diff --git a/pkg/drivers/kic/oci/oci.go b/pkg/drivers/kic/oci/oci.go
index 9516af6b6f..16572d2127 100644
--- a/pkg/drivers/kic/oci/oci.go
+++ b/pkg/drivers/kic/oci/oci.go
@@ -108,6 +108,44 @@ func PrepareContainerNode(p CreateParams) error {
 	return nil
 }
 
+// kernelModulesPath checks for the existence of a known alternative kernel modules directory,
+// returning the default if none are present
+func kernelModulesPath() string {
+	paths := []string{
+		"/run/current-system/kernel-modules/lib/modules", // NixOS
+	}
+	for _, path := range paths {
+		if _, err := os.Stat(path); err == nil {
+			return path
+		}
+	}
+	return "/lib/modules"
+}
+
+func checkRunning(p CreateParams) func() error {
+	return func() error {
+		r, err := ContainerRunning(p.OCIBinary, p.Name)
+		if err != nil {
+			return fmt.Errorf("temporary error checking running for %q : %v", p.Name, err)
+		}
+		if !r {
+			return fmt.Errorf("temporary error created container %q is not running yet", p.Name)
+		}
+		s, err := ContainerStatus(p.OCIBinary, p.Name)
+		if err != nil {
+			return fmt.Errorf("temporary error checking status for %q : %v", p.Name, err)
+		}
+		if s != state.Running {
+			return fmt.Errorf("temporary error created container %q is not running yet", p.Name)
+		}
+		if !iptablesFileExists(p.OCIBinary, p.Name) {
+			return fmt.Errorf("iptables file doesn't exist, see #8179")
+		}
+		klog.Infof("the created container %q has a running status.", p.Name)
+		return nil
+	}
+}
+
 // CreateContainerNode creates a new container node
 func CreateContainerNode(p CreateParams) error {
 	// on windows os, if docker desktop is using Windows Containers. Exit early with error
@@ -136,7 +174,7 @@ func CreateContainerNode(p CreateParams) error {
 		"--tmpfs", "/run", // systemd wants a writable /run
 		// logs,pods be stroed on  filesystem vs inside container,
 		// some k8s things want /lib/modules
-		"-v", "/lib/modules:/lib/modules:ro",
+		"-v", fmt.Sprintf("%s:/lib/modules:ro", kernelModulesPath()),
 		"--hostname", p.Name, // make hostname match container name
 		"--name", p.Name, // ... and set the container name
 		"--label", fmt.Sprintf("%s=%s", CreatedByLabelKey, "true"),
@@ -226,29 +264,7 @@ func CreateContainerNode(p CreateParams) error {
 		return errors.Wrap(err, "create container")
 	}
 
-	checkRunning := func() error {
-		r, err := ContainerRunning(p.OCIBinary, p.Name)
-		if err != nil {
-			return fmt.Errorf("temporary error checking running for %q : %v", p.Name, err)
-		}
-		if !r {
-			return fmt.Errorf("temporary error created container %q is not running yet", p.Name)
-		}
-		s, err := ContainerStatus(p.OCIBinary, p.Name)
-		if err != nil {
-			return fmt.Errorf("temporary error checking status for %q : %v", p.Name, err)
-		}
-		if s != state.Running {
-			return fmt.Errorf("temporary error created container %q is not running yet", p.Name)
-		}
-		if !iptablesFileExists(p.OCIBinary, p.Name) {
-			return fmt.Errorf("iptables file doesn't exist, see #8179")
-		}
-		klog.Infof("the created container %q has a running status.", p.Name)
-		return nil
-	}
-
-	if err := retry.Expo(checkRunning, 15*time.Millisecond, 25*time.Second); err != nil {
+	if err := retry.Expo(checkRunning(p), 15*time.Millisecond, 25*time.Second); err != nil {
 		excerpt := LogContainerDebug(p.OCIBinary, p.Name)
 		_, err := DaemonInfo(p.OCIBinary)
 		if err != nil {