我正在尝试在 nspawn 容器内运行 GPU 计算应用程序,我已按如下方式配置容器:
/etc/systemd/nspawn/ubuntuintel.nspawn:
argon# cat ubuntuintel.nspawn
[Exec]
Capability=CAP_SYS_ADMIN
[Files]
Bind=/dev/dri
/etc/systemd/system.control/[email protected]/50-DeviceAllow.conf:
# This is a drop-in unit file extension, created via "systemctl set-property"
# or an equivalent operation. Do not edit.
[Service]
DeviceAllow=
DeviceAllow=/dev/net/tun rwm
DeviceAllow=char-pts rw
DeviceAllow=/dev/loop-control rw
DeviceAllow=block-loop rw
DeviceAllow=block-blkext rw
DeviceAllow=/dev/mapper/control rw
DeviceAllow=block-device-mapper rw
DeviceAllow=/dev/dri rwm
然后我通过运行容器systemctl start [email protected]
在容器中存在 /dev/dri 目录,但是在运行应用程序时会发生这种情况:
openat(AT_FDCWD, "/dev/dri/renderD128", O_RDWR) = -1 EPERM (Operation not permitted)
让容器使用 GPU 的正确方法是什么?我也考虑过简单地使用 qemu + pci 直通,但这要重得多