Hey all,

I thought I'd share a side project I've been working on, which involves building containers with Nvidia kernel modules and userspace components that work as bootable OS images thanks to "container-native" support within Fedora Silverblue.

This approach has several advantages over the traditional package management model for installing out-of-tree drivers, including:

1) Have the install process and QA shift from client side to server side, making a CI/CD model of driver distribution possible.

2) Eliminate the possibility of update failures (i.e., will a , as only container builds with successful runs will be committed to a container registry and updates are delivered with an "immutable" model

3) Modules are signed with one key from a central repo, ensuring that only one key has to be enrolled for all client systems for enabling secure boot support

4) Enable the possibility of supporting multiple driver release streams. i.e., give users the freedom to rebase on 525xx, 520xx, 470xx series drivers, etc, as well as pin to a specific image snapshot in case of a driver regression

5) Have the ability to download a pre-built bootable image from a central repo, or build an image locally with further customizations thanks to the flexibility of the Containerfile format

6) Give maintainers a broader framework for debugging regressions, namely being able to boot into a specific snapshot listed in a bug report

It's true that Nvidia has been the source of many hardware issues. I refuse to own an Nvidia card because of this. But many Linux users use Nvidia, which I thought would be a great motivation for working on a container-native approach to out-of-three driver support.

More info here:

- Josh