Can I keep X11/mesa/vulkan/vc4 assets only in a container (non-privileged) and not in host OS?

Hi. As I’m trying to revise my setup, I seek for advice if what I’m looking for is feasible.

My environment is:

  • host HW is RaspberryPi 4 8GB
  • host OS is Ubuntu Server 22.10 64-bit (X11 server is currently here altogether with PulseAudio)
  • one non-privileged “GUI” container for wchich I require graphics acceleration for RPi VideoCore4/vc4 (mesa, vulkan) though apps themselves are GPU-lightweight - RetroPie, Project OutFox (former StepMania).
  • non-GUI containers

I want to rework my setup and make host OS as light as possible. Thus I think of pushing all X11, mesa/vulkan/vc4 drivers into a container and also to get rid of PulseAudio on both host and container (and work with ALSA directly).

My main question is: Is it possible to keep host OS clean from graphic acceleration assets (mesa, vulkan, …) and X11 components?
Will I hit any obvious issues/limitations, like, maybe, ones relevant to non-privileged class of my GUI container?
If it’s not possible to get rid of it completely, what’s the bare minimum I have to keep on host OS?

Minor question: if the above is doable, can I switch to Ubuntu Core as host OS for such LXD setup?
Are there any limitations of Ubuntu Core’s LXD that are relevant to audio/GUI part? It is mentioned that GUI snaps are supposed to be based on Wayland, but I suppose it doesn’t affect me, as my GUI apps will be hidden within LXD.

Anyone?)

Did you ever get a solution? I think it is a very interesting question.

) nope, but once I sort out issue of booting Ubuntu Core from M.2 SSD on my Pi, I will come back to my tryout. I’ve bookmarked Physical GPU passthrough to VM seems to be working, but guests output only to Virtio GPU as it is somehow adjacent (though for VM) for that time.

Quite a niche question, thus don’t expect an answer anytime soon though (

I really do not think this is a niche question at all. You are asking a very practical question on if you can have all the gui asests in the container. I have followed the most recent gui guide on this forum and while it seems to pass all the tests setout in the guide, I have no audio in the container with you tube. Any thoughts?

Have you tried having all the gui assets in the container?

nope, don’t have enough spare time for it.

Re audio...

I suggest to raise separate topic. From what I recall (it was 2 yrs agio), audio was working fine ([Snap: LXD 4.11] [solved] Can't get GPU HW acceleration for non-root/sudo/su user within container) - however, I’ve used PulseAudio I think.

Have anyone by chance heard anything new that can help to keep gui/media-related assets only in non-privileged container (and keep host OS free of them)?