Differences

This shows you the differences between two versions of the page.

--- vm:proxmox:lxc:google_coral [2024/12/08 15:45] – niziak
+++ vm:proxmox:lxc:google_coral [2026/03/30 09:07] (current) – niziak
@@ Line 55: / Line 55: @@
 lxc.cgroup2.devices.allow: c 226:128 rwm # iGPU
 lxc.cgroup2.devices.allow: c 189:* rwm # USB Coral TPU
+lxc.cgroup2.devices.allow: c 510:* rwm # AMD KFD
 lxc.mount.entry: /dev/bus/usb/002 dev/bus/usb/002 none bind,optional,create=dir,mode=664 # USB Coral TPU
 lxc.mount.entry: /dev/dri/renderD128 dev/dri/renderD128 none bind,optional,create=file 0,0 # iGPU (u=root g=render)
+lxc.mount.entry: /dev/kfd dev/kfd none bind,optional,create=file 0,0 # AMD kernel fusion driver (u=root g=render)
 </file>
@@ Line 77: / Line 79: @@
 <file ini /etc/udev/rules.d/99-igpu.rules>
 KERNEL=="renderD128", MODE="0664", OWNER="100000", GROUP="111000"
+KERNEL=="kfd", MODE="0664", OWNER="100000", GROUP="111000"
 </file>
@@ Line 114: / Line 117: @@
 I suppose this is not possible to use unpriv LXC and enable ''CAP_SYS_ADMIN'' (multiple trials with ''lxc.cap.drop'' and ''lxc.cap.keep'').
-It works when <code bash>sysctl --write kernel.perf_event_paranoid=0</code> which is still safer than giving container ''CAP_SYS_ADMIN''.
+It works when <code bash>sysctl --write kernel.perf_event_paranoid=0</code> which is still safer (there were kernel vulnerabilities) than giving container ''CAP_SYS_ADMIN''.
+When Frigate is running and performance events are accessible in LXC, command <code bash>intel_gpu_top</code> show nicely formatted text statistics:
+{{:vm:proxmox:lxc:pasted:20241208-144931.png}}
 ===== references =====

Tools

menus and quick search

quick search

site status

Page Tools

meta data for this page

Differences