New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nixos/cloudstack-image: initial import #44573
Conversation
|
||
system.build.cloudstackImage = import ../../../lib/make-disk-image.nix { | ||
inherit lib config; | ||
pkgs = import ../../../.. { inherit (pkgs) system; }; # ensure we use the regular qemu-kvm package |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not just use pkgs
here? What do you mean with regular qemu-kvm package?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This forcing a re-import of nixpkgs sounds wrong, but… cc @nlewo? (will let you poke eelco if you just took the line from his commit)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you test if using pkgs
just work?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It works just with pkgs
. I'll update the PR.
Some modules of cloud-init can cope with a network not immediately available (notably, the EC2 module), but some others won't retry if network is not available (notably, the Cloudstack module). network.target doesn't give much guarantee about the network availability. Applications not able to start without a fully configured network should be ordered after network-online.target. Also see NixOS#44573 and NixOS#44524.
Some modules of cloud-init can cope with a network not immediately available (notably, the EC2 module), but some others won't retry if network is not available (notably, the Cloudstack module). network.target doesn't give much guarantee about the network availability. Applications not able to start without a fully configured network should be ordered after network-online.target. Also see #44573 and #44524.
7945572
to
6490bca
Compare
I've updated the commit to not mess with cloud-init unit file. |
I have used this change since a few weeks without any remaining issue. How should we move forward? |
Cloudstack images are simply using cloud-init. They are not headless as a user usually have access to a console. Otherwise, the difference with Openstack are mostly handled by cloud-init. This is still some minor issues. Notably, there is no non-root user. Other cloud images usually come with a user named after the distribution and with sudo. Would it make sense for NixOS? Cloudstack gives the user the ability to change the password. Cloud-init support for this is imperfect and the set-passwords module should be declared as `- [set-passwords, always]` for this to work. I don't know if there is an easy way to "patch" default cloud-init configuration. However, without a non-root user, this is of no use. Similarly, hostname is usually set through cloud-init using `set_hostname` and `update_hostname` modules. While the patch to declare nixos to cloud-init contains some code to set hostname, the previously mentioned modules are not enabled.
6490bca
to
15f98b7
Compare
Seems like this has minimal impact on other parts of nixpkgs, and people were mostly okay with it a while ago, so I'm going to merge it. |
Motivation for this change
Cloudstack images are simply using cloud-init. They are not headless
as a user usually have access to a console. Otherwise, the difference
with Openstack are mostly handled by cloud-init.
This is still some minor issues. Notably, there is no non-root user.
Other cloud images usually come with a user named after the
distribution and with sudo. Would it make sense for NixOS?
Cloudstack gives the user the ability to change the password.
Cloud-init support for this is imperfect and the set-passwords module
should be declared as
- [set-passwords, always]
for this to work. Idon't know if there is an easy way to "patch" default cloud-init
configuration. However, without a non-root user, this is of no use.
Similarly, hostname is usually set through cloud-init using
set_hostname
andupdate_hostname
modules. While the patch todeclare nixos to cloud-init contains some code to set hostname, the
previously mentioned modules are not enabled.
About the cloud-init hack for ordering, I discuss the issue in PR #44524.
I have tested this commit based on master but also on 18.03. I am not familiar with NixOS yet.
Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)nix path-info -S
before and after)