Virtualizing Nvidia Hgx B200 Gpus with Open Source

Posted15 days agoActive9 days ago

ben_s

96 points

23 comments

ubicloud.comTech Discussionstory

informativepositive

Debate

20/100

GPU AllocationOpen Source SoftwareCloud Computing

Key topics

GPU Allocation

Open Source Software

Cloud Computing

Virtualizing Nvidia's powerful HGX B200 GPUs with open-source tools just got a whole lot more interesting, thanks to a recent blog post that dives into the nitty-gritty of preserving NVLink bandwidth while maintaining isolation. The author, ben_s, reveals that the biggest challenge was virtualizing GPUs with NVLink, and commenters jump in to discuss the nuances of SR-IOV, MIG, and vGPU technologies. While some debate the feasibility of passing MIG devices into KVM VMs, others share insights on Nvidia's hardware capabilities, including SR-IOV support on Ampere and higher architectures. The conversation highlights the complexities of GPU virtualization and the trade-offs between performance, isolation, and granularity.

Snapshot generated from the HN discussion

Discussion Activity

Very active discussion

First comment

31m

Peak period

0-12h

Avg / period

10.3

Comment distribution31 data points

Loading chart...

Based on 31 loaded comments

Key moments

01Story posted
Dec 18, 2025 at 9:04 AM EST
15 days ago
Step 01
02First comment
Dec 18, 2025 at 9:34 AM EST
31m after posting
Step 02
03Peak activity
28 comments in 0-12h
Hottest window of the conversation
Step 03
04Latest activity
Dec 24, 2025 at 2:36 AM EST
9 days ago
Step 04

Generating AI Summary...

Analyzing up to 500 comments to identify key contributors and discussion patterns

Discussion (23 comments)

Showing 31 comments

ben_sAuthor

15 days ago

2 replies

(author of the blog post here)

For me, the hardest part was virtualizing GPUs with NVLink in the mix. It complicates isolation while trying to preserve performance.

AMA if you want to dig into any of the details.

checker659

15 days ago

1 reply

Isn't SR-IOV a thing with these big GPUs? Or, is it that you're not concerned with fractional granularity?

ben_sAuthor

15 days ago

In this article, we're primarily concerned with whole-GPU or multi-GPU partitions that preserve NVLink bandwidth, rather than finer-grained fractional sharing of a single GPU.

spwa4

15 days ago

1 reply

Would it be possible to implement "virtual memory" for a GPU this way? Let's say you have GPUs at 30% utilization, but memory limited. Could you run 2 workloads by offloading the GPU memory when not in use?

ben_sAuthor

14 days ago

Once you oversubscribe GPU memory, performance usually collapses. Frameworks like vLLM can explicitly offload things like the KV cache to CPU memory, but that's an application-level tradeoff, not transparent GPU virtual memory.

girfan

15 days ago

2 replies

Cool post. Have you looked at slicing a single GPU up for multiple VMs? Is there anything other than MIG that you have come across to partition SMs and memory bandwidth within a single GPU?

ben_sAuthor

15 days ago

1 reply

Thanks! I haven't looked deeply into slicing up a single GPU. My understanding is that vGPU (which we briefly mention in the post) can partition memory but time-shares compute, while MIG is the only mechanism that provides partitioning of both SMs and memory bandwidth within a single GPU.

kaladin-jasnah

15 days ago

For vGPU, I believe MIG is used on Ampere and higher and time slicing is used on Turing and lower. Also, IIRC Ampere and higher has hardware SRIOV capabilities. Not sure about much more than that, I spent a week of my life once trying to enable Ampere vGPU for consumer cards and part of it is to change the driver paths to try and use legacy time slicing instead of MIG.

This was a long time ago, so I honestly have no idea if any of this is true.

namibj

15 days ago

1 reply

Last I checked MIG was the only one that made hard promises about especially memory bandwidth; as long as your memory access patterns aren't secret and you have enough trust in the other guests not being highly unfriendly with their cache usage behavior, you should be able to get away with much less strict isolation. Think docker vs. VMs-with-dedicated-cores.

But I thought MIG did do the job of chopping a GPU that's too big for most individual users into something that behaves very close to a literal array of smaller GPUs stuffed into the same PCIe card form factor? Think how a Tesla K80 was pretty much just two GK210 "GPUs" on a PLX "PCIe switch" which connects them to each other and to the host. Obviously trivial to give one to each of two VMs (at least if the PLX didn't interfere with IOMMU separation or such.... for mere performance isolation it certainly sufficed (once you block a heavy user from power budget throttling the sibling, at least).

tptacek

15 days ago

2 replies

Can you pass a MIG device into a KVM VM? The team we worked with didn't believe it was possible (they suggested we switch to VMWare); the MIG system interface gives you a UUID, not a PCI BDF.

moondev

15 days ago

1 reply

Kubevirt has some examples passing a vpgu into kvm

https://kubevirt.io/user-guide/compute/host-devices/

tptacek

15 days ago

1 reply

Right, vGPUs are explicitly set up to generate BDF addresses that can be passed through (but require host driver support; they're essentially paravirtualized). I'm asking about MIG.

namibj

14 days ago

https://docs.nvidia.com/datacenter/tesla/mig-user-guide/supp... says GPU passhtrough is supported on MIG...

my123

15 days ago

1 reply

There's a MIG vGPU mode usable for this

tptacek

15 days ago

1 reply

Have you used it? How does it work? How do you drive it? We tried a lot of different things. Is it not paravirtualized, the way vGPUs are?

my123

9 days ago

It works with SR-IOV instead of mdev afaik

Still needs some host SW to drive it but actually does static partitioning

IIRC it's usable through using the MIG-marked vGPU types

otterley

15 days ago

1 reply

Is Nvidia’s Fabric Manager and other control plane software open source? If so, that’s news to me.

