Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nixos/cloudstack-image: initial import #44573

Merged
merged 1 commit into from Feb 24, 2019
Merged

nixos/cloudstack-image: initial import #44573

merged 1 commit into from Feb 24, 2019

Conversation

vincentbernat
Copy link
Member

Motivation for this change

Cloudstack images are simply using cloud-init. They are not headless
as a user usually have access to a console. Otherwise, the difference
with Openstack are mostly handled by cloud-init.

This is still some minor issues. Notably, there is no non-root user.
Other cloud images usually come with a user named after the
distribution and with sudo. Would it make sense for NixOS?

Cloudstack gives the user the ability to change the password.
Cloud-init support for this is imperfect and the set-passwords module
should be declared as - [set-passwords, always] for this to work. I
don't know if there is an easy way to "patch" default cloud-init
configuration. However, without a non-root user, this is of no use.

Similarly, hostname is usually set through cloud-init using
set_hostname and update_hostname modules. While the patch to
declare nixos to cloud-init contains some code to set hostname, the
previously mentioned modules are not enabled.

About the cloud-init hack for ordering, I discuss the issue in PR #44524.

I have tested this commit based on master but also on 18.03. I am not familiar with NixOS yet.

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Fits CONTRIBUTING.md.

fpletz
fpletz reviewed Aug 6, 2018
View reviewed changes
nixos/maintainers/scripts/cloudstack/cloudstack-image.nix Outdated

system.build.cloudstackImage = import ../../../lib/make-disk-image.nix {
inherit lib config;
pkgs = import ../../../.. { inherit (pkgs) system; }; # ensure we use the regular qemu-kvm package
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not just use pkgs here? What do you mean with regular qemu-kvm package?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I copied this (comment included) from the nova-image.nix in ../openstack. This was introduced in PR #23168 without much details about this point. It may have been stolen from ec2/amazon-image.nix. For EC2, this has been introduced in 0d3738c.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This forcing a re-import of nixpkgs sounds wrong, but… cc @nlewo? (will let you poke eelco if you just took the line from his commit)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you test if using pkgs just work?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Ekleog sorry, I can't help on this... I think, I just copied this line:/ As suggested by @Mic92, we could try with pkgs.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It works just with pkgs. I'll update the PR.

nixos/modules/virtualisation/cloudstack-config.nix Outdated Show resolved Hide resolved
vincentbernat added a commit to vincentbernat/nixpkgs that referenced this pull request Aug 7, 2018
@vincentbernat
nixos/cloud-init: order after network-online.target
6c556bd 
Some modules of cloud-init can cope with a network not immediately
available (notably, the EC2 module), but some others won't retry if
network is not available (notably, the Cloudstack module).
network.target doesn't give much guarantee about the network
availability. Applications not able to start without a fully
configured network should be ordered after network-online.target.

Also see NixOS#44573 and NixOS#44524.
@vincentbernat vincentbernat mentioned this pull request Aug 7, 2018
Merged
9 tasks
xeji pushed a commit that referenced this pull request Aug 7, 2018
@vincentbernat @xeji
nixos/cloud-init: order after network-online.target (#44633)
57840db 
Some modules of cloud-init can cope with a network not immediately
available (notably, the EC2 module), but some others won't retry if
network is not available (notably, the Cloudstack module).
network.target doesn't give much guarantee about the network
availability. Applications not able to start without a fully
configured network should be ordered after network-online.target.

Also see #44573 and #44524.
@vincentbernat
Copy link
Member Author

I've updated the commit to not mess with cloud-init unit file.

@vincentbernat
Copy link
Member Author

I have used this change since a few weeks without any remaining issue. How should we move forward?

@vincentbernat
nixos/cloudstack-image: initial import
15f98b7 
Cloudstack images are simply using cloud-init. They are not headless
as a user usually have access to a console. Otherwise, the difference
with Openstack are mostly handled by cloud-init.

This is still some minor issues. Notably, there is no non-root user.
Other cloud images usually come with a user named after the
distribution and with sudo. Would it make sense for NixOS?

Cloudstack gives the user the ability to change the password.
Cloud-init support for this is imperfect and the set-passwords module
should be declared as `- [set-passwords, always]` for this to work. I
don't know if there is an easy way to "patch" default cloud-init
configuration. However, without a non-root user, this is of no use.

Similarly, hostname is usually set through cloud-init using
`set_hostname` and `update_hostname` modules. While the patch to
declare nixos to cloud-init contains some code to set hostname, the
previously mentioned modules are not enabled.
@ryantm
Copy link
Member

ryantm commented Feb 24, 2019

Seems like this has minimal impact on other parts of nixpkgs, and people were mostly okay with it a while ago, so I'm going to merge it.

@ryantm ryantm merged commit d14f102 into NixOS:master Feb 24, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Mic92 Mic92 Mic92 left review comments

@fpletz fpletz fpletz left review comments

@Ekleog Ekleog Ekleog left review comments

@nlewo nlewo nlewo left review comments

@infinisil infinisil Awaiting requested review from infinisil

Assignees
No one assigned
Labels
6.topic: nixos 8.has: module (update) 10.rebuild-darwin: 0 10.rebuild-linux: 1-10
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@vincentbernat @ryantm @Mic92 @fpletz @Ekleog @nlewo @GrahamcOfBorg