Replace /nix/store mount with targeted nvidia driver lib path

Create a stable symlink at /etc/nvidia-driver/lib pointing to the nvidia driver package's lib directory. The device plugin now mounts only the driver libs it needs instead of the entire nix store. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-19 13:47:23 -08:00 · 2026-02-19 13:47:23 -08:00 · 333950d3ba
commit 333950d3ba
parent a5949f228d
2 changed files with 5 additions and 7 deletions
--- a/argocd/manifests/nvidia-device-plugin/daemonset.yaml
+++ b/argocd/manifests/nvidia-device-plugin/daemonset.yaml
@ -39,9 +39,6 @@ spec:
            - name: nvidia-libs
              mountPath: /run/nvidia/lib
              readOnly: true
-            - name: nix-store
-              mountPath: /nix/store
-              readOnly: true
      volumes:
        - name: device-plugins
          hostPath:
@ -51,7 +48,4 @@ spec:
            path: /var/run/cdi
        - name: nvidia-libs
          hostPath:
-            path: /run/opengl-driver/lib
-        - name: nix-store
-          hostPath:
-            path: /nix/store
+            path: /etc/nvidia-driver/lib
--- a/nixos/ringtail/configuration.nix
+++ b/nixos/ringtail/configuration.nix
@ -38,6 +38,10 @@ in
  # NVIDIA container toolkit (CDI specs + runtime for containerd/k3s GPU pods)
  hardware.nvidia-container-toolkit.enable = true;

+  # Stable path to NVIDIA driver libraries for k3s device plugin pod mounts.
+  # Avoids mounting all of /nix/store — only the driver derivation is needed.
+  environment.etc."nvidia-driver/lib".source = "${config.hardware.nvidia.package}/lib";
+
  # Stable-path wrapper for nvidia-container-runtime.cdi (the CDI-based OCI
  # runtime that injects GPU devices/libs from NixOS-generated CDI specs).
  # The wrapper adds runc to PATH since k3s doesn't ship a standalone runc binary.