = logging.getLogger(__name__) + log.debug(f'Importing RSA-Public-Key from "{filename}"') + + with open(filename, 'rb') as f: + data = f.read() + + return PublicKey(data=data.strip()) + + def raw(self) -> RSAPublicKey: + return self.__key + + def pem(self) -> bytes: + return self.__key.public_bytes( + encoding=serialization.Encoding.PEM, + format=serialization.PublicFormat.SubjectPublicKeyInfo + ) + def load_file(filename: str) -> bytes: log = logging.getLogger(f'{__name__}') log.debug(f'Loading contents of file "{filename}') @@ -11,45 +84,6 @@ def load_file(filename: str) -> bytes: return content -def load_key(filename: str) -> "RsaKey": - try: - # Crypto | Cryptodome on Debian - from Crypto.PublicKey import RSA - from Crypto.PublicKey.RSA import RsaKey - except ModuleNotFoundError: - from Cryptodome.PublicKey import RSA - from Cryptodome.PublicKey.RSA import RsaKey - - log = logging.getLogger(__name__) - log.debug(f'Importing RSA-Key from "{filename}"') - return RSA.import_key(extern_key=load_file(filename), passphrase=None) - - -def parse_key(content: bytes) -> "RsaKey": - try: - # Crypto | Cryptodome on Debian - from Crypto.PublicKey import RSA - from Crypto.PublicKey.RSA import RsaKey - except ModuleNotFoundError: - from Cryptodome.PublicKey import RSA - from Cryptodome.PublicKey.RSA import RsaKey - - return RSA.import_key(extern_key=content, passphrase=None) - - -def generate_key() -> "RsaKey": - try: - # Crypto | Cryptodome on Debian - from Crypto.PublicKey import RSA - from Crypto.PublicKey.RSA import RsaKey - except ModuleNotFoundError: - from Cryptodome.PublicKey import RSA - from Cryptodome.PublicKey.RSA import RsaKey - log = logging.getLogger(__name__) - log.debug(f'Generating RSA-Key') - return RSA.generate(bits=2048) - - class NV: __DRIVER_MATRIX_FILENAME = 'static/driver_matrix.json' __DRIVER_MATRIX: None | dict = None # https://docs.nvidia.com/grid/ => "Driver Versions" diff --git a/doc/Database.md b/doc/Database.md deleted file mode 100644 index 5a838a3..0000000 --- a/doc/Database.md +++ /dev/null @@ -1,26 +0,0 @@ -# Database structure - -## `request_routing.service_instance` - -| xid | org_name | -|----------------------------------------|--------------------------| -| `10000000-0000-0000-0000-000000000000` | `lic-000000000000000000` | - -- `xid` is used as `SERVICE_INSTANCE_XID` - -## `request_routing.license_allotment_service_instance` - -| xid | service_instance_xid | license_allotment_xid | -|----------------------------------------|----------------------------------------|----------------------------------------| -| `90000000-0000-0000-0000-000000000001` | `10000000-0000-0000-0000-000000000000` | `80000000-0000-0000-0000-000000000001` | - -- `xid` is only a primary-key and never used as foreign-key or reference -- `license_allotment_xid` must be used to fetch `xid`'s from `request_routing.license_allotment_reference` - -## `request_routing.license_allotment_reference` - -| xid | license_allotment_xid | -|----------------------------------------|----------------------------------------| -| `20000000-0000-0000-0000-000000000001` | `80000000-0000-0000-0000-000000000001` | - -- `xid` is used as `scope_ref_list` on token request diff --git a/doc/Reverse Engineering Notes.md b/doc/Reverse Engineering Notes.md deleted file mode 100644 index 0233a64..0000000 --- a/doc/Reverse Engineering Notes.md +++ /dev/null @@ -1,177 +0,0 @@ -# Reverse Engineering Notes - -# Usefully commands - -## Check licensing status - -- `nvidia-smi -q | grep "License"` - -**Output** - -``` -vGPU