Also, how strong are the security boundaries among multiple tenants when configured in this way? I know, for example, that AWS is extremely careful about how hardware resources are shared across tenants of a physical host.

ben_sAuthor

15 days ago

1 reply

Fabric Manager itself is not open source. It's NVIDIA-provided software, and today it's required to bring up and manage the NVLink/NVSwitch fabric on HGX systems. What we meant by "open" is that everything around it - the hypervisor, our control plane logic, partition selection, host configuration, etc. - is implemented in the open and available in our repos. You're right that this isn't a fully open GPU stack.

On isolation: in Shared NVSwitch Multitenancy mode, isolation is enforced at multiple layers. Fabric Manager programs the NVSwitch routing tables so GPUs in different partitions cannot exchange NVLink traffic, and each VM receives exclusive ownership of its assigned GPUs via VFIO passthrough. Large providers apply additional hardening and operational controls beyond what we describe here. We're not claiming this is equivalent to AWS's internal threat model, but it does rely on NVIDIA's documented isolation mechanisms.

otterley

15 days ago

Then I would kindly ask you to replace the words Open Source with something more accurate as it’s misleading.

mindcrash

15 days ago

1 reply

In case all of this sounds interesting:

After skimming the article I noticed a large chunk of this article (specifically the bits on deattaching/attaching drivers, qemu and vfio) applies more or less to general GPU virtualization under Linux too!

ben_sAuthor

15 days ago

Thanks for the comment! You're right that a lot of the mechanics apply more generally. On point (3) specifically: we handle this by allocating at the IOMMU-group level rather than individual devices. Our allocator selects an IOMMU group and passes through all devices in that group (e.g., GPU video + audio), which avoids the partial-passthrough wonkiness you mentioned. For reference: https://github.com/ubicloud/ubicloud/blob/main/scheduling/al...

moondev

15 days ago

1 reply

In Shared NVSwitch Multitenancy Mode - are there any considerations for leveraging infiniband devices inside each vm at full performance?

ben_sAuthor

15 days ago

We haven't looked deeply at inter-machine communication yet. NVLink/NVSwitch (which this post focuses on) are intra-node, so InfiniBand is mostly orthogonal I think and comes down to NIC passthrough, NUMA/PCIe placement, and validating RDMA inside the VM.

tptacek

15 days ago

1 reply

Did you ever manage to get vGPU's working in any other hardware configuration? I know it's not what Hx00 customers want. I bloodied my forehead on that for a month or two with Cloud Hypervisor --- I got to the "light reverse engineering of drivers" stage before walking away.

ben_sAuthor

15 days ago

We didn't focus on vGPU and largely avoided it on purpose. Instead, we focused on whole-GPU and NVSwitch-partitioned passthrough (Shared NVSwitch Multitenancy Mode), which is a better fit for the workloads we care about.

tryauuum

15 days ago

1 reply

can someone explain me like I'm 10 what is a BAR?

Like it says something about mmaping 256 GB of per GPU. But wouldn't it waste 2T of RAM? or do I fail in my understanding of what "mmap" is as well..

EDIT: yes, seems like my understanding of mmap wasn't good, it wastes not RAM but address space

convolvatron

15 days ago

Base Address Register

this term can be used at a couple different points (including mappings from physical addresses to physical hardware in the memory network), but a PCI BAR is a register in the configuration space that tells the card what PCI host addresses map to internal memory regions in the card. one BAR per region.

ckastner

15 days ago

1 reply

A lot of this coincides with my own experiments I did to pass-through consumer AMD GPUs into VMs [1], which the Debian ROCm Team uses in their CI.

The Debian package rocm-qemu-support ships scripts that facilitate most of this. I've since generalized this by adding NVIDIA support, but I haven't uploaded the new gpuisol-qemu package [2] to the official Archive yet. It still needs some polishing.

Just dumping this here, and more more references (especially the further reading section, the Gentoo and Arch wikis had a lot of helpful data).

[1]: https://salsa.debian.org/rocm-team/community/team-project/-/...

[2]: https://salsa.debian.org/ckk/gpu-isolation-tools

latchkey

15 days ago

1 reply

A couple open relevant issues here:

https://github.com/amd/MxGPU-Virtualization/issues/6

https://github.com/amd/MxGPU-Virtualization/issues/16

ckastner

15 days ago

Coincidentally, the first issue (referencing Navi 21) was the one I started these experiments with, and this turned out to be a pretty informative.

Our Navi 21 would almost always go AWOL after a test run had been completed, requiring a full reboot. At some point, I noticed that this only happened when our test runner was driving the test; I never had an issue when testing interactively. I eventually realized that our test driver was simply killing the VM when the test was done, which is fine for a CPU-based test, but this messed with the GPU's state. When working interactively, I was always shutting down the host cleanly, which apparently resolved this. A patch to our test runner to cleanly shut down VMs fixed this.

And I've had no luck with iGPUs, as referenced by the second issue.

From what I understand, I don't think that consumer AMD GPUs can/will ever be fully supported, because the GPU reset mechanisms of older cards are so complex. That's why things like vendor-reset [3] exist, which apparently duplicate a lot of the in-kernel driver code but ultimately only twiddle some bits.

[3]: https://github.com/gnif/vendor-reset

checker659

15 days ago

I see no mention of SR-IOV. Can someone explain why one would pick vfio over it?

View full discussion on Hacker News

ID: 46312792Type: storyLast synced: 12/18/2025, 8:40:37 PM

Want the full context?

Jump to the original sources

Read the primary article or dive into the live Hacker News thread when you're ready.

Open link View on HN