Adding Intel Core i7 iGPU to privileged LXC container

R

Ryan_Malone

Member
Mar 31, 2024
32
2
8
Hi All,

I need some guidance on the final steps of configuring an iGPU for Plex as I'm not exactly sure how to pass it through from Proxmox. I'm trying to add an i7 iGPU from my Intel NUC to a Plex LXC and I can see the device on Proxmox, so that's good, but I'm not sure how to actually pass it through to the container. I have followed all the steps in this tutorial up until the Jellyfin-related steps.

https://forum.proxmox.com/threads/proxmox-lxc-igpu-passthrough.141381/

Here is my LXC conf file:
arch: amd64
cores: 4
dev0: /dev/dri/card0,gid=44
dev1: /dev/dri/renderD128,gid=104
features: keyctl=1,nesting=1
hostname: plex
memory: 2048
mp0: /mnt/pve/unraiddata-goathead,mp=/media
mp9: /mnt/user/unraiddata
net0: name=eth0,bridge=vmbr0,hwaddr=BC:24:11:20:5E:71,ip=dhcp,type=veth
onboot: 1
ostype: ubuntu
rootfs: fast_thinpool:vm-100-disk-0,size=8G
swap: 512
tags: proxmox-helper-scripts
unprivileged: 1
lxc.cgroup2.devices.allow: c 226:0 rwm
lxc.cgroup2.devices.allow: c 226:128 rwm
lxc.mount.entry: /dev/dri/renderD128 dev/dri/renderD128 none bind,optional,create=file

Here is the output of lspci:
lspci -nnv | grep VGA
00:02.0 VGA compatible controller [0300]: Intel Corporation Raptor Lake-P [Iris Xe Graphics] [8086:a7a0] (rev 04) (prog-if 00 [VGA controller])

When I try and add a device (see screenshot below), do I add '8086:a7a0' as the device?
Studio Snippet 2024-07-12 at 13.37.52.jpg
 
When passing a device to a container, you do not pass the physical PCI device through as you would to a VM. When passing to a VM, the device becomes unavailable to the host. When passing to a container you only pass a device node through and the host still has access since the device driver is provided by the host. These device nodes are typically found under /dev/. In your case it is /dev/dri/card0 and /dev/dri/renderD128.

Ryan_Malone said:
dev0: /dev/dri/card0,gid=44
dev1: /dev/dri/renderD128,gid=104
Click to expand...
Since you already pass the devices to the container up here, you can remove the following part from the container config file:
Ryan_Malone said:
lxc.cgroup2.devices.allow: c 226:0 rwm
lxc.cgroup2.devices.allow: c 226:128 rwm
lxc.mount.entry: /dev/dri/renderD128 dev/dri/renderD128 none bind,optional,create=file
Click to expand...
 
fschauer said:
When passing a device to a container, you do not pass the physical PCI device through as you would to a VM. When passing to a VM, the device becomes unavailable to the host. When passing to a container you only pass a device node through and the host still has access since the device driver is provided by the host. These device nodes are typically found under /dev/. In your case it is /dev/dri/card0 and /dev/dri/renderD128.


Since you already pass the devices to the container up here, you can remove the following part from the container config file:
Click to expand...
Thanks for explaining that. I discovered this after adding Jellyfin, in addition to Plex, and without doing anything specific to pass it through, an lspci command listed the iGPU. However, after leaving both of them running over Friday night and Saturday, when I came back to them on Sunday and restarting them, neither would start. I restored from Saturday’s and then Sunday’s backup, the container would start, but the Plex service wouldn’t run. I reinstalled them again, mounted the NFS shares from the host into the container, reconfigured, removed the bit below from the config file:

lxc.cgroup2.devices.allow: c 226:0 rwm
lxc.cgroup2.devices.allow: c 226:128 rwm
lxc.mount.entry: /dev/dri/renderD128 dev/dri/renderD128 none bind,optional,create=file

and all is still good, but I didn’t rebuild Jellyfin. Could it be that a conflict had occurred, as one would expect with 2 VMs trying to use the same device? Or was it the extra bit in the config file specifying the resource that caused the instability? If a container is just using and sharing the resource (the iGPU) as if it's just an application, it would be unexpected that sharing it would cause instability.
 
Last edited:
What most likely happened is that the device node could not be created as specified by dev1, since it was already mounted into the container by this line:
Ryan_Malone said:
lxc.mount.entry: /dev/dri/renderD128 dev/dri/renderD128 none bind,optional,create=file
Click to expand...

When attempting to start the container with the debug option,
Code: 
pct start 100 --debug
The output would contain the following message:
DEBUG utils - ../src/lxc/utils.c:run_buffer:560 - Script exec /usr/share/lxc/hooks/lxc-pve-autodev-hook 100 lxc autodev produced output: Could not mknod /usr/lib/x86_64-linux-gnu/lxc/rootfs/dev/dri/renderD128: File exists

Resulting in:
ERROR conf - ../src/lxc/conf.c:lxc_setup:3948 - Failed to run autodev hooks
 
Last edited:
I'm still having issues with this LXC. I noticed some new media I added to the remote NAS the mount is mapped to didn't show up in Plex. So I went into the container and the directory didn't see to exist. I got the error below:

Studio Snippet 2024-07-17 at 15.40.13.jpg

It looks like it's there but it's not. I then tried to restart the container and it won't restart. Below is the VM config.

arch: amd64
cores: 4
dev0: /dev/dri/card0,gid=44
dev1: /dev/dri/renderD128,gid=104
features: keyctl=1,nesting=1
hostname: plex
memory: 4096
mp0: /mnt/pve/unraiddata-goathead,mp=/media
net0: name=eth0,bridge=vmbr0,hwaddr=BC:24:11:38:E9:1A,ip=dhcp,type=veth
onboot: 1
ostype: ubuntu
rootfs: ZFS_ssd_storage1:subvol-100-disk-0,size=508G
swap: 1344
tags: proxmox-helper-scripts
unprivileged: 1

When I try and start the VM in debug mode I get the output below. Can you make any sense of it?

root@home:~# pct start 100 --debug
run_buffer: 571 Script exited with status 116
lxc_init: 845 Failed to run lxc.hook.pre-start for container "100"
__lxc_start: 2034 Failed to initialize container "100"
0 hostid 100000 range 65536
INFO lsm - ../src/lxc/lsm/lsm.c:lsm_init_static:38 - Initialized LSM security driver AppArmor
INFO utils - ../src/lxc/utils.c:run_script_argv:587 - Executing script "/usr/share/lxc/hooks/lxc-pve-prestart-hook" for container "100", config section "lxc"
DEBUG utils - ../src/lxc/utils.c:run_buffer:560 - Script exec /usr/share/lxc/hooks/lxc-pve-prestart-hook 100 lxc pre-start produced output: directory '/mnt/pve/unraiddata-goathead' does not exist

ERROR utils - ../src/lxc/utils.c:run_buffer:571 - Script exited with status 116
ERROR start - ../src/lxc/start.c:lxc_init:845 - Failed to run lxc.hook.pre-start for container "100"
ERROR start - ../src/lxc/start.c:__lxc_start:2034 - Failed to initialize container "100"
INFO utils - ../src/lxc/utils.c:run_script_argv:587 - Executing script "/usr/share/lxc/hooks/lxc-pve-poststop-hook" for container "100", config section "lxc"

if I reboot Proxmox, everything works again. Rebooting the LXC doesn't get it working again. I need to reboot every day though so something is wrong.
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back