Software Licensed Product - License Status : Licensed (Expiry: 2023-1-14 12:59:52 GMT) -``` - -## Track licensing progress - -- NVIDIA Grid Log: `journalctl -u nvidia-gridd -f` - -``` -systemd[1]: Started NVIDIA Grid Daemon. -nvidia-gridd[2986]: Configuration parameter ( ServerAddress ) not set -nvidia-gridd[2986]: vGPU Software package (0) -nvidia-gridd[2986]: Ignore service provider and node-locked licensing -nvidia-gridd[2986]: NLS initialized -nvidia-gridd[2986]: Acquiring license. (Info: license.nvidia.space; NVIDIA RTX Virtual Workstation) -nvidia-gridd[2986]: License acquired successfully. (Info: license.nvidia.space, NVIDIA RTX Virtual Workstation; Expiry: 2023-1-29 22:3:0 GMT) -``` - -# DLS-Container File-System (Docker) - -## Configuration data - -Most variables and configs are stored in `/var/lib/docker/volumes/configurations/_data`. - -Files can be modified with `docker cp :/venv/... /opt/localfile/...` and back. -(May you need to fix permissions with `docker exec -u 0 chown nonroot:nonroot /venv/...`) - -## Dive / Docker image inspector - -- `dive dls:appliance` - -The source code is stored in `/venv/lib/python3.9/site-packages/nls_*`. - -Image-Reference: - -``` -Tags: (unavailable) -Id: d1c7976a5d2b3681ff6c5a30f8187e4015187a83f3f285ba4a37a45458bd6b98 -Digest: sha256:311223c5af7a298ec1104f5dc8c3019bfb0e1f77256dc3d995244ffb295a97 -1f -Command: -#(nop) ADD file:c1900d3e3a29c29a743a8da86c437006ec5d2aa873fb24e48033b6bf492bb37b in / -``` - -## Private Key (Site-Key) - -- `/etc/dls/config/decryptor/decryptor` - -```shell - docker exec -it /etc/dls/config/decryptor/decryptor > /tmp/private-key.pem -``` - -``` ------BEGIN RSA PRIVATE KEY----- -... ------END RSA PRIVATE KEY----- -``` - -## Site Key Uri - `/etc/dls/config/site_key_uri.bin` - -``` -base64-content... -``` - -## DB Password - `/etc/dls/config/dls_db_password.bin` - -``` -base64-content... -``` - -**Decrypt database password** - -``` -cd /var/lib/docker/volumes/configurations/_data -cat dls_db_password.bin | base64 -d > dls_db_password.bin.raw -openssl rsautl -decrypt -inkey /tmp/private-key.pem -in dls_db_password.bin.raw -``` - -# Database - -- It's enough to manipulate database licenses. There must not be changed any line of code to bypass licensing - validations. - -# Logging / Stack Trace - -- https://docs.nvidia.com/license-system/latest/nvidia-license-system-user-guide/index.html#troubleshooting-dls-instance - -**Failed licensing log** - -``` -{ - "activity": 100, - "context": { - "SERVICE_INSTANCE_ID": "b43d6e46-d6d0-4943-8b8d-c66a5f6e0d38", - "SERVICE_INSTANCE_NAME": "DEFAULT_2022-12-14_12:48:30", - "description": "borrow failed: NotFoundError(no pool features found for: NVIDIA RTX Virtual Workstation)", - "event_type": null, - "function_name": "_evt", - "lineno": 54, - "module_name": "nls_dal_lease_dls.event", - "operation_id": "e72a8ca7-34cc-4e11-b80c-273592085a24", - "origin_ref": "3f7f5a50-a26b-425b-8d5e-157f63e72b1c", - "service_name": "nls_services_lease" - }, - "detail": { - "oc": { - "license_allotment_xid": "10c4317f-7c4c-11ed-a524-0e4252a7e5f1", - "origin_ref": "3f7f5a50-a26b-425b-8d5e-157f63e72b1c", - "service_instance_xid": "b43d6e46-d6d0-4943-8b8d-c66a5f6e0d38" - }, - "operation_id": "e72a8ca7-34cc-4e11-b80c-273592085a24" - }, - "id": "0cc9e092-3b92-4652-8d9e-7622ef85dc79", - "metadata": {}, - "ts": "2022-12-15T10:25:36.827661Z" -} - -{ - "activity": 400, - "context": { - "SERVICE_INSTANCE_ID": "b43d6e46-d6d0-4943-8b8d-c66a5f6e0d38", - "SERVICE_INSTANCE_NAME": "DEFAULT_2022-12-14_12:48:30", - "description": "lease_multi_create