How to passthrough nvidia gpu to multiple LXCs

tags:
  - self-hosted
  - Proxmox
  - lxc
  - container
  - gpu
  - passthrough
  - how-to
  - tutorial
  - hardware
  - linux
date: 2025-09-13

Posted: 2025-09-13

Mostly posting this here because I keep having to do it and all the write-ups I've found are steps for specific tasks so I wanted a short generic one.

I'm using this on Proxmox VE 8.4.1 however I believe the steps should also apply for any linux host running LXCs.

Prerequisites

Ensure drivers won't change version unintentionally (Don't install them via package manager): On both Host and Container, check if your package manager has installed any nvidia packages.

On debian/ubuntu-based systems apt list nvidia* will output them, for Arch pacman -Q nvidia. You specifically are looking for a package with a name formatted like "nvidia-You may have additional nvidia related packages installed. Whether or not those will cause problems is extremely system-config dependent but

Installing the Driver

You will need to install the driver on both the Host machine and inside the container. Downloading is identical for host and container, but THE INSTALL STEP INSIDE THE CONTAINER MUST INCLUDE THE --no-kernel-module FLAG. MAKE SURE YOU DO NOT RUN WITH THE FLAG ON HOST OR WITHOUT IT IN CONTAINER

Downloading

On both the Host and in the Container, manually download an appropriate driver version from https://www.nvidia.com/en-us/drivers/unix/. You can achieve this on the command line by copying the download link for a version and using wget, ex. wget https://us.download.nvidia.com/XFree86/Linux-x86_64/580.82.09/NVIDIA-Linux-x86_64-580.82.09.run
Ensure the file is marked executable (chmod + x NVIDIA-Linux-x86_64-580.82.09.run)

Installing

On HOST: Run the installer with no flags: ./NVIDIA-Linux-x86_64-580.82.09.run and follow the instructions of the installer In CONTAINER: Run the installer with the --no-kernel-module flag appended: ./NVIDIA-Linux-x86_64-580.82.09.run --no-kernel-module

Configuring the container for access to the device

This section makes assumptions about the location of lxc config files based on a host running Proxmox VE. If you are following these steps on a different Host OS, you will need to determine where the lxc config files are stored in your system. The remainder of the steps and the general concepts should remain the same regardless of the flavor of linux you're using.

On your Host machine, run the command ls -l /dev/nvidia*. This should output something along the lines of:

crw-rw-rw- 1 root root 195,   0 Sep 13 07:03 /dev/nvidia0
crw-rw-rw- 1 root root 195, 255 Sep 13 07:03 /dev/nvidiactl
crw-rw-rw- 1 root root 195, 254 Sep 13 07:03 /dev/nvidia-modeset
crw-rw-rw- 1 root root 234,   0 Sep 13 07:03 /dev/nvidia-uvm
crw-rw-rw- 1 root root 234,   1 Sep 13 07:03 /dev/nvidia-uvm-tools

/dev/nvidia-caps:
total 0
cr-------- 1 root root 238, 1 Sep 13 07:03 nvidia-cap1
cr--r--r-- 1 root root 238, 2 Sep 13 07:03 nvidia-cap2

NOTE: You may or may not see output under /dev/nvidia-caps. You don't need to worry about or include any values for it.

What you care about for this are the device names (/dev/nvidia... at the end of the lines), and the ids associated with them (the comma-separated numbers between the usergroup and the date). You will need to add lines to the config file for your lxc using that information, for example with the above output you would add:

lxc.cgroup2.devices.allow: c 195:* rwm
lxc.cgroup2.devices.allow: c 234:* rwm

lxc.mount.entry: /dev/nvidia0 dev/nvidia0 none bind,optional,create=file
lxc.mount.entry: /dev/nvidiactl dev/nvidiactl none bind,optional,create=file
lxc.mount.entry: /dev/nvidia-uvm dev/nvidia-uvm none bind,optional,create=file
lxc.mount.entry: /dev/nvidia-uvm-tools dev/nvidia-uvm-tools none bind,optional,create=file
lxc.mount.entry: /dev/nvidia-caps/nvidia-cap1 dev/nvidia-caps/nvidia-cap1 none bind,optional,create=file
lxc.mount.entry: /dev/nvidia-caps/nvidia-cap2 dev/nvidia-caps/nvidia-cap2 none bind,optional,create=file

The first two lines are configuring cgroups to allow access to the nvidia devices, based on the ids you received. In this example those are 195 and 234. If you had more or different Ids you would just change the value and/or add additional allow lines with the appropriate Ids.

The remaining lines mount the devices in the container for use. Make sure you add a mount entry for each nvidia device, and remember you do not need to include the nvidia-caps devices.

Once you've finished editing the lxc config file and have saved it, reboot the container. If everything has worked properly, you should now be able to run nvidia-smi from within the container successfully and you should see the Host's gpu: Pasted image 20250913114050.png

If that didn't work, confirm that your lxc config file does not have typos and try starting the LXC from outside of it via command line so that you can see any errors which may provide diagnostic info. Pray it's a typo because if it's not it will drive you crazy.