feat(server): add feat: auto-detection of compute driver at startup (NVIDIA#1088)

sjenning · web-flow · commit ea4915ad30ed · 2026-04-30T17:39:26.000-07:00
When no drivers are explicitly configured, the server now automatically
detects the appropriate compute driver by checking the runtime environment:

- Kubernetes: detected via KUBERNETES_SERVICE_HOST env var (set inside pods)
- Podman: detected by checking if podman binary is available on PATH
- Docker: detected by checking if docker binary is available on PATH

Priority order: Kubernetes → Podman → Docker. VM is never auto-detected
and must be selected explicitly via --drivers vm.

The Auto variant is internal-only and does not serialize to config files.
The default --drivers value is now empty, triggering auto-detection.
diff --git a/crates/openshell-core/src/config.rs b/crates/openshell-core/src/config.rs
@@ -7,6 +7,7 @@ use serde::{Deserialize, Serialize};
 use std::fmt;
 use std::net::SocketAddr;
 use std::path::PathBuf;
+use std::process::Command;
 use std::str::FromStr;
 
 // ── Public default constants ────────────────────────────────────────────
@@ -86,6 +87,40 @@ impl FromStr for ComputeDriverKind {
     }
 }
 
+/// Auto-detect the appropriate compute driver based on the runtime environment.
+///
+/// Priority order: Kubernetes → Podman → Docker.
+/// VM is never auto-detected (requires explicit `--drivers vm`).
+///
+/// Returns the first driver where the environment check passes.
+/// Returns `None` if no compatible driver is found.
+pub fn detect_driver() -> Option<ComputeDriverKind> {
+    // Kubernetes: check for KUBERNETES_SERVICE_HOST env var (set inside pods)
+    if std::env::var_os("KUBERNETES_SERVICE_HOST").is_some() {
+        return Some(ComputeDriverKind::Kubernetes);
+    }
+
+    // Podman: check if podman binary is available
+    if is_binary_available("podman") {
+        return Some(ComputeDriverKind::Podman);
+    }
+
+    // Docker: check if docker binary is available
+    if is_binary_available("docker") {
+        return Some(ComputeDriverKind::Docker);
+    }
+
+    None
+}
+
+/// Check if a binary is available on the system PATH.
+fn is_binary_available(name: &str) -> bool {
+    Command::new(name)
+        .arg("--version")
+        .output()
+        .is_ok_and(|output| output.status.success())
+}
+
 /// Server configuration.
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct Config {
@@ -124,7 +159,7 @@ pub struct Config {
     /// The config shape allows multiple drivers so the gateway can evolve
     /// toward multi-backend routing. Current releases require exactly one
     /// configured driver.
-    #[serde(default = "default_compute_drivers")]
+    #[serde(default)]
     pub compute_drivers: Vec<ComputeDriverKind>,
 
     /// Kubernetes namespace for sandboxes.
@@ -296,7 +331,7 @@ impl Config {
             tls,
             oidc: None,
             database_url: String::new(),
-            compute_drivers: default_compute_drivers(),
+            compute_drivers: vec![],
             sandbox_namespace: default_sandbox_namespace(),
             sandbox_image: default_sandbox_image(),
             sandbox_image_pull_policy: String::new(),
@@ -472,10 +507,6 @@ fn default_sandbox_image() -> String {
     format!("{}/base:latest", crate::image::DEFAULT_COMMUNITY_REGISTRY)
 }
 
-fn default_compute_drivers() -> Vec<ComputeDriverKind> {
-    vec![ComputeDriverKind::Kubernetes]
-}
-
 fn default_ssh_gateway_host() -> String {
     "127.0.0.1".to_string()
 }
@@ -506,7 +537,7 @@ const fn default_ssh_session_ttl_secs() -> u64 {
 
 #[cfg(test)]
 mod tests {
-    use super::{ComputeDriverKind, Config};
+    use super::{ComputeDriverKind, Config, detect_driver};
     use std::net::SocketAddr;
 
     #[test]
@@ -535,14 +566,6 @@ mod tests {
         assert!(err.contains("unsupported compute driver 'firecracker'"));
     }
 