failed: no pool features found for: NVIDIA RTX Virtual Workstation", - "event_by": "system", - "function_name": "lease_multi_create", - "level": "warning", - "lineno": 157, - "module_name": "nls_services_lease.controllers.lease_multi_controller", - "operation_id": "e72a8ca7-34cc-4e11-b80c-273592085a24", - "service_name": "nls_services_lease" - }, - "detail": { - "_msg": "lease_multi_create failed: no pool features found for: NVIDIA RTX Virtual Workstation", - "exec_info": ["NotFoundError", "NotFoundError(no pool features found for: NVIDIA RTX Virtual Workstation)", " File \"/venv/lib/python3.9/site-packages/nls_services_lease/controllers/lease_multi_controller.py\", line 127, in lease_multi_create\n data = _leaseMulti.lease_multi_create(event_args)\n File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 208, in lease_multi_create\n raise e\n File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 184, in lease_multi_create\n self._try_proposals(oc, mlr, results, detail)\n File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 219, in _try_proposals\n lease = self._leases.create(creator)\n File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 230, in create\n features = self._get_features(creator)\n File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 148, in _get_features\n self._explain_not_available(cur, creator)\n File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 299, in _explain_not_available\n raise NotFoundError(f'no pool features found for: {lcc.product_name}')\n"], - "operation_id": "e72a8ca7-34cc-4e11-b80c-273592085a24" - }, - "id": "282801b9-d612-40a5-9145-b56d8e420dac", - "metadata": {}, - "ts": "2022-12-15T10:25:36.831673Z" -} - -``` - -**Stack Trace** - -``` -"NotFoundError", "NotFoundError(no pool features found for: NVIDIA RTX Virtual Workstation)", " File \"/venv/lib/python3.9/site-packages/nls_services_lease/controllers/lease_multi_controller.py\", line 127, in lease_multi_create - data = _leaseMulti.lease_multi_create(event_args) - File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 208, in lease_multi_create - raise e - File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 184, in lease_multi_create - self._try_proposals(oc, mlr, results, detail) - File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 219, in _try_proposals - lease = self._leases.create(creator) - File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 230, in create - features = self._get_features(creator) - File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 148, in _get_features - self._explain_not_available(cur, creator) - File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 299, in _explain_not_available - raise NotFoundError(f'no pool features found for: {lcc.product_name}') -" -``` - -# Nginx - -- NGINX uses `/opt/certs/cert.pem` and `/opt/certs/key.pem` diff --git a/requirements.txt b/requirements.txt index 097c30b..6819866 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,8 +1,8 @@ -fastapi==0.111.0 -uvicorn[standard]==0.29.0 -python-jose==3.3.0 -pycryptodome==3.20.0 -python-dateutil==2.8.2 -sqlalchemy==2.0.30 -markdown==3.6 -python-dotenv==1.0.1 +fastapi==0.115.12 +uvicorn[standard]==0.34.0 +python-jose[cryptography]==3.4.0 +cryptography==44.0.2 +python-dateutil==2.9.0 +sqlalchemy==2.0.40 +markdown==3.7 +python-dotenv==1.1.0 diff --git a/test/create_driver_matrix_json.py b/test/create_driver_matrix_json.py index 1f31884..2047d2e 100644 --- a/test/create_driver_matrix_json.py +++ b/test/create_driver_matrix_json.py @@ -4,7 +4,7 @@ logging.basicConfig() logger = logging.getLogger(__name__) logger.setLevel(logging.INFO) -URL = 'https://docs.nvidia.com/grid/' +URL = 'https://docs.nvidia.com/vgpu/index.html' BRANCH_STATUS_KEY, SOFTWARE_BRANCH_KEY, = 'vGPU Branch Status', 'vGPU Software Branch' VGPU_KEY, GRID_KEY, DRIVER_BRANCH_KEY = 'vGPU Software', 'vGPU Software', 'Driver Branch' @@ -25,15 +25,15 @@ def __driver_versions(html: 'BeautifulSoup'): return _ # find wrapper for "DriverVersions" and find tables - data = html.find('div', {'id': 'DriverVersions'}) - tables = data.findAll('table') - for table in tables: - # parse software-branch (e.g. "vGPU software 17 Releases" and remove " Releases" for "matrix_key") - software_branch = table.parent.find_previous_sibling('button', {'class': 'accordion'}).text.strip() + data = html.find('div', {'id': 'driver-versions'}) + items = data.findAll('bsp-accordion', {'class': 'Accordion-items-item'}) + for item in items: + software_branch = item.find('div', {'class': 'Accordion-items-item-title'}).text.strip() software_branch = software_branch.replace(' Releases', '') matrix_key = software_branch.lower() # driver version info from table-heads (ths) and table-rows (trs) + table = item.find('table') ths, trs = table.find_all('th'), table.find_all('tr') headers, releases = [header.text.strip() for header in ths], [] for trs in trs: @@ -50,7 +50,7 @@ def __driver_versions(html: 'BeautifulSoup'): def __release_branches(html: 'BeautifulSoup'): # find wrapper for "AllReleaseBranches" and find table - data = html.find('div', {'id': 'AllReleaseBranches'}) + data = html.find('div', {'id': 'all-release-branches'}) table = data.find('table') # branch releases info from table-heads (ths) and table-rows (trs) diff --git a/test/main.py b/test/main.py index ad9072f..556ff09 100644 --- a/test/main.py +++ b/test/main.py @@ -116,6 +116,7 @@ def test_auth_v1_origin(): assert response.json().get('origin_ref') == ORIGIN_REF + def auth_v1_origin_update(): payload = { "registration_pending": False, @@ -151,7 +152,7 @@ def test_auth_v1_code(): def test_auth_v1_token(): - cur_time = datetime.utcnow() + cur_time = datetime.now(UTC) access_expires_on = cur_time + relativedelta(hours=1) payload = { @@ -196,8 +197,6 @@ def test_leasing_v1_lessor(): assert len(lease_result_list[0]['lease']['ref']) == 36 assert str(UUID(lease_result_list[0]['lease']['ref'])) == lease_result_list[0]['lease']['ref'] - return lease_result_list[0]['lease']['ref'] - def test_leasing_v1_lessor_lease(): response = client.get('/leasing/v1/lessor/leases', headers={'authorization': __bearer_token(ORIGIN_REF)}) @@ -240,7 +239,23 @@ def test_leasing_v1_lease_delete(): def test_leasing_v1_lessor_lease_remove(): - lease_ref = test_leasing_v1_lessor() + # see "test_leasing_v1_lessor()" + payload = { + 'fulfillment_context': { + 'fulfillment_class_ref_list': [] + }, + 'lease_proposal_list': [{ + 'license_type_qualifiers': {'count': 1}, + 'product': {'name': 'NVIDIA RTX Virtual Workstation'} + }], + 'proposal_evaluation_mode': 'ALL_OF', + 'scope_ref_list': [ALLOTMENT_REF] + } + + response = client.post('/leasing/v1/lessor', json=payload, headers={'authorization': __bearer_token(ORIGIN_REF)}) + lease_result_list = response.json().get('lease_result_list') + lease_ref = lease_result_list[0]['lease']['ref'] + # response = client.delete('/leasing/v1/lessor/leases', headers={'authorization': __bearer_token(ORIGIN_REF)}) assert response.status_code == 200