Privileged LXC Containers
A really handy post on the dangers of doing so.
Guilty as charged but I run more than one LXC of various flavors, based on Docker or Podman, privileged and unprivileged.
But it's a good head's up
Be careful when using privileged LXCs on Proxmox
Unless you don’t mind exposing your Proxmox host, you should always go for unprivileged LXCs
Ayush Pande
Even if you dip your feet into the Proxmox ecosystem just to run virtual machines, you’re bound to encounter LXCs down the line. Despite offering weaker isolation features, LXCs are fairly flexible and siphon a fraction of the resources as their VM counterparts. With Proxmox VE Helper-Scripts repo offering a plethora of useful templates, LXCs are extremely easy to deploy, making them perfect for newcomers with low-power rigs and hardcore server owners alike.
When you’re attempting to deploy multiple GPU-intensive services like Ollama, Immich (at least, for the machine-learning part), and Jellyfin on your Proxmox host, going down the LXC route sounds better. After all, you don’t need to look into SR-IOV just to pass the same card to different virtual machines or deal with their tendency to hog more system resources. Nor do you have to modify kernel modules and run multiple scripts just to enable GPU passthrough to your VMs.
Have fun
#enoughsaid