-    #[test]
-    fn config_defaults_to_kubernetes_driver() {
-        assert_eq!(
-            Config::new(None).compute_drivers,
-            vec![ComputeDriverKind::Kubernetes]
-        );
-    }
-
     #[test]
     fn config_new_disables_health_bind_by_default() {
         let cfg = Config::new(None);
@@ -555,4 +578,36 @@ mod tests {
         let cfg = Config::new(None).with_health_bind_address(addr);
         assert_eq!(cfg.health_bind_address, Some(addr));
     }
+
+    #[test]
+    fn detect_driver_returns_none_without_k8s_env_or_binaries() {
+        // When KUBERNETES_SERVICE_HOST is not set and no docker/podman binaries
+        // are available, detect_driver should return None.
+        // This test may pass or fail depending on the test environment,
+        // but it documents the expected behavior.
+        let _ = detect_driver(); // Returns Some or None based on environment
+    }
+
+    #[test]
+    #[allow(unsafe_code)] // std::env::set_var/remove_var require unsafe in Rust 2024
+    fn detect_driver_prefers_kubernetes_when_k8s_env_is_set() {
+        // Save the original env var
+        let original = std::env::var("KUBERNETES_SERVICE_HOST").ok();
+
+        // Set the env var
+        unsafe {
+            std::env::set_var("KUBERNETES_SERVICE_HOST", "127.0.0.1");
+        }
+
+        let result = detect_driver();
+        assert_eq!(result, Some(ComputeDriverKind::Kubernetes));
+
+        // Restore the original env var
+        unsafe {
+            match original {
+                Some(val) => std::env::set_var("KUBERNETES_SERVICE_HOST", val),
+                None => std::env::remove_var("KUBERNETES_SERVICE_HOST"),
+            }
+        }
+    }
 }
diff --git a/crates/openshell-server/src/cli.rs b/crates/openshell-server/src/cli.rs
@@ -61,12 +61,14 @@ struct Args {
     /// Accepts a comma-delimited list such as `kubernetes` or
     /// `kubernetes,podman`. The configuration format is future-proofed for
     /// multiple drivers, but the gateway currently requires exactly one.
+    /// When unset, the gateway auto-detects the driver based on the runtime
+    /// environment (Kubernetes → Podman → Docker). VM is never auto-detected
+    /// and requires explicit configuration.
     #[arg(
         long,
         alias = "driver",
         env = "OPENSHELL_DRIVERS",
         value_delimiter = ',',
-        default_value = "kubernetes",
         value_parser = parse_compute_driver
     )]
     drivers: Vec<ComputeDriverKind>,
diff --git a/crates/openshell-server/src/lib.rs b/crates/openshell-server/src/lib.rs
@@ -498,9 +498,12 @@ async fn build_compute_runtime(
 
 fn configured_compute_driver(config: &Config) -> Result<ComputeDriverKind> {
     match config.compute_drivers.as_slice() {
-        [] => Err(Error::config(
-            "at least one compute driver must be configured",
-        )),
+        [] => openshell_core::config::detect_driver().ok_or_else(|| {
+            Error::config(
+                "no compute driver configured and auto-detection found no suitable driver; \
+                set --drivers or OPENSHELL_DRIVERS to kubernetes, podman, docker, or vm",
+            )
+        }),
         [
             driver @ (ComputeDriverKind::Kubernetes
             | ComputeDriverKind::Vm
@@ -545,10 +548,33 @@ mod tests {
     }
 
     #[test]
-    fn configured_compute_driver_rejects_empty_drivers() {
+    fn configured_compute_driver_triggers_auto_detection_when_empty() {
         let config = Config::new(None).with_compute_drivers([]);
-        let err = configured_compute_driver(&config).unwrap_err();
-        assert!(err.to_string().contains("at least one compute driver"));
+        // Empty drivers triggers auto-detection, which may return Some or None
+        // depending on the environment. This test verifies the auto-detection path
+        // is taken rather than immediately returning an error.
+        let result = configured_compute_driver(&config);
+        // Either we get a detected driver or an error about none being detected
+        match result {
+            Ok(driver) => {
+                assert!(
+                    matches!(
+                        driver,
+                        ComputeDriverKind::Kubernetes
+                            | ComputeDriverKind::Docker
+                            | ComputeDriverKind::Podman
+                    ),
+                    "auto-detected unexpected driver: {driver:?}"
+                );
+            }
+            Err(e) => {
+                assert!(
+                    e.to_string()
+                        .contains("no compute driver configured and none detected"),
+                    "unexpected error: {e}"
+                );
+            }
+        }
     }
 
     #[